| *** dviroel|biab is now known as dviroel|out | 00:20 | |
| *** dasm is now known as dasm|off | 04:20 | |
| opendevreview | Yonggen Sun proposed openstack/keystoneauth master: OAuth 2.0 Mutual-TLS Support https://review.opendev.org/c/openstack/keystoneauth/+/860614 | 05:11 |
|---|---|---|
| opendevreview | Yonggen Sun proposed openstack/keystone master: OAuth 2.0 Mutual-TLS Support https://review.opendev.org/c/openstack/keystone/+/860613 | 05:12 |
| opendevreview | Yonggen Sun proposed openstack/keystonemiddleware master: OAuth 2.0 Mutual-TLS Support https://review.opendev.org/c/openstack/keystonemiddleware/+/860615 | 05:12 |
| opendevreview | Yonggen Sun proposed openstack/keystoneauth master: Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystoneauth/+/860923 | 07:02 |
| opendevreview | Yonggen Sun proposed openstack/keystoneauth master: Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystoneauth/+/860923 | 08:18 |
| opendevreview | Yonggen Sun proposed openstack/keystoneauth master: Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystoneauth/+/860923 | 08:22 |
| opendevreview | Yonggen Sun proposed openstack/keystone master: Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystone/+/860928 | 08:46 |
| opendevreview | Yonggen Sun proposed openstack/keystone master: Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystone/+/860928 | 08:48 |
| fkr | ahoi | 09:37 |
| *** dviroel|out is now known as dviroel | 11:06 | |
| opendevreview | Yusuke Niimi proposed openstack/keystoneauth master: [WIP]Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystoneauth/+/860923 | 11:35 |
| opendevreview | Yusuke Niimi proposed openstack/keystone master: [WIP]Add doc of OAuth 2.0 Mutual-TLS Authenticate https://review.opendev.org/c/openstack/keystone/+/860928 | 11:35 |
| *** dasm|off is now known as dasm | 12:41 | |
| d34dh0r53 | #startmeeting keystone | 15:02 |
| opendevmeet | Meeting started Tue Oct 11 15:02:07 2022 UTC and is due to finish in 60 minutes. The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot. | 15:02 |
| opendevmeet | Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. | 15:02 |
| opendevmeet | The meeting name has been set to 'keystone' | 15:02 |
| d34dh0r53 | #topic Roll Call | 15:02 |
| xek | o/ | 15:02 |
| d34dh0r53 | admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek | 15:02 |
| h-asahina | o/ | 15:02 |
| d34dh0r53 | o/ | 15:02 |
| d34dh0r53 | sorry for the late start folks | 15:02 |
| dmendiza[m] | 🙋♂️ | 15:03 |
| dmendiza[m] | I don't apologize for late starts until 5 minutes after. 😜 | 15:03 |
| d34dh0r53 | lol, thanks dmendiza[m], noted | 15:03 |
| d34dh0r53 | #topic Review past meeting work items | 15:03 |
| d34dh0r53 | #link https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-10-04-15.01.html | 15:04 |
| d34dh0r53 | looks like there were 4 action items from last week | 15:04 |
| d34dh0r53 | dmendiza[m] submit a patch to request the release for keystoneauth | 15:04 |
| dmendiza[m] | working on that right meow | 15:04 |
| d34dh0r53 | thanks dmendiza[m], I won't add another action item then | 15:05 |
| d34dh0r53 | d34dh0r53 work with dmendiza[m] to reserve a slot for the operator hours for keystone at the ptg | 15:05 |
| d34dh0r53 | this has been done, our operator hours are on Friday 21-Oct to 15:00-16:00 | 15:06 |
| d34dh0r53 | in the Mitaka room | 15:06 |
| d34dh0r53 | d34dh0r53 work with dmendiza[m] to reserve our regular slots for the PTG (2 hours on 2 days, total of 4 hours) | 15:06 |
| d34dh0r53 | also done, our schedule is on the PTGBot site | 15:07 |
| d34dh0r53 | #link https://ptg.opendev.org/ptg.html | 15:07 |
| d34dh0r53 | Monday and Tuesday 13:00-15:00 UTC | 15:08 |
| d34dh0r53 | dmendiza[m] will look at https://bugs.launchpad.net/keystone/+bug/1990987 | 15:08 |
| dmendiza[m] | did not get a chance to look at it, let's bump it to next week | 15:08 |
| d34dh0r53 | dmendiza[m]: ack | 15:08 |
| d34dh0r53 | #action dmendiza[m] will look at https://bugs.launchpad.net/keystone/+bug/1990987 | 15:09 |
| d34dh0r53 | next up we have | 15:09 |
| d34dh0r53 | #topic Liaison Updates | 15:09 |
| d34dh0r53 | anything from release management? | 15:10 |
| d34dh0r53 | ok, | 15:10 |
| dmendiza[m] | I think all the releases have shipped for Zed? | 15:10 |
| *** dviroel is now known as dviroel|lunch | 15:11 | |
| d34dh0r53 | I think so, it looks like everything other pycadf and ldappool have releases for zed and I don't think we release those per cycle | 15:13 |
| d34dh0r53 | next up is VMT | 15:13 |
| d34dh0r53 | I filed a bug regarding a medium CVE in keystone that I'm currently working on | 15:14 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystone/+bug/1992183 | 15:15 |
| d34dh0r53 | sorry, it's a high | 15:15 |
| d34dh0r53 | Any other liaison updates? | 15:16 |
| d34dh0r53 | #help still looking for additional cross-project liaisons | 15:16 |
| d34dh0r53 | ping me if you're interested | 15:16 |
| d34dh0r53 | on to specs | 15:17 |
| d34dh0r53 | #topic specification OAuth 2.0 (h_asahina) | 15:17 |
| d34dh0r53 | #link https://review.opendev.org/q/topic:bp%252Foauth2-client-credentials-ext | 15:17 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone-specs/+/843765 | 15:17 |
| h-asahina | We've submitted patches for mtls OAuth2.0 | 15:17 |
| h-asahina | https://review.opendev.org/c/openstack/keystoneauth/+/860614 | 15:17 |
| h-asahina | https://review.opendev.org/c/openstack/keystonemiddleware/+/860615 | 15:17 |
| h-asahina | https://review.opendev.org/c/openstack/keystone/+/860613 | 15:17 |
| d34dh0r53 | great, thank you! | 15:18 |
| h-asahina | :) | 15:19 |
| * dmendiza[m] adds patches to review queue | 15:19 | |
| d34dh0r53 | thanks dmendiza[m], and we'll look at these during the reviewathon on Friday | 15:20 |
| h-asahina | thanks. it's also welcome if you have additional comments for spec after reading these patches. | 15:20 |
| d34dh0r53 | excellent, thanks again h-asahina | 15:20 |
| d34dh0r53 | #topic specification Secure RBAC (dmendiza[m]) | 15:21 |
| d34dh0r53 | #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_ | 15:21 |
| d34dh0r53 | dmendiza[m]: any s-rbac updates? | 15:21 |
| dmendiza[m] | I added a topic to discuss this during PTG | 15:24 |
| dmendiza[m] | I want to make sure we're all on the same page as far as next steps for this cycle | 15:24 |
| d34dh0r53 | great, thank you | 15:24 |
| d34dh0r53 | #topic Open Discussion | 15:25 |
| d34dh0r53 | drencom has added a review request for | 15:26 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystonemiddleware/+bug/1987355 | 15:26 |
| d34dh0r53 | it looks like there has been a patch submitted, please review that if you have time and we'll look at this one during the reviewathon too | 15:26 |
| d34dh0r53 | #topic Open Discussion - Antelope PTG | 15:28 |
| d34dh0r53 | As I said earlier we have slots reserved for the PTG | 15:28 |
| d34dh0r53 | We have two 2 hour blocks on Monday and Tuesday and an operator-hours on Friday | 15:29 |
| d34dh0r53 | You can see all of the times on the PTGBot site | 15:29 |
| d34dh0r53 | #link https://ptg.opendev.org/ptg.html | 15:30 |
| d34dh0r53 | and our agenda is here | 15:30 |
| d34dh0r53 | #link https://etherpad.opendev.org/p/antelope-ptg-keystone | 15:30 |
| d34dh0r53 | If you have conflicts, or if you'd like to suggest different times for our slots please let me know and I'll see what we can do | 15:31 |
| d34dh0r53 | and please feel free to add any agenda items that you'd like to discuss | 15:31 |
| d34dh0r53 | anything else for open discussion? | 15:32 |
| h-asahina | ah, I have an question. | 15:32 |
| d34dh0r53 | go ahead h-asahina | 15:32 |
| h-asahina | https://etherpad.opendev.org/p/keystone-weekly-meeting | 15:32 |
| h-asahina | we're trying to realize fine grained access control in Tacker | 15:33 |
| h-asahina | for example, adding "vendor" and "location" attributes to users and use them to control access. | 15:33 |
| h-asahina | my question is does keystone allow using user-defined users' attribute for the access control? | 15:34 |
| d34dh0r53 | hmm, I don't think so, but dmendiza[m] or knikolla[m] might know for sure | 15:35 |
| d34dh0r53 | #action d34dh0r53 look into user-defined attribute access control | 15:40 |
| d34dh0r53 | h-asahina: I'll get back to you on that | 15:40 |
| h-asahina | great. thanks. | 15:40 |
| d34dh0r53 | anything else for open discussion? | 15:40 |
| d34dh0r53 | #topic bug review | 15:41 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 | 15:41 |
| d34dh0r53 | looks like we have a couple of new bugs | 15:41 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystone/+bug/1992186 | 15:41 |
| d34dh0r53 | "int object is not iterable" when using numerical group names | 15:41 |
| d34dh0r53 | it looks like there is already a patch up for this with several reviews | 15:42 |
| d34dh0r53 | #link https://review.opendev.org/c/openstack/keystone/+/860726 | 15:42 |
| d34dh0r53 | next up we have the bug I filed | 15:43 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystone/+bug/1992183 | 15:43 |
| d34dh0r53 | Openstack: Application credential token remains valid longer than expected Edit | 15:43 |
| d34dh0r53 | #action d34dh0r53 submit fix for Bug/1992183 | 15:44 |
| d34dh0r53 | should have something later in the week | 15:44 |
| d34dh0r53 | other than those two there aren't any new bugs for Keystone | 15:44 |
| d34dh0r53 | #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 | 15:45 |
| d34dh0r53 | nothing new for python-keystoneclient | 15:45 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0 | 15:45 |
| d34dh0r53 | nothing new here either | 15:46 |
| d34dh0r53 | next up keystonemiddleware | 15:46 |
| d34dh0r53 | #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 | 15:46 |
| d34dh0r53 | #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0 | 15:47 |
| d34dh0r53 | pycadf doesn't have any new bugs either | 15:47 |
| d34dh0r53 | #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0 | 15:47 |
| d34dh0r53 | ldappool is good to go | 15:47 |
| d34dh0r53 | #topic wrap up | 15:48 |
| d34dh0r53 | Anyone have anything else to bring up before we close for this week? | 15:48 |
| d34dh0r53 | one additional housekeeping note, there won't be a weekly meeting next week due to the PTG | 15:49 |
| d34dh0r53 | we'll resume on 25-Oct | 15:49 |
| d34dh0r53 | thanks folks! | 15:50 |
| d34dh0r53 | #endmeeting | 15:50 |
| opendevmeet | Meeting ended Tue Oct 11 15:50:06 2022 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) | 15:50 |
| opendevmeet | Minutes: https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-10-11-15.02.html | 15:50 |
| opendevmeet | Minutes (text): https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-10-11-15.02.txt | 15:50 |
| opendevmeet | Log: https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-10-11-15.02.log.html | 15:50 |
| *** dviroel|lunch is now known as dviroel | 16:24 | |
| *** dviroel is now known as dviroel|biab | 19:19 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!