Tuesday, 2021-09-21

« Monday, 2021-09-20 Index Wednesday, 2021-09-22 »
redrobot#startmeeting keystone15:00
opendevmeetMeeting started Tue Sep 21 15:00:55 2021 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.15:00
opendevmeetUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.15:00
opendevmeetThe meeting name has been set to 'keystone'15:00
redrobot#topic Roll Call15:01
redrobotCourtesy ping for ayoung, bbobrov, cmurphy, crisloma, dpar, dstanek, gagehugo, hrybacki, knikolla, lamt, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, spilla, jdennis, ruan_he, wxy, sonuk, vishakha,Ajay, raildo, rafaelweingartner, redrobot, xek15:01
lbragstado/15:01
redrobotHi lbragstad15:01
xeko/15:01
gagehugoo/15:01
redrobotHi y'all!15:01
redrobotAs usual the meeting agenda can be found here:15:01
redrobot#link https://etherpad.opendev.org/p/keystone-weekly-meeting15:01
redrobotIt's a bit light today, so it should be a quick meeting15:01
redrobot#topic Review Past Meeting Action Items15:02
redrobot#link https://meetings.opendev.org/meetings/keystone/2021/keystone.2021-09-14-15.00.html15:02
redrobotlooks like we didn't have any15:02
redrobotmoving along ...15:02
redrobot#topic Liaison Updates15:03
redrobot^^^ I copied this topic from the Barbican meeting15:03
redrobotusually we ask for updates from liaisons15:03
redrobotalthough I'm not sure who (or if we have any?) our liaisons are?15:03
redrobot#action redrobot to investigate who the Keystone liaisons are15:05
redrobotI'll find out for next time15:05
lbragstadwe had them at one point15:05
lbragstadhttps://wiki.openstack.org/wiki/Liaisons15:05
lbragstadnot sure what happened to ^ 15:05
redrobotweird15:06
redrobotwell, I'm already attending Oslo and Security meetings, so I can be our liaison for those15:06
redrobotLooking at that list reminded me of the Xena release15:07
redrobot#topic Xena RC115:07
redrobot#link https://review.opendev.org/c/openstack/releases/+/80863215:07
redrobotlooks like gagehugo approved the patch15:07
redrobotso we've got an RC115:08
gagehugohuzzah15:08
redrobotthat should be the final release unless someone finds any showstopper bugs15:08
redrobotMoving on15:10
redrobot#topic Bug Review15:10
redrobot#link https://bugs.launchpad.net/keystone/?orderby=-id&start=015:11
redrobotLooks like we got one new bug in the last week:15:11
redrobot#link https://bugs.launchpad.net/keystone/+bug/194395215:11
redrobot> 15:12
redrobotKeystone should add password_status attribute to user15:12
redrobotThis seems like it should be a spec and not a bug15:12
redrobotUnless it's some kind of regression? 🤔15:12
gagehugoThat seems like improving the pci-dss implementation15:14
gagehugo"it's impossible for the outside to know if an authentication error is due to invalid password or password lock. This greatly harms user friendliness and does not comply to common practice."15:14
gagehugoI disagree with that statement, on multiple internal system's I've had to deal with, it just says "invalid username/password" even when you're locked out after too many failed attempts15:15
gagehugobut it does provide a way for a user to check their status, which I assume is the ask of the bug15:15
gagehugologin "UI" seems like a horizon change15:16
redrobotRight, seems like an enhancement to enable something like Horizon to show better feedback to the user15:16
redrobotI'm inclined to close this as NOTABUG and ask the reporter to re-submit as a spec15:17
gagehugoyeah, wishlist item in horizon seems more accurate15:18
redrobotAgreed ... although I wonder if we present enough information now to have horizon relay that?15:20
redrobotOK, closed as Invalid15:24
redrobotmoving on 15:25
redrobot#topic Yoga PTG15:25
redrobotJust a reminder that we have an etherpad to collect PTG topics:15:25
redrobot#link https://etherpad.opendev.org/p/yoga-ptg-keystone15:25
redrobotOk, moving on15:28
redrobot#topic Open Discussion15:28
redrobotAnything else y'all want to talk about?15:28
* lbragstad doesn't15:31
gagehugonone from me15:34
redrobotxek anything from your end?15:35
xekI'm looking for reviews on https://review.opendev.org/c/openstack/keystone/+/806381/15:35
lbragstadso - i was going to start taking a look at that15:36
lbragstadand i was wondering if we could backport the migrations?15:36
lbragstadtypically, in the past, we always proposed placeholder migrations 15:36
lbragstadat the end of every release for sqlalchemy15:36
lbragstadand i don't think we've done that in a while15:36
gagehugohmm15:36
lbragstad(because people forgot about it)15:36
xeknormally I saw that there were a couple of empty patches reserved for each release15:36
lbragstadyeah15:36
xekbut I didn't see any for wallaby15:37
lbragstadright15:37
lbragstadi think we forgot about it 15:37
lbragstadand they didn't get proposed15:37
lbragstadso - i'm wondering if that's going to be a problem with this backport?15:37
lbragstadi don't remember the reason why the placeholders were necessary 15:37
lbragstadbut we did it for ever15:37
redrobotIIRC, alembic migrations can be non linear?  And alembic may be able to sort it out if backported migrations keep their ID the same?15:38
* lbragstad shrugs15:38
xekbut this is the same patch for wallaby, if it gets backported, it will be applied once, and then skipped for the next x release15:38
redrobotI'm definitely no Alembic expert though15:38
redrobotso I could be wrong.15:38
lbragstadxek yeah - that's what i was thinking, too15:38
lbragstadbut it makes me wonder why we needed the placeholders in the first place15:39
redrobotseems like a "cut off the ends" kind of deal.  We've never used placeholders in Barbican15:39
redrobotand typically backport migrations without issue15:39
lbragstadit might be fine since we havent' had any migrations since wallaby 15:40
redrobotespecially if the backport doesn't skip any migrations15:40
lbragstadbut - i need to think about it or dig into that just to make sure we're not glossing over an important detail15:40
redrobotI just want to check to make sure the patch landed in Xena15:41
redrobotor if a Xena backport is needed before this Wallaby one15:41
xeklooks like it did land in Xena15:42
lbragstadyeah - the outstanding patch is a backport15:42
lbragstadshould we propose placeholder migrations for xena/15:43
lbragstadand cut a new rc?15:43
redrobotI would assume, now15:44
redrobot*no15:44
redrobotbut also I need to dig into how Keystone handles migration15:44
lbragstadwe have developer docs on it15:44
redrobotbecause I don't see any parent->child relations in those 15:44
redrobotxek I'll take a look at the patch for sure15:50
xekthanks!15:50
redrobotAlrighty, y'all15:51
redrobotthanks for joining!15:51
lbragstadthanks redrobot 15:51
redrobot#endmeeting15:51
opendevmeetMeeting ended Tue Sep 21 15:51:08 2021 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)15:51
opendevmeetMinutes:        https://meetings.opendev.org/meetings/keystone/2021/keystone.2021-09-21-15.00.html15:51
opendevmeetMinutes (text): https://meetings.opendev.org/meetings/keystone/2021/keystone.2021-09-21-15.00.txt15:51
opendevmeetLog:            https://meetings.opendev.org/meetings/keystone/2021/keystone.2021-09-21-15.00.log.html15:51
opendevreviewLance Bragstad proposed openstack/keystone master: Fix typos in application credential policies  https://review.opendev.org/c/openstack/keystone/+/81032421:58
lbragstadknikolla gagehugo https://review.opendev.org/c/openstack/keystone/+/806205 https://review.opendev.org/c/openstack/keystone/+/810324 and https://review.opendev.org/c/openstack/keystone/+/806243 21:58
lbragstadare all easy reviews that fix generated policy files21:58
« Monday, 2021-09-20 Index Wednesday, 2021-09-22 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!