Monday, 2019-05-13

« Sunday, 2019-05-12 Index Tuesday, 2019-05-14 »
prometheanfiretonyb: queens https://review.opendev.org/65869900:19
tonybprometheanfire: okay, that's a bit of a mess and will require some untangling00:25
prometheanfireya00:26
tonybYeah that review looks just plain wrong.00:29
tonybI wont aabandon it but I will start a new backport that look smore correct00:29
prometheanfireok00:31
prometheanfireit's based on what was done for rocky00:31
tonybyeah I'll try to untangle that too00:32
tonybthe problem with it ATM is it doesn't seem to include the networkx chnage and for unknown reasons switches the cap in sckkit-learn00:33
tonyband that's why it's failing the integration gate00:33
prometheanfireright, but it did seem to work for rocky00:34
tonybprometheanfire: no: rocky says "scikit-learn<=0.20.0;python_version<='3.4'  # BSD" queens says "scikit-learn>=0.17.1<0.21;python_version<='3.4'  # BSD"00:38
tonybprometheanfire: so we get 0.21.0rc2 on queens which need py300:39
* tonyb feels like that cap is wrong but it is what it is now00:40
tonybAhh the networkx thing is differnt on queens which is why it's mising, so we need to explain that it's un-squashed00:41
tonyb#sheesh00:41
openstackgerritTony Breeds proposed openstack/requirements stable/queens: Cap keyring, scikit-learn, and sphinx on python2  https://review.opendev.org/65869900:43
prometheanfiretonyb: ya, I noticed the cap and changed in in queens to be more acurate00:44
prometheanfiretonyb: it failed with the same error with your proposed patch, check pactchset 100:45
tonybprometheanfire: Oh well I've applied stable rules and updated https://review.opendev.org/65869900:45
prometheanfiretonyb: https://review.opendev.org/#/c/658699/1..3 only shows a commit message as the change00:46
tonybprometheanfire: well that sucks00:47
tonybSo there's another bug in there somewhere00:47
tonybI'll debug that later00:49
*** altlogbot_2 has quit IRC00:50
prometheanfire2019-05-12 22:34:14.126155 | primary | + /opt/stack/new/requirements/tools/integration.sh:install_all_of_gr:L19:   /tmp/tmp.md5caeTpsP/all_requirements/bin/pip install -r /opt/stack/new/requirements/global-requirements.txt00:51
prometheanfirecombine with https://review.opendev.org/658692 maybe?00:52
*** altlogbot_2 has joined #openstack-requirements00:56
tonybnope that's a bandaid to hide the bug00:59
tonybprometheanfire: I don't understand how <=0.20.0 matches 0.21.0rc201:00
prometheanfiretrue01:01
openstackgerritMerged openstack/requirements master: update constraint for os-service-types to new release 1.7.0  https://review.opendev.org/65866101:08
*** udesale has joined #openstack-requirements03:56
*** hongbin has quit IRC05:02
*** e0ne has joined #openstack-requirements05:16
*** udesale has quit IRC05:45
*** udesale has joined #openstack-requirements05:45
*** udesale has quit IRC05:49
*** udesale has joined #openstack-requirements05:49
openstackgerritOpenStack Proposal Bot proposed openstack/requirements master: Updated from generate-constraints  https://review.opendev.org/65863606:15
openstackgerritDirk Mueller proposed openstack/requirements stable/queens: Cap keyring, scikit-learn, and sphinx on python2  https://review.opendev.org/65869906:26
*** e0ne has quit IRC06:29
openstackgerritDirk Mueller proposed openstack/requirements stable/pike: Cap keyring, scikit-learn, and sphinx on python2  https://review.opendev.org/65872806:37
*** udesale has quit IRC06:47
*** udesale has joined #openstack-requirements06:47
openstackgerritDirk Mueller proposed openstack/requirements stable/ocata: Avoid networkx 2.0  https://review.opendev.org/65873506:49
openstackgerritDirk Mueller proposed openstack/requirements stable/queens: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65873907:18
openstackgerritDirk Mueller proposed openstack/requirements stable/queens: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65873907:19
openstackgerritDirk Mueller proposed openstack/requirements stable/stein: update constraint for python-ironicclient to new release 2.7.1  https://review.opendev.org/65810007:20
*** ccamacho has joined #openstack-requirements07:20
openstackgerritDirk Mueller proposed openstack/requirements stable/stein: update constraint for python-monascaclient to new release 1.15.0  https://review.opendev.org/65809707:21
openstackgerritDirk Mueller proposed openstack/requirements stable/stein: update constraint for heat-translator to new release 1.3.1  https://review.opendev.org/65841607:21
*** hberaud has joined #openstack-requirements07:44
*** jpich has joined #openstack-requirements07:51
dirktonyb: there was a typo in the requirements line, see my new upload08:19
dirktonyb: prometheanfire : tonyb: please review https://review.opendev.org/#/q/I2598503c2d4397d7efbb03a76df9a4e91dd0c1cf08:20
openstackgerritDirk Mueller proposed openstack/requirements stable/pike: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65874708:21
openstackgerritDirk Mueller proposed openstack/requirements stable/ocata: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65874808:22
*** e0ne has joined #openstack-requirements08:32
openstackgerritMerged openstack/requirements stable/stein: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65869108:58
openstackgerritNatal Ngétal proposed openstack/requirements master: Update constraint for bandit.  https://review.opendev.org/65876709:20
*** hberaud is now known as hberaud|school-r09:51
*** hberaud|school-r is now known as hberaud|lunch10:06
*** hberaud|lunch is now known as hberaud10:52
*** udesale has quit IRC11:17
*** snapiri has quit IRC11:59
*** dirk has quit IRC12:58
*** dmellado_ has joined #openstack-requirements12:59
*** dmellado has quit IRC13:00
*** dmellado_ is now known as dmellado13:00
*** dirk has joined #openstack-requirements13:01
*** udesale has joined #openstack-requirements13:10
*** udesale has quit IRC13:18
*** udesale has joined #openstack-requirements13:18
*** efried has quit IRC13:19
*** efried has joined #openstack-requirements13:20
prometheanfiredirk: /win 2313:28
prometheanfiredirk: reviewed those that are passing13:29
*** snapiri has joined #openstack-requirements13:47
openstackgerritMerged openstack/requirements stable/queens: Cap keyring, scikit-learn, and sphinx on python2  https://review.opendev.org/65869914:16
dirkprometheanfire: thanks. I was somehow hoping that we could just get away with the constraints fixes14:17
dirkAnd you have too many windows ;-)14:17
prometheanfiredirk: 33 :P14:21
*** hberaud is now known as hberaud|school-r14:26
*** hberaud|school-r is now known as hberaud14:40
*** snapiri has quit IRC14:44
dhellmannso, what's the deal with the bandit situation? capping apparently doesn't work because it fails the requirements check. should bandit be in the blacklist with the other linters?14:46
prometheanfirethat's a good point, I thought it was14:47
dhellmannoh, nevermind, that job actually failed because of some sphinx dependency issue14:47
dhellmannhttp://logs.openstack.org/74/658674/1/check/requirements-check/4555b07/ara-report/result/3cf3b05c-9723-439e-aade-2bcdbf0216ca/14:47
prometheanfireI just emailed the list with the list of projects using -x14:47
*** beekneemech is now known as bnemec15:00
openstackgerritMerged openstack/requirements stable/pike: Cap keyring, scikit-learn, and sphinx on python2  https://review.opendev.org/65872815:26
openstackgerritMerged openstack/requirements stable/rocky: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65869215:26
openstackgerritSean McGinnis proposed openstack/requirements master: Set upper-constraint for scikit-learn  https://review.opendev.org/65885115:44
openstackgerritWalter A. Boring IV (hemna) proposed openstack/requirements master: Add cinder extras python-3parclient library  https://review.opendev.org/65809816:11
dirktonyb: prometheanfire : https://review.opendev.org/#/c/658739/ pretty please16:12
dirkprometheanfire: we're holding off the requests merge for tomorrow given the mailing list discussion, right?16:13
prometheanfiredone16:13
prometheanfireand for the requests, ya, holding off for now16:14
prometheanfiretil tomorrow morning, I think we need to update docs to state best effort and by request only for security updates16:19
*** dtantsur is now known as dtantsur|afk16:23
dirkI'm still struggling to build a relevant set of projects locally from queens branch to validate requests update16:28
dirkprometheanfire: I think the conclusion was.a bit more complex. One was to not ever do it, and one was to give deployers a way to override (which basically has no value id it isn't actually used to test patches as well imho)16:34
prometheanfireI think there's a middle ground but it just needs to be loudly called out imo16:34
prometheanfirefungi: we are talkinb about our favorite recent topic16:35
*** e0ne has quit IRC16:42
*** jpich has quit IRC16:46
*** mriedem has joined #openstack-requirements16:53
mriedemprometheanfire: on this requirements job failure https://review.opendev.org/#/c/658571/1/doc/requirements.txt do i actually need to add the python 2.7 entry in the doc/requirements.txt even though we don't run that job with py27?16:53
mriedemi see in novaclient's doc/requirements we don't have a python_version specified for sphinx https://github.com/openstack/python-novaclient/blob/master/doc/requirements.txt#L416:54
*** hberaud is now known as hberaud|gone16:55
prometheanfiremriedem: I'd say so, if only to make gate active, there's also downstreams who use doc builds (and could be py27)16:56
*** udesale has quit IRC16:59
dirkmriedem: it was just recently (a few hours ago merged), it will fail everywhere now17:05
dirkmriedem: we don't have a propose-updates bot anymore that would inform projects about the changed requirements though, so its all up to themselves for figuring out what to do17:05
prometheanfirethe next couple of cyclkes are going to be fun17:08
*** jroll has quit IRC17:34
*** jroll has joined #openstack-requirements17:35
openstackgerritMerged openstack/requirements stable/queens: Use the new opendev path for requirements-check  https://review.opendev.org/65812017:37
openstackgerritMerged openstack/requirements stable/queens: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65873917:45
mriedemok thanks. might want to give people a heads up in the ML17:47
fungiprometheanfire: i see... on vacation and in and out of airports today but happy to follow up later17:57
prometheanfirefungi: ya17:57
*** e0ne has joined #openstack-requirements18:17
fungipart of why we agreed maintenance of stable branches could be extended is that we were now freezing the dependency tree for them18:21
fungiif we want to have a non-frozen external constraints list for stable branches, that seems like something which needs to be maintained independent of the frozen testable set18:22
prometheanfireI think that's a better suggestion, but it'd need it's own testing, publishing a unified list for those that want it would be good as well18:23
prometheanfiremaster_least-best-effort-security-constraints.txt18:24
*** mriedem has left #openstack-requirements18:28
fungiand yeah, i'm imagining the next major vulnerability for one of our external deps could require a much newer release of other transitive deps which require extensive code changes to one or more of our projects... what then?18:30
fungijust shrug?18:30
fungidistros solve this by forking projects they distribute and backporting security fixes. as a project we don't have that luxury18:31
prometheanfirewell, if we have two lists and the CI around it (at least to do our cross testing) then it'd be 'good'18:31
prometheanfireI agree, we don't the 'best' solution we could do other than saying no is to have a diff'd list, that is combined then cross tested18:31
fungii'm thinking more of what happens when we can't actually solve this for some significant vulnerability in an external dep and deployment projects need to punt anyway18:32
fungibetter if they're prepared for that in advance as a matter of routine18:33
prometheanfirethere's a reason I named it as I did18:33
prometheanfireand that's true18:33
prometheanfiremaster_least-best-effort-security-constraints.txt18:33
fungiwe could just have a job which runs devstack on stable branches with master branch upper-constraints.txt and drop the job as soon as we hit an obvious incompatibility18:34
prometheanfiredrop the job as in from all testing on that branch?18:34
fungithough maybe it would be a mash-up of stable constraints for deps we actually produce (oslo libs et al)18:34
fungiand external constraints from master18:35
prometheanfireproblem set keeps getting bigger18:35
prometheanfiredirk: around?18:35
prometheanfireI feel like he's more the one lading this18:35
fungiyeah, basically assert that our "best effort" dependency security support ends when we can no longer run devstack with external constraints grafted in from master18:35
prometheanfiredirk: we should pause (not merge) the patch til we decide our policy of out of openstack security updates on stable branches18:37
fungithis is merely my opinion on the matter, just trying to bring vmt experience to bear18:38
prometheanfireofc18:38
prometheanfiremaking an etherpad18:38
fungianyway, about to board a longish flight and then will be in a car for hours, so probably the last i'll be able to weigh in for some time18:39
prometheanfirefungi: I'm populating https://etherpad.openstack.org/p/non-openstack-stable-security-constraints-updates18:39
prometheanfirefungi: so when you land...18:39
prometheanfireor whenever :D18:39
fungiland-and-then-drive-to-the-island-and-maybe-find-some-food-and-then-get-home18:40
prometheanfire:D18:40
fungiup, up and /away!18:40
smcginnisprometheanfire: mriedman's error from earlier looks odd.18:44
smcginnisprometheanfire: The original job failure was running with py3.6, but it failed to match:18:44
smcginnishttp://logs.openstack.org/71/658571/1/check/requirements-check/6ecd8e4/job-output.txt.gz#_2019-05-11_23_13_07_27098518:44
smcginnisDo we need to specify each individual python_version or something? u-c should have worked with the way that was set up.18:45
dirkThis is not an error from pip, smcginnis18:46
dirkIt's a special check for ensuring that requirements of projects don't diverge from the global requirements18:47
dirkI was also thinking that the check could be more intelligent18:47
smcginnisdirk: Oh, odd.18:47
smcginnisWe should be hitting that pretty much everywhere now then.18:47
dirkYes, all branches, all projects18:47
smcginnisCan we bring back the bot updates now? :)18:48
dirkAnd we'll get that on every stupid dependency that decides to drop py2.x support18:48
smcginnisThis is going to hurt.18:48
dirkWell, dropping the bot updates was a feature18:48
dirkBecause infra didn't like the fanout of global requirements changes18:49
dirkAnd projects wanted to manage their requirements on their own18:49
dirkI guess we could special treat py2 dependencies18:50
dirkOr we stop with py218:50
dirkBut that's against the tc plan18:50
smcginnisOne more release to go, then things should get a little better.18:51
dirkYou mean the next swift release? ;-)18:54
*** e0ne has quit IRC18:54
smcginnisHeh, that too. :)18:54
dirkPy2.7 is pretty much broken already now18:55
dirkAnything using rootwrap with eventlet is broken with 2.718:55
smcginnisOh, I hadn't seen issues there.18:56
openstackgerritMerged openstack/requirements stable/rocky: update constraint for python-ironicclient to new release 2.5.2  https://review.opendev.org/65810119:09
openstackgerritMerged openstack/requirements stable/rocky: update constraint for python-cinderclient to new release 4.0.2  https://review.opendev.org/65841319:48
openstackgerritMerged openstack/requirements stable/rocky: update constraint for os-brick to new release 2.5.7  https://review.opendev.org/65809919:48
dirkprometheanfire: now yes20:13
dirkprometheanfire: link to etherpad?20:13
*** e0ne has joined #openstack-requirements20:14
openstackgerritDirk Mueller proposed openstack/requirements stable/rocky: Add safety check output to the linters output  https://review.opendev.org/65710620:15
prometheanfiredirk: nothing in it yet20:17
prometheanfiredirk: https://etherpad.openstack.org/p/non-openstack-stable-security-constraints-updates20:17
*** e0ne has quit IRC20:26
openstackgerritMerged openstack/requirements stable/pike: Add upper-constraints enforcement for local reqs  https://review.opendev.org/65874720:29
*** openstackgerrit has quit IRC21:09
*** openstackgerrit has joined #openstack-requirements21:11
openstackgerritMerged openstack/requirements stable/stein: update constraint for python-ironicclient to new release 2.7.1  https://review.opendev.org/65810021:11
openstackgerritMerged openstack/requirements stable/rocky: update constraint for oslo.db to new release 4.40.2  https://review.opendev.org/65767421:52
openstackgerritMerged openstack/requirements stable/queens: update constraint for os-brick to new release 2.3.7  https://review.opendev.org/65811322:09
openstackgerritMerged openstack/requirements stable/queens: update constraint for python-manilaclient to new release 1.21.2  https://review.opendev.org/65810922:09
openstackgerritMerged openstack/requirements master: Add cinder extras python-3parclient library  https://review.opendev.org/65809822:16
« Sunday, 2019-05-12 Index Tuesday, 2019-05-14 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!