Wednesday, 2017-07-19

*** dave-mccowan has joined #openstack-barbican01:06
*** liujiong has joined #openstack-barbican01:31
*** hieulq has quit IRC03:57
*** hieulq has joined #openstack-barbican03:57
*** dave-mccowan has quit IRC04:01
*** agrebennikov has quit IRC04:15
*** noslzzp_ has quit IRC04:25
*** noslzzp has joined #openstack-barbican04:25
*** noslzzp has quit IRC04:31
*** agrebennikov has joined #openstack-barbican04:50
*** noslzzp has joined #openstack-barbican05:28
*** noslzzp has quit IRC05:33
*** nkinder has quit IRC05:42
*** agrebennikov has quit IRC05:47
*** andreas_s has joined #openstack-barbican06:32
openstackgerritSpencer Yu proposed openstack/castellan master: Replace LOG.warn with LOG.warning
*** catintheroof has joined #openstack-barbican07:31
*** catintheroof has quit IRC07:36
*** liujiong has quit IRC08:09
*** daidv__ has quit IRC08:30
*** openstackgerrit has quit IRC08:49
*** mjblack has quit IRC09:10
*** salmankhan has joined #openstack-barbican09:18
*** openstackgerrit has joined #openstack-barbican09:40
openstackgerritPaul Bourke (pbourke) proposed openstack/castellan master: Fix retrieving barbican endpoint from service catalog
*** salmankhan has quit IRC10:32
*** salmankhan has joined #openstack-barbican10:36
*** andreas_s has quit IRC10:57
*** dave-mccowan has joined #openstack-barbican11:26
*** noslzzp has joined #openstack-barbican11:33
*** noslzzp has quit IRC11:37
*** chlong_ has quit IRC11:43
*** raildo has joined #openstack-barbican12:01
*** noslzzp has joined #openstack-barbican12:06
*** catintheroof has joined #openstack-barbican12:21
dave-mccowanalee ping12:41
dave-mccowanalee in one of the triple-o gates is failing.  do you know who can take a look to determine if it's a barbican issue?12:42
*** randomhack has joined #openstack-barbican13:11
openstackgerritMerged openstack/barbican master: Using openstack command
*** agrebennikov has joined #openstack-barbican13:36
*** alee_ has joined #openstack-barbican13:38
alee_dave-mccowan, did you piing me?13:39
dave-mccowanalee in one of the triple-o gates is failing.  do you know who can take a look to determine if it's a barbican issue?13:40
alee_dave-mccowan, looking13:41
alee_dave-mccowan, looks like a failure to build the barbican rpm13:42
alee_dave-mccowan, I'll need to investigate13:43
alee_dave-mccowan, Checking for unpackaged file(s): /usr/lib/rpm/check-files /builddir/build/BUILDROOT/openstack-barbican-5.0.0-0.20170714205434.69561af.el7.centos.x86_6413:45
alee_error: Installed (but unpackaged) file(s) found:13:45
alee_   /usr/bin/barbican-wsgi-api13:45
alee_    Installed (but unpackaged) file(s) found:13:45
alee_   /usr/bin/barbican-wsgi-api13:45
alee_dave-mccowan, seems like a change is needed in the spec file as a result of this change13:46
*** kfarr has joined #openstack-barbican13:52
*** nkinder has joined #openstack-barbican14:01
dave-mccowanalee_ can you add comment to code review with what's needed?14:21
alee_dave-mccowan, ok14:22
kfarrdave-mccowan when you get a chance, can you please review this one?
*** agrebennikov has quit IRC15:22
dave-mccowankfarr this week is castellan release week, next week is python-barbicanclient release and barbican milestone 3 week15:24
dave-mccowankfarr i'm going to be on pto next week, so was thinking about releasing early for barbican client.  we should sync with oslo guys on castellan release.15:24
dave-mccowankfarr any last minute requirements?15:25
kfarrdave-mccowan I think castellan already had the final release15:25
kfarrI'm taking a look at what's in the python-barbicanclient queue15:27
dave-mccowankfarr yep. i guess we need to be very proactive if we want to sync with them. :-)15:27
kfarrdave-mccowan we'll need to get this in:
kfarrdid you see the issue about the latest python-barbicanclient breaking heat?15:28
dave-mccowankfarr yike, lots of gates broken on that patch.  and, no i missed the heat breakage.15:30
kfarrdave-mccowan ok wait it seems that python-barbicanclient change might be unrelated15:31
kfarrlooks like the heat bug is fixed15:31
openstackLaunchpad bug 1704725 in heat "heat engine does not start in py3 job" [High,Fix released] - Assigned to Rabi Mishra (rabi)15:31
*** randomhack has quit IRC15:32
dave-mccowanwe merged the refactor barbican client change that jeremy wrote months ago.  it added a /v1.  i wonder if that caused the heat error.  hopefully there is no other cross-project issues.15:34
kfarrdave-mccowan yes it looks like the heat bug was caused by that change -- it was ok for most projects, but it looks like the heat issue was that they were pulling in a lot of the barbican objects directly so they could mock them15:35
kfarroh they aren't even mocking them, they are just calling client().containers._api directly, not sure why15:37
kfarrAnyway, we'll still need to fix up and get in, otherwise openstack client is broken15:38
*** randomhack has joined #openstack-barbican15:44
dimskfarr : any opinion on doug's suggestion here?
dimsdave-mccowan : ^15:56
dave-mccowandims i'll defer to you, doug, and kfarr.  python entry points are not in my wheelhouse.15:59
kfarrdims how does stevedore work if there is a back end that is not part of castellan ?16:00
kfarrdims i.e. confkeymanager in cinder and nova16:00
kfarrdims do all the possible back ends need to be registered in the "choices" field for the "backend" config option?16:01
dimskfarr : cinder and nova can add a castellan.drivers = in their own setup.cfg pointing to their custom key managers.16:02
dimskfarr : no, it's not necessary for them to be listed there to be used.16:02
kfarrdims ok thanks I am also not that familiar with python entry points :)16:02
dimsit's a hint for generating docs etc16:02
kfarrdims so doug's suggestion is to have two entry point names for, say, barbican: "barbican" and "castellan.key_manager.barbican_key_manager.BarbicanKeyManager"16:04
kfarrwhich would both utilize the same back end16:04
kfarrand then if neither of those are found, default back to the import_class method16:05
dimsi kinda like it16:05
dimsif it's ok with you i will rework per his suggestion16:05
kfarrit would be just a migration step, and eventually we'd get to a point where the only option is "barbican"?16:06
dimswe could log warning for deprecating16:06
kfarrdims for the fully qualified alias for stevedore, would that make things more annoying to deprecate/remove in the future?16:07
dimswe have done it before for oslo.messaging i think16:08
kfarrdims yes let's go ahead and do that, it seems a little more robust16:10
kfarr"that" meaning doug's suggestion16:10
dimscool will do "that" this after noon :)16:10
kfarrthanks dims16:11
*** ssmith has joined #openstack-barbican16:29
ssmithDoes anyone know how to list the contents of a secret?16:29
kfarrssmith are you using the python client or the CLI ?16:31
ssmithI have both16:31
ssmithpython-barbicanclient so I've tried the barbican command and openstack secret command. I want to check if a intermediate cert was correctly inserted16:33
kfarrssmith you should be able to use "barbican secret get <href>--payload16:34
kfarr"barbican secret get <href> --payload"16:34
kfarrssmith great!16:35
ssmithOne other thing.  Where cascading acl's ever implemented in barbican yet?16:36
kfarrssmith to my knowledge, no, it looks like this bug is still outstanding:
openstackLaunchpad bug 1592612 in octavia "duplicate for #1666963 LBaaS TLS is not working with non-admin tenant" [High,Confirmed]16:38
ssmithOK, thanks16:39
*** randomhack has quit IRC16:53
*** randomhack has joined #openstack-barbican16:56
*** salmankhan has quit IRC16:58
*** salmankhan has joined #openstack-barbican17:00
openstackgerritKaitlin Farr proposed openstack/barbican-tempest-plugin master: test
*** randomhack has quit IRC17:53
openstackgerritDavanum Srinivas (dims) proposed openstack/castellan master: Use Stevedore for better extensions
kfarrrandomhack I am seeing a similar problem that you were seeing18:03
kfarrall of a sudden, on master branches of things18:03
kfarrand I am not sure what caused the change, but I am looking into it18:03
kfarrI am not sure if the behavior of set_default changed18:04
kfarrbut I am also not sure if that would affect newton18:04
*** randomhack has joined #openstack-barbican18:28
*** randomhack has quit IRC18:33
*** randomhack has joined #openstack-barbican18:36
*** alee has quit IRC18:38
*** kfarr has quit IRC18:46
*** randomhack has quit IRC18:47
*** salmankhan has quit IRC18:54
openstackgerritDavanum Srinivas (dims) proposed openstack/castellan master: Use Stevedore for better extensions
openstackgerritDavanum Srinivas (dims) proposed openstack/castellan master: Use Stevedore for better extensions
*** chlong_ has joined #openstack-barbican19:16
openstackgerritThiago da Silva proposed openstack/python-barbicanclient master: fix default version
*** tinyurl_comSLASH has joined #openstack-barbican19:59
*** tinyurl_comSLASH has left #openstack-barbican20:02
*** chlong_ has quit IRC20:03
*** raildo has quit IRC20:21
*** chlong_ has joined #openstack-barbican20:48
*** chlong_ has quit IRC21:04
openstackgerritKaitlin Farr proposed openstack/barbican-tempest-plugin master: test
*** randomhack has joined #openstack-barbican21:44
*** cpusmith has joined #openstack-barbican21:50
*** ssmith has quit IRC21:53
*** cpusmith has quit IRC21:54
*** randomhack has quit IRC22:28
*** ssmith has joined #openstack-barbican22:44
*** catintheroof has quit IRC23:03

Generated by 2.15.3 by Marius Gedminas - find it at!