15:01:00 #startmeeting keystone 15:01:00 Meeting started Tue Feb 1 15:01:00 2022 UTC and is due to finish in 60 minutes. The chair is dmendiza[m]. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:01:00 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:01:00 The meeting name has been set to 'keystone' 15:01:23 o/ 15:01:25 o/ 15:01:29 o/ 15:01:33 #topic Roll Call 15:01:34 o/ 15:01:38 #link https://etherpad.opendev.org/p/keystone-weekly-meeting 15:01:42 o/ 15:01:56 Courtesy ping for ayoung, bbobrov, crisloma, d34dh0r53, dpar, dstanek, gagehugo, hrybacki, knikolla, lamt, lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, spilla, ruan_he, wxy, sonuk, vishakha,Ajay, rafaelweingartner, xek 15:02:11 Lots of folks here today! Welcome 15:02:24 o/ 15:03:08 OK, let's get started 15:03:13 #topic Review Past Meeting Action Items 15:03:37 #link https://meetings.opendev.org/meetings/keystone/2022/keystone.2022-01-25-15.01.html 15:03:39 We didn't have any 15:03:51 o/ 15:03:52 #topic Liaison Updates 15:04:14 knikolla: just in time to talk about Liaison Updates 😉 15:04:50 * knikolla had a busy week and didn't perform his duties :( 15:05:06 No worries 15:05:19 I did update my calendar with the correct times for Oslo and Security meetings 15:05:34 so I'll make those next ones for sure 15:05:45 Moving on 15:06:09 #topic Berlin Summit CFP 15:06:22 h_asahina: looks like you're working on a proposal? 15:06:31 #link https://etherpad.opendev.org/p/ois2022-tacker-keystone 15:06:34 yes 15:06:54 that's my abstract 15:07:21 regarding this submission, I have a favor to ask. 15:07:43 What's up? 15:07:45 Could someone be a co-author? 15:09:10 hopefully knikolla: if you don't mind. 15:09:16 Sure :) 15:09:27 thank you so much. 15:09:57 Please feedback me if you want to change after reading the abstract. 15:10:47 Nice, looking forward to see what y'all put together for the Summit 15:11:03 Sure, I'll go over it later today. 15:11:06 Thank you 15:11:31 OK, moving on 15:11:36 #topic OAuth 2.0 15:11:37 yeah, looking forward to that talk 15:11:55 h_asahina: anything you want to talk about RE: the OAuth 2.0 work? 15:12:41 Actually, I'd like to know the reason why OAuth2.0 has been not supported in Keystone. 15:12:52 if someone knows that. 15:13:25 Maybe it's natural to mention such background. 15:13:53 Nobody really had it as a priority enough to support its development. 15:14:02 I don't think there's any technical reasons. 15:14:56 I got it. so it's simply because the lack of demand. 15:15:42 Yeah, keystone had to work well with openstack first and foremost, and our resources were targeted there. 15:16:51 Ok, that make sense. I think I can tell the background smoothly because now we have demand. 15:17:08 and integration with other identity providers was already there via the external, mapped or ldap identity drivers 15:18:41 I see. yeah, that's true. the present OAuth2.0 is implementation for the openstack client which is not important to interoperate with the other component outside the openstack. 15:19:18 and naturally not important for Keystone so far. 15:20:53 Cool, moving on 15:21:02 thanks. 15:21:06 #topic Secure RBAC 15:21:08 not a whole lot of updates on my side 15:21:20 I'm still trying to get some Tripleo-heat-templates patches landed into stable/wallaby 15:21:48 for the work lbragstad did implementing the SRBAC rules in a custom policy 15:22:08 Any questions/comments RE: SRBAC? 15:23:44 I need to catch up on all of that work 15:26:17 Same 15:26:23 I need to catch up on the ML discussions 15:26:39 Looks like there's some more discussion going on in the "service" role patch 15:26:43 #link https://review.opendev.org/c/openstack/keystone-specs/+/818616 15:27:14 the "manager" role spec is ready to land I think? https://review.opendev.org/c/openstack/keystone-specs/+/818603 15:28:59 Also looks like the community goal re-work patch landed https://review.opendev.org/c/openstack/governance/+/815158 15:30:46 OK, I'll keep on keeping an eye out for this 15:30:55 #topic Open Discussion 15:31:01 Any other topics y'all want to talk about? 15:35:43 anyone want to be added to the reviewathon invite? 15:36:25 Reviewathon = We get together on Google Meet to review patches together 15:36:34 ^ thanks dmendiza[m] 15:37:19 We'll announce it here on Friday when we're about to start 15:37:25 in case someone wants to join in 15:42:15 #topic Bug Review 15:42:16 OK, moving on ... 15:42:26 #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0 15:43:09 Looks like we have one new bug 15:43:10 #link https://bugs.launchpad.net/keystone/+bug/1959674 15:43:21 > 15:43:21 Keystone produce error after trying to read application_credential even if not set 15:45:08 Looks like an application credential 500 when trying to work with octavia using appcreds 15:46:30 Yeah I created that bug report today. Not sure how well I managed to describe it. But I'm here to discuss or suggest stuff if needed :) 15:46:44 That was just raised in the #openstack-lbaas channel. I was going to look into that a bit today. If you have any thoughts, let me know. 15:49:31 johnsom: oh cool, it's on your radar already. Let me know if I can help (spoiler: probably not because I'm still a Keystone noob) 😜 15:50:00 #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0 15:50:08 Looks like now new python-barbicanclient bugs 15:50:20 *python-keystoneclient 15:50:25 dang muscle memory 15:50:45 lol 15:51:17 #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0 15:51:24 And no new keystonemiddleware bugs 15:51:41 That's all I have on the agenda for today 15:51:45 Thanks for joining, everyone! 15:51:50 #endmeeting