Friday, 2014-04-11

jamielennox	gabriel-bezerra: there isn't a v3/extensions route	00:02
jamielennox	there has bee disagreement on how to represent it and so it is as yet not done	00:02
gabriel-bezerra	in that doc one can find: "Query the Identity API to list available extensions with a GET request to v3/extensions."	00:03
jamielennox	gabriel-bezerra: hmm, that's incorrect	00:03
jamielennox	i'm not sure where it's being published from either as it's not in the identity-api documents	00:04
gabriel-bezerra	so is it a documentation bug or an implementation bug?	00:06
jamielennox	documentation	00:06
gabriel-bezerra	anyway, I'd just like to access the federation api	00:06
gabriel-bezerra	I'm trying to deploy a federated keystone, but I can't find good documentation about that	00:06
gabriel-bezerra	do you know anything about that?	00:07
gabriel-bezerra	jamielennox: where should I file that bug? keystone or openstack-manuals?	00:17
jamielennox	gabriel-bezerra: i think it's not well documented because it's still very experimental	00:19
jamielennox	gabriel-bezerra: i think it's openstack-manuals but i'm not sure	00:19
jamielennox	probably file it against both	00:19
gabriel-bezerra	I've just found an openstack-api-site	00:20
gabriel-bezerra	in launchpad	00:20
*** stevemar has joined #openstack-keystone		00:25
gabriel-bezerra	well, if there is not an extensions route, how can I know what extensions are being loaded?	00:26
*** stevemar2 has joined #openstack-keystone		00:26
gabriel-bezerra	I tried to run v3/OS-OAUTH1/consumers just to check, but got the same error: The resource could not be found.	00:27
*** stevemar has quit IRC		00:30
*** marcoemorais1 has quit IRC		00:31
*** RockKuo has joined #openstack-keystone		00:42
gabriel-bezerra	jamielennox: the bug: https://bugs.launchpad.net/openstack-api-site/+bug/1306311	00:49
uvirtbot	Launchpad bug 1306311 in openstack-api-site "Identity API v3 documents nonexistent v3/extensions route" [Undecided,New]	00:49
jamielennox	gabriel-bezerra: you need to enable the extensions in the paste pipeline	00:50
jamielennox	many are not turned on by default	00:50
gabriel-bezerra	any idea of how it should be done with the federation extension?	00:52
gabriel-bezerra	I can see 5 pipelines on keystone-paste.ini	00:52
*** topol has joined #openstack-keystone		01:03
*** amcrn has quit IRC		01:04
*** ilives has joined #openstack-keystone		01:04
*** ilives has quit IRC		01:05
*** ilives has joined #openstack-keystone		01:06
gabriel-bezerra	thank you for your help, jamielennox	01:08
jamielennox	gabriel-bezerra: sorry, i am vaguely around just not watching the channel much	01:08
jamielennox	i get a notify when you use the nick	01:08
gabriel-bezerra	oh, sorry	01:09
jamielennox	you want to add it to the end of the api_v3 pipeline	01:09
jamielennox	after json_body and before v3_service	01:09
gabriel-bezerra	Oh, good. Thank you. I got to go now.	01:10
*** ilives has quit IRC		01:11
*** ilives has joined #openstack-keystone		01:12
*** gabriel-bezerra has quit IRC		01:13
*** ilives has quit IRC		01:14
*** ilives has joined #openstack-keystone		01:15
*** richm has quit IRC		01:18
*** diegows has quit IRC		01:20
*** Guest____ has joined #openstack-keystone		01:26
*** diegows has joined #openstack-keystone		01:52
*** diegows has quit IRC		02:05
*** mberlin1 has joined #openstack-keystone		02:05
ayoung	morganfainberg, no. Its more like documentation than code: here's how you use it. We can turn them into tempest scripts over time.	02:06
*** mberlin has quit IRC		02:07
*** jimbaker has quit IRC		02:10
*** stevemar2 has quit IRC		02:10
*** Guest____ has quit IRC		02:12
*** gyee has quit IRC		02:17
*** dims has quit IRC		02:26
*** browne has joined #openstack-keystone		02:27
*** browne has quit IRC		02:35
*** david-lyle has joined #openstack-keystone		02:44
*** ayoung has quit IRC		02:50
*** topol has quit IRC		02:55
*** harlowja is now known as harlowja_away		03:14
openstackgerrit	Jenkins proposed a change to openstack/keystone: Updated from global requirements https://review.openstack.org/85762	03:42
*** david-lyle has quit IRC		03:43
*** wchrisj has joined #openstack-keystone		03:47
*** wchrisj has quit IRC		03:47
*** chandan_kumar has joined #openstack-keystone		03:48
*** marcoemorais has joined #openstack-keystone		03:51
*** marcoemorais1 has joined #openstack-keystone		03:53
*** wchrisj has joined #openstack-keystone		03:55
*** marcoemorais has quit IRC		03:55
openstackgerrit	Jenkins proposed a change to openstack/python-keystoneclient: Updated from global requirements https://review.openstack.org/85833	04:16
*** chandan_kumar has quit IRC		04:22
*** derek_c has joined #openstack-keystone		04:31
*** derek_c has quit IRC		04:32
*** derek_c has joined #openstack-keystone		04:32
*** chandan_kumar has joined #openstack-keystone		04:35
*** derek_c has quit IRC		04:44
*** dstanek has quit IRC		04:52
*** RockKuo has quit IRC		04:59
*** RockKuo has joined #openstack-keystone		05:00
*** saju_m has joined #openstack-keystone		05:16
*** chandan_kumar has quit IRC		05:24
*** Guest__ has joined #openstack-keystone		05:34
*** wchrisj has quit IRC		05:36
*** chandan_kumar has joined #openstack-keystone		05:37
*** zhiyan_ is now known as zhiyan		05:39
*** Guest__ has quit IRC		05:47
*** Guest__ has joined #openstack-keystone		05:48
openstackgerrit	Jenkins proposed a change to openstack/keystone: Imported Translations from Transifex https://review.openstack.org/83955	06:01
*** RockKuo has quit IRC		06:05
*** Guest__ has quit IRC		06:06
*** Guest__ has joined #openstack-keystone		06:10
*** chandan_kumar has quit IRC		06:49
*** jamielennox is now known as jamielennox\|away		06:54
*** chandan_kumar has joined #openstack-keystone		06:56
*** derek_c has joined #openstack-keystone		07:00
*** marcoemorais1 has quit IRC		07:31
openstackgerrit	Sergey Nikitin proposed a change to openstack/keystone: Code which gets and deletes elements of tree was moved to one method https://review.openstack.org/86578	07:31
*** leseb has joined #openstack-keystone		07:36
*** Guest__ has quit IRC		07:43
*** derek_c has quit IRC		07:58
*** derek_c has joined #openstack-keystone		08:11
*** marekd\|away is now known as marekd		08:13
baffle	In policy.v3cloudsample.json there is a definition of the cloud_admin rule, '"cloud_admin": "rule:admin_required and domain_id:admin_domain_id",' .. How should admin_domain_id be entered? I tried to just put '"cloud_admin": "rule:admin_required and domain_id:7106b7f435634883a3b85621a8252e97",' but that didn't work. Should it be defined somewhere? Should the string be escaped?	08:31
*** derek_c has quit IRC		08:31
*** mberlin1 has quit IRC		08:37
*** mberlin has joined #openstack-keystone		08:38
*** jaosorior has joined #openstack-keystone		08:41
openstackgerrit	Juan Antonio Osorio Robles proposed a change to openstack/keystone: Refactor: moved flatten function to utils https://review.openstack.org/85721	08:42
*** morganfainberg is now known as morganfainberg_Z		08:57
*** RockKuo has joined #openstack-keystone		08:58
*** marcoemorais has joined #openstack-keystone		08:58
*** marcoemorais1 has joined #openstack-keystone		09:00
*** marcoemorais has quit IRC		09:00
*** marcoemorais1 has quit IRC		09:04
*** chandan_kumar has quit IRC		09:10
*** chandan_kumar has joined #openstack-keystone		09:15
*** saju_m has quit IRC		09:45
*** chandan_kumar has quit IRC		09:47
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Sync test_migrations https://review.openstack.org/80618	09:49
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Redundant unique constraint https://review.openstack.org/84447	09:49
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Corresponding `nullable` value. https://review.openstack.org/84446	09:49
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Compatible server default value in the models. https://review.openstack.org/84445	09:49
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Explicit foreign key indexes. https://review.openstack.org/84444	09:49
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Make it possible to use multiprocess file locks https://review.openstack.org/84448	09:49
openstackgerrit	Ilya Pekelny proposed a change to openstack/keystone: Comparision of database models and migrations. https://review.openstack.org/80630	09:49
*** zhiyan is now known as zhiyan_		09:55
*** marcoemorais has joined #openstack-keystone		10:01
*** saju_m has joined #openstack-keystone		10:02
*** marcoemorais has quit IRC		10:06
*** marcoemorais has joined #openstack-keystone		10:09
*** leseb has quit IRC		10:12
*** leseb has joined #openstack-keystone		10:12
*** marcoemorais has quit IRC		10:13
*** leseb has quit IRC		10:16
*** leseb has joined #openstack-keystone		10:19
*** saju_m has quit IRC		10:25
*** chandan_kumar has joined #openstack-keystone		10:29
*** marcoemorais has joined #openstack-keystone		11:10
*** marcoemorais has quit IRC		11:11
*** marcoemorais has joined #openstack-keystone		11:12
*** marcoemorais has quit IRC		11:16
*** RockKuo has quit IRC		11:19
*** diegows has joined #openstack-keystone		11:25
*** chandan_kumar has quit IRC		11:41
*** dstanek has joined #openstack-keystone		11:49
*** chandan_kumar has joined #openstack-keystone		11:54
*** dims has joined #openstack-keystone		12:01
*** marcoemorais has joined #openstack-keystone		12:12
*** marcoemorais has quit IRC		12:17
*** baffle has quit IRC		12:24
*** baffle has joined #openstack-keystone		12:24
*** afaranha has left #openstack-keystone		12:37
*** afaranha has joined #openstack-keystone		12:38
*** david-lyle has joined #openstack-keystone		13:04
*** marcoemorais has joined #openstack-keystone		13:13
*** marcoemorais has quit IRC		13:18
*** htruta has joined #openstack-keystone		13:34
htruta	dolphm: https://bugs.launchpad.net/keystone/+bug/1081221 can you see the comment I've made on this bug? i think it was already solved	13:35
uvirtbot	Launchpad bug 1081221 in keystone "Keystone POST /tokens response does not contain all endpoints" [Medium,Triaged]	13:35
*** richm has joined #openstack-keystone		13:53
*** stevemar has joined #openstack-keystone		13:57
*** topol has joined #openstack-keystone		13:59
*** zhiyan_ is now known as zhiyan		14:09
*** marcoemorais has joined #openstack-keystone		14:14
marekd	stevemar: Hello! Do you think you will find some time to take a look at: https://review.openstack.org/#/c/86397 ?	14:17
*** Chicago has quit IRC		14:18
*** marcoemorais has quit IRC		14:18
*** david-lyle has quit IRC		14:20
*** Chicago has joined #openstack-keystone		14:22
*** Chicago has joined #openstack-keystone		14:22
marekd	dolphm jamielennox\|away morganfainberg_Z dstanek stevemar: Your feedback on https://review.openstack.org/#/c/83742 and https://review.openstack.org/#/c/83829 highly appreciated!	14:26
*** wchrisj has joined #openstack-keystone		14:28
stevemar	marekd, surely	14:28
marekd	stevemar: what I want to discuss is e.g convention of naming of the command...shall it be identity_provider (later split into identity provider), identity_provider or maybe idp (more handy but less official)?	14:30
*** jaosorior has quit IRC		14:30
*** chandan_kumar has quit IRC		14:31
stevemar	marekd, lets see what dtroyer says, i am leaning toward identity provider, not idp	14:31
marekd	stevemar: me too.	14:33
stevemar	marekd, i wrote a few suggestions quickly, if you want to submit a new patch rather than wait on the rest of my input	14:34
baffle	If I in Keystone have set keystone.policy.backends.sql.Policy, that means that it will parse /etc/keystone/policy.json first, and then also apply rules from SQL? What is a good way to see valid policies? I notice that if I GET /v3/policies this array is empty.	14:34
openstackgerrit	Brant Knudson proposed a change to openstack/python-keystoneclient: auth_token middleware hashes tokens with configurable algorithm https://review.openstack.org/80398	14:36
marekd	stevemar: ok ,thanks.	14:36
*** jagee has joined #openstack-keystone		14:45
stevemar	baffle, i think this mailing list thread will help a bit... https://lists.launchpad.net/openstack/msg21740.html	14:46
*** david-lyle has joined #openstack-keystone		14:47
*** thedodd has joined #openstack-keystone		14:52
*** erecio has joined #openstack-keystone		14:59
*** Gu_______ has joined #openstack-keystone		15:01
*** Gu_______ has quit IRC		15:20
openstackgerrit	Brant Knudson proposed a change to openstack/keystone: Add localized response test https://review.openstack.org/70610	15:23
*** david-lyle has quit IRC		15:29
*** erecio has quit IRC		15:35
*** david-lyle has joined #openstack-keystone		15:36
*** leseb has quit IRC		15:37
*** leseb has joined #openstack-keystone		15:38
*** marcoemorais has joined #openstack-keystone		15:39
*** leseb has quit IRC		15:42
*** marcoemorais has quit IRC		15:44
*** marcoemorais has joined #openstack-keystone		15:44
*** G________ has joined #openstack-keystone		15:46
*** browne has joined #openstack-keystone		15:59
*** marekd is now known as marekd\|away		16:00
*** wchrisj has quit IRC		16:04
*** gyee has joined #openstack-keystone		16:07
*** leseb has joined #openstack-keystone		16:08
*** leseb has quit IRC		16:10
*** leseb has joined #openstack-keystone		16:11
*** david-lyle has quit IRC		16:12
*** leseb has quit IRC		16:15
*** david-lyle has joined #openstack-keystone		16:16
htruta	@dolphm: https://bugs.launchpad.net/keystone/+bug/1081221 can you see the comment I've made on this bug? i think it was already solved	16:19
uvirtbot	Launchpad bug 1081221 in keystone "Keystone POST /tokens response does not contain all endpoints" [Medium,Triaged]	16:19
*** harlowja_away is now known as harlowja		16:25
*** erecio has joined #openstack-keystone		16:27
*** G________ has quit IRC		16:31
*** pscheie has joined #openstack-keystone		16:33
*** zhiyan is now known as zhiyan_		16:40
*** zhiyan_ is now known as zhiyan		16:40
*** zhiyan is now known as zhiyan_		16:43
*** G________ has joined #openstack-keystone		16:49
*** wchrisj has joined #openstack-keystone		16:56
*** david_lyle_ has joined #openstack-keystone		16:57
*** david-lyle has quit IRC		17:00
*** david_lyle_ has quit IRC		17:02
*** G________ has quit IRC		17:07
*** rwsu has quit IRC		17:09
*** amcrn has joined #openstack-keystone		17:19
*** jimbaker has joined #openstack-keystone		17:23
openstackgerrit	Pablo Fernando Cargnelutti proposed a change to openstack/keystone: Extracting get group roles for project logic to drivers. https://review.openstack.org/86025	17:24
*** morganfainberg_Z is now known as morganfainberg		17:30
*** chandan_kumar has joined #openstack-keystone		17:35
*** erecio has quit IRC		17:38
morganfainberg	dstanek, ping - re keystone hacking stuff.	17:42
morganfainberg	dstanek, is https://review.openstack.org/#/c/78119/ the last in the list?	17:43
morganfainberg	dstanek, because ... i kinda want to +A that :)	17:44
morganfainberg	dstanek, but i have a concern...	17:47
morganfainberg	dstanek, https://review.openstack.org/#/c/78119/10/keystone/tests/test_hacking_checks.py you're mixing flake8: noqa and noqa on lines	17:47
morganfainberg	afaik (bknudson did the leg work, and i trust him on this) one is a file exemption, the other is a line exemption	17:48
bknudson	morganfainberg: I'm surprised the tests pass.	17:48
morganfainberg	bknudson, really?	17:48
bknudson	morganfainberg: something's not working right -- flak8:noqa is supposed to disable the test for the entire file	17:49
bknudson	but there's an assert for an error	17:49
bknudson	"easilty test."	17:51
bknudson	he he	17:51
morganfainberg	huh, that is odd. how does that pass?	17:51
morganfainberg	oh	17:52
morganfainberg	i know why	17:52
morganfainberg	bknudson, flake8: noqa is a flake8 command, the AST parser doesn't exempt on it	17:52
morganfainberg	flake8 would see it and exempt the file.	17:52
morganfainberg	bknudson, s/ast/code inspection logic	17:52
morganfainberg	this is an explicit call to the code for inspection vs flake8 running it.	17:53
morganfainberg	bknudson, ... flake8: noqa means we don't validte the test_hacking_checks file at all, that should be "noqa" instead right?	17:53
bknudson	yes, it should be noqa...	17:54
bknudson	no need to validate that flake8: noqa works.	17:54
*** david-lyle has joined #openstack-keystone		17:54
morganfainberg	bknudson, ok i'll upload a quick fix for dstanek's patchset there so we can get it in today (if possible)	17:54
morganfainberg	bknudson, i'm seeing more and more proposed reviews that are going to make this hard to land and i like the style enforcement.	17:55
morganfainberg	bknudson, unless you want me to +A and submit a fix patchset to change it (path of least resistence)	17:55
bknudson	morganfainberg: either way works for me.	17:55
morganfainberg	bknudson, i'll go latter since it's ready to go now. cool :)	17:55
bknudson	morganfainberg: btw - trying out the migration compaction now.	17:56
bknudson	Looks like it's working	17:56
morganfainberg	bknudson, awesome :) thanks.	17:56
morganfainberg	bknudson, i'm about ½ way through a patchset that moves us to the migration test style nova uses.	17:57
*** ilives has quit IRC		17:58
*** wchrisj has quit IRC		18:06
*** morganfainberg is now known as morganfainberg_Z		18:10
*** morganfainberg_Z is now known as morganfainberg		18:11
*** marcoemorais has quit IRC		18:13
*** marcoemorais1 has joined #openstack-keystone		18:13
morganfainberg	interesting.	18:16
morganfainberg	"# noqa" can't be used here because the way the processor works.	18:17
morganfainberg	bknudson, since #This is a bad one supersedes the # noqa bit	18:17
morganfainberg	maybe moving the code tests into fixtures is the right answer	18:17
morganfainberg	this is an interesting problem, you can't # noqa a comment line	18:19
bknudson	morganfainberg: sounds like a bug in flake8	18:20
morganfainberg	bknudson, nope bug in our processor i think	18:20
*** Guest__ has joined #openstack-keystone		18:20
morganfainberg	bknudson, maybe in flake8, but not sure if this is a bug that needs fixing	18:20
bknudson	I'm fine with noqa not being supported for that check	18:21
morganfainberg	can we exempt a file from a specific check?	18:22
*** Guest__ has quit IRC		18:22
bknudson	morganfainberg: I don't know one way or the other.	18:22
morganfainberg	bknudson, looking to see if we can. would be nice to just ignore k002 for this file vs. losing the test _or_ exempting the whole file	18:23
*** Guest__ has joined #openstack-keystone		18:23
bknudson	morganfainberg: do we have a file that requires us to have no space after #?	18:24
morganfainberg	bknudson, no.	18:24
morganfainberg	bknudson, but we either need to exempt the whole test_hacking_checks file or move this "code" to someplace we can exempt (at least from K002)	18:25
morganfainberg	we can't test the #<nospace comment> otherwise	18:25
*** mriedem has joined #openstack-keystone		18:30
*** chandan_kumar has quit IRC		18:30
mriedem	newb question, but does keystone behave any differently automatically if it can load python-openstackclient?	18:30
* morganfainberg waves to mriedem		18:30
* mriedem waves back		18:31
bknudson	it doesn't	18:31
*** david_lyle_ has joined #openstack-keystone		18:31
bknudson	there's no loading of python-openstackclient	18:31
mriedem	well gdi	18:31
bknudson	mriedem: should it?	18:32
mriedem	bknudson: ever since i started installing python-openstackclient on my test node that runs tempest, i've been getting a ton of unauthorized failures	18:32
bknudson	mriedem: does it run a bunch of new tests for python-openstackclient?	18:33
mriedem	bknudson: nope, it's mostly blowing up on nova tests	18:33
bknudson	I think there was a relase of python-keystoneclient recently.	18:33
mriedem	bknudson: we're running with 0.7.1 plus a patch	18:33
mriedem	digging up that patch	18:34
*** david-lyle has quit IRC		18:34
mriedem	https://review.openstack.org/#/c/86321/	18:34
bknudson	mriedem: anything in the keystone server log?	18:35
mriedem	however, i patched keystoneclient with that yesterday but was having mega fails since 4/9, which is around when i started installing openstackclient	18:35
mriedem	bknudson: yeah, lots of warnings, but stuff that also shows up on successful runs	18:35
mriedem	so i chalk those up to negative tests	18:35
bknudson	mriedem: anything in the nova-api log from auth_token?	18:35
mriedem	WARNING keystoneclient.middleware.auth_token [-] Configuring auth_uri to point to the public identity endpoint is required; clients may not be able to authenticate against an admin endpoint	18:36
*** david_lyle_ has quit IRC		18:36
bknudson	mriedem: I don't think that will affect anything... that's the URL that's returned when there's a failure to authenticate.	18:37
bknudson	I don't think anything actually parses the response and tries to use that URL	18:37
mriedem	yeah, that shows up on good runs too	18:37
bknudson	so there's nothing that says that authentication failed?	18:38
mriedem	in nova-api?	18:38
bknudson	in nova-api	18:38
mriedem	the auth failures are actually showing up in tempest	18:38
bknudson	I wouldn't be too surprised.	18:38
mriedem	trying to dig up a log	18:38
*** dims has quit IRC		18:39
*** david-lyle has joined #openstack-keystone		18:40
mriedem	bknudson: btw, wtf, i thought you were on nakation?	18:46
bknudson	mriedem: this is me on vacation	18:46
mriedem	go outside	18:46
bknudson	mriedem: not doing psirts	18:46
mriedem	the psirts can't get you at the park	18:46
morganfainberg	bknudson, wait, you're on vacation?	18:46
mriedem	he always does this	18:47
mriedem	'vacation' for bknudson means hiding in public IRC, not being on internal chat	18:47
topol	bknudson getting to work on keystone is his vacation :-)	18:47
morganfainberg	topol, hehe	18:47
topol	mriedem ++	18:47
morganfainberg	i swear i don't do the same thing.	18:47
morganfainberg	but substitute vacation for weekend	18:47
bknudson	I just wanted to get through the migration tests and update my own commts.	18:48
topol	stevemar, why is your example script called an "exercise"? Is that existing terminology or you came up with that?	18:48
morganfainberg	topol, well when you have evil spirits infesting your code ....	18:49
morganfainberg	topol, you need to exercis... oh wait.	18:49
topol	so the funny thing with bknudson is I once told him that based on his code reviewing style that his garage must be amazingly clean. He assured me its a mess and disorganized. I still dont believe him :-)	18:49
* morganfainberg goes back to the corner		18:49
topol	morganfainberg, exorcism???	18:50
morganfainberg	topol, oh oh exercise not exorcise	18:50
*** Guest__ has quit IRC		18:50
* morganfainberg makes more bad jokes		18:50
stevemar	topol, because ayoung started the trend	18:51
stevemar	topol, as seen here: https://review.openstack.org/#/c/82687/	18:51
morganfainberg	stevemar, we need a gate check for those btw.	18:51
bknudson	if these examples aren't tested then they're going to be constantly broken	18:52
morganfainberg	bknudson, ++++++	18:52
bknudson	we seem to have enough problems keeping documentation up to date already	18:52
stevemar	yeah, right now nothing tests it	18:53
topol	stevemar, where does his example call things exercises? I dont see it	18:53
bknudson	I expect that we'll just delete it the first time someone tries it and it doesn't work.	18:53
*** chandan_kumar has joined #openstack-keystone		18:53
topol	bknudson ++ nothing more frustrating than broken exmaples	18:54
stevemar	topol, nothing actually calls it, i think the idea was that he was trying to give an example of how to use the client code	18:54
morganfainberg	stevemar, and i still stand by the "we need this to be a gate job"	18:54
stevemar	morganfainberg, i don't disagree !	18:54
morganfainberg	stevemar, i'm going to -1 them until we have a way to test them.	18:54
topol	stevemar you call your example exercise_v3_oauth	18:55
morganfainberg	stevemar, if someone wants to override that opinion fine (so no -2) but i don't want to see them in the tree w/o testing	18:55
topol	stevemar why not just callit example_v3_oauth???	18:55
topol	and in the comment say this example instead of 'This exercise ..."???	18:55
*** wchrisj has joined #openstack-keystone		18:56
stevemar	topol, i didn't know you were so sensitive about the differences between exercise and example :)	18:56
stevemar	topol, i'll rename it, but as morganfainberg says, they need to gate/be tested	18:56
*** Guest__ has joined #openstack-keystone		18:57
topol	stevemar, just wondering if that was canadian english dialect kind of thing. I just had not seen that terminology used for exmaples :-)	18:57
morganfainberg	stevemar, -1 preemptively added to your review :P (sorry)	18:57
morganfainberg	topol, i think it comes from the devstack "exercise" script	18:57
topol	morganfainberg I was about to do the same thing :-). bknudson on vacation still catcthing pproblematoc stuff	18:58
topol	morganfainberg. OK as long as its already used	18:58
morganfainberg	topol, i don't know if i like the terminology but it isn't a bad one.	18:58
morganfainberg	topol, i still think we need to call it exorcise instead	18:58
stevemar	morganfainberg, there are enough spelling mistakes in our comments, no need for new ones	19:00
morganfainberg	stevemar, but ... how do you know our code isn't infested with evil spirits	19:01
morganfainberg	?	19:01
morganfainberg	and not just the good kinds... like whiskey	19:01
morganfainberg	stevemar, ok ok i'm sorry i'll stop :(	19:02
stevemar	morganfainberg, hehe, add a comment to the 'run this script to cleanse your keystone environment of evil spirits'	19:02
morganfainberg	stevemar, ++ :)	19:02
stevemar	exorcise_keystone.py	19:02
stevemar	ahhh friday	19:02
morganfainberg	i need good spirits in my glass on my desk today	19:03
morganfainberg	its'... past noon somewhere	19:03
stevemar	morganfainberg, i need to bug someone in the requirements team about this: https://review.openstack.org/#/c/82929/ got any suggestions?	19:03
stevemar	morganfainberg, it's past noon for you, too	19:04
morganfainberg	stevemar, not just requirements stable requirements	19:04
morganfainberg	stevemar, hit up ttx sean dague uhm...	19:04
morganfainberg	those would be the first two i'd poke at	19:04
bknudson	I thought they were going to not update oauthlib for stable?	19:05
mriedem	bknudson: this is what i see all over the tempest logs http://paste.openstack.org/show/75588/	19:05
stevemar	bknudson, there was the larger patch that removed python-oauth2 and added oauthlib, and that was -2'ed	19:05
stevemar	bknudson, but last time i merged oauthlib into keystoneclient code, it broke a build	19:06
bknudson	stevemar: ok, but we still want to be able to make the change to master... and that requires stable fix.	19:06
stevemar	bknudson, ++	19:06
bknudson	that requires stable requirement update	19:06
stevemar	bknudson, this fella is doing the same thing: https://review.openstack.org/#/c/86850/	19:06
openstackgerrit	Morgan Fainberg proposed a change to openstack/keystone: Move hacking code to a separate fixture https://review.openstack.org/86998	19:07
morganfainberg	dstanek, ^	19:07
bknudson	mriedem: but nothing in the nova-api log??	19:07
stevemar	grumble grumble, now those keystoneclient patches need rebasing, bah	19:08
mriedem	bknudson: right, the only errors in the nova-api log are some glanceclient things and some neutron errors about security groups, which are probably from negative tests	19:08
bknudson	mriedem: you sure there isn't another zombie server running?	19:08
bknudson	your system needs an exorcism.	19:09
mriedem	another server getting nova api requests? i don't think so.	19:10
*** erecio has joined #openstack-keystone		19:19
bknudson	mriedem: I get messages like this in devstack nova-api when I send a bad token:	19:20
bknudson	2014-04-11 14:19:47.436 WARNING keystoneclient.middleware.auth_token [-] Authorization failed for token	19:20
mriedem	bknudson: i see one of those in n-api	19:20
*** rwsu has joined #openstack-keystone		19:24
*** erecio has quit IRC		19:25
*** thedodd has quit IRC		19:29
*** thedodd has joined #openstack-keystone		19:31
*** erecio has joined #openstack-keystone		19:49
*** wchrisj has quit IRC		19:56
dstanek	morganfainberg: good catch	19:56
*** wchrisj has joined #openstack-keystone		20:01
*** marcoemorais1 has quit IRC		20:02
*** marcoemorais has joined #openstack-keystone		20:03
*** Guest__ has quit IRC		20:03
*** Guest__ has joined #openstack-keystone		20:03
mriedem	bknudson: gdi	20:06
mriedem	found it	20:06
mriedem	https://review.openstack.org/#/c/85823/	20:06
mriedem	merged 4/8	20:06
mriedem	that's the 403 i get in the n-api log	20:06
mriedem	when i turn up debug logging	20:06
*** david-lyle has quit IRC		20:06
*** marcoemorais has quit IRC		20:10
*** chandan_kumar has quit IRC		20:10
*** marcoemorais has joined #openstack-keystone		20:11
openstackgerrit	Steve Martinelli proposed a change to openstack/python-keystoneclient: Add request/access token and consumer support for keystoneclient https://review.openstack.org/81980	20:15
*** Krsna has quit IRC		20:16
stevemar	mriedem, glad it was in nova :P	20:16
mriedem	me too :)	20:17
mriedem	and it was isolated to our stupd internal setup scripts which aren't devstack	20:17
mfisch	can someone tell me where in mysql keystone stores the user/role mappings?	20:17
*** erecio has quit IRC		20:18
mfisch	and I just found it in user_project_metadata	20:18
stevemar	mfisch, you are your own debugger	20:18
mfisch	IRC is always helpful!	20:18
openstackgerrit	Steve Martinelli proposed a change to openstack/python-keystoneclient: Authenticate via oauth https://review.openstack.org/81981	20:20
openstackgerrit	Steve Martinelli proposed a change to openstack/python-keystoneclient: Authenticate via oauth https://review.openstack.org/81981	20:24
*** david-lyle has joined #openstack-keystone		20:26
*** dims has joined #openstack-keystone		20:28
*** dims_ has joined #openstack-keystone		20:29
*** dims has quit IRC		20:33
openstackgerrit	ayoung proposed a change to openstack/python-keystoneclient: Revocation event API https://review.openstack.org/81166	20:35
*** mriedem has left #openstack-keystone		20:38
*** Chicago has quit IRC		20:40
topol	dstanek, I reviewing your rotating password patch. Just curiously, what is __table_args__ used for? Looks like it is to pass extra arguments to somone. But who?	20:40
*** erecio has joined #openstack-keystone		20:41
*** erecio has quit IRC		20:42
*** rwsu has quit IRC		20:46
openstackgerrit	ayoung proposed a change to openstack/python-keystoneclient: Regions Management https://review.openstack.org/79096	20:46
*** rwsu has joined #openstack-keystone		20:46
*** raildo has quit IRC		20:47
*** htruta has quit IRC		20:48
morganfainberg	topol, to the ORM.	20:49
morganfainberg	topol, it tells the ORM that there are the indexes (ix_rotated_password, etc) in this case	20:49
morganfainberg	topol, this is especially useful if we use reflection to create the schema	20:50
morganfainberg	topol, or use the ORM to interact in a way that needs to be index aware	20:50
topol	morganfainberg, so there are conventions when using __table_args__ to pass info to the ORM and in this example it was to inform it of indexes. And Im guessing there are other conventions to to tell the ORM other important details?	20:51
*** harlowja is now known as harlowja_away		20:51
morganfainberg	topol, can be used for FK constraints and unique constraints as well	20:51
morganfainberg	topol, iirc	20:51
topol	morganfainberg, OK. makes sense. Thanks!	20:52
*** gyee has quit IRC		20:57
*** marcoemorais has quit IRC		20:57
*** marcoemorais has joined #openstack-keystone		20:58
*** marcoemorais has quit IRC		20:59
*** marcoemorais has joined #openstack-keystone		20:59
*** harlowja_away is now known as harlowja		21:00
*** wchrisj has quit IRC		21:05
*** dims_ has quit IRC		21:20
*** Guest__ has quit IRC		21:24
*** Guest__ has joined #openstack-keystone		21:25
*** topol has quit IRC		21:28
*** G________ has joined #openstack-keystone		21:30
*** Guest__ has quit IRC		21:31
*** david-lyle has quit IRC		21:38
*** afaranha has quit IRC		21:49
*** thiagop has quit IRC		21:50
*** jagee has quit IRC		21:59
*** david-lyle has joined #openstack-keystone		22:10
*** marcoemorais has quit IRC		22:15
*** marcoemorais has joined #openstack-keystone		22:16
*** gyee has joined #openstack-keystone		22:16
*** marcoemorais has quit IRC		22:19
*** marcoemorais has joined #openstack-keystone		22:19
*** marcoemorais has quit IRC		22:22
*** marcoemorais has joined #openstack-keystone		22:23
*** thedodd has quit IRC		22:36
*** G________ has quit IRC		22:47
*** david-lyle has quit IRC		22:48
*** diegows has quit IRC		22:52
*** david-lyle has joined #openstack-keystone		23:00
openstackgerrit	A change was merged to openstack/keystone: Refactor: moved flatten function to utils https://review.openstack.org/85721	23:01
*** richm has quit IRC		23:20
*** ilives has joined #openstack-keystone		23:54
*** ilives has quit IRC		23:59

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!