19:00:07 #startmeeting refstack 19:00:13 Meeting started Tue Jul 12 19:00:07 2016 UTC and is due to finish in 60 minutes. The chair is catherineD. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:00:14 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 19:00:17 The meeting name has been set to 'refstack' 19:00:29 o/ 19:01:31 #link meeting agenda and notes, please feel free to add items https://etherpad.openstack.org/p/refstack-meeting-16-07-12 19:02:55 o/ 19:03:40 let's wait for a couple mins for others to join .. 19:03:56 o/ 19:04:33 Meeting agenda https://etherpad.openstack.org/p/refstack-meeting-16-07-12 19:04:34 o/ 19:05:06 alright let's start 19:05:22 #topic Mascot for RefStack 19:05:49 Deadline for submission: Jul 27 19:07:14 please think aboutthe mascot ... we will spend more time on this next week 19:07:42 k 19:07:54 #topic Using refstacl-client to update product table product_ref_id 19:08:12 2 reviews by Andrey 19:08:36 #link Authenticate user for update product with public key and signature ( https://review.openstack.org/#/c/335877/ ) 19:08:58 #link Add register cloud command ( https://review.openstack.org/#/c/335883/ ) 19:09:35 I do not have any issues with the 2 patches ... everyone please review 19:09:50 catherineD: ok, will do 19:10:20 we can come back to this if Andrey shows up.... meanwhile I would like to move on the the next topic 19:10:32 #topic Test results ownership 19:11:52 sslypushenko: from the last meeting , I feel like we need to define what is ownership? Here we are talking about ownership of the data ... 19:12:30 whoever own the data can delete/share/assciating data to guideline .. 19:13:24 catherineD: actually, I don't care about terms and definitions ... 19:14:04 currently for the data that vendors use for certification some were uploaded anonymously, others were uploaded by a signed user. 19:14:51 I just don't like and idea that Foundation can delete results used for certification... but I can live with it 19:15:44 Unfortunately, Alex does care about terms and definitions( 19:16:25 I understand Alex's position ... I would like to know other team members' position 19:16:41 sslypushenko: I'm not sure we would ever use it, but I understand your worry 19:16:47 Maybe we should do something like original owner and foundation? So foundation is an extra field and if it's filld, it can delete, but with notification? 19:17:23 And notification whn it becomes the second owner? 19:18:13 hogepodge: I fully understand you) It is just to underline that ownership control usually are not low hanging fruit 19:18:57 At some point the project need to move on with majority's consensus 19:19:39 sslypushenko: I don't mind if we decide that cerfication result should never be deleted .. 19:20:16 catherineD: majority's consensus not an option in our case... we need full consensus 19:20:38 sslypushenko: I don't believe in full consensus 19:20:44 sslypushenko: why not? 19:20:50 because we will never reach that 19:21:02 and the project need to proceed 19:21:28 sslypushenko: allowing filibusters would end this project, and others 19:21:28 Rockyg: we will come back to your comments later 19:22:42 without active development this project will end to 19:24:09 sslypushenko: agreed ... I want to remind everyone that we do not have many developers ... but we can not just rely any individuals either 19:24:21 Vendors guidelines - is a feature which can make RefStack interesting not only for DefCore certification 19:25:03 We definitely need it if we are planning to move forward 19:25:09 sslypushenko: I've been pretty clear that until defcore features are addressed, it out of scope 19:25:28 sslypushenko: I agreed ..and I am all for that ... 19:25:49 sslypushenko: I've also tried to make it clear that once defcore is where it needs to be, additional guidelines are useful, especially in relation to projects 19:25:53 hogepodge: yeap, it is totally clear 19:26:16 actually we don't need this feature in refstack.org 19:26:59 but I see real use cases, where people can use it locally 19:27:14 sslypushenko: but vendor specific guidelines make loads of people queasy, including myself, some TC members, and infra members. This project isn't a general *aaS, it's meant to help with OpenStack interoperability 19:28:17 hogepodge: that is also true 19:28:25 but I'd love to see Heat, and EC2, and Ceilometer, and ... have guidelines about what they define interoperability for their projects. I think it's really important, and that means adding support for additional guidelines 19:29:14 That means the support being there, and vendors can and will find a way to take advantage of it, either as a private deployment or through projects or maybe vendor support 19:29:25 I believe we all have the same goal for OpenStack Interop ... but we need to set priority and for Newton the priority is to fulfil DefCore requirements l 19:29:48 without community guidelines, it is not possible to handle all openstack project. 19:29:57 I feel like we're hung up on getting short term work done because we're arguing about things much further down the line 19:30:20 hogepodge, the reason we are pushing so hard on this is EC2. mor than 30% of respondnts to th survys use it, so having that guideline available is extremely valuable 19:30:43 Rockyg: I understand, but there are features for defcore that are needed now that we don't have 19:31:13 Can we be focus on what current topic -- which is mark test results as certify ... 19:31:14 Rockyg: so I don't want to spend my time on EC2 when the mission statement and needs require otherwise. I'm not saying I want to ignore it long term, rhough 19:31:23 We just need to ensure that current work doesn't preclude future. 19:31:24 Rockyg: I'd say EC2 and S3 19:31:55 Rockyg: it doesn't, except for the arguing about it for the last few months 19:31:57 if I may ... could we focus on discussing certify test results 19:32:07 catherineD: yes, sorry 19:32:28 sorry everyone ... I just need us to be focus 19:32:30 Right now Defcore criteria for Object Storage are very far from real customers exprectation 19:33:13 It is just an example 19:33:15 sslypushenko: could we discuss certification of test results? 19:33:26 ++ catherineD 19:33:30 catherineD: we can) 19:33:58 But I don't have disagreements here) 19:34:06 so the spec https://review.openstack.org/#/c/332260/ suggest to identify the test results by adding a column to the test record ... 19:34:12 do we agree on that? 19:34:18 me, either :) 19:34:42 +1 19:35:06 suggested solution works for me) 19:35:32 from technical point of view... 19:36:03 sslypushenko: great ... then could everyone look at line 58 to 66 https://review.openstack.org/#/c/332260/4/specs/newton/approved/associate-test-result-to-product.rst 19:36:35 Also, I see possible future issues, at the same I don't have a plan how we will overcame it) 19:37:28 1) Only interop admins can make update to the "certification" field. any opinion here? please +1, -1 19:37:50 +1 19:38:33 +1 19:38:52 +1 19:39:14 +1 19:39:51 Thanks ! 2) Only a test record which has been associated to a guideline and target program can be marked as certified 19:40:28 it is obvious thing, I guess) 19:40:39 This just means that if the test is certififed it needed to be certified against a specific guideline 19:40:54 sslypushenko: I have anonymous test results that I'm using for certification 19:41:13 sslypushenko: right now I'm pairing products/guidelines externally from refstack 19:41:25 What about version of SW, also? 19:41:39 hogepodge: we have to change it) 19:41:56 change what? 19:42:01 hogepodge: that just means that you may need to do guideline association before marking that record as certified in RefStack 19:42:36 Rockyg: You mean version of OpenStack release? 19:42:45 anonymous test results will be owned by Foundation 19:42:45 yes 19:43:13 sslypushenko: I don't want all anonymous test results 19:43:45 we do not have version identifier at the moment ... that maybe something to think about later .. 19:43:45 sslypushenko: it would amount to spamming me every time someone sends something up to see how refstack works, or trying to figure out how to make their tests pass 19:43:52 hogepodge, you only need to keep the ones that are certification results 19:43:52 hogepodge: At least you can manage only that you interested in) 19:43:58 sslypushenko: I'm only interested in the anonymous test results that I'm interested in 19:44:17 sslypushenko: no, I don't want to be responsible for deleting all anonymous results I don't want 19:44:29 sslypushenko: it's a ddos attack on my productivity 19:44:48 hogepodge: Also, I guess it will be good idea to forbid sending anonymous test results on certification 19:45:31 do you agree with that? 19:45:33 Rockyg: sslypushenko: I want to claim the results I want, not reject the ones I don't 19:45:52 sslypushenko: I don't 19:45:58 sslypushenko: ++ once we have all of this in place .. and hogepodge: has marked all the data that he is interesting in .... we will stop anonymous data upload ... and think about data archiving 19:46:25 So, do you see continuing to get anonymous tests, or is this just because we don't have some needd code in place 19:46:29 sslypushenko: the workflow for setting up an account is not clear to me. I haven't successfully done it 19:47:02 sslypushenko: the generation and upload of the keys and secrets is really nonintuitive, and not entirely in line with other key upload processes I've done in the past 19:47:25 sslypushenko: so forcing users to create an account is a barrier, and I want lower barriers rather than higher ones for now 19:47:44 hogepodge: we have a manual how to do that, it should not be a problem 19:48:49 time to get Piet involved! 19:49:13 The signature is problematic. I've never needed it before 19:49:19 hogepodge: btw we can remove signature 19:49:34 if you think that is a problem 19:49:44 I don't know what it's even used for, and if I need to keep it around for anything else 19:50:09 Feel free to pull me in when you have a specific need 19:50:53 hogepodge: Let's work on that ... My hope is at some point we will stop anonymous data upload ... so that the user can manage their own data 19:51:23 it is a protection from pubkey spoofing... pubkey should you unique... because we use it for association between users and test results 19:52:04 let's go back to question #2 we required that certified data to have guideline associated to it .... +1, -1 19:52:07 pls 19:52:34 catherineD: I'm neutron on that point 19:52:39 0 for me 19:52:58 sslypushenko: Rockyg: pvaneck: ? 19:53:03 hogepodge: thx 19:53:05 hogepodge: so, if for example I know your pubkey, I can upload it as mine... And then you will not be able to upload it as yours 19:53:06 Whereas I'm proton ;) +1 19:53:15 catherineD: +1 19:53:24 yea, let's go +1 on that 19:53:27 Rockyg: :-) 19:53:35 ok last one 19:54:12 hogepodge: signature it is just a way how to prevent such cases 19:54:20 3) Once a test record is marked as certified, only interop admins can remove/delete the test record pls +1 -1 19:55:22 sslypushenko: for item 3... I can update saying that once the test results is used as certification ... it can never be deleted 19:55:42 so 3.1 is never delete ... 19:55:51 +1 Please add with notification of product admin, or add a 4. that has that so we can move on the code..... 19:55:56 -1 for ability to deletion. test record is marked as certified should be unchanged) 19:56:20 sslypushenko, that's 3.1 19:56:31 sslypushenko: 3.1 OK with you? 19:56:33 interop admin can remove certification mark, if it is required 19:56:41 yeap 3.1 +1) 19:57:01 no opinion on that for me 19:57:07 sslypushenko: ok so 3.1 and add that interop admin can remove the certification mark 19:57:22 catherineD: great 19:57:22 that sounds fine 19:57:42 ok thanks everyone ... I will split out the spec to a new one just focus on the certification part ... 19:57:55 and you all will +1 on the new spec right? :-) 19:58:11 sure) 19:58:48 now we are getting somewhere .... thanks so much!!! You make my day :-) 19:59:25 2 mins left ... next week we will discuss mascot and cloudid vs productid 19:59:37 any last minute thoughts? 19:59:48 yup. +1 spec 19:59:58 Rockyg: thx 20:00:07 ok thank you all again! 20:00:13 #endmeeting