Merge "Fix handling of 'cinder_encryption_key_id' image metadata" into stable/pike

cinder/image/glance.py

@@ -437,6 +437,11 @@ class GlanceImageService(object):
                           if self._image_schema.is_base_property(key) is True
                           and key != 'schema'}
 
+            # Process 'cinder_encryption_key_id' as a metadata key
+            if 'cinder_encryption_key_id' in image.keys():
+                image_meta['cinder_encryption_key_id'] = \
+                    image['cinder_encryption_key_id']
+
             # NOTE(aarefiev): nova is expected that all image properties
             # (custom or defined in schema-image.json) stores in
             # 'properties' key.
@@ -549,7 +554,8 @@ def _extract_attributes(image):
                         'container_format', 'status', 'id',
                         'name', 'created_at', 'updated_at',
                         'deleted', 'deleted_at', 'checksum',
-                        'min_disk', 'min_ram', 'protected']
+                        'min_disk', 'min_ram', 'protected',
+                        'cinder_encryption_key_id']
     if CONF.glance_api_version == 2:
         IMAGE_ATTRIBUTES.append('visibility')
     else:

cinder/tests/unit/image/test_glance.py

@@ -718,6 +718,7 @@ class TestGlanceImageService(test.TestCase):
             'properties': {},
             'owner': None,
             'visibility': None,
+            'cinder_encryption_key_id': None
         }
         self.assertEqual(expected, actual)
 

cinder/tests/unit/volume/flows/test_create_volume_flow.py

@@ -926,7 +926,8 @@ class CreateVolumeFlowManagerTestCase(test.TestCase):
                                         image_meta, fake_image_service)
 
         fake_driver.create_volume.assert_called_once_with(volume)
-        fake_driver.copy_image_to_encrypted_volume.assert_called_once_with(
+        fake_driver.copy_image_to_encrypted_volume.assert_not_called()
+        fake_driver.copy_image_to_volume.assert_called_once_with(
             self.ctxt, volume, fake_image_service, image_id)
         mock_handle_bootable.assert_called_once_with(self.ctxt, volume,
                                                      image_id=image_id,

cinder/volume/flows/manager/create_volume.py

@@ -535,9 +535,7 @@ class CreateVolumeFromSpecTask(flow_utils.CinderTask):
                   {'image_id': image_id, 'volume_id': volume.id,
                    'image_location': image_location})
         try:
-            image_properties = image_meta.get('properties', {})
-            image_encryption_key = image_properties.get(
-                'cinder_encryption_key_id')
+            image_encryption_key = image_meta.get('cinder_encryption_key_id')
 
             if volume.encryption_key_id and image_encryption_key:
                 # If the image provided an encryption key, we have