=== _thumper_ is now known as thumper [08:42] Hey good people, I am trying to enable TLS for openstack endpoints. For this purpose I am using vault as the CA, and trying to use https://docs.openstack.org/project-deploy-guide/charm-deployment-guide/latest/app-certificate-management.html . But signing the CSR step is confusing. It does not say how to generate .pem file. Do we have any other [08:42] document which I can use to setup TLS for keystone using vault as the CA! [08:42] Appreciate any tips/steps/documents. [08:42] Thanks! [08:43] sou: you will most likely have more luck asking in #openstack [08:49] Thanks wallyworld. As the document mentions charms, I added my concern here. Let me check in #openstack! [08:52] sou: yes, fair call. the folks who write the openstack charms tend not to hang out here so much. if you dn't get any luck in @openstack, there's a discourse forum you can try (i'd need to look up the address) [08:54] Sure. Many thanks! [09:47] manadart, achilleasa SUPER EASY ONE https://github.com/juju/juju/pull/11919 [10:06] . [10:13] manadart, achilleasa another one [10:13] https://github.com/juju/juju/pull/11920 [10:22] stickupkid: aren't we installing mongo via snap? [10:23] achilleasa, you wish [10:23] achilleasa, this is for testing [10:23] why not? shouldn't we install the version actually installed when bootstrapping? [10:23] achilleasa, but that's dependant on version [10:24] achilleasa, also I'm unsure how snaps will behave on github actions, i.e. in a container/chroot thing [10:25] achilleasa, I'm not sure I want to go down that rabbit hole [10:25] achilleasa, keep in mind we should always work with the lowest common mongo, as we never upgrade our mongos [10:25] achilleasa, (unless you do upgrade series maybe?) [10:26] since we maintain our own juju-db, can't we tar.gz it and curl | tar it? [10:26] life [10:26] achilleasa, but we don't really [10:26] but this is just the client tests right? [10:26] yeah [10:26] ok, cool then [10:26] we use the packaged one with the os [10:27] i.e. the apt one and make install-dependencies gets that latest one for us [10:27] we just have to blast away what ever is there [10:27] but latest is not really latest now is it? [10:28] because github "decided" that it will install a FUCK TON of crap software when what I really want is ubuntu [10:28] I mean due to the licensing issues [10:28] HA [10:28] yeah, yeah [10:28] you get all this bullshit when you request ubuntu https://github.com/actions/virtual-environments/tree/main/images/linux/scripts/installers [10:29] I already brought this up with the powers that be, that if I requested ubuntu, I should just get ubuntu, not that fucking shit show [10:29] why the fuck do I want php [10:29] and node [10:30] they don't even have maas, juju, etc and they're canoncial products jeez [10:37] As a GitHub Actions user I'm more likely to want PHP in my environment than I am MAAS [10:38] but some of the versions can sure be surprising [10:38] but you should ask for it, not be given it [10:41] SpecialK|Canon, I'd rather have this https://paste.ubuntu.com/p/f55QkrbsWH/ [10:43] stickupkid: I know which one I'd rather implement the caching for ;) [10:43] I know why they do it though, so they can cache the hell out of the image [10:43] (But I see your point as a user) [10:44] SpecialK|Canon, yeah, but ubuntu is a brand, it's expected to perform exactly the same for every installation, this changes that. I'm now not getting "ubuntu", I'm getting ubuntu with stuff that I have to horse around with to get me to a more stock ubuntu [10:45] that's my main issue... caching is a github issue, not a user one [11:20] stickupkid achilleasa: This is patch I have been discussing at standup: https://github.com/juju/juju/pull/11921 [11:20] manadart, will look [11:30] manadart, ho? got questions [11:32] stickupkid: Yep, gimme a couple. [14:07] manadart, Q&A went well, although slow [14:07] manadart, another question though [14:07] stickupkid: Yup? [14:08] in the database I'm looking at and the PR description, there is now a "type", is this an migration step, or do we not care? [14:08] ah no wait, I'm blind [14:09] manadart, tick [14:10] stickupkid: Ta. [15:42] stickupkid: or hml quick CR for a help text change? https://github.com/juju/juju/pull/11922 [15:42] achilleasa: looking [15:48] achilleasa: one suggestion for the change. [16:10] hml: It was easier to just rewrite the help text. Can you take another look? [16:11] achilleasa: sure [16:12] stickupkid: review please: https://github.com/juju/juju/pull/11923. it’s not really 1k lines, there are mock files and json schema changes. [16:12] hml, k [16:13] stickupkid: I’ll do the TODO once i get the whole thing wired up [16:13] in the next pr [16:14] achilleasa: I like the new write up, any concerns that this does not follow the other help msgs with a specific examples section? [16:16] hml, do we need Resolve for charm hub? [16:16] stickupkid: we will, need to figure out where to put it and what it should contain. that’s my next step [16:17] i’m thinking just the charmhub package [16:18] hml, done [16:20] stickupkid: ho? [16:20] sure [16:22] hml: no idea :D [16:23] petevg: ^^^ thoughts on https://github.com/juju/juju/pull/11922 re: Heather's comment? [16:24] hml: actually I should change the redis example and use apache2 everywhere [16:34] esp. because redis isn't even updated === evhan` is now known as evhan