Barbican/Archive/Agenda/2015


 * Dec 21, 2015
 * Questions about steps to integrate Barbican with DevStack (kfarr)


 * Dec 14, 2015
 * Barbican SAML authentication (diazjf)
 * https://review.openstack.org/#/c/241068/
 * Add PUT support for generic container types (ting wang)
 * https://review.openstack.org/#/c/207249/
 * Add barbican-manage command (jhfeng)
 * https://review.openstack.org/#/c/253719/


 * Nov 30, 2015
 * chair: rellerreller
 * Mitaka-1 milestone
 * kfarr will be handling the release this week
 * Castellan logging options (elmiko)
 * Castellan integration testing (elmiko)


 * Nov 23, 2015
 * chair: rellerreller
 * Castellan improvements (elmiko)
 * auto-discovery of barbican endpoint
 * auth detection from context object


 * Nov 16, 2015
 * Barbican Federation Use-Cases Detailed Overview
 * Castellan Authentication compatibility for Swift
 * https://etherpad.openstack.org/p/swifjt-keymaster-with-castellan
 * Barbican garbage collector
 * Creating a castellan-specs github (silos)


 * Nov 9, 2015
 * Summit Recap
 * redrobot is getting married at the end of November! :D
 * We'll need a substitute meeting chair for the Nov 23 and 30.
 * Federation Use Cases (edtubill, diazjf, silos)


 * Nov 2, 2015
 * Cancelled due to Summit


 * October 26, 2015
 * Cancelled due to Summit


 * October 19, 2015
 * chair: dave-mccowan
 * Review design summit etherpad votes.


 * October 12, 2015
 * Cross project liasions
 * py34 update (dave)


 * October 5, 2015
 * Liberty RC2
 * Mitaka Blueprints
 * Tokyo Summit


 * September 28, 2015
 * (woodster) What about changing our gates to populate database with Alembic migrations, instead of from SQLAlchemy models directly?


 * September 21, 2015
 * (arunkant) Barbicanclient failures on neutron test gate: http://logs.openstack.org/43/208343/15/check/gate-tempest-dsvm-neutron-src-python-barbicanclient/9193018/


 * September 14, 2015
 * Review Dave's core nomination: http://lists.openstack.org/pipermail/openstack-dev/2015-September/073866.html
 * Federated Barbican Update (silos)


 * September 7, 2015
 * No meeting. Happy Labor day to contributors in the US.


 * August 31, 2015
 * Test framework - We're currently using both nosetest and testtools. Can we consolidate to one of them?
 * Merge requirements continued
 * Quotas Blueprint targeting Liberty-3. Update.
 * /v2/orders
 * Castellan: https://review.openstack.org/#/c/208569/ Last patch needed before a release (kfarr)
 * (woodster) Don't forget about the ACL blueprints, esp. this one: https://review.openstack.org/#/c/208343


 * August 24, 2015
 * Merge Requirements - I think it's time we start merging after two +2 reviews by a core reviewer. (redrobot)
 * Tokyo Session Requirements (red robot)


 * August 17, 2015
 * Adding certificate_manager namespace to Castellan (rm_work)
 * Federated Barbican (silos)
 * Defect/issue template - https://etherpad.openstack.org/p/barbican-bug-report-template (hockeynut)
 * super-user rule in policy.json (dave-mccowan)
 * quotas blueprint update (dave-mccowan)


 * August 3, 2015
 * Multiple KMIP Blueprint - https://review.openstack.org/#/c/194298/ (silos)
 * Castellan merge requests (kfarr)


 * July 27, 2015
 * V2 and Orders (jmvrbanac)
 * stable/kilo tests are failing (jaosorior)
 * Barbican Openstack CLI plugin (jaosorior)
 * Castellan
 * release schedules (elmiko)
 * patches need merging


 * July 20, 2015
 * Magnum integration
 * Resource Quotas
 * Design Discussion: https://review.openstack.org/203678
 * Code review for first commit (config, controller, validator) https://review.openstack.org/198764
 * Brief discussion regarding default policy settings and ability of secret creators to manage their secrets (https://bugs.launchpad.net/barbican/+bug/1475962)


 * July 13, 2015
 * Magnum integration
 * CAs blueprint
 * http://specs.openstack.org/openstack/barbican-specs/specs/liberty/add-cas.html
 * copy constructor for secrets and containers, report back from api-wg discussions (elmiko)
 * https://review.openstack.org/#/c/127823/


 * July 6, 2015
 * Update on Quota Support blueprint (dave-mccowan)
 * ACL client implementation (chellygel)
 * Let's discuss the fifth 'acl-user' role needed for Barbican:
 * Ugh, I noticed we did discuss this on May 4th with an etherpad here.
 * However, I think we got off track talking about lists of secrets...
 * So I think the outcome of this discussion should just be a blueprint or paper-cut to add this new role and associated testing for it. I favor blueprint as we could also see a sample of the API doc mods needed.


 * June 29, 2015
 * Magnum integration
 * Why are we still testing the python-barbicanclient with py26
 * Dogtag gate as voting


 * June 8, 2015
 * Mid-Cycle RSVP (red robot)


 * June 1, 2015
 * Vancouver Summit Recap (redrobot)
 * Mid-Cycle (red robot)


 * May 11, 2015
 * (arunkant) Proposed ACL API changes as per ACL docs review comments on line #237
 * (dave-mccowan) Heads-up: adding run-as-user support to functional tests. You local keystone deployment will need new users and roles installed to run functional tests.


 * May 4, 2015
 * (woodster) Let's discuss and fine-tune the 'read-only' ACL user' a little bit


 * April 20, 2015
 * (redrobot) Kilo-RC1
 * (woodster) What approved or drafting blueprints do we want to bring over to Liberty?
 * (redrobot) Bug: https://bugs.launchpad.net/barbican/+bug/1446266


 * April 13, 2015
 * (redrobot) Vancouver Design Summit. See this Liberty design session topics wiki page here.
 * (redrobot) Additional role for per-secret ACL. Current policy is available here.


 * April 6, 2015
 * (woodster) Barbican Python client and expected sensitivity to additional response key/values returned. See notes on this CR
 * (redrobot) Juno to Kilo DB migration
 * (redrobot) Content-Type and payload_content_type combinations


 * March 30, 2015
 * Flagging things for deprecation. (jvrbanac)
 * Logging in Barbican (jvrbanac)
 * Castellan Initial Release (redrobot)


 * March 23, 2015
 * Review comment around storing acl users as comma separated values vs separate table. Review Link (arunkant)
 * How to integrate Castellan with Openstack service (arunkant)
 * Related: Castellan release and how to update Castellan resources, i.e. bug tracker (kfarr)


 * March 16, 2015
 * Functional testing
 * Assert parameter order


 * March 2, 2015
 * 100% code coverage options: break packages into 'paper cut' bugs maybe?


 * February 23, 2015
 * Mid-cycle recap
 * https://etherpad.openstack.org/p/barbican-kilo-sprint
 * Ade: Wrap profiles around CMC to pass to CA to track product type
 * Ade: Additional CR for Identify CA migration scripts (2 others in review)
 * Ade: BarbicanMetadata table
 * Dave: Certificate Order metadata change API parameter from container ref -> secret ref validation.
 * tsv: Quotas BP
 * woodster: reach out to Jarret about hard deletes for compliance concerns.
 * woodster: Order sub-status
 * New gates
 * Road to Liberty summit
 * https://etherpad.openstack.org/p/barbican-L-design-sessions


 * February 9, 2015
 * Update on Swift integration with KeyManager, if/when moving to Castellan
 * A note about Barbican packaging effort underway
 * L-Summit space requirements


 * February 2, 2015
 * Kilo 2
 * Quota Support blueprint:
 * Open question: Admin endpoint (9312) vs service admin thats allowed to set quotas on any project it wishes to?
 * Castellan project
 * Which openstack services are driving? What is the timeline for Castellan availability and services started using it.
 * Just a note: L design session etherpad is available here.
 * Migration scripts are not being ran (according to the bugs that I've found) up to which revision should we keep(support)? [jaosorior]
 * https://bugs.launchpad.net/barbican/+bug/1376902 [jaosorior]
 * This bug also relates to plugin validation which has been discussed in the past but not otherwise acted upon.
 * A note about Barbican packaging effort underway


 * January 26, 2015
 * KMIP MKEK plugin spec https://review.openstack.org/#/c/148948 [tkelsey]
 * Discussion over the creation of a new plugin vs updating KMIPSecretStore
 * Discussion over Incompatible pluggin versioning (if we decide not to make a second plugin)
 * Content types blueprint:
 * Seems very close...what questions still need to be answered?
 * Per Secret Policy blueprint:
 * Open question: Should whitelisted users be able to decrypt secrets even if they don't have proper Barbican roles?


 * January 19, 2015
 * Barbican Mid-Cycle
 * https://etherpad.openstack.org/p/barbican-kilo-sprint
 * Vancouver Summit
 * January 12, 2015
 * Castellan progress [redrobot/rm_work]
 * KMIPSecretStore HSM connection certificates [tkelsey]
 * Request for reviews on https://review.openstack.org/#/c/135217/
 * Chance to answer any questions
 * Blueprints:
 * Quota support: Should we restrict scope? ...So no driver support, no class support?
 * Per-secret RBAC: Whitelist only vs logical expressions? GET list by project-ID or by resources I can GET?


 * January 5, 2015
 * Kilo 1 Released [redrobot]
 * Quota BP [redrobot]
 * Insights on https://bugs.launchpad.net/barbican/+bug/1376469 [jaosorior]
 * Status of essential blueprints