From 99c7a3679f2bf49de0417c381826c32d8778dad6 Mon Sep 17 00:00:00 2001 From: Kaitlin Farr Date: Fri, 30 Aug 2013 15:38:38 -0400 Subject: [PATCH] Fixes bug to allow for encrypted volume deletion delete_key in cinder/volume/api.py was called with incorrect parameters. The error prevented encrypted volumes from being deleted, but the fix has been applied and unittests written to prove the functionality. Change-Id: I3b93da84f97efe2a3afa057907bbfa10336eb9de Implements: blueprint encrypt-cinder-volumes --- cinder/tests/test_volume.py | 40 +++++++++++++++++++++++++++++++++++++ cinder/volume/api.py | 2 +- 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/cinder/tests/test_volume.py b/cinder/tests/test_volume.py index 36fd16535..9aa77de47 100644 --- a/cinder/tests/test_volume.py +++ b/cinder/tests/test_volume.py @@ -322,6 +322,46 @@ class VolumeTestCase(BaseVolumeTestCase): self.assertEquals(volume['volume_type_id'], db_vol_type.get('id')) self.assertIsNotNone(volume['encryption_key_id']) + def test_create_delete_volume_with_encrypted_volume_type(self): + self.stubs.Set(keymgr, "API", fake_keymgr.fake_api) + + ctxt = context.get_admin_context() + + db.volume_type_create(ctxt, + {'id': '61298380-0c12-11e3-bfd6-4b48424183be', + 'name': 'LUKS'}) + db.volume_type_encryption_update_or_create( + ctxt, + '61298380-0c12-11e3-bfd6-4b48424183be', + {'control_location': 'front-end', 'provider': ENCRYPTION_PROVIDER}) + + volume_api = cinder.volume.api.API() + + db_vol_type = db.volume_type_get_by_name(ctxt, 'LUKS') + + volume = volume_api.create(self.context, + 1, + 'name', + 'description', + volume_type=db_vol_type) + + self.assertIsNotNone(volume.get('encryption_key_id', None)) + self.assertEquals(volume['volume_type_id'], db_vol_type.get('id')) + self.assertIsNotNone(volume['encryption_key_id']) + + volume['host'] = 'fake_host' + volume['status'] = 'available' + volume_api.delete(self.context, volume) + + volume = db.volume_get(self.context, volume['id']) + self.assertEquals('deleting', volume['status']) + + db.volume_destroy(self.context, volume['id']) + self.assertRaises(exception.NotFound, + db.volume_get, + self.context, + volume['id']) + def test_delete_busy_volume(self): """Test volume survives deletion if driver reports it as busy.""" volume = self._create_volume() diff --git a/cinder/volume/api.py b/cinder/volume/api.py index b07abf308..51587fffc 100644 --- a/cinder/volume/api.py +++ b/cinder/volume/api.py @@ -236,7 +236,7 @@ class API(base.Base): # because the volume cannot be decrypted without its key. encryption_key_id = volume.get('encryption_key_id', None) if encryption_key_id is not None: - self.key_manager.delete_key(encryption_key_id) + self.key_manager.delete_key(context, encryption_key_id) now = timeutils.utcnow() self.db.volume_update(context, volume_id, {'status': 'deleting', -- 2.45.2