14:00:10 <whoami-rajat> #startmeeting cinder
14:00:10 <opendevmeet> Meeting started Wed Feb 15 14:00:10 2023 UTC and is due to finish in 60 minutes.  The chair is whoami-rajat. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:00:10 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
14:00:10 <opendevmeet> The meeting name has been set to 'cinder'
14:00:12 <whoami-rajat> #topic roll call
14:00:23 <roquej> hello Rajat
14:00:23 <TusharTgite> hi
14:00:36 <jbernard> o/
14:00:38 <simondodsley> o/
14:00:40 <enriquetaso> hi
14:00:51 <nahimsouza[m]> o/
14:00:53 <kgube> o/
14:01:27 <tosky> o/
14:01:28 <akawai> o/
14:01:35 <eharney> hi
14:01:36 <thiagoalvoravel> o/
14:01:49 <jungleboyj> o/
14:01:53 <rosmaita> o/
14:01:56 <whoami-rajat> #link https://etherpad.opendev.org/p/cinder-antelope-meetings
14:02:19 <Roamer`> o/
14:03:12 <whoami-rajat> hello
14:03:26 <whoami-rajat> we've good amount of people around so let's get started
14:03:30 <whoami-rajat> #topic announcements
14:03:42 <whoami-rajat> I've proposed candidacy for PTL for 2023.2 (Bobcat) cycle
14:03:49 <whoami-rajat> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032102.html
14:04:02 <tosky> \o/
14:04:11 <jungleboyj> Yay!
14:04:17 <simondodsley> +1
14:04:24 <roquej> you're the perfect candidate, I'd say Yay!
14:04:24 <enriquetaso> +1
14:04:52 <whoami-rajat> thanks everyone :)
14:05:11 <whoami-rajat> if anyone would like to become a core or PTL, they can contact me regarding it and i can help them provide guidance for the same
14:05:56 <whoami-rajat> moving on, Deadlines: Cinderclient, requirement freeze, feature freeze on 17th Feb
14:06:01 <whoami-rajat> we've a lot of deadlines this week
14:06:05 <whoami-rajat> or should i say in 2 days
14:06:14 <whoami-rajat> let's go project by project
14:06:31 <whoami-rajat> Cinderclient
14:06:38 <whoami-rajat> #link https://etherpad.opendev.org/p/cinderclient-antelope-release
14:06:51 <whoami-rajat> most of the changes are merged, thanks everyone for the reviews
14:07:00 <whoami-rajat> there is 1 patch remaining where I've suggested an alternative
14:08:03 <whoami-rajat> let's see if we get a response on that
14:08:11 <whoami-rajat> it's not critical but good to have fix in the release
14:08:31 <whoami-rajat> next, python-brick-cinderclient-ext
14:08:57 <whoami-rajat> here the gate was broken due to tox4 issues but we didn't notice because no patch was proposed during Antelope cycle
14:09:24 <whoami-rajat> currently the gate fix is merged, the requirements are updated (they were very old)
14:09:42 <whoami-rajat> I updated the release patch with new hash and few minutes ago release team approved the release patch
14:10:04 <whoami-rajat> so we should have a release by today
14:10:13 <whoami-rajat> at least this one is sorted
14:10:36 <whoami-rajat> now to the concerning part, Feature Freeze
14:10:45 <whoami-rajat> we had 12 features initially
14:10:48 <whoami-rajat> 3 are merged
14:11:01 <whoami-rajat> 9 are remaining
14:11:02 <whoami-rajat> #link https://etherpad.opendev.org/p/cinder-antelope-features
14:11:30 <whoami-rajat> 8 of them are driver features and one is related to a spec we merged this cycle
14:11:42 <whoami-rajat> but it's a nova dependent feature and last i checked, the nova patch didn't had any reviews
14:12:09 <whoami-rajat> ok i see it's been crossed out in the etherpad with the reasoning what I'm trying to explain here
14:12:52 <whoami-rajat> so we've 7 driver patches and one related to the restoring into sparse volumes
14:14:01 <whoami-rajat> the driver ones should be doable, I'm not sure about the restore one, we don't have a spec for it which seems strange but maybe it's fine
14:15:19 <whoami-rajat> anyways, what i would really like to convey is please respond quickly to the review comments
14:15:37 <whoami-rajat> I've review comments on 2 patches that aren't addressed for quite some time
14:16:00 <whoami-rajat> so if you would like the feature to be included, kindly lower the feedback time
14:16:07 <akawai> I see.
14:16:49 <whoami-rajat> that's all on the features
14:16:56 <whoami-rajat> the last one is Requirements Freeze
14:17:11 <whoami-rajat> #link https://review.opendev.org/q/(project:openstack/cinder+OR+project:openstack/os-brick)+and+status:open+and+(file:requirements.txt+OR+file:test-requirements.txt)+and+-is:wip
14:17:38 <whoami-rajat> eharney, has two changes that update the hacking version to 5.0 in os-brick and cinder
14:18:08 <whoami-rajat> my query regarding that is, the latest version mentioned in pypi is 5.0.0 so do we want the minimum and max to be same version here?
14:18:15 <whoami-rajat> #link https://pypi.org/project/hacking/#history
14:18:33 <eharney> i'm not sure i understand the concern exactly
14:19:41 <whoami-rajat> not a concern but wanted to know if is it OK to have the min version = max version?
14:20:14 <whoami-rajat> s/is it/it is
14:20:14 <eharney> yeah, just means we'll run with 5.0.x
14:20:33 <whoami-rajat> ok, then no concerns from my side
14:20:37 <rosmaita> we are running with the max version anyway
14:20:50 <rosmaita> the version specified in upper-constraints is what pip will install
14:21:07 <whoami-rajat> i don't see hacking in u-c
14:21:08 <rosmaita> i really don't understand why we specify any minima in the requirements file at all
14:21:19 <eharney> i'm not sure that's true for hacking...
14:21:21 <rosmaita> ah, well, test-only stuff is an exception, that's true
14:21:37 <eharney> it's handled differently because upgrades typically cause breakages, so we have to manually bump it up
14:23:24 <rosmaita> well, as long as we're passing with 5.0.0, no reason not to specify it
14:24:12 <whoami-rajat> I've reviewed both changes
14:24:16 <whoami-rajat> this one requires another review
14:24:18 <whoami-rajat> #link https://review.opendev.org/c/openstack/cinder/+/873406
14:24:25 <rosmaita> got it
14:24:38 <whoami-rajat> great, thanks
14:25:08 <enriquetaso> \o/
14:25:47 <jungleboyj> whoami-rajat:  Done.
14:25:58 <whoami-rajat> thanks Jay!
14:26:34 <whoami-rajat> I've sent out a mail highlighting all the review priorities mentioned here
14:26:36 <whoami-rajat> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032179.html
14:27:01 <whoami-rajat> one last thing is regarding the PTG
14:27:07 <whoami-rajat> if you haven't signed up already, please do
14:27:13 <whoami-rajat> #link https://lists.openstack.org/pipermail/openstack-discuss/2023-February/032182.html
14:27:16 <roquej> oh yes good catch
14:27:23 <roquej> will do
14:27:32 <whoami-rajat> cool
14:27:46 <whoami-rajat> that's all for the announcements
14:27:50 <whoami-rajat> let's move to topics
14:28:00 <whoami-rajat> #topic Vulnerability scanning
14:28:09 <whoami-rajat> I don't see happystacker around
14:28:14 <roquej> I'm here
14:28:27 <roquej> my nickname changed
14:28:30 <roquej> dkw
14:28:32 <roquej> anyway
14:28:42 <whoami-rajat> oh, good to know
14:28:52 <roquej> question is are we doing such as scan when pushing code?
14:29:17 <eharney> we have bandit, which does some
14:29:25 <roquej> what is bandit?
14:29:39 <eharney> it detects known bad patterns of python code that could be security concerns
14:29:45 <whoami-rajat> I don't think we've any guidelines in place for this, for security purpose we were working on FIPS some time ago
14:29:46 <roquej> https://wiki.openstack.org/wiki/Security/Projects/Bandit ?
14:29:58 <eharney> but most vulnerability prevention, by far, is just based on having thorough enough review
14:30:13 <roquej> it says it's no longer maintained
14:30:20 <whoami-rajat> i mean FIPS job in gate
14:30:22 <roquej> I see, nothing automatic then
14:30:29 <roquej> just based on review
14:30:46 <eharney> it's no longer maintained as an openstack project, it is still maintained
14:31:02 <roquej> do we plan to do something around this kind of scanning? Or we assume bandit + review is enough?
14:31:16 <roquej> oh I see, thls
14:31:17 <roquej> thks
14:31:30 <eharney> i'd be interested in proposals, but i think we really have to rely on review
14:31:42 <roquej> ok makes sense
14:31:56 <whoami-rajat> does anyone know what's the status of the fips work? https://review.opendev.org/c/openstack/cinder/+/790535
14:32:36 <eharney> not really, other than that i think the CI pieces still need some effort
14:32:55 <eharney> unsure if they settled on the plan fully for which OS to run them on, maybe rosmaita has info
14:33:01 <tosky> there is an effort to simplify that work, the idea is to patch devstack so that we don't need to carry the playbook into each and every repository
14:33:39 <tosky> so that we would need to just set a variable to enable fips: https://review.opendev.org/c/openstack/devstack/+/871606
14:34:06 <tosky> I'm not sure whether this means we should merge the existing proposed changes now or wait for that devstack change to merge and then adapt the code
14:34:23 <rosmaita> what's made me a bit worried about that job is that it and it's dependencies have never all been green at the same time
14:34:30 <rosmaita> at least not when i looked
14:34:51 <roquej> do we have doc about fips ?
14:35:09 <rosmaita> i think it's a community goal, should be some docs there
14:35:50 <roquej> ok
14:35:55 <tosky> https://governance.openstack.org/tc/goals/selected/fips.html
14:36:09 <roquej> excellent thank you
14:36:47 <whoami-rajat> that helped us elimiate md5 being used for security purposes, so looks useful to have
14:37:15 <whoami-rajat> but as eharney said, new proposals to strengthen security are always welcome
14:37:38 <roquej> sure, I understand
14:38:00 <whoami-rajat> good, anything else on this topic?
14:38:08 <roquej> I'm good for now
14:38:21 <whoami-rajat> cool, thanks for bringing this up
14:38:24 <whoami-rajat> let's move to next topic
14:38:31 <whoami-rajat> #topic Outreachy 2023
14:38:33 <whoami-rajat> enriquetaso, that's you
14:38:38 <enriquetaso> hey
14:38:52 <enriquetaso> jbernard is going to mentor to reduce the gap with the openstack client/sdk. If anyone is interested in co-mentor for the project please let me know!
14:39:07 <enriquetaso> #link https://etherpad.opendev.org/p/outreachy-cinder-May-2023-to-Ag-2023
14:39:11 <whoami-rajat> jbernard++
14:39:20 <enriquetaso> The outreachy coordinator for openstack suggested that I keep the proposal really simple and then go deeper in the details of the task once the intern had been selected.
14:39:29 <enriquetaso> I have one question regarding the intern task. Are the interns going to work on testing the openstacksdk and document what are the gaps or is work to be done on the openstacksdk side?
14:39:52 <enriquetaso> *intern*
14:40:17 <whoami-rajat> so i think first part should be to fix all the issues we've noticed in openstackclient
14:40:49 <whoami-rajat> once the CLI is fully operational then we can start working on sdk to eliminate the parity and skip cinderclient completely
14:41:10 <whoami-rajat> I haven't looked into the sdk part so not sure what kind of work there is to do
14:41:23 <whoami-rajat> or if it's suitable for intern to address
14:41:41 <whoami-rajat> but I can surely help with the openstackclient part
14:41:44 <roquej> I can help if needed but not as a mentor
14:41:55 <enriquetaso> make sense.. so, first i should replace openstacksdk to openstackclient.
14:42:14 <enriquetaso> Then i need to make a list or something to make really clear what is the work
14:42:48 <whoami-rajat> that's my understanding
14:42:58 <enriquetaso> roquej, thank you! that would be helpful, usually potential interns have a lot of question, helping to reply to them is welcome
14:43:05 <enriquetaso> whoami-rajat++
14:43:11 <roquej> I'd be glad to help
14:43:33 <enriquetaso> okay, ill update the etherpad and I think it's ready
14:43:39 <enriquetaso> thanks
14:43:54 <whoami-rajat> great, thanks for working on this enriquetaso
14:44:30 <enriquetaso> np!
14:44:56 <whoami-rajat> let's move to the last topic of the meeting
14:45:03 <whoami-rajat> #topic Skipping the tgt job on cinder-tempest-plugin
14:45:05 <whoami-rajat> tosky, that's you
14:45:22 <tosky> so: the cinder-tempest-plugin gates are blocked (sorry, missed that for a while)
14:45:37 <tosky> originally linked to the tox 4 migration, and rosmaita proposed a fix
14:46:01 <tosky> but it looks like the tgt job broke after the switch to jammy (reverting to focal it works again)
14:46:26 <tosky> there are "interesting" failures in the logs but I don't know enough to debug it
14:46:43 <tosky> now, the default has been lioadm for a while, and the tgt job is only executed on cinder-tempest-plugin
14:47:00 <tosky> I don't want to start the discussion about removing the tgt support (even thought it may be a useful topic to discuss)
14:47:15 <tosky> right now the question is: does anyone disagree making that job non-voting?
14:47:36 <tosky> if there are no disagreement, I'd kindly ask rosmaita to update https://review.opendev.org/c/openstack/cinder-tempest-plugin/+/868319 to skip it
14:47:55 <tosky> and unblock cinder-tempest-plugin, and be ready to merge tons of patches which are stuck!
14:47:57 <tosky> that's it
14:48:22 <whoami-rajat> ah, sorry I didn't notice either
14:48:25 <rosmaita> tosky: you mean switch the job to focal and make it non-voting?
14:48:33 <rosmaita> or just non-voting?
14:48:45 <tosky> I'm not sure it makes sense to switch back to focal, that's about testing runtimes
14:48:50 <tosky> we should ask a TC member
14:48:51 <tosky> uhm
14:49:11 <tosky> but yeah :) I was just thinking about switching it to non-voting for now
14:49:16 <whoami-rajat> so we should ask rosmaita or jungleboyj
14:49:18 <tosky> if it's moved to focal, it can stay voting
14:49:46 <rosmaita> well, the tempest runtime situation is weird because it's not branched
14:50:24 <whoami-rajat> where are the failures of tgt+jammy observed? on this patch? https://review.opendev.org/c/openstack/cinder-tempest-plugin/+/868319
14:50:35 <tosky> but master cinder-tempest-plugin tests master cinder
14:50:44 <tosky> so it should use jammy just like master cinder does
14:50:59 <rosmaita> https://review.opendev.org/c/openstack/cinder-tempest-plugin/+/873407
14:51:07 <tosky> if we had branch-specific jobs for the tgt job, sure, those should use focal - but that's we already do for the lioadm jobs iirc
14:51:50 <whoami-rajat> rosmaita, there the tgt job is working fine (since we switched back to focal)
14:52:24 <rosmaita> i am not having a good morning
14:52:27 <rosmaita> https://zuul.opendev.org/t/openstack/build/057dbfe2c06d4995a3c02bfe298851ce
14:52:28 <tosky> whoami-rajat: check the comments :)
14:54:14 <whoami-rajat> hmm, an iscsi login failure
14:56:48 <whoami-rajat> anyway, I don't have a strong objection on making the tgt job non-voting so we can unblock the gate and in the meantime look for ways to fix it
14:57:03 <whoami-rajat> but others can disagree
14:57:28 <tosky> ok, I'd say: please rosmaita  update the patch and see if there are -1/-2
14:57:39 <rosmaita> ok, will do
14:58:19 <whoami-rajat> cool, open discussion for 2 minutes
14:58:22 <whoami-rajat> #topic open discussion
14:58:22 <tosky> thanks
14:58:41 <whoami-rajat> thanks for noticing the failing gate tosky !
14:59:28 <roquej> nothing specific from my side, just a few bug fixes for which I require your attention
14:59:29 <inori> https://review.opendev.org/c/openstack/cinder/+/847730 I've modified the doc that is needed, so could you please have a look at this at your most convenient?
15:00:06 <TusharTgite> i've also have a bug pending can anyone take a look https://review.opendev.org/c/openstack/cinder/+/822822
15:00:51 <whoami-rajat> please focus on the review priorities of this week and also on the review request section every week
15:00:55 <whoami-rajat> we're out of time
15:00:59 <whoami-rajat> thanks everyone for joining
15:01:01 <whoami-rajat> #endmeeting