Open Stack

On 09/19/2013 04:30 PM, Mark McLoughlin wrote:
> On Thu, 2013-09-19 at 15:22 -0500, Dolph Mathews wrote:
>> On Thu, Sep 19, 2013 at 2:59 PM, Adam Young <ayoung at redhat.com> wrote:
>>          I can submit a summit proposal.  I was thinking of making it
>>          more general than just the Policy piece.  Here is my proposed
>>          session.  Let me know if it rings true:
>>          
>>          
>>          Title: Extracting Shared Libraries from incubator
>>          
>>          Some of the security-sensitive code in OpenStack is coped into
>>          various projects from Oslo-Incubator.  If there is a CVE
>>          identified in one of these pieces, there is no rapid way to
>>          update them short of syncing code to all projects.  This
>>          meeting is to identify the pieces of Oslo-incubator that
>>          should be extracted into stand alone libraries.
>>          
>>
>>
>> I believe the goal of oslo-incubator IS to spin out common code into
>> standalone libraries in the long run, as appropriate.
> Indeed.
>
> https://wiki.openstack.org/wiki/Oslo
>
>    Mission Statement:
>
>      To produce a set of python libraries containing code shared by
>      OpenStack projects
>
> https://wiki.openstack.org/wiki/Oslo#Incubation
>
>    Incubation shouldn't be seen as a long term option for any API - it
>    is merely a stepping stone to inclusion into a published Oslo
>    library.
Thanks for the link.  In Keystone, We've identified policy.py 
specifically as a candidate.

>
>>          Some of the code would be best reviewed by members of other
>>          projects:  Network specific code by Neutron, Policy by
>>          Keystone, and so forth.  As part of the discussion, we will
>>          identify a code review process that gets the right reviewers
>>          for those subprojects.
>>
>>
>> It sounds like the real goal is "how do we get relevant/interested
>> reviewers in front of oslo reviews without overloading them with
>> noise?" I'm sure that's a topic that Mark already has an opinion on,
>> so I've opened this thread this to openstack-dev.
> To take the specific example of the policy API, if someone actively
> wanted to help the process of moving it into a standalone library should
> volunteer to help Flavio out as a maintainer:
>
>    https://git.openstack.org/cgit/openstack/oslo-incubator/tree/MAINTAINERS
>
>    == policy ==
>
>    M: Flavio Percoco <flavio at redhat.com>
>    S: Maintained
>    F: policy.py

Would it make sense to explicitly add Keystone developers, or can we 
include the launchpad keystone-core group to this module?
If we want to keep it per user,  I'm willing to do so, and I think we 
have a couple of other likely candidates from Keystone:  I'll let then 
speak up for themselves.

Should we submit the names as review requests against the MAINTAINERS 
file in that repo?


>
>
> Another aspect is how someone would go about helping do reviews on a
> specific API in oslo-incubator. That's a common need - e.g. for
> maintainers of virt drivers in Nova - and AIUI, these folks just
> subscribe to all gerrit notifications for the module and then use mail
> filters to make sure they see changes to the files they're interested
> in.
>
> Thanks,
> Mark.
>
>