15:03:20 <d34dh0r53> #startmeeting keystone
15:03:20 <opendevmeet> Meeting started Tue May 30 15:03:20 2023 UTC and is due to finish in 60 minutes.  The chair is d34dh0r53. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:03:20 <opendevmeet> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:03:20 <opendevmeet> The meeting name has been set to 'keystone'
15:03:26 <knikolla> o/
15:03:32 <d34dh0r53> #topic roll call
15:03:39 <zaitcev> o/
15:03:40 <d34dh0r53> admiyo, bbobrov, crisloma, d34dh0r53, dpar, dstanek, hrybacki, knikolla[m], lbragstad, lwanderley, kmalloc, rodrigods, samueldmq, ruan_he, wxy, sonuk, vishakha, Ajay, rafaelwe, xek, gmann, zaitcev, reqa, dmendiza[m]
15:03:42 <xek> o/
15:03:56 <dmendiza[m]> 🙋‍♂️
15:04:16 <d34dh0r53> #topic review past meeting work items
15:04:35 <d34dh0r53> #link https://meetings.opendev.org/meetings/keystone/2023/keystone.2023-05-23-15.12.html
15:05:39 <d34dh0r53> I need to push the action items for myself a week, there is a security bug that is likely a CVE that I'm trying to track down
15:05:56 <d34dh0r53> #action d34dh0r53 investigate https://bugs.launchpad.net/keystone/+bug/2009752
15:06:12 <d34dh0r53> #action d34dh0r53 Look into adding/restoring a known issues section to our documentation
15:06:27 <d34dh0r53> #action d34dh0r53 add https://bugs.launchpad.net/keystone/+bug/1305950 to the known issues section of our documentation
15:06:55 <d34dh0r53> #action d34dh0r53 update https://review.opendev.org/c/openstack/keystonemiddleware/+/882401 to include test_ec2_token_middleware.py
15:07:15 <d34dh0r53> #action d34dh0r53 look at https://bugs.launchpad.net/keystone/+bug/2018644
15:07:21 <opendevreview> Hiromu Asahina proposed openstack/keystone-specs master: External OAuth2.0 Authorization Server Support  https://review.opendev.org/c/openstack/keystone-specs/+/861554
15:07:30 <d34dh0r53> drencrom look at https://review.opendev.org/c/openstack/keystonemiddleware/+/878027 to see if we can add the test_ec2_token_middleware.py to it
15:08:58 <d34dh0r53> #action drencrom look at https://review.opendev.org/c/openstack/keystonemiddleware/+/878027 to see if we can add the test_ec2_token_middleware.py to it
15:09:04 <d34dh0r53> moving on
15:09:19 <d34dh0r53> #topic liaison update
15:09:37 <d34dh0r53> as I said there is a security bug that I'm prioritizing
15:09:42 <d34dh0r53> nothing else for VMT
15:11:07 <d34dh0r53> #topic specification OAuth 2.0 (hiromu)
15:12:39 <hiromu> I've just updated the spec as shown the above. Sorry for interrupting to the meeting.
15:13:27 <d34dh0r53> no problem, I'll take a look
15:13:45 <d34dh0r53> need anything else from us hiromu ?
15:14:42 <d34dh0r53> ok, next up
15:15:02 <d34dh0r53> #topic Secure RBAC (dmendiza[m])
15:15:17 <d34dh0r53> #link https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#z-release-timeline_
15:15:18 <d34dh0r53> Service Role Implementation
15:15:20 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/863420
15:15:22 <d34dh0r53> Manager Role Implementation
15:15:23 <hiromu> thank you :d34dh0r53, nothing
15:15:24 <d34dh0r53> #link https://review.opendev.org/c/openstack/keystone/+/822601
15:15:52 <dmendiza[m]> Haven't made any progress yet ... 😅
15:16:59 <d34dh0r53> :)
15:17:19 <d34dh0r53> ok, next up
15:17:36 <d34dh0r53> #topic SQLAlchemy 2.0 (stephenfin)
15:17:49 <d34dh0r53> #link https://review.opendev.org/q/topic:sqlalchemy-20+is:open+project:openstack/keystone
15:17:51 <d34dh0r53> Can I get reviews on this, while I have context/time to close it out?
15:17:53 <d34dh0r53> What more do you need from me?
15:18:44 <d34dh0r53> thanks for the reviews on those, I see that most have a +1 so if the cores can review that would be a big help
15:21:09 <d34dh0r53> #topic open discussion
15:22:23 <d34dh0r53> (drencrom) We need to merge these backports to fix pep8 tests
15:22:31 <drencrom> Hey, about the victoria backport mentioned before I could not change it to add the token patch, so I'm thinking on abandoning it and creating anew patch with everything included
15:22:51 <drencrom> But I noteced another issue related to victoria and ussuri backports
15:23:05 <d34dh0r53> yeah, I'm looking at that now drencrom
15:26:41 <drencrom> In wallaby the test actually exists but it is non-voting
15:26:58 <d34dh0r53> yeah, just saw that
15:27:11 <d34dh0r53> maybe we should just do that for u and v
15:29:46 <drencrom> In any case we still need another +1 in those pep8 patches at least up to wallaby where they pass CI
15:30:08 <drencrom> +2 sorry
15:31:01 <d34dh0r53> ack, dmendiza[m], xek, knikolla ^
15:31:19 <d34dh0r53> next up
15:31:22 <d34dh0r53> (mustafakemalgilor) PooledLdapHandler message.clean() patch backports
15:31:24 <d34dh0r53> review request
15:31:26 <d34dh0r53> #link ussuri: https://review.opendev.org/c/openstack/keystone/+/874846
15:31:28 <d34dh0r53> #link victoria: https://review.opendev.org/c/openstack/keystone/+/874847
15:31:30 <d34dh0r53> #link wallaby: https://review.opendev.org/c/openstack/keystone/+/874844
15:32:30 <d34dh0r53> failure on the wallaby backport
15:33:09 <d34dh0r53> keystoneauth version mismatch
15:33:20 <d34dh0r53> need to look at that one
15:35:03 <dmendiza[m]> > ERROR: Could not find a version that satisfies the requirement keystoneauth1>=5.1.1 (from keystone-tempest-plugin)
15:35:13 <d34dh0r53> yeah
15:35:17 <dmendiza[m]> Yay dependency resolution bugs!
15:35:23 <d34dh0r53> hooray!
15:37:04 <d34dh0r53> ok, need to see what's going on there
15:38:51 <d34dh0r53> #action investigate dependency issue in this patch wallaby: https://review.opendev.org/c/openstack/keystone/+/874844
15:39:03 <d34dh0r53> #topic bug review
15:39:18 <d34dh0r53> #link https://bugs.launchpad.net/keystone/?orderby=-id&start=0
15:39:47 <d34dh0r53> there are three new bugs, one is a dupe of the other and I'm not sure of the validity of any of them
15:40:42 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2020766
15:40:49 <d34dh0r53> I closed the dupe of that one
15:41:15 <d34dh0r53> not sure if that is a keystone bug, looks incomplete to me but it needs some more investigation
15:41:20 <d34dh0r53> next up is
15:41:29 <d34dh0r53> #link https://bugs.launchpad.net/keystone/+bug/2020847
15:41:47 <d34dh0r53> I'm unsure as to why that was moved to keystone
15:42:36 <d34dh0r53> I see, I read that wrong, so keystone is accepting an MTU on a project via curl
15:42:40 <d34dh0r53> when it shouldn't
15:43:30 <d34dh0r53> asking for more information on that one
15:43:37 <d34dh0r53> next up
15:43:43 <d34dh0r53> #link https://bugs.launchpad.net/python-keystoneclient/?orderby=-id&start=0
15:43:48 <d34dh0r53> no new bugs there
15:44:19 <d34dh0r53> #link https://bugs.launchpad.net/keystoneauth/+bugs?orderby=-id&start=0
15:44:26 <d34dh0r53> no new bugs here either
15:44:47 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bugs?orderby=-id&start=0
15:44:53 <d34dh0r53> one new bug in keystonemiddleware
15:45:03 <d34dh0r53> #link https://bugs.launchpad.net/keystonemiddleware/+bug/2020821
15:45:31 <d34dh0r53> this is a feature request
15:48:02 <d34dh0r53> #link https://bugs.launchpad.net/pycadf/+bugs?orderby=-id&start=0
15:48:07 <d34dh0r53> no new bugs in pycadf
15:48:17 <d34dh0r53> #link https://bugs.launchpad.net/ldappool/+bugs?orderby=-id&start=0
15:48:22 <d34dh0r53> no new bugs in ldappool
15:48:31 <d34dh0r53> #topic conclusion
15:48:39 <d34dh0r53> how did the reviewathon go?
15:49:00 <zaitcev> Trying to remember. I think it was just Doug and I.
15:49:07 <zaitcev> No, Greg too
15:49:56 <zaitcev> I forgot to beg for https://review.opendev.org/c/openstack/keystone/+/874346 although it was a perfect opportunity.
15:50:06 <drencrom> Just to finish the previous discussion, I'll submit patches to make the lower-constraint test to be non-voting in ussuri and victoria if it is ok for you.
15:51:33 <d34dh0r53> drencrom: ack, that would be awesome, thank you
15:53:47 <d34dh0r53> Ok, thanks everyone, see y'all on Friday
15:53:52 <d34dh0r53> #endmeeting