)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":14250,"name":"Grzegorz Grasza","email":"xek@redhat.com","username":"xek"},"change_message_id":"77094f078812e97da6965ecaef9e199270f17187","unresolved":true,"context_lines":[{"line_number":22,"context_line":"This patch attempts to delete those intermediate entities before"},{"line_number":23,"context_line":"returning the secret IDs to the caller. For the sake of backward"},{"line_number":24,"context_line":"compatibility, and to account for a fact that with default Barbican"},{"line_number":25,"context_line":"policies, not every user who can create order can delete it too,"},{"line_number":26,"context_line":"any errors on such attempts are ignored and only logged as warnings."},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"Closes-Bug: 1638018"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"a29950fa_f18db443","line":25,"updated":"2023-03-30 14:24:50.000000000","message":"We discussed on the PTG that we should add the ability to remove the order by the creator to the default policies.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":9542,"name":"Pavlo Shchelokovskyy","email":"pshchelokovskyy@mirantis.com","username":"pshchelo"},"change_message_id":"e949811fee41694cfa885028afe2160a27a2c17a","unresolved":true,"context_lines":[{"line_number":22,"context_line":"This patch attempts to delete those intermediate entities before"},{"line_number":23,"context_line":"returning the secret IDs to the caller. For the sake of backward"},{"line_number":24,"context_line":"compatibility, and to account for a fact that with default Barbican"},{"line_number":25,"context_line":"policies, not every user who can create order can delete it too,"},{"line_number":26,"context_line":"any errors on such attempts are ignored and only logged as warnings."},{"line_number":27,"context_line":""},{"line_number":28,"context_line":"Closes-Bug: 1638018"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"b67384fe_7d6b1adf","line":25,"in_reply_to":"a29950fa_f18db443","updated":"2023-04-03 09:07:09.000000000","message":"That\u0027s already the case for \u0027new\u0027 defaults (AFAICT, every project member can delete any order in the project), but legacy defaults still require only \"project admin\" to delete orders, and I\u0027m pretty sure legacy defaults are still in quite wide use..\n\nhttps://opendev.org/openstack/barbican/src/commit/9ba66a67b99782c8cea986b51744c0d3d5d25f63/barbican/common/policies/orders.py#L109-L110","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"}],"/PATCHSET_LEVEL":[{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"2b8868442d71639e0eae63123dfb434eece66a34","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":3,"id":"2d8faab7_cf099fc4","updated":"2024-02-20 09:42:32.000000000","message":"The approach looks good to me. Leaving some suggestions inline.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"ee70b25f0aff070321b9238a53fefd8ec0e6734d","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":3,"id":"ebdda9ba_454329f7","in_reply_to":"2d8faab7_cf099fc4","updated":"2025-09-29 08:50:33.000000000","message":"Hello, I\u0027m interested into adding this one too. \n\nWhen enabling encryption on cinder side, orders pile up and are never deleted/cleaned. Hope Pavlo won\u0027t mind me taking the liberty to rebase it and tweak it a bit.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"3addd763c40e2e00e10d5adad4b2b1b599f2e585","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"ac2616d9_4e2c182c","in_reply_to":"ebdda9ba_454329f7","updated":"2025-09-30 08:23:45.000000000","message":"Acknowledged","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":9542,"name":"Pavlo Shchelokovskyy","email":"pshchelokovskyy@mirantis.com","username":"pshchelo"},"change_message_id":"57b20fcd5cb47b6a3dfe7a1f1609afb2efc9cc73","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"59b4e21f_4ca415ab","updated":"2025-09-29 10:19:41.000000000","message":"@dejan.sanader@ovhcloud.com sure, be my guest 👍","commit_id":"6637a8b75602b7b59fe0663ac3ff00a8293b34da"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"5b62a9758c789bf5e096fdb0427b91634c21dc42","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"0409a61f_2517d769","updated":"2025-09-30 08:27:11.000000000","message":"recheck uwsgi failed build","commit_id":"6637a8b75602b7b59fe0663ac3ff00a8293b34da"}],"castellan/key_manager/barbican_key_manager.py":[{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"2b8868442d71639e0eae63123dfb434eece66a34","unresolved":true,"context_lines":[{"line_number":269,"context_line":"            client.orders.delete(order_ref)"},{"line_number":270,"context_line":"        except Exception:"},{"line_number":271,"context_line":"            LOG.warning(\"Failed to delete temporary order %s, \""},{"line_number":272,"context_line":"                        \"please ensure that Barbican policy allows \""},{"line_number":273,"context_line":"                        \"users who create orders to delete them \""},{"line_number":274,"context_line":"                        \"as well\", order_ref)"},{"line_number":275,"context_line":""},{"line_number":276,"context_line":"    def _delete_container(self, client, container_ref):"},{"line_number":277,"context_line":"        try:"}],"source_content_type":"text/x-python","patch_set":3,"id":"b20ff079_abe9df6a","line":274,"range":{"start_line":272,"start_character":0,"end_line":274,"end_character":33},"updated":"2024-02-20 09:42:32.000000000","message":"Can we log detail of the exception, at least str(err) ?\nAlso, this is supposed to work with the default policy then I tend to remove this detail and the exception detail should be enough (and more precise) to show the root cause.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"5b62a9758c789bf5e096fdb0427b91634c21dc42","unresolved":false,"context_lines":[{"line_number":269,"context_line":"            client.orders.delete(order_ref)"},{"line_number":270,"context_line":"        except Exception:"},{"line_number":271,"context_line":"            LOG.warning(\"Failed to delete temporary order %s, \""},{"line_number":272,"context_line":"                        \"please ensure that Barbican policy allows \""},{"line_number":273,"context_line":"                        \"users who create orders to delete them \""},{"line_number":274,"context_line":"                        \"as well\", order_ref)"},{"line_number":275,"context_line":""},{"line_number":276,"context_line":"    def _delete_container(self, client, container_ref):"},{"line_number":277,"context_line":"        try:"}],"source_content_type":"text/x-python","patch_set":3,"id":"d5a716d0_f49b711a","line":274,"range":{"start_line":272,"start_character":0,"end_line":274,"end_character":33},"in_reply_to":"b20ff079_abe9df6a","updated":"2025-09-30 08:27:11.000000000","message":"Acknowledged","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"2b8868442d71639e0eae63123dfb434eece66a34","unresolved":true,"context_lines":[{"line_number":277,"context_line":"        try:"},{"line_number":278,"context_line":"            client.containers.delete(container_ref)"},{"line_number":279,"context_line":"        except Exception:"},{"line_number":280,"context_line":"            LOG.warning(\"Failed to delete temporary container %s\","},{"line_number":281,"context_line":"                        container_ref)"},{"line_number":282,"context_line":""},{"line_number":283,"context_line":"    def create_key(self, context, algorithm, length,"}],"source_content_type":"text/x-python","patch_set":3,"id":"4cd385a9_7dbc1fae","line":280,"range":{"start_line":280,"start_character":16,"end_line":280,"end_character":23},"updated":"2024-02-20 09:42:32.000000000","message":"ditto. Please consider recording the exception detail","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"ee70b25f0aff070321b9238a53fefd8ec0e6734d","unresolved":true,"context_lines":[{"line_number":277,"context_line":"        try:"},{"line_number":278,"context_line":"            client.containers.delete(container_ref)"},{"line_number":279,"context_line":"        except Exception:"},{"line_number":280,"context_line":"            LOG.warning(\"Failed to delete temporary container %s\","},{"line_number":281,"context_line":"                        container_ref)"},{"line_number":282,"context_line":""},{"line_number":283,"context_line":"    def create_key(self, context, algorithm, length,"}],"source_content_type":"text/x-python","patch_set":3,"id":"a94cf225_abef8066","line":280,"range":{"start_line":280,"start_character":16,"end_line":280,"end_character":23},"in_reply_to":"4cd385a9_7dbc1fae","updated":"2025-09-29 08:50:33.000000000","message":"I\u0027ve changed LOG output to include the exception name.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"3addd763c40e2e00e10d5adad4b2b1b599f2e585","unresolved":false,"context_lines":[{"line_number":277,"context_line":"        try:"},{"line_number":278,"context_line":"            client.containers.delete(container_ref)"},{"line_number":279,"context_line":"        except Exception:"},{"line_number":280,"context_line":"            LOG.warning(\"Failed to delete temporary container %s\","},{"line_number":281,"context_line":"                        container_ref)"},{"line_number":282,"context_line":""},{"line_number":283,"context_line":"    def create_key(self, context, algorithm, length,"}],"source_content_type":"text/x-python","patch_set":3,"id":"bfea6b58_bebe4de8","line":280,"range":{"start_line":280,"start_character":16,"end_line":280,"end_character":23},"in_reply_to":"a94cf225_abef8066","updated":"2025-09-30 08:23:45.000000000","message":"Acknowledged","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"2b8868442d71639e0eae63123dfb434eece66a34","unresolved":true,"context_lines":[{"line_number":304,"context_line":"            order_ref \u003d key_order.submit()"},{"line_number":305,"context_line":"            order \u003d self._get_active_order(barbican_client, order_ref)"},{"line_number":306,"context_line":"            secret_ref \u003d self._retrieve_secret_uuid(order.secret_ref)"},{"line_number":307,"context_line":"            self._delete_order(barbican_client, order_ref)"},{"line_number":308,"context_line":"            return secret_ref"},{"line_number":309,"context_line":"        except (barbican_exceptions.HTTPAuthError,"},{"line_number":310,"context_line":"                barbican_exceptions.HTTPClientError,"}],"source_content_type":"text/x-python","patch_set":3,"id":"9104c57d_6c2f8369","line":307,"range":{"start_line":307,"start_character":17,"end_line":307,"end_character":30},"updated":"2024-02-20 09:42:32.000000000","message":"should we attempt this in finally ?","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"ee70b25f0aff070321b9238a53fefd8ec0e6734d","unresolved":true,"context_lines":[{"line_number":304,"context_line":"            order_ref \u003d key_order.submit()"},{"line_number":305,"context_line":"            order \u003d self._get_active_order(barbican_client, order_ref)"},{"line_number":306,"context_line":"            secret_ref \u003d self._retrieve_secret_uuid(order.secret_ref)"},{"line_number":307,"context_line":"            self._delete_order(barbican_client, order_ref)"},{"line_number":308,"context_line":"            return secret_ref"},{"line_number":309,"context_line":"        except (barbican_exceptions.HTTPAuthError,"},{"line_number":310,"context_line":"                barbican_exceptions.HTTPClientError,"}],"source_content_type":"text/x-python","patch_set":3,"id":"cd36e947_5b519afe","line":307,"range":{"start_line":307,"start_character":17,"end_line":307,"end_character":30},"in_reply_to":"9104c57d_6c2f8369","updated":"2025-09-29 08:50:33.000000000","message":"If there\u0027s an exception, most of the time `order_ref` nor `order` will be set. So I think `finally` is not really convenient here to do the cleanup, so I left that part as is.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"3addd763c40e2e00e10d5adad4b2b1b599f2e585","unresolved":false,"context_lines":[{"line_number":304,"context_line":"            order_ref \u003d key_order.submit()"},{"line_number":305,"context_line":"            order \u003d self._get_active_order(barbican_client, order_ref)"},{"line_number":306,"context_line":"            secret_ref \u003d self._retrieve_secret_uuid(order.secret_ref)"},{"line_number":307,"context_line":"            self._delete_order(barbican_client, order_ref)"},{"line_number":308,"context_line":"            return secret_ref"},{"line_number":309,"context_line":"        except (barbican_exceptions.HTTPAuthError,"},{"line_number":310,"context_line":"                barbican_exceptions.HTTPClientError,"}],"source_content_type":"text/x-python","patch_set":3,"id":"fc8772a9_5fa1fd29","line":307,"range":{"start_line":307,"start_character":17,"end_line":307,"end_character":30},"in_reply_to":"cd36e947_5b519afe","updated":"2025-09-30 08:23:45.000000000","message":"Acknowledged","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"0b81ee080acaeb856e223ec19b0092c8b2df48a8","unresolved":false,"context_lines":[{"line_number":304,"context_line":"            order_ref \u003d key_order.submit()"},{"line_number":305,"context_line":"            order \u003d self._get_active_order(barbican_client, order_ref)"},{"line_number":306,"context_line":"            secret_ref \u003d self._retrieve_secret_uuid(order.secret_ref)"},{"line_number":307,"context_line":"            self._delete_order(barbican_client, order_ref)"},{"line_number":308,"context_line":"            return secret_ref"},{"line_number":309,"context_line":"        except (barbican_exceptions.HTTPAuthError,"},{"line_number":310,"context_line":"                barbican_exceptions.HTTPClientError,"}],"source_content_type":"text/x-python","patch_set":3,"id":"f83dffda_720de115","line":307,"range":{"start_line":307,"start_character":17,"end_line":307,"end_character":30},"in_reply_to":"fc8772a9_5fa1fd29","updated":"2026-01-27 08:15:23.000000000","message":"We should probably split this try-except block to two parts so that the error at 306 306 does not leave the order. But I\u0027m ok to do that in follow-up.","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"2b8868442d71639e0eae63123dfb434eece66a34","unresolved":true,"context_lines":[{"line_number":343,"context_line":"                container.secret_refs[\u0027private_key\u0027])"},{"line_number":344,"context_line":"            public_key_uuid \u003d self._retrieve_secret_uuid("},{"line_number":345,"context_line":"                container.secret_refs[\u0027public_key\u0027])"},{"line_number":346,"context_line":"            self._delete_container(barbican_client, order.container_ref)"},{"line_number":347,"context_line":"            self._delete_order(barbican_client, order_ref)"},{"line_number":348,"context_line":"            return private_key_uuid, public_key_uuid"},{"line_number":349,"context_line":"        except (barbican_exceptions.HTTPAuthError,"}],"source_content_type":"text/x-python","patch_set":3,"id":"ca309577_855a8121","line":346,"range":{"start_line":346,"start_character":17,"end_line":346,"end_character":34},"updated":"2024-02-20 09:42:32.000000000","message":"ditto","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"},{"author":{"_account_id":38354,"name":"Dejan Sanader","email":"dejan.sanader@ovhcloud.com","username":"dsanader"},"change_message_id":"5b62a9758c789bf5e096fdb0427b91634c21dc42","unresolved":false,"context_lines":[{"line_number":343,"context_line":"                container.secret_refs[\u0027private_key\u0027])"},{"line_number":344,"context_line":"            public_key_uuid \u003d self._retrieve_secret_uuid("},{"line_number":345,"context_line":"                container.secret_refs[\u0027public_key\u0027])"},{"line_number":346,"context_line":"            self._delete_container(barbican_client, order.container_ref)"},{"line_number":347,"context_line":"            self._delete_order(barbican_client, order_ref)"},{"line_number":348,"context_line":"            return private_key_uuid, public_key_uuid"},{"line_number":349,"context_line":"        except (barbican_exceptions.HTTPAuthError,"}],"source_content_type":"text/x-python","patch_set":3,"id":"b5f89b5e_5162f714","line":346,"range":{"start_line":346,"start_character":17,"end_line":346,"end_character":34},"in_reply_to":"ca309577_855a8121","updated":"2025-09-30 08:27:11.000000000","message":"Acknowledged","commit_id":"b41dacb231ce660adfac1c77a9362334a668f429"}]}