17:00:42 <andreaf> #startmeeting qa
17:00:43 <openstack> Meeting started Thu Nov 24 17:00:42 2016 UTC and is due to finish in 60 minutes.  The chair is andreaf. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:00:44 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
17:00:47 <openstack> The meeting name has been set to 'qa'
17:01:03 <andreaf> Hello, who's here today?
17:01:05 <rodrigods> o/
17:01:26 <andreaf> Today's agenda: #link https://wiki.openstack.org/wiki/Meetings/QATeamMeeting#Agenda_for_November_24th_2016_.281700_UTC.29
17:01:36 <andreaf> Hello rodrigods - let
17:01:56 <andreaf> let's wait a min or two to see if someone else joins
17:02:04 <rodrigods> can i have a topic from the meeting 15 days ago that didn't happen?
17:02:15 <rodrigods> Password management tests for keystone [rodrigods]
17:02:53 <andreaf> rodrigods: sure - we can talk about that in the #tempest section of the meeting if that's allright
17:03:03 <rodrigods> sounds good to me :)
17:04:19 <andreaf> ok -it's 3 past, I guess we should go ahead and get started
17:04:49 <andreaf> #topic Ocata priorities
17:05:33 <andreaf> Just a reminder here that bug triage is one of the priorities we set for this cycle
17:05:40 <tellesnobrega> o/
17:06:37 <andreaf> We have a calendar at #link https://etherpad.openstack.org/p/ocata-qa-bug-triage
17:07:05 <andreaf> feel free to sign-up for a week bug triage as there are some weeks with no owner in Jan/Feb next year
17:07:38 <andreaf> Anything else on Ocata priorities?
17:07:50 <rodrigods> andreaf, so one person assigns to a week to handle bug reports?
17:08:02 <rodrigods> handle i mean, triage
17:08:03 <andreaf> rodrigods: yes
17:08:36 <andreaf> we do a rotation as it involves a bit of extra work, but we want to keep the bug under control
17:08:39 <rodrigods> cool, i can help, would need someone from the core team to double check though, i guess
17:09:27 <andreaf> the person in charge for bug triage for a week shall report at the end of the week (Thursday) about the bug status in the QA meeting
17:10:30 <rodrigods> put myself on 22th December
17:10:46 <andreaf> rodrigods: cool - any question ping me or any other core in the qa room
17:10:56 <rodrigods> cool, will do
17:10:57 <andreaf> thanks
17:11:22 <andreaf> ok, next topic
17:11:28 <andreaf> #topic Specs Reviews
17:11:38 <andreaf> #link https://review.openstack.org/#/q/status:open+project:openstack/qa-specs,n,z
17:12:36 <andreaf> I don't have anything special on this topic
17:12:55 * rodrigods neither
17:13:06 <andreaf> ok let's move on
17:13:16 <andreaf> #topic Tempest
17:13:26 <andreaf> rodrigods: the floor is yours :)
17:13:31 <rodrigods> cool!
17:13:45 <rodrigods> so keystone has this new feature that landed in newton called "PCI-DSS"
17:14:10 <rodrigods> it is related to password management, like: lockout user account after failed attempts, avoid reusing the same password, etc
17:14:36 <rodrigods> we know that devstack and tempest creates/destroys users alongside their passwords
17:15:07 <rodrigods> so we have a minimal set of such settings that can be currently tested in tempest
17:15:34 <rodrigods> two of them are: user account lockout and password history requirements
17:16:10 <rodrigods> to test the first, we set a lockout duration where the user account is locked up after failed login attempts
17:16:42 <rodrigods> and in the second one, we define the number of passwords that must be unique, meaning the user can't reuse them
17:16:58 <andreaf> ok
17:17:18 <rodrigods> so... for that i've created this change in devstack: https://review.openstack.org/#/c/377004/12
17:17:37 <rodrigods> which sets these settings in keystone - meaning we are enabling them
17:17:51 <rodrigods> and this one to actually test the feature in tempest: https://review.openstack.org/#/c/378624/
17:18:08 <rodrigods> i'd like to know if i'm doing that in the right way
17:18:30 <rodrigods> for example... we have tests that modify the password of a user, and it needs to be reset so the same credentials can be used in another tests
17:19:12 <rodrigods> so for this tests, the cleanup is made by changing the password until its history is cleaned up and we can reuse the same password
17:19:18 <rodrigods> (more details in the reviews)
17:20:12 <rodrigods> basically: do you have any feedback? if so, can we have some eyes on them (reviews)?
17:21:03 <andreaf> one option would be to create a new use for the purpose of the test
17:21:32 <rodrigods> andreaf, the problem is that we have "self password update" tests
17:22:03 <andreaf> however that would imply that the test can only run with admin credentials...
17:22:03 <rodrigods> i can do that... but would need to change how the tests are currently handled (test_users)
17:22:31 <rodrigods> andreaf, right... we have both cases
17:22:38 <rodrigods> admin credentials and non-admin credentials
17:23:28 <andreaf> we try to avoid using admin credentials where they are not strictly needed as it makes life easier for interop testing
17:23:47 <rodrigods> andreaf, there is just one case where admin credentials are required
17:24:20 <rodrigods> in the password reset operation: admins can reset user's passwords not mattering the password history
17:24:50 <andreaf> rodrigods: I put your change in my review list - I don't see any problem from your description but I need to check the code
17:25:19 <rodrigods> ok, thanks andreaf
17:25:47 <rodrigods> you can ping me if you have any questions about the feature itself
17:27:07 <andreaf> ok will do
17:27:41 <andreaf> anything else on Tempest?
17:28:12 <rodrigods> only had that topic :)
17:28:53 <andreaf> ok - in terms of bugs, the current status is #link https://etherpad.openstack.org/p/tempest-weekly-bug-report
17:29:37 <andreaf> The number of bugs in status "new" went down from 26 to 19
17:29:56 <andreaf> But we still have a rather large number of issues in progress / confirmed / triaged
17:30:31 <rodrigods> 65, right?
17:31:09 <andreaf> yes 65 open, 79 in progress
17:31:55 <rodrigods> that's a big number, i can also try to get some to fix
17:32:13 <andreaf> If I remember lp settings properly, open ones are not assigned, in progress ones are
17:32:26 <rodrigods> andreaf, correct
17:32:37 <andreaf> rodrigods: that would be great
17:32:55 <andreaf> rodrigods: I think at least some of in progress ones may be stale...
17:33:11 <andreaf> as 79 in progress sounds too much
17:33:27 <rodrigods> right
17:33:37 <andreaf> ok, anything else on Tempest bugs?
17:34:36 <andreaf> I'll go quickly through the next topics, please stop me if you have something to say
17:34:39 <andreaf> #topic DevStack + Grenade
17:34:53 <rodrigods> ok
17:35:27 <andreaf> #topic openstack-health
17:35:45 <andreaf> #link list of open reviews https://review.openstack.org/#/q/project:openstack/openstack-health+status:open
17:35:59 <andreaf> #topic Critical Reviews
17:36:11 <andreaf> Any review that requires urgent attention?
17:36:46 <andreaf> I'll take that as a no
17:36:47 <rodrigods> PCI-DSS one :)
17:37:06 <andreaf> yes of course :)
17:37:22 <andreaf> #link https://review.openstack.org/#/c/378624/
17:37:35 <andreaf> #link https://review.openstack.org/#/c/377004/
17:37:41 <rodrigods> thanks andreaf
17:37:54 <andreaf> ok and finally
17:38:02 <andreaf> #topic Open Discussion
17:38:41 <rodrigods> think i'm good, all the details about the test i already gave above :)
17:38:56 <rodrigods> one thing is... if you need anything from the keystone side
17:39:01 <rodrigods> please ping me
17:39:14 <rodrigods> i'm one of the keystone cores that focus more on quality/tests
17:39:29 <andreaf> nice, good to know, thank you rodrigods
17:41:08 <andreaf> One note from my side: we have a set of Ocata priorities, but if there is any urgent need to a stable interface for a plugin do let the QA team know, so we can prioritise it
17:41:46 <rodrigods> i have a patch that moves one of the identity clients to tempest.lib
17:42:04 <andreaf> thanks do you have a link?
17:42:18 <rodrigods> https://review.openstack.org/#/c/381796/
17:42:32 <rodrigods> the other ones are moved in a follow up patch
17:42:37 <andreaf> #link https://review.openstack.org/#/c/381796/
17:42:56 <andreaf> ok, I guess we can get 15+ min of our lives back, no point in waiting until the end of the hour :)
17:43:39 <jordanP> sorry I missed it again
17:43:44 <jordanP> I've fixed my calendar now
17:43:47 <andreaf> thanks rodrigods, I look forward to see all the clients stable
17:44:00 <andreaf> jordanP: no worries - do you have anything to discuss before we close?
17:44:26 <jordanP> hum.... nothin in particular, life is great
17:44:40 <andreaf> yay
17:45:04 <rodrigods> lol
17:45:43 <andreaf> ok have a good rest of the day folks
17:45:47 <andreaf> thanks for attending!
17:45:56 <rodrigods> thanks!
17:46:07 <andreaf> #endmeeting