20:00:00 <nitzmahone> #startmeeting Ansible Windows Working Group
20:00:00 <zodbot> Meeting started Tue May 21 20:00:00 2019 UTC.
20:00:00 <zodbot> This meeting is logged and archived in a public location.
20:00:00 <zodbot> The chair is nitzmahone. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:00:00 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
20:00:00 <zodbot> The meeting name has been set to 'ansible_windows_working_group'
20:00:06 <jhawkesworth> heya
20:00:16 <nitzmahone> #chair jhawkesworth jborean93
20:00:16 <zodbot> Current chairs: jborean93 jhawkesworth nitzmahone
20:00:19 <nitzmahone> howdy
20:00:40 <jborean93> hey
20:00:46 <Shachaf92> hey
20:01:38 <nitzmahone> #topic https://github.com/ansible/ansible/issues/56712 (win_find perf)
20:01:49 * jhawkesworth reads pr
20:01:54 <jborean93> I saw this when I woke up
20:02:07 <jhawkesworth> s/pr/bug report
20:02:15 <jborean93> I don't want to add wildcard support here but there's ways we can go about to increase performance with a wildcard in the filename
20:03:07 <jborean93> it was never documented, and never the intention to support wildcards in the path module option when I created the module
20:03:40 <Shachaf92> k, saw it just before the meeting so i thought to bring it up and see what you think
20:03:55 <jborean93> I'll comment on the issue
20:04:20 <nitzmahone> Cool- thanks jborean93
20:04:22 <jhawkesworth> I can't remember why a lot of stuff was changed to use -LiteralPath but I recall it plugged up some issue in a lot of places
20:04:32 <nitzmahone> Looks like nothing else on the agenda, so
20:04:35 <nitzmahone> #topic open floor
20:04:36 <Shachaf92> https://github.com/ansible/community/issues/420#issuecomment-490255070
20:04:57 <Shachaf92> there all the PR i added but since i edited teh comment from last week i guess you missed it
20:05:16 <nitzmahone> ah, yeah, missed that parts of it were still open
20:05:28 <Shachaf92> most of them :)
20:05:39 <jborean93> hoping to get to some of them today or tomorrow
20:05:49 <jborean93> nearly finished up what I'm working on at the moment
20:06:13 <Shachaf92> k, should i keep bringing them all up in the meetings or jsut wait for you to get to them at your free time?
20:06:58 <jborean93> up to you really, potentially order them by priority that you wish for us to have a look at
20:07:02 <nitzmahone> Yeah, if they're just waiting on review/feedback, we'll get to them when we can (though the occasional nudge here if it's been awhile never hurts either ;) )
20:07:17 <jborean93> makes it easier to focus on the more important ones and chip away at it
20:07:28 <Shachaf92> I don't really have any priority, most of them are bug fixes
20:08:05 <jborean93> ok
20:08:06 <Shachaf92> I try to go over at least 10-15 issues in the weekends
20:08:08 <jhawkesworth> I'd like to test ansible/ansible#56567 but need to rebuild my lab
20:08:10 <nitzmahone> FYI: I'll be doing a pywinrm 0.3.1b1 probably in the next couple of hours- just some bugfixes, but my plan is to run a full Ansible CI run against it, let it soak for a few days, then release it, so if anyone feels like giving it a spin, please do.
20:08:57 <jhawkesworth> nice.  any headline fixes?
20:09:01 <jborean93> Shachaf92: were you able to test the default credential stuff for win_uri against the various credential options?
20:09:20 <Shachaf92> not yet working on setting up all th ecases
20:09:36 <nitzmahone> Heh, not that you'll probably care about- some long-standing py3 encoding bugs, esp in the "simple" interface that Ansible doesn't use
20:09:59 <jborean93> it fixes some cert validation issue, where you couldn't ignore invalid certs if a certain environment variable is set
20:10:03 <nitzmahone> Some minor stuff around cert validation behavior and envvars
20:10:50 <Shachaf92> wanted to ask, there are multiple issues and requests around ConfigureRemotingForAnsible.ps1, is it really maintained?
20:11:10 <nitzmahone> We're trying not to add features to it in general
20:11:18 <jborean93> not really, we are loathe to make changes to it because so many people rely on it, it's less useful now that we support http message encryption
20:11:38 <jhawkesworth> cool.  you're right though not much that I'm making use of
20:11:44 <jborean93> genuine bugs are ok, but "bugs" that are really this doesn't suite my workflow are not really looked at
20:12:14 <nitzmahone> We've told people that wanted to make sweeping changes to go publish something on PS Gallery instead
20:12:16 <Shachaf92> Ok, I'll go over those issues and sort them out
20:12:34 <jhawkesworth> thank you
20:12:52 <Shachaf92> happy to help
20:12:54 <nitzmahone> It's mainly there to support our CI and users that want a quick "I don't want to think about it" start to enable WinRM
20:13:11 <Shachaf92> and usually i just spam @nitzmahone and @jborean93
20:13:51 <nitzmahone> dunno about jborean93, but I get so much email noise from GH that my notifications just go to a bucket I rarely look at
20:13:58 <nitzmahone> hundreds a day, usually
20:14:08 <Shachaf92> Thought as much
20:14:11 <jborean93> I try to look at them but some do slip through from time to time
20:14:42 <Shachaf92> If there will be something truelly important ill bring it up here
20:14:44 <jhawkesworth> drowning in 'em
20:14:44 <nitzmahone> I wish there was an easier way to curate stuff like that, but we have yet to come up with anything :(
20:15:29 <chopraaa> > http message encryption
20:15:32 <chopraaa> whats this?
20:15:34 <chopraaa> :O
20:15:42 <nitzmahone> default mode for winrm
20:15:48 <Shachaf92> Any way to add a solution_review label maybe?
20:16:01 <nitzmahone> meaning what?
20:16:17 <jborean93> chopraaa: it's using winrm over http with encryption of the payload
20:16:28 <chopraaa> Was this just added? Is there a link to this?
20:16:30 <jborean93> been in there since pywinrm 0.3.0
20:16:36 <chopraaa> Ah
20:16:43 <nitzmahone> ~2 years old now IIRC
20:16:53 * jborean93 can't believe it's been that long
20:17:20 <jhawkesworth> chopraaa: its nice, no need to run 'ConfigureRemotingForAnsible.ps1' before your host is accessible (if joined to a domain).
20:17:21 <Shachaf92> @nitzmahone - nvm, a sliver of a thought
20:17:34 <nitzmahone> (at least Ansible/pywinrm support for it, obviously it's been around on the winrm side since the beginning I think)
20:18:16 <jhawkesworth> i mean 'accessible via pywinrm/ansible'
20:18:32 <Shachaf92> I saw a lot of comments about using the galaxy instead of modules, hat are the guidelines to decide between the two?
20:18:43 <nitzmahone> well, and so long as you're on the same subnet- IIRC the default firewall rules limit WinRM to same subnet
20:18:43 <Shachaf92> what are*
20:19:32 <nitzmahone> Galaxy is starting to add support for collections (which are a new way to ship plugins/roles/modules we added in 2.8)
20:19:35 <jhawkesworth> I have machines on same domain but 3 different subnet and it works fine I think
20:20:00 <nitzmahone> It'll still be awhile, but the intent is that we'll way slow down or even stop accepting new modules into Ansible core
20:20:09 <jhawkesworth> (don't think I've tinkered with fw rules)
20:20:17 <nitzmahone> People can ship collections on Galaxy and update/rev them anytime they want
20:20:54 <Shachaf92> I see, ill read on that - but as you say, all new modules requests are irrelevant then
20:21:17 <jborean93> not irrelevant, jsut the criteria for getting into ansible/ansible is higher
20:21:18 <nitzmahone> It's gonna be a bit before the rest of the tooling is in place (updates to the ansible-galaxy tool, the online service, etc)
20:21:34 <nitzmahone> We're shooting for 2.9 to have the rest of it in place
20:21:38 <jhawkesworth> its kinda odd that azure seem really keen to do this but the main windows modules are ... well mostly the people here so RH and community contrib.
20:22:24 <nitzmahone> They want to be able to ship new modules quickly as soon as new services/APIs are available, which was one of the big selling points of that kind of model
20:23:05 <nitzmahone> But yeah, there's not a lot of docs out there on collections yet since the tooling and end-user support is still in progress
20:23:18 <jhawkesworth> makes sense.  Not the same for operating systems, which I guess are realeased when they are done
20:23:29 <nitzmahone> or not-quite-done, it seems sometimes ;)
20:23:54 <jhawkesworth> yeah well most software is never quite 'done'
20:24:28 <Shachaf92> where can i read on the collections model? trying to find something in google and not a lot of help there
20:24:49 <nitzmahone> Like I said, no real public docs yet
20:25:20 <Shachaf92> oh, ok
20:25:31 <jborean93> the best ones we have is the actual PR that implemented it https://github.com/ansible/ansible/pull/52194
20:25:38 <Shachaf92> I wonder how all of this will work for air gaped networks
20:25:52 <nitzmahone> They're still being written, and most people don't care about how it works under the covers, they just want to know how to use them, which can't be documented until the user tools are done
20:25:59 <jborean93> yep
20:26:09 <nitzmahone> There are lots of options for distributing collections
20:26:31 <nitzmahone> The engine itself doesn't care how they get there- sans any of the tooling, we've just been manually creating them
20:26:32 <jhawkesworth> I found this https://github.com/ansible/galaxy/pull/1788/files
20:27:24 <Shachaf92> thanks
20:28:20 <Shachaf92> anyways, It would be great if you could look at some of the PR i listed in the comment on the agenda, most are single line changes or very tiny :)
20:28:25 <jhawkesworth> anyone got anything else to discuss?  I'm flagging (long day wrestling with zookeeper!)
20:28:37 <Shachaf92> nothing here
20:28:39 <nitzmahone> oof, that's no fun (I don't miss zk)
20:28:47 <nitzmahone> nothing else here
20:28:49 <jborean93> I'm good
20:28:59 <nitzmahone> OK, we'll wrap it up then- until next week... Thanks all!
20:29:02 <nitzmahone> #endmeeting