Remove deprecated keymgr code

The keymgr code was deprecated for removal in Newton [1] and should now be removed. 1. Ief8885bb4ca8d62b03cf1a52c25dd0e62c835bfe Change-Id: I87926d6c95ac82b6f74c263c7441614f80348c1e
2017-09-22 12:57:20 +05:30 · 2017-09-22 12:57:20 +05:30 · ef2202b6ad
commit ef2202b6ad
parent ae7355c1f8
12 changed files with 44 additions and 79 deletions
--- a/cinder/api/contrib/volume_actions.py
+++ b/cinder/api/contrib/volume_actions.py
@ -13,6 +13,7 @@
 #   under the License.
 from castellan import key_manager
 from oslo_config import cfg
 import oslo_messaging as messaging
 from oslo_utils import encodeutils
@ -27,7 +28,6 @@ from cinder.api.openstack import wsgi
 from cinder import exception
 from cinder.i18n import _
 from cinder.image import image_utils
 from cinder import keymgr
 from cinder.policies import volume_actions as policy
 from cinder import utils
 from cinder import volume
@ -46,7 +46,7 @@ class VolumeActionsController(wsgi.Controller):
    def _key_manager(self):
        # Allows for lazy initialization of the key manager
        if self._key_mgr is None:
-            self._key_mgr = keymgr.API(CONF)
+            self._key_mgr = key_manager.API(CONF)
        return self._key_mgr
--- a/cinder/backup/driver.py
+++ b/cinder/backup/driver.py
@ -17,6 +17,7 @@
 import abc
 from castellan import key_manager
 from oslo_config import cfg
 from oslo_log import log as logging
 from oslo_serialization import jsonutils
@ -25,7 +26,6 @@ import six
 from cinder.db import base
 from cinder import exception
 from cinder.i18n import _
 from cinder import keymgr as key_manager
 service_opts = [
    cfg.IntOpt('backup_metadata_version', default=2,
@ -57,6 +57,14 @@ class BackupMetadataAPI(base.Base):
    def __init__(self, context, db=None):
        super(BackupMetadataAPI, self).__init__(db)
        self.context = context
        self._key_mgr = None
    @property
    def _key_manager(self):
        # Allows for lazy initialization of the key manager
        if self._key_mgr is None:
            self._key_mgr = key_manager.API(CONF)
        return self._key_mgr
    @staticmethod
    def _is_serializable(value):
@ -89,8 +97,10 @@ class BackupMetadataAPI(base.Base):
                    continue
                # Copy the encryption key UUID for backup
                if key is 'encryption_key_id' and value is not None:
-                    km = key_manager.API(CONF)
+                    value = self._key_manager.store(
-                    value = km.store(self.context, km.get(self.context, value))
+                        self.context,
                        self._key_manager.get(self.context, value)
                    )
                    LOG.debug("Copying encryption key UUID for backup.")
                container[type_tag][key] = value
--- a/cinder/keymgr/init.py
+++ b/cinder/keymgr/init.py
@ -13,17 +13,9 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 from castellan import key_manager
 from castellan import options as castellan_opts
 from oslo_config import cfg
 from oslo_log import log as logging
 LOG = logging.getLogger(__name__)
 CONF = cfg.CONF
 castellan_opts.set_defaults(CONF)
 def API(conf=CONF):
    return key_manager.API(conf)
--- a/cinder/tests/unit/backup/drivers/test_backup_driver_base.py
+++ b/cinder/tests/unit/backup/drivers/test_backup_driver_base.py
@ -23,7 +23,6 @@ from cinder.backup import driver
 from cinder import context
 from cinder import db
 from cinder import exception
 from cinder import keymgr as key_manager
 from cinder import objects
 from cinder import test
 from cinder.tests.unit.backup import fake_service
@ -287,7 +286,8 @@ class BackupMetadataAPITestCase(test.TestCase):
    def _create_encrypted_volume_db_entry(self, id, type_id, encrypted):
        if encrypted:
-            key_id = key_manager.API().key_id
+            key_id = self.bak_meta_api._key_manager.create_key(
                'context', algorithm='AES', length=256)
            vol = {'id': id, 'size': 1, 'status': 'available',
                   'volume_type_id': type_id, 'encryption_key_id': key_id}
        else:
--- a/cinder/tests/unit/conf_fixture.py
+++ b/cinder/tests/unit/conf_fixture.py
@ -27,7 +27,6 @@ CONF.import_opt('volume_driver', 'cinder.volume.manager',
                group=configuration.SHARED_CONF_GROUP)
 CONF.import_opt('backup_driver', 'cinder.backup.manager')
 CONF.import_opt('backend', 'cinder.keymgr', group='key_manager')
 CONF.import_opt('fixed_key', 'cinder.keymgr.conf_key_mgr', group='key_manager')
 CONF.import_opt('scheduler_driver', 'cinder.scheduler.manager')
 def_vol_type = 'fake_vol_type'
@ -46,9 +45,9 @@ def set_defaults(conf):
                     group='oslo_policy')
    conf.set_default('backup_driver', 'cinder.tests.unit.backup.fake_service')
    conf.set_default('backend',
-                     'cinder.keymgr.conf_key_mgr.ConfKeyManager',
+                     'castellan.tests.unit.key_manager.mock_key_manager.'
                     'MockKeyManager',
                     group='key_manager')
    conf.set_default('fixed_key', default='0' * 64, group='key_manager')
    conf.set_default('scheduler_driver',
                     'cinder.scheduler.filter_scheduler.FilterScheduler')
    conf.set_default('state_path', os.path.abspath(
--- a/cinder/tests/unit/keymgr/test_init.py
+++ b/cinder/tests/unit/keymgr/test_init.py
@ -1,52 +0,0 @@
 # Copyright (c) 2016 The Johns Hopkins University/Applied Physics Laboratory
 # All Rights Reserved.
 #
 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
 #    not use this file except in compliance with the License. You may obtain
 #    a copy of the License at
 #
 #         http://www.apache.org/licenses/LICENSE-2.0
 #
 #    Unless required by applicable law or agreed to in writing, software
 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 #    License for the specific language governing permissions and limitations
 #    under the License.
 from castellan.key_manager import barbican_key_manager
 from castellan import options as castellan_opts
 from oslo_config import cfg
 from cinder import keymgr
 from cinder import test
 class InitTestCase(test.TestCase):
    def setUp(self):
        super(InitTestCase, self).setUp()
        self.config = cfg.ConfigOpts()
        castellan_opts.set_defaults(self.config)
        self.config.set_default('backend',
                                'cinder.keymgr.conf_key_mgr.ConfKeyManager',
                                group='key_manager')
    def test_blank_config(self):
        kmgr = keymgr.API(self.config)
        self.assertEqual(type(kmgr), keymgr.conf_key_mgr.ConfKeyManager)
    def test_barbican_backend(self):
        self.config.set_override(
            'backend',
            'barbican',
            group='key_manager')
        kmgr = keymgr.API(self.config)
        self.assertEqual(type(kmgr), barbican_key_manager.BarbicanKeyManager)
    def test_set_conf_key_manager(self):
        self.config.set_override(
            'backend',
            'cinder.keymgr.conf_key_mgr.ConfKeyManager',
            group='key_manager')
        kmgr = keymgr.API(self.config)
        self.assertEqual(type(kmgr), keymgr.conf_key_mgr.ConfKeyManager)
--- a/cinder/tests/unit/test_volume_utils.py
+++ b/cinder/tests/unit/test_volume_utils.py
@ -21,6 +21,7 @@ import io
 import mock
 import six
 from castellan import key_manager
 import ddt
 from oslo_concurrency import processutils
 from oslo_config import cfg
@ -30,7 +31,6 @@ from cinder import context
 from cinder import db
 from cinder.db.sqlalchemy import models
 from cinder import exception
 from cinder import keymgr
 from cinder.objects import fields
 from cinder import test
 from cinder.tests.unit.backup import fake_backup
@ -993,9 +993,9 @@ class VolumeUtilsTestCase(test.TestCase):
            'backend',
            'cinder.keymgr.conf_key_mgr.ConfKeyManager',
            group='key_manager')
-        key_manager = keymgr.API()
+        km = key_manager.API()
        volume_utils.create_encryption_key(ctxt,
-                                           key_manager,
+                                           km,
                                           fake.VOLUME_TYPE_ID)
        is_encryption.assert_called_once_with(ctxt,
                                              fake.VOLUME_TYPE_ID)
--- a/cinder/tests/unit/volume/test_volume.py
+++ b/cinder/tests/unit/volume/test_volume.py
@ -20,6 +20,7 @@ import ddt
 import time
 import uuid
 from castellan import key_manager
 import enum
 import eventlet
 import mock
@ -34,7 +35,6 @@ from cinder import context
 from cinder import coordination
 from cinder import db
 from cinder import exception
 from cinder import keymgr as key_manager
 from cinder import objects
 from cinder.objects import fields
 import cinder.policy
--- a/cinder/utils.py
+++ b/cinder/utils.py
@ -37,6 +37,7 @@ import tempfile
 import time
 import types
 from castellan import key_manager
 from os_brick import encryptors
 from os_brick.initiator import connector
 from oslo_concurrency import lockutils
@ -54,7 +55,6 @@ import webob.exc
 from cinder import exception
 from cinder.i18n import _
 from cinder import keymgr
 CONF = cfg.CONF
@ -501,10 +501,10 @@ def brick_get_encryptor(connection_info, *args, **kwargs):
    """Wrapper to get a brick encryptor object."""
    root_helper = get_root_helper()
-    key_manager = keymgr.API(CONF)
+    km = key_manager.API(CONF)
    return encryptors.get_volume_encryptor(root_helper=root_helper,
                                           connection_info=connection_info,
-                                           keymgr=key_manager,
+                                           keymgr=km,
                                           *args, **kwargs)
--- a/cinder/volume/api.py
+++ b/cinder/volume/api.py
@ -20,6 +20,7 @@ import ast
 import collections
 import datetime
 from castellan import key_manager
 from oslo_config import cfg
 from oslo_log import log as logging
 from oslo_utils import excutils
@ -38,7 +39,6 @@ from cinder import flow_utils
 from cinder.i18n import _
 from cinder.image import cache as image_cache
 from cinder.image import glance
 from cinder import keymgr as key_manager
 from cinder import objects
 from cinder.objects import base as objects_base
 from cinder.objects import fields
--- a/cinder/volume/manager.py
+++ b/cinder/volume/manager.py
@ -39,6 +39,7 @@ intact.
 import requests
 import time
 from castellan import key_manager
 from oslo_config import cfg
 from oslo_log import log as logging
 import oslo_messaging as messaging
@ -64,7 +65,6 @@ from cinder.i18n import _
 from cinder.image import cache as image_cache
 from cinder.image import glance
 from cinder.image import image_utils
 from cinder import keymgr as key_manager
 from cinder import manager
 from cinder.message import api as message_api
 from cinder.message import message_field
--- a/releasenotes/notes/remove-deprecated-keymgr-d11a25c620862ed6.yaml
+++ b/releasenotes/notes/remove-deprecated-keymgr-d11a25c620862ed6.yaml
@ -0,0 +1,16 @@
 ---
 upgrade:
  - |
    The old deprecated ``keymgr`` options have been removed.
    Configuration options using the ``[keymgr]`` group will not be
    applied anymore. Use the ``[key_manager]`` group from Castellan instead.
    The Castellan ``backend`` options should also be used instead of
    ``api_class``, as most
    of the options that lived in Cinder have migrated to Castellan.
    - Instead of ``api_class`` option
      ``cinder.keymgr.barbican.BarbicanKeyManager``, use ``backend`` option
      `barbican``
    - ``cinder.keymgr.conf_key_mgr.ConfKeyManager`` still remains, but
      the ``fixed_key`` configuration options should be moved to the ``[key_manager]`` section