[07:57] pappacena: \o/ Did that need code changes? [08:17] cjwatson: <3 [09:03] cjwatson: if I was to change my local DB set up to use a username/password, where would I put the password for LP to use it? [09:04] tomwardill: launchpad-lazr.conf in [database] [09:04] aha, of course [09:04] tomwardill: I mean, for a hacky local setup [09:05] tomwardill: For something more realistic, ~/.pgpass would probably be better [09:05] hacky will do for now :) [09:05] .pgpass is what we use on prod [09:41] wgrant: question for you in https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/383880 [09:42] cjwatson: Oh, doesn't phase A query per suite? [09:42] I forget. [09:42] It does not - it gets everything and then groups. [09:43] Ah, so it does [09:43] Just found the code [09:43] Fair enough then. [09:43] A bit weird that it groups just for logging purposes! [09:48] Missing builds can't be created after running add-missing-builds.py, how to fix it? Can anyone help? [09:49] maozhou: Can you provide some more detail? What happens when you try? [09:58] The distribution is kylin, series is v101 . At first arch i386 amd64 arm64 has been builded and published, now I want to add missing builds of mips64el , so I run " ./add-missing-builds.py -d kylin -s v101 -a mips64el" , but the missing builds of mips64el can't be created [09:59] maozhou: Have you uploaded a mips64el chroot? [09:59] Yes I do [10:00] ./add-missing-build.py output like this "2020-05-19 08:10:30 INFO Considering zzuf 0.15-1 in v101 [10:00] 2020-05-19 08:10:30 INFO Considering zzz-to-char 0.1.3-2 in v101 [10:00] 2020-05-19 08:10:30 INFO Considering zzzeeksphinx 1.0.20-3kylin2 in v101 [10:00] 2020-05-19 08:10:36 INFO Finished adding builds. [10:00] " [10:01] maozhou: Have you enabled mips64el on /kylin/+archive/primary/+edit? [10:06] Oh,I understand, the mips64el in distribution is not enabled, thank you very much. [10:06] Yeah, needs to be enabled on the archive (a new row in the ArchiveProcessor table). [10:06] ArchiveArch? [10:06] I forget. [10:08] Yeah, I can enabled it in url "https://launchpad.dev/kylin/+edit" [10:09] Ah yes, it's there too, of course. [12:03] tomwardill: I poked around because of that strange error, but in the end I think no significant code change was needed. Only the authentication part. [12:03] what was needed to make the authentication work? [12:04] Basically, it uses bearer token and you only have the info on where to get the token if you do a request and it fails with 401. So, you need to fail, get the informatino where to do a request to fetch token, and use the token from that moment on... [13:04] cjwatson: can you update dogfood so I can QA a build? [13:05] tomwardill: it's already sufficiently up to date for that [13:05] ah, excellent [13:12] cjwatson: can you poke https://dogfood.paddev.net/~twom/ubuntu/+oci/test-twom-2020-04-22-2/+recipe/test-twom-apt-cacher-ng/+build/18 please :) [13:13] (will need to do it twice to check the reuses doesn't explode things) [13:17] I need to edit an OCI Project to QA the "official recipe picker", but only the driver of the distribution has edit permission on that (is that actually correct?). Can you help me on that too, cjwatson? [13:26] well, it built, but I think it needs the registry upload job running [13:26] tomwardill: done, https://pastebin.canonical.com/p/fv3HkwbBxp/ [13:27] pappacena: hm, on dogfood you should already be in the OCI project admins for /ubuntu [13:27] * tomwardill starts another build [13:27] https://dogfood.paddev.net/~twom/ubuntu/+oci/test-twom-2020-04-22-2/+recipe/test-twom-apt-cacher-ng/+build/19 [13:29] pappacena: ah, looks like the OCI project admin role isn't complete [13:29] pappacena: I think this would be a good time to fix the XXX in EditOCIProject (and probably similar in EditOCIProjectSeries) [13:30] tomwardill: ^- do you agree? it's your comment [13:30] yeah, seems reasonable :) [13:30] I can take that [13:31] Thanks, tomwardill ! [13:31] pappacena: for the short term, I've added you to ~ubuntu-drivers on dogfood so that you can QA that [13:34] Thanks! QAing now [13:41] tomwardill: and https://pastebin.canonical.com/p/63HpfZmMsV/ [13:42] cool, that looks working to me :) [13:42] * tomwardill pushes the green button [13:42] thanks [15:19] cjwatson: for this security.py change, do we want to keep isDriver, or should the only access be `admin` or `oci_project_admin`? [15:53] tomwardill: I'm slightly inclined to keep isDriver [15:53] On some kind of cascading permissions principle [15:53] yeah, that was my thoughts for that [15:55] also makes the tests a lot simpler [16:44] add oci_project_admins to EditOCIProject et al. https://code.launchpad.net/~twom/launchpad/+git/launchpad/+merge/384191 [16:44] (aha! this IRC channel still works) [16:44] * pappacena reviewing [17:04] tomwardill: I guess super(DelegatedAuthorization, self).__init__(self.obj, self.obj.oci_project) in this case is like "check permissions for `self.obj` the same way you would check for `self.obj.oci_project`". [17:04] Anyway, it's not that important change. IMHO, the MP is good to go either way. [18:22] I think the 2 MPs for dockerhub integration are ready for review. The first MP is just a refactoring, reorganizing some things to encapsulate registry-specific logic in another class (https://code.launchpad.net/~pappacena/launchpad/+git/launchpad/+merge/384052), and the other MP is actually implementing dockerhub-specific logic (https://code.launchpad.net/~pappacena/launchpad/+git/launchpad/+merge/384192). [18:24] The second one depends on the first one, so they need to be reviewed in order...