From 9878169b31ab4fbadd35cd589bc0c1f417511e22 Mon Sep 17 00:00:00 2001
From: happystacker <jeanpierre.roquesalane@dell.com>
Date: Mon, 19 Sep 2022 08:55:24 +0200
Subject: [PATCH] Dell PowerFlex: Additionnal params for enabling self signed
 certificates

Initially before the change
https://review.opendev.org/c/openstack/os-brick/+/810419 was merged
to close the bug https://bugs.launchpad.net/os-brick/+bug/1929223,
verify_cert was always set to False which can lead to security issues.
It has been decided through this change that this option can be set
to True or False based upon security requirements. This change
introduced a regression failure as the value set to the option
is not part of connection_properties.

This patch adds additional params during initialization so that it
can be carried over os-brick and get adequate REST API response.

Closes-Bug: 1990136
Change-Id: I0d266a57f68221a3b1740a7376e152bb64cac729
(cherry picked from commit 82823ace4d714ac10427ea3c6fed320c27b56f7d)
(cherry picked from commit 8794f84e77435a4d86d0c08980fff18a80151dc2)
(cherry picked from commit be3c66ea47bc871cff3ac0ff1cf82c23d326d95f)
---
 cinder/volume/drivers/dell_emc/powerflex/driver.py     |  6 ++++++
 ...8136-self-signed-certificates-62e3cb444ab7ff2b.yaml | 10 ++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 releasenotes/notes/dell-powerflex-bugfix-1998136-self-signed-certificates-62e3cb444ab7ff2b.yaml

diff --git a/cinder/volume/drivers/dell_emc/powerflex/driver.py b/cinder/volume/drivers/dell_emc/powerflex/driver.py
index 0dc06ee63f9..df594493d1d 100644
--- a/cinder/volume/drivers/dell_emc/powerflex/driver.py
+++ b/cinder/volume/drivers/dell_emc/powerflex/driver.py
@@ -867,6 +867,12 @@ class PowerFlexDriver(driver.VolumeDriver):
         connection_properties["scaleIO_volume_id"] = vol_or_snap.provider_id
         connection_properties["config_group"] = self.configuration.config_group
         connection_properties["failed_over"] = self._is_failed_over
+        connection_properties["verify_certificate"] = (
+            self._get_client().verify_certificate
+        )
+        connection_properties["certificate_path"] = (
+            self._get_client().certificate_path
+        )
 
         if vol_size is not None:
             extra_specs = self._get_volumetype_extraspecs(vol_or_snap)
diff --git a/releasenotes/notes/dell-powerflex-bugfix-1998136-self-signed-certificates-62e3cb444ab7ff2b.yaml b/releasenotes/notes/dell-powerflex-bugfix-1998136-self-signed-certificates-62e3cb444ab7ff2b.yaml
new file mode 100644
index 00000000000..550390a893e
--- /dev/null
+++ b/releasenotes/notes/dell-powerflex-bugfix-1998136-self-signed-certificates-62e3cb444ab7ff2b.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+  - |
+    Dell PowerFlex driver `bug #1998136
+    <https://bugs.launchpad.net/cinder/+bug/1998136>`_:
+    When using self signed certificates, the option
+    sent to os-brick via the connection_properties was
+    not correctly handled. It has now been fixed by
+    adding the 'verify_certificate' and 'certificate_path'
+    to the driver when initializing the connection.