Fix rekeying volume with legacy encryption provider
Update volume_utils.check_encryption_provider() so it translates a legacy provider class in the encryption dict it returns. For example, if the volume's encryption metadata specifies "nova.volume.encryptors.luks.LuksEncryptor" for the provider, the function will a dict with "luks" as the provider. Closes-Bug: #1886689 Change-Id: I172dab1641207849fdd6a9848ac7573cba236a8b
This commit is contained in:
parent
a323a026f4
commit
1788a9a715
|
@ -1188,6 +1188,7 @@ class VolumeUtilsTestCase(test.TestCase):
|
||||||
volume,
|
volume,
|
||||||
mock.sentinel.context)
|
mock.sentinel.context)
|
||||||
self.assertEqual('aes-xts-plain64', ret['cipher'])
|
self.assertEqual('aes-xts-plain64', ret['cipher'])
|
||||||
|
self.assertEqual('luks', ret['provider'])
|
||||||
|
|
||||||
def test_check_encryption_provider_invalid(self):
|
def test_check_encryption_provider_invalid(self):
|
||||||
encryption_metadata = {'cipher': 'aes-xts-plain64',
|
encryption_metadata = {'cipher': 'aes-xts-plain64',
|
||||||
|
|
|
@ -1202,6 +1202,7 @@ def check_encryption_provider(db, volume, context):
|
||||||
provider = encryption['provider']
|
provider = encryption['provider']
|
||||||
if provider in encryptors.LEGACY_PROVIDER_CLASS_TO_FORMAT_MAP:
|
if provider in encryptors.LEGACY_PROVIDER_CLASS_TO_FORMAT_MAP:
|
||||||
provider = encryptors.LEGACY_PROVIDER_CLASS_TO_FORMAT_MAP[provider]
|
provider = encryptors.LEGACY_PROVIDER_CLASS_TO_FORMAT_MAP[provider]
|
||||||
|
encryption['provider'] = provider
|
||||||
if provider != encryptors.LUKS:
|
if provider != encryptors.LUKS:
|
||||||
message = _("Provider %s not supported.") % provider
|
message = _("Provider %s not supported.") % provider
|
||||||
raise exception.VolumeDriverException(message=message)
|
raise exception.VolumeDriverException(message=message)
|
||||||
|
|
Loading…
Reference in New Issue