16:01:37 #startmeeting fuel 16:01:37 #chair xarses 16:01:37 Todays Agenda: 16:01:37 #link https://etherpad.openstack.org/p/fuel-weekly-meeting-agenda 16:01:37 Who's here? 16:01:38 Meeting started Thu May 26 16:01:37 2016 UTC and is due to finish in 60 minutes. The chair is xarses. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:01:39 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 16:01:41 The meeting name has been set to 'fuel' 16:01:42 hi 16:01:42 hi 16:01:42 Current chairs: xarses 16:01:44 hi 16:01:46 hi 16:01:46 o/ 16:01:47 hi 16:01:52 Hi! 16:02:03 hi 16:02:12 hi 16:02:39 short agenda today, lets get started 16:02:49 #topic 9.0 HCF is coming (dpyzhov) 16:03:13 hi 16:03:21 my topic was the last one ) 16:03:25 o/ 16:03:38 I just want to highlight that we have only 2 weeks before hcf 16:04:07 and new bugs that are not going to fit into HCF are to be moved to 10.0 16:04:24 thats all 16:04:29 sounds good, thanks 16:04:37 to clarify, thats for 9.0.1 16:04:50 yes, exactly 16:05:02 thanks 16:05:09 #topic Telco Team Status (fzhadaev) 16:05:22 Our team continues fixing bugs: 16:05:23 * Done from the last update - 7 16:05:23 * In progress (in development and on review) - 6 16:05:23 Our second activity is scoping features for 10.0. 16:05:23 For now there are two features in work: SR-IOV+DPDK and DPDK+VXLAN. There are no BPs for them yet.. 16:05:23 That's all. 16:06:08 are we looking good for closing those before 9.0.1 HCF? 16:06:16 the bugs 16:06:31 yep. part of them are for 10.0 only 16:06:36 ok 16:06:43 thanks 16:06:51 #topic Toolbox Team status (ashtokolov) 16:06:57 Fuel toolbox Team is working on bugs 16:07:04 Current status: 16 bugs, all in progress 16:07:10 Last 2 weeks status: Income 12 bugs, Outcome: 14 bugs. 16:07:48 ashtokolov: are we on track to close all these bugs by HCF ? 16:07:48 That's all 16:08:04 maximov: yes, we are on track 16:08:26 ok 16:08:32 any features for 10 yet? 16:08:56 not yet 16:09:01 not yet I guess 16:09:09 we are discussing 10.0 with maximov: kozhukalov 16:09:20 definitely newton openstack and ubuntu 16 16:09:54 #topic open discuss 16:09:59 thats it for the schedule 16:10:09 We've got a security related bug that we need to address for 9.0.1, please review https://review.openstack.org/320575 (fuelclient) & https://review.openstack.org/320578 (nailgun) so we can get them backported before HCF. Thanks 16:10:14 anything else to raise? 16:10:30 thanks mwhahaha 16:11:01 we have failing UCA deployments for master, are there any plans to look into it? 16:11:07 also please review outstanding stuff, there's a bunch of patches that have been sitting for a while now with no reviews 16:11:21 bookwar_, usually QA files bugs 16:11:32 without a duty to report swarm failures, nobody will look 16:11:41 and developers fix them ) 16:12:03 maybe this should get added to SergK's attention as next release manager? 16:12:03 #link https://ci.fuel-infra.org/view/ISO/job/10.0-community.main.ubuntu.uca_neutron_ha/ 16:12:39 looks like a qa failure, i'll look into it today 16:13:08 mwhahaha: thanks 16:13:34 mwhahaha, indeed. deploy passed and ostf, just the package check failed 16:13:45 should be 1 or 2 lines to fix 16:13:52 yea, i'll get something proposed 16:14:14 we do need some bug/visibility on those job failures 16:14:33 mwhahaha: regarding /api/version, it was designed to be left open 16:14:39 I don't remember why though 16:14:47 for auth required 16:14:51 mwhahaha: as for you security patch, quite large UI patch will be required. we'll take care of this 16:14:52 which can be handled by checking for a 401 16:15:18 vkramskikh: ok let me know if i can help in anyway 16:15:18 I'd be careful with the patch, as I suspect that something may break.. 16:15:23 mwhahaha, but keystone is auth 16:15:26 like qa scripts 16:15:37 i don't remember why it was needed, but i recall i'll tell you. for now id on't see any obstacles 16:15:49 the problem is version info leakage, so it's a requirment not to expose version info 16:16:16 security through obscurity afaik isn't really a fix 16:16:22 but security testers love it 16:16:23 * mwhahaha doesn't make the rules 16:16:30 i also agree 16:17:07 a trained attacker will figure out how to find the version 16:17:20 I know at least one thing which relies on open /api/version - fake nailgun scripts which detect if nailgun is started by polling /api/version 16:17:34 you got -1 from CI because of this 16:18:10 it checks some box in the security scan, so we will need it if we like it or no 16:18:29 sounds like we need a health check url that doesn't contain any version info 16:18:36 perhaps /api/healthcheck ? 16:18:55 that can be open that just returns an OK or something to that effect 16:19:00 i think just / would be fine 16:19:25 i was thinking that 16:19:38 unless we want to remove static handler from nailgun which isn't actually needed anymore 16:19:56 i think the health check would be useful if it did some connectivity tests like a db check 16:21:09 anyway, we can take it to the reviews 16:21:21 anything else? 16:21:34 otherwise I will close the meeting 16:21:44 mwhahaha, it should be inexpensive when possible.. though an authenticated check that verifies db connectivty is also useful 16:21:58 xarses, I have nothing more 16:22:39 thanks everyone have a good week 16:22:45 #endmeeting