| @clarkb:matrix.org | ok digging more I think $_ is playing a role here. When I run python3.11 tests the zuul setup playbook reports $_ is /usr/bin/python3.10 and when it fails running python3.10 tests it is the nox venv path | 00:05 |
|---|---|---|
| @clarkb:matrix.org | ok if I force the python version to /usr/bin/python3.11 then the python3.10 test works. This is definitely something to do with ansible auto discovery having different behavior under the two test envs | 00:19 |
| -@gerrit:opendev.org- Ian Wienand proposed: | 00:32 | |
| - [zuul/zuul-jobs] 878614: registry-tag-remove: role to delete tags from registry https://review.opendev.org/c/zuul/zuul-jobs/+/878614 | ||
| - [zuul/zuul-jobs] 878740: promote-container-image: use generic tag removal role https://review.opendev.org/c/zuul/zuul-jobs/+/878740 | ||
| -@gerrit:opendev.org- Ian Wienand proposed: [zuul/zuul-client] 878804: Add quay.io api_token https://review.opendev.org/c/zuul/zuul-client/+/878804 | 00:53 | |
| -@gerrit:opendev.org- Ian Wienand proposed: [zuul/zuul-client] 878809: encrypt: use pkeyutl https://review.opendev.org/c/zuul/zuul-client/+/878809 | 03:33 | |
| -@gerrit:opendev.org- Ian Wienand proposed: | 04:05 | |
| - [zuul/zuul-jobs] 878614: registry-tag-remove: role to delete tags from registry https://review.opendev.org/c/zuul/zuul-jobs/+/878614 | ||
| - [zuul/zuul-jobs] 878740: promote-container-image: use generic tag removal role https://review.opendev.org/c/zuul/zuul-jobs/+/878740 | ||
| - [zuul/zuul-jobs] 878810: registry-tag-remove: update docker age match https://review.opendev.org/c/zuul/zuul-jobs/+/878810 | ||
| -@gerrit:opendev.org- Ian Wienand proposed: [zuul/zuul-jobs] 878494: build-container-image: enhance buildx documentation https://review.opendev.org/c/zuul/zuul-jobs/+/878494 | 05:32 | |
| @jjbeckman:matrix.org | Hi folks, I have a quick question regarding the `upload-logs-azure` role. | 05:49 |
| I have observed that: | ||
| 1. Logs are being sent to the Azure Blob Storage container | ||
| 2. `web` is successfully able to retrieve the logs, but, only when the container "access level" is set to "Blob (anonymous read access for blobs only)", or "Container (anonymouse read access for containers and blobs)" | ||
| My question is, how can I configure `web` to be able to access the blob storage with access level, "Private (ano anonymouse access)". | ||
| I am assuming that the connection string must be somehow be configured within `web`, but I am unsure of how. | ||
| Any suggestions would be appreciated, thank you. | ||
| -@gerrit:opendev.org- Matthieu Huin https://matrix.to/#/@mhuin:matrix.org proposed: [zuul/zuul-jobs] 878829: upload-logs: Handle remote dir creation through rsync https://review.opendev.org/c/zuul/zuul-jobs/+/878829 | 10:16 | |
| -@gerrit:opendev.org- Dong Zhang proposed: [zuul/nodepool] 878093: Avoid accessing attribute from NoneType object. https://review.opendev.org/c/zuul/nodepool/+/878093 | 10:59 | |
| -@gerrit:opendev.org- Dong Zhang proposed: [zuul/nodepool] 878093: Avoid accessing attribute from NoneType object. https://review.opendev.org/c/zuul/nodepool/+/878093 | 12:15 | |
| -@gerrit:opendev.org- Tobias Urdin proposed: [zuul/zuul] 877587: web: add dark mode and theme selection https://review.opendev.org/c/zuul/zuul/+/877587 | 12:47 | |
| -@gerrit:opendev.org- Matthieu Huin https://matrix.to/#/@mhuin:matrix.org proposed: [zuul/zuul] 872552: Keycloak tutorial: update to keycloak 21, add CLI example https://review.opendev.org/c/zuul/zuul/+/872552 | 13:34 | |
| @mhuin:matrix.org | Hi zuul-maint, https://review.opendev.org/c/zuul/zuul-client/+/819118 has one +2, can we get this to +3? This'd make zuul-client auth a bit easier with identity providers that allow direct access grants | 13:38 |
| @jim:acmegating.com | mhu: we're using zuul-client as a test repo for the new container image build roles, so it's not currently pulishing to dockerhub (and quay.io doesn't quite work yet). i can merge it now but the container images won't get published yet (but they will when everything is fixed). or i can hold the +w until then. | 13:47 |
| @mhuin:matrix.org | Fine with me if the images get published once the move to quay is operational | 13:49 |
| @jim:acmegating.com | ok i set +w; thanks! | 13:51 |
| @mhuin:matrix.org | thank you! | 13:51 |
| -@gerrit:opendev.org- Zuul merged on behalf of Matthieu Huin https://matrix.to/#/@mhuin:matrix.org: [zuul/zuul-client] 819118: Support for "basic" authentication https://review.opendev.org/c/zuul/zuul-client/+/819118 | 14:01 | |
| -@gerrit:opendev.org- Matthieu Huin https://matrix.to/#/@mhuin:matrix.org proposed on behalf of Clément Mondion: [zuul/zuul] 767691: [api][cors] Add CORS configuration https://review.opendev.org/c/zuul/zuul/+/767691 | 14:43 | |
| -@gerrit:opendev.org- Clark Boylan proposed: [zuul/zuul] 878934: Fix Ansible python path detection https://review.opendev.org/c/zuul/zuul/+/878934 | 18:04 | |
| @clarkb:matrix.org | ok ^ is where I ended up after local python3.10 testing failed for me | 18:04 |
| @clarkb:matrix.org | > <@jjbeckman:matrix.org> Hi folks, I have a quick question regarding the `upload-logs-azure` role. | 20:05 |
| > | ||
| > I have observed that: | ||
| > 1. Logs are being sent to the Azure Blob Storage container | ||
| > 2. `web` is successfully able to retrieve the logs, but, only when the container "access level" is set to "Blob (anonymous read access for blobs only)", or "Container (anonymouse read access for containers and blobs)" | ||
| > | ||
| > My question is, how can I configure `web` to be able to access the blob storage with access level, "Private (ano anonymouse access)". | ||
| > | ||
| > I am assuming that the connection string must be somehow be configured within `web`, but I am unsure of how. | ||
| > | ||
| > Any suggestions would be appreciated, thank you. | ||
| I think you may need to use a proxy of some sort that can authenticate/filter access. But I've never had to do that so I'm not sure | ||
| -@gerrit:opendev.org- James E. Blair https://matrix.to/#/@jim:acmegating.com proposed: [zuul/zuul] 878945: Load configuration from unknown dynamic branches https://review.opendev.org/c/zuul/zuul/+/878945 | 20:30 | |
| -@gerrit:opendev.org- lotorev vitaly proposed: [zuul/zuul] 878677: doc: Add underscore for ReST external link https://review.opendev.org/c/zuul/zuul/+/878677 | 20:44 | |
| @iwienand:matrix.org | > <@jim:acmegating.com> mhu: we're using zuul-client as a test repo for the new container image build roles, so it's not currently pulishing to dockerhub (and quay.io doesn't quite work yet). i can merge it now but the container images won't get published yet (but they will when everything is fixed). or i can hold the +w until then. | 20:58 |
| i think https://review.opendev.org/q/topic:tag-deletion is sufficient for testing a model of having promote use a more generic tag deletion role; i've implemented (copied) the docker bits and quay. if we're ok with the interface, i think i can probably test it out on zuul-client. once that's working, we can then work on a role to push from the intermediate registry? | ||
| @iwienand:matrix.org | it would mean the container-build roles are a drop-in replacement for the docker-build roles (as you don't need a separate api key for dockerhub) and a almost replacement for quay (need the application setup+api_key). then pushing from an intermediate registry would be a totaly generic role that only uses the OCI distribution interface | 21:00 |
| @clarkb:matrix.org | with all that zuul testing sorted out my local python3.10 without x86_640v3 takes ~1851 seconds on 5 cpus and python 3.11 with x86_64-v3 takes ~1659 seconds | 21:00 |
| @iwienand:matrix.org | with the slight trade-off of not doing the speculative uploads | 21:01 |
| @clarkb:matrix.org | thats about 10% quicker which is pretty neat | 21:01 |
| @jim:acmegating.com | ianw: the stack lgtm, though you have a comment from Clark on 878612 and also an OCD-level comment from me on 878614 (it's not a -1, you can take it or leave it). but do we want to rename that role to "container-image-registry-promote"? | 21:13 |
| @jim:acmegating.com | (that will require some one line changes to zuul-jobs and opendev/base-jobs to accomodate it) | 21:13 |
| @iwienand:matrix.org | that's probably a good idea | 21:14 |
| @jim:acmegating.com | other than that i gave the stack a quick pass and agree with everything | 21:16 |
| @iwienand:matrix.org | yeah i think the rename is good, and gives us a clearer path to to say "here's the different roles and the trade-offs, you can decide what works for you" | 21:17 |
| -@gerrit:opendev.org- Ian Wienand proposed: | 23:56 | |
| - [zuul/zuul-jobs] 878612: promote-image-container: do not delete tags https://review.opendev.org/c/zuul/zuul-jobs/+/878612 | ||
| - [zuul/zuul-jobs] 878614: remove-registry-tag: role to delete tags from registry https://review.opendev.org/c/zuul/zuul-jobs/+/878614 | ||
| - [zuul/zuul-jobs] 878740: promote-container-image: use generic tag removal role https://review.opendev.org/c/zuul/zuul-jobs/+/878740 | ||
| - [zuul/zuul-jobs] 878810: remove-registry-tag: update docker age match https://review.opendev.org/c/zuul/zuul-jobs/+/878810 | ||
| - [zuul/zuul-jobs] 879008: build-container-image: expand docs https://review.opendev.org/c/zuul/zuul-jobs/+/879008 | ||
| - [zuul/zuul-jobs] 879009: container-build : add container_promote_method flag https://review.opendev.org/c/zuul/zuul-jobs/+/879009 | ||
| @iwienand:matrix.org | Clark: corvus ^ i think that encapsulates the latest thinking. https://review.opendev.org/c/zuul/zuul-jobs/+/879009 is the new one that adds a flag to either upload/promote with tags or via the intermediate-registry. The IR path just falls into a fail: but i think it's got a clear run to implementation when we have a minute | 23:58 |
| @iwienand:matrix.org | that saved me having to rename the roles, which means we don't need to update the base-jobs. but when we want to convert, we can flip container_promote_method: 'intermediate-registry' | 23:59 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!