15:00:55 <redrobot> #startmeeting keystone
15:00:55 <opendevmeet> Meeting started Tue Sep 21 15:00:55 2021 UTC and is due to finish in 60 minutes.  The chair is redrobot. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:00:55 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:00:55 <opendevmeet> The meeting name has been set to 'keystone'
15:01:03 <redrobot> #topic Roll Call
15:01:12 <redrobot> Courtesy ping for ayoung, bbobrov, cmurphy, crisloma, dpar, dstanek, gagehugo, hrybacki, knikolla, lamt, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, spilla, jdennis, ruan_he, wxy, sonuk, vishakha,Ajay, raildo, rafaelweingartner, redrobot, xek
15:01:18 <lbragstad> o/
15:01:23 <redrobot> Hi lbragstad
15:01:28 <xek> o/
15:01:30 <gagehugo> o/
15:01:35 <redrobot> Hi y'all!
15:01:44 <redrobot> As usual the meeting agenda can be found here:
15:01:49 <redrobot> #link https://etherpad.opendev.org/p/keystone-weekly-meeting
15:01:58 <redrobot> It's a bit light today, so it should be a quick meeting
15:02:09 <redrobot> #topic Review Past Meeting Action Items
15:02:31 <redrobot> #link https://meetings.opendev.org/meetings/keystone/2021/keystone.2021-09-14-15.00.html
15:02:35 <redrobot> looks like we didn't have any
15:02:40 <redrobot> moving along ...
15:03:00 <redrobot> #topic Liaison Updates
15:03:17 <redrobot> ^^^ I copied this topic from the Barbican meeting
15:03:26 <redrobot> usually we ask for updates from liaisons
15:03:44 <redrobot> although I'm not sure who (or if we have any?) our liaisons are?
15:05:24 <redrobot> #action redrobot to investigate who the Keystone liaisons are
15:05:28 <redrobot> I'll find out for next time
15:05:32 <lbragstad> we had them at one point
15:05:33 <lbragstad> https://wiki.openstack.org/wiki/Liaisons
15:05:40 <lbragstad> not sure what happened to ^
15:06:00 <redrobot> weird
15:06:20 <redrobot> well, I'm already attending Oslo and Security meetings, so I can be our liaison for those
15:07:26 <redrobot> Looking at that list reminded me of the Xena release
15:07:31 <redrobot> #topic Xena RC1
15:07:50 <redrobot> #link https://review.opendev.org/c/openstack/releases/+/808632
15:07:55 <redrobot> looks like gagehugo approved the patch
15:08:02 <redrobot> so we've got an RC1
15:08:12 <gagehugo> huzzah
15:08:25 <redrobot> that should be the final release unless someone finds any showstopper bugs
15:10:19 <redrobot> Moving on
15:10:27 <redrobot> #topic Bug Review
15:11:18 <redrobot> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:11:53 <redrobot> Looks like we got one new bug in the last week:
15:11:55 <redrobot> #link https://bugs.launchpad.net/keystone/+bug/1943952
15:12:03 <redrobot> >
15:12:03 <redrobot> Keystone should add password_status attribute to user
15:12:24 <redrobot> This seems like it should be a spec and not a bug
15:12:51 <redrobot> Unless it's some kind of regression? 🤔
15:14:19 <gagehugo> That seems like improving the pci-dss implementation
15:14:46 <gagehugo> "it's impossible for the outside to know if an authentication error is due to invalid password or password lock. This greatly harms user friendliness and does not comply to common practice."
15:15:26 <gagehugo> I disagree with that statement, on multiple internal system's I've had to deal with, it just says "invalid username/password" even when you're locked out after too many failed attempts
15:15:50 <gagehugo> but it does provide a way for a user to check their status, which I assume is the ask of the bug
15:16:12 <gagehugo> login "UI" seems like a horizon change
15:16:49 <redrobot> Right, seems like an enhancement to enable something like Horizon to show better feedback to the user
15:17:23 <redrobot> I'm inclined to close this as NOTABUG and ask the reporter to re-submit as a spec
15:18:39 <gagehugo> yeah, wishlist item in horizon seems more accurate
15:20:13 <redrobot> Agreed ... although I wonder if we present enough information now to have horizon relay that?
15:24:56 <redrobot> OK, closed as Invalid
15:25:00 <redrobot> moving on
15:25:27 <redrobot> #topic Yoga PTG
15:25:34 <redrobot> Just a reminder that we have an etherpad to collect PTG topics:
15:25:40 <redrobot> #link https://etherpad.opendev.org/p/yoga-ptg-keystone
15:28:42 <redrobot> Ok, moving on
15:28:51 <redrobot> #topic Open Discussion
15:28:59 <redrobot> Anything else y'all want to talk about?
15:31:40 * lbragstad doesn't
15:34:26 <gagehugo> none from me
15:35:09 <redrobot> xek anything from your end?
15:35:37 <xek> I'm looking for reviews on https://review.opendev.org/c/openstack/keystone/+/806381/
15:36:05 <lbragstad> so - i was going to start taking a look at that
15:36:12 <lbragstad> and i was wondering if we could backport the migrations?
15:36:24 <lbragstad> typically, in the past, we always proposed placeholder migrations
15:36:32 <lbragstad> at the end of every release for sqlalchemy
15:36:37 <lbragstad> and i don't think we've done that in a while
15:36:40 <gagehugo> hmm
15:36:44 <lbragstad> (because people forgot about it)
15:36:50 <xek> normally I saw that there were a couple of empty patches reserved for each release
15:36:56 <lbragstad> yeah
15:37:03 <xek> but I didn't see any for wallaby
15:37:07 <lbragstad> right
15:37:16 <lbragstad> i think we forgot about it
15:37:23 <lbragstad> and they didn't get proposed
15:37:36 <lbragstad> so - i'm wondering if that's going to be a problem with this backport?
15:37:52 <lbragstad> i don't remember the reason why the placeholders were necessary
15:37:57 <lbragstad> but we did it for ever
15:38:11 <redrobot> IIRC, alembic migrations can be non linear?  And alembic may be able to sort it out if backported migrations keep their ID the same?
15:38:23 * lbragstad shrugs
15:38:25 <xek> but this is the same patch for wallaby, if it gets backported, it will be applied once, and then skipped for the next x release
15:38:25 <redrobot> I'm definitely no Alembic expert though
15:38:28 <redrobot> so I could be wrong.
15:38:39 <lbragstad> xek yeah - that's what i was thinking, too
15:39:04 <lbragstad> but it makes me wonder why we needed the placeholders in the first place
15:39:24 <redrobot> seems like a "cut off the ends" kind of deal.  We've never used placeholders in Barbican
15:39:34 <redrobot> and typically backport migrations without issue
15:40:17 <lbragstad> it might be fine since we havent' had any migrations since wallaby
15:40:26 <redrobot> especially if the backport doesn't skip any migrations
15:40:47 <lbragstad> but - i need to think about it or dig into that just to make sure we're not glossing over an important detail
15:41:09 <redrobot> I just want to check to make sure the patch landed in Xena
15:41:19 <redrobot> or if a Xena backport is needed before this Wallaby one
15:42:33 <xek> looks like it did land in Xena
15:42:52 <lbragstad> yeah - the outstanding patch is a backport
15:43:23 <lbragstad> should we propose placeholder migrations for xena/
15:43:31 <lbragstad> and cut a new rc?
15:44:17 <redrobot> I would assume, now
15:44:19 <redrobot> *no
15:44:32 <redrobot> but also I need to dig into how Keystone handles migration
15:44:43 <lbragstad> we have developer docs on it
15:44:44 <redrobot> because I don't see any parent->child relations in those
15:50:24 <redrobot> xek I'll take a look at the patch for sure
15:50:35 <xek> thanks!
15:51:01 <redrobot> Alrighty, y'all
15:51:04 <redrobot> thanks for joining!
15:51:08 <lbragstad> thanks redrobot
15:51:08 <redrobot> #endmeeting