Wednesday, 2019-02-06

« Tuesday, 2019-02-05 Index Thursday, 2019-02-07 »
*** tosky has quit IRC00:34
*** jamesmcarthur has joined #storyboard00:35
*** jamesmcarthur has quit IRC00:40
*** jamesmcarthur has joined #storyboard00:52
*** jamesmcarthur has quit IRC00:56
*** jamesmcarthur has joined #storyboard01:04
*** jamesmcarthur has quit IRC02:56
*** jamesmcarthur has joined #storyboard03:02
*** jamesmcarthur has quit IRC03:25
*** jamesmcarthur has joined #storyboard03:56
*** jamesmcarthur has quit IRC04:03
*** jamesmcarthur has joined #storyboard04:30
*** udesale has joined #storyboard04:30
*** jamesmcarthur has quit IRC04:35
*** jamesmcarthur has joined #storyboard05:05
*** jamesmcarthur has quit IRC05:10
*** zbr|ssbarnea has joined #storyboard05:14
*** zbr has quit IRC05:16
*** udesale has quit IRC05:45
*** udesale has joined #storyboard05:55
*** jamesmcarthur has joined #storyboard06:07
*** jtomasek has joined #storyboard06:07
*** jamesmcarthur has quit IRC06:11
*** jtomasek has quit IRC06:27
*** jamesmcarthur has joined #storyboard06:44
*** jamesmcarthur has quit IRC06:48
*** jtomasek has joined #storyboard06:57
*** jmccrory has quit IRC07:06
*** jmccrory has joined #storyboard07:06
*** udesale has quit IRC07:15
*** jtomasek has quit IRC07:18
*** jtomasek has joined #storyboard07:18
*** udesale has joined #storyboard07:20
*** jamesmcarthur has joined #storyboard08:45
*** jamesmcarthur has quit IRC08:50
*** tosky has joined #storyboard08:56
*** jpich has joined #storyboard08:58
*** jamesmcarthur has joined #storyboard10:46
*** jamesmcarthur has quit IRC10:51
*** udesale has quit IRC11:17
*** jpich has quit IRC12:27
*** jpich has joined #storyboard12:27
*** jamesmcarthur has joined #storyboard12:45
*** jamesmcarthur has quit IRC12:50
*** tosky has quit IRC13:44
*** jtomasek has quit IRC14:04
*** jtomasek has joined #storyboard14:05
*** jtomasek has quit IRC14:08
*** jtomasek has joined #storyboard14:08
*** jtomasek has quit IRC14:44
*** diablo_rojo has joined #storyboard15:19
*** jamesmcarthur has joined #storyboard15:26
*** zbr has joined #storyboard15:46
*** zbr|ssbarnea has quit IRC15:47
*** udesale has joined #storyboard15:48
*** jtomasek has joined #storyboard15:59
*** tosky has joined #storyboard16:11
*** zbr|ssbarnea has joined #storyboard16:11
*** zbr has quit IRC16:13
*** zbr has joined #storyboard16:24
*** zbr|ssbarnea has quit IRC16:26
*** jamesmcarthur has quit IRC16:34
*** jtomasek has quit IRC16:35
*** jpich has quit IRC16:36
*** jpich has joined #storyboard16:36
*** jpich has quit IRC16:39
*** jpich has joined #storyboard16:39
*** jpich has quit IRC16:44
*** jamesmcarthur has joined #storyboard16:46
*** udesale has quit IRC17:04
*** jamesmcarthur has quit IRC17:24
*** jamesmcarthur_ has joined #storyboard17:25
*** jamesmcarthur_ has quit IRC17:27
-openstackstatus- NOTICE: Any changes failed around 16:30 UTC today with a review comment from Zuul like "ERROR Unable to find playbook" can be safely rechecked; this was an unanticipated side effect of our work to move base job definitions between configuration repositories.17:29
*** jamesmcarthur has joined #storyboard17:35
funginote i'm around for a meeting at 1900z today if anyone else is game18:07
fungithere is a new xenial-based storyboard01.opendev.org server deployed which we can repoint the storyboard.openstack.org dns name to as soon as i get a moment, and then i'll take a brief several-minute outage to move the db onto the new server while dns changes propagate18:09
fungii also bumped its ram from 4gb to 8gb in hopes of improving performance for the local db18:10
fungiwe'll see if it helps at all18:10
fungii've also updated https://etherpad.openstack.org/p/gCj4NfcnbW with a revised migration plan now that i've worked through the kinks with the dev server18:39
SotKI'll be around, though I might be a couple of minutes late18:48
fungino worries. we usually don't need the whole hour anyway18:48
diablo_rojoI am also around for a meeting.18:53
diablo_rojoI will try to update the agenda quick18:53
diablo_rojoSotK, I updated the agenda18:58
diablo_rojoAssuming you want to meet today?18:58
SotKthanks :)19:06
*** jungleboyj has joined #storyboard19:18
jungleboyjfungi:  What is the state of storyboard-dev.  Trying to do some development on it and hitting all kinds of http 500 errors.19:19
*** enriquetaso has joined #storyboard19:19
fungijungleboyj: interesting. it should be functional. checking (but also the weekly sb meeting is underway right this moment)19:20
jungleboyjfungi:  Ok.  Won't interrupt now.  Have a list of bugs we may need to open.19:20
fungijungleboyj: i'm able to log into it and browse around so far19:20
jungleboyjWe can do that too but when I try to create a 'Worklist' on the 'Cinder Board' I created it throws an HTTP 500.19:21
fungidid you maybe reuse an open tab to it from a few weeks ago? we completely moved the server hosting that deployment19:21
fungiahh19:21
jungleboyjNope, just opened the tab yesterday.19:21
fungithanks, details help19:22
fungiso on https://storyboard-dev.openstack.org/#!/board/127 i guess?19:22
jungleboyjI have a bug:  https://storyboard.openstack.org/#!/story/200494819:22
*** whoami-rajat has joined #storyboard19:23
fungithanks. that helps!19:23
jungleboyjfungi:  Yep.19:23
*** jamesmcarthur has quit IRC19:55
fungilooking at the sql error from the story, the board_worklists table definitely has a list_id column and every existing row has an integer value populated20:15
fungiis it possible we were previously relying on an auto-increment there or something?20:15
fungii've appended the full tracebacks in a comment on https://storyboard.openstack.org/#!/story/200494820:32
*** dtantsur is now known as dtantsur|afk20:39
*** jamesmcarthur has joined #storyboard20:41
*** jamesmcarthur has quit IRC20:41
*** jamesmcarthur has joined #storyboard20:42
*** enriquetaso has quit IRC21:04
jungleboyjfungi:  Can I ask a couple other questions we came up with today?21:08
diablo_rojojungleboyj, you can ask any of us :)21:09
diablo_rojoSotK,  and I are around too.21:09
jungleboyjOk.21:09
jungleboyjSo, We were looking at the security bug option.  There is a option to mark something as a security issue but then we need to add a user.21:10
jungleboyjIs that the VMT group?21:10
jungleboyjIf so, I didn't see anywhere that is documented and the VMT group isn't in storyboard-dev21:11
diablo_rojoIt doesn't have a default group. You are supposed to add people/groups by hand at this point.21:11
diablo_rojoI think it exists, but I don't remember exactly what the name of it is.21:12
* diablo_rojo tries to find it21:12
jungleboyjUgh.  So, there is a vmt group but21:12
jungleboyjI think we need to have something defined if that is the process.21:12
diablo_rojoThe plan is to create groups for each projects coresec21:12
diablo_rojoThey aren't currently created for all projects yet though.21:13
jungleboyjOk.  I don't see any coresec groups out there.21:14
diablo_rojoThe creation/edit of groups is an admin feature at this point if I recall21:14
diablo_rojoDoable though obviously21:15
jungleboyjOk, I will open a bug about that.21:15
jungleboyjIs there any plan to handle duplicate bugs?  I think the answer to that was no?21:15
diablo_rojoBug for what exactly? THat the cinder corsesec group isnt there yet?21:16
diablo_rojoI don't think that needs a bug :)21:16
jungleboyjdiablo_rojo:  That there is no documentation that I can find that explains how to handle a security bug in sotryboard.21:16
diablo_rojoThere isn't a defined plan atm, but its something on our radar21:16
diablo_rojoAt that point we add the cinder coresec group, you can set up a template story and have the private box checked and the cinder coresec group added and link that in documentation whereever you need.21:17
diablo_rojoYou want docs about general handling of security bugs though?21:17
diablo_rojoEasy addition.21:18
diablo_rojoWhat else you got? :)21:19
jungleboyjI am trying to get the Cinder team on board with moving here and they are stuck on the lack of a way to handle security bugs.  They are grumbling about no attachments but I have moved pass that.  I am trying to sell this but ...21:22
jungleboyjSo, I think if we can at least get some documentation around the security part that will help.21:23
jungleboyjThe other question was about if there was going to be a way to mark a bug as duplicate.21:23
diablo_rojoAttachments are being implemented right now so that shouldn't be on the list of concerns21:24
diablo_rojoAnd there definitely are ways to handle private bugs. If you my assurances aren't enough, perhaps fungi can speak to your concerns.21:24
diablo_rojo*if my assurances21:25
diablo_rojoAs for duplicates, the current approach is to cross link, and mark any new ones as invalid. Similar to how you would handle duplicate patches for the same issue in gerrit.21:26
diablo_rojoYou could even update the title to start with DUPLICATE if you want to make it more obvious21:26
diablo_rojoHappy to add to documentation if that quells fears.21:27
jungleboyjSo the answer comes down to us documenting how we want to use it and having people do that.21:27
diablo_rojoI can probably have a patch up by the end of the week.21:28
jungleboyjA patch about what?21:29
diablo_rojoUpdating the docs21:30
diablo_rojoBut yes, CInder specific documentation will be equally important21:30
jungleboyjOk.  I can take a look at that and see if helps.21:30
diablo_rojoSure. I can add you as a reviewer when I get it up.21:30
jungleboyjThat was what I was trying to get the team started with ...21:30
diablo_rojoHappy to help there as well. If you need eyes or suggestions.21:31
fungiyeah, sorry, in the middle of monitoring a very hot wok, but work with the openstack vmt (hi!) on a documented vulnerability reporting process for vulnerability:managed deliverables using storyboard. at the moment there aren't any but i have some ideas and i've worked with the zuul team on their vulnerability reporting process for storyboard21:31
jungleboyjBeen working on an etherpad to get ideas out there right now:21:32
jungleboyjhttps://etherpad.openstack.org/p/cinder-launchpad-design21:32
fungiit's less of a storyboard team problem and more of an official openstack vmt problem21:32
jungleboyjYes, I realize there was freudian slip in there.21:32
jungleboyjfungi:  I saw that there was a zuul-security board or something.21:33
diablo_rojojungleboyj, cool I will take a look after lunch and see what I can do to help.21:33
jungleboyjI really want to use this as an opportunity to improve Cinder's processes but I am getting a lot of pushback from the team that they don't want to go down this path.21:33
jungleboyjTrying to figure out how to sell this.21:34
fungiit's still a lot of breaking new ground since each team seems to have slightly different processes and expectations and features of lp or trello or other systems they've been relying on21:34
jungleboyjfungi:  If zuul is working through this and will have a process determined that will be good.21:34
fungiyeah, zuul is already managing to handle embargoed reports of suspected security vulnerabilities via storyboard going on a year now21:35
fungithere are definitely still some rough edges but at least they're known and being worked through (biggest at the moment is SotK's attachments work)21:36
jungleboyjfungi:  Ok, I mean, I am happy once we get through the 500 errors to start trying to get things set up and documented for Cinder and set up our process but I feel like we need to be given a process for security bugs.21:43
jungleboyjWe don't have very many so I am not holding our migration on that but need to understand where we are headed on that front.21:44
fungionce cinder actually decides to move, we'll want to coordinate the import with the vmt since private reports will need to be manually imported. the auto-importer works on an anonymous basis and can only see public bugs in lp21:46
fungihopefully there aren't too many of those hanging out indefinitely private, but it might also present a good opportunity to make some hard choices about switching a few to public or something at that point21:47
jungleboyjfungi: Ok, let me keep pushing forward a design and see if I can get the team onboard.  We will need to deal with the security stuff when we move.21:55
fungiabsolutely, so please do keep me or others on the openstack vmt in the loop21:55
fungibut there is enough support in sb to be able to handle embargoed defect reports with some associated documentation pending, though we have ideas on how to improve that too21:56
jungleboyjOk, if there is documentation that I can point our documentation at it would be helpful.21:58
fungiwe just haven't had a vulnerability:managed project for the openstack vmt choose to move to sb yet, so we've deferred nailing down specific process since we might race further improvements in the service and just make more work for ourselves, but definitely don't want to be a roadblock21:59
fungisort of a chicken-and-egg situation i guess21:59
*** zbr|ssbarnea has joined #storyboard22:00
fungithe user-facing vulnerability reporting documentation i came up with for zuul can be found at https://zuul-ci.org/docs/zuul/user/vulnerabilities.html22:00
*** zbr|ssbarnea has quit IRC22:01
fungirecording the associated process the maintainers are following is still on my to do list22:01
*** zbr has quit IRC22:02
jungleboyjfungi: Ok.22:05
jungleboyjI found some bugs in the Cinder test migration that didn't match to bugs in Launchpad.  Would that happen if someone created them in Storyboard after the migration?22:05
fungithere are a few possible causes. the import is a snapshot in time which can be incrementally updated to pull in new comments by rerunning but currently fails to update some status changes on rerunning (this is probably something we want to fix)22:07
fungithey could certainly be bugs created directly in sb, or bugs which were further updated in lp after the last import run22:08
fungiif you have an example i might be able to do less speculating22:08
jungleboyjThis was the one I was looking at:  https://storyboard-dev.openstack.org/#!/story/177714222:08
fungithe story numbers are usually a tip-off since we have an offset for new story creation in sb and map imported stories to their corresponding lp bug numbers22:09
fungiand yeah, https://launchpad.net/bugs/1777142 is clearly an entirely different bug in this case22:10
openstackLaunchpad bug 1777142 in linux (Ubuntu) "package linux-image-4.13.0-45-generic 4.13.0-45.50~16.04.1 failed to install/upgrade: unable to create new file '/var/lib/dpkg/info/linux-image-4.13.0-45-generic.list-new': Operation not permitted" [Low,Expired]22:10
fungithe story you referenced is a test story dhellmann created directly in storyboard-dev while trying to work through some process ideas for handling cycle goals22:11
fungii think he was testing use of the sb api there22:12
dhellmannyeah, I created a bunch of dummy stories in the dev server while developing the script to automate creating the tracking stories22:13
dhellmannfor goals22:13
jungleboyjfungi: dhellmann  Ok.  Thanks for verifying.22:37
*** mkarray has joined #storyboard22:42
SotKsorry I'd gone away from IRC and missed all this discussion22:46
SotKone improvement to that reporting URL in the zuul docs for vulnerability:managed projects would be to replace it with https://storyboard.openstack.org/#!/story/new?force_private=true&team_id=122:47
SotKwhich automatically adds the vmt22:47
SotKyou can specify team_id multiple times in that URL to add project-specific teams too22:48
SotKhttps://storyboard.openstack.org/#!/story/new?force_private=true&team_id=1&team_id=2 adds the vmt and the zuul-security teams for example22:49
SotKthe workflow we want to get to eventually involves automatically adding the relevant teams based on which projects are affected by the story if its a security issue, and also subscribing members of that team to the story22:52
SotKregarding duplicate stories, there's no hard plan for anything more streamlined than the current "mark invalid and link to the original", but there has been some vague discussions in the past at PTGs iirc22:52
SotKlooking at the etherpad, task states are defined in the api codebase23:00
SotKthere's a long discussion about task states in https://storyboard.openstack.org/#!/story/200143223:01
SotK(specifically, they're defined here: http://git.openstack.org/cgit/openstack-infra/storyboard/tree/storyboard/db/models.py#n330)23:02
SotKfor worklists and boards, users have permission to add, move, and archive cards23:04
fungiSotK: thanks for the suggestion (the zuul-security team isn't team_id=1 on our sb deployment, but easy enough to look up)23:04
fungiout of curiosity, how hard would it be to support team names instead of id numbers?23:05
fungii have no idea whether they're uniquely constrained, but assume they likely are23:05
SotKthey are23:05
SotKshould be on the same order of difficulty as supporting project names23:06
fungicool, maybe i'll add a story so we remember that's a thing we could improve23:07
SotKowners of worklists/boards can do everything, so add, move, and archive both lanes and cards, and edit the title/description/permissions/automaticness of lanes and boards23:07
SotKfungi: thanks23:07
SotKfungi: you can also add project_id=679 to autofill the project with openstack-infra/zuul if that would be useful23:08
* SotK makes a story to document worklist/board permissions in the UI, since I keep remembering that we don't and then forgetting again23:09
fungiSotK: yeah, i knew about project_id= but since that particular document applies to multiple zuul projects i didn't want to limit it to just one of them23:11
fungiin the per-repository readme or contributing files that makes perfect sense to include23:11
SotKmakes sense23:12
* SotK goes to sleep23:13
diablo_rojoSleep well SotK!23:15
« Tuesday, 2019-02-05 Index Thursday, 2019-02-07 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!