From f79e857320e64db9fe345f46b55036b0a34948fd Mon Sep 17 00:00:00 2001
From: melanie witt <melwittt@gmail.com>
Date: Sat, 3 Feb 2024 21:12:56 +0000
Subject: [PATCH] Amend spec to use regular rst table instead of code block

Change-Id: I9be6902af17d957a0b5187087e76461cdf0dec94
---
 .../approved/ephemeral-storage-encryption.rst | 82 +++++++++----------
 1 file changed, 40 insertions(+), 42 deletions(-)

diff --git a/specs/2024.1/approved/ephemeral-storage-encryption.rst b/specs/2024.1/approved/ephemeral-storage-encryption.rst
index 0d157b7a0..d9fad8e68 100644
--- a/specs/2024.1/approved/ephemeral-storage-encryption.rst
+++ b/specs/2024.1/approved/ephemeral-storage-encryption.rst
@@ -144,48 +144,46 @@ one swap disk. Each disk will have its own secret.
 This table is intended to illustrate the way secrets are handled in various
 scenarios.
 
-.. code:: rst
-
-   +--------------------+-------------+--------------+------------------------------------------------------+
-   | Instance or Image  | Disk        | Secret       | Notes                                                |
-   |                    |             | (passphrase) |                                                      |
-   +====================+=============+==============+======================================================+
-   | Instance A         | disk (root) | Secret 1     | Secret 1, 2, and 3 will be automatically deleted     |
-   |                    +-------------+--------------+ by Nova when Instance A is deleted and its disks are |
-   |                    | disk.eph0   | Secret 2     | destroyed                                            |
-   |                    +-------------+--------------+                                                      |
-   |                    | disk.swap   | Secret 3     |                                                      |
-   +--------------------+-------------+--------------+------------------------------------------------------+
-   | Image Z (snapshot) | disk (root) | Secret 4     | Secret 4 will *not* be automatically deleted and     |
-   | created from       |             | (new secret  | manual deletion will be needed if/when Image Z is    |
-   | Instance A         |             |  is created) | deleted from Glance                                  |
-   +--------------------+-------------+--------------+------------------------------------------------------+
-   | Instance B         | disk (root) | Secret 5     | Secret 5, 6, and 7 will be automatically deleted     |
-   | created from       +-------------+--------------+ by Nova when Instance B is deleted and its disks are |
-   | Image Z (snapshot) | disk.eph0   | Secret 6     | destroyed                                            |
-   |                    +-------------+--------------+                                                      |
-   |                    | disk.swap   | Secret 7     |                                                      |
-   +--------------------+-------------+--------------+------------------------------------------------------+
-   | Instance C         | disk (root) | Secret 8     | Secret 8, 9, and 10 will be automatically deleted    |
-   |                    +-------------+--------------+ by Nova when Instance C is deleted and its disks are |
-   |                    | disk.eph0   | Secret 9     | destroyed                                            |
-   |                    +-------------+--------------+                                                      |
-   |                    | disk.swap   | Secret 10    |                                                      |
-   +--------------------+-------------+--------------+------------------------------------------------------+
-   | Image Y (snapshot) | disk (root) | Secret 8     | Secret 8 is *retained* when Instance C is shelved in |
-   | created by shelve  |             |              | part to prevent the possibility of a change in       |
-   | of Instance C      |             |              | ownership of the root disk secret if, for example,   |
-   |                    |             |              | an admin user shelves a non-admin user's instance.   |
-   |                    |             |              | This approach could be avoided if there is some way  |
-   |                    |             |              | we could create a new secret using the instance's    |
-   |                    |             |              | user/project rather than the shelver's user/project  |
-   +--------------------+-------------+--------------+------------------------------------------------------+
-   | Rescue disk        | disk (root) | Secret 11    | Secret 11 is stashed in the instance's system        |
-   | created by rescue  |             | (new secret  | metadata with key                                    |
-   | of Instance A      |             |  is created) | ``rescue_disk_ephemeral_encryption_secret_uuid``.    |
-   |                    |             |              | This is done because a BDM record for the rescue     |
-   |                    |             |              | disk is not going to be persisted to the database.   |
-   +--------------------+-------------+--------------+------------------------------------------------------+
++--------------------+-------------+--------------+------------------------------------------------------+
+| Instance or Image  | Disk        | Secret       | Notes                                                |
+|                    |             | (passphrase) |                                                      |
++====================+=============+==============+======================================================+
+| Instance A         | disk (root) | Secret 1     | Secret 1, 2, and 3 will be automatically deleted     |
+|                    +-------------+--------------+ by Nova when Instance A is deleted and its disks are |
+|                    | disk.eph0   | Secret 2     | destroyed                                            |
+|                    +-------------+--------------+                                                      |
+|                    | disk.swap   | Secret 3     |                                                      |
++--------------------+-------------+--------------+------------------------------------------------------+
+| Image Z (snapshot) | disk (root) | Secret 4     | Secret 4 will *not* be automatically deleted and     |
+| created from       |             | (new secret  | manual deletion will be needed if/when Image Z is    |
+| Instance A         |             | is created)  | deleted from Glance                                  |
++--------------------+-------------+--------------+------------------------------------------------------+
+| Instance B         | disk (root) | Secret 5     | Secret 5, 6, and 7 will be automatically deleted     |
+| created from       +-------------+--------------+ by Nova when Instance B is deleted and its disks are |
+| Image Z (snapshot) | disk.eph0   | Secret 6     | destroyed                                            |
+|                    +-------------+--------------+                                                      |
+|                    | disk.swap   | Secret 7     |                                                      |
++--------------------+-------------+--------------+------------------------------------------------------+
+| Instance C         | disk (root) | Secret 8     | Secret 8, 9, and 10 will be automatically deleted    |
+|                    +-------------+--------------+ by Nova when Instance C is deleted and its disks are |
+|                    | disk.eph0   | Secret 9     | destroyed                                            |
+|                    +-------------+--------------+                                                      |
+|                    | disk.swap   | Secret 10    |                                                      |
++--------------------+-------------+--------------+------------------------------------------------------+
+| Image Y (snapshot) | disk (root) | Secret 8     | Secret 8 is *retained* when Instance C is shelved in |
+| created by shelve  |             |              | part to prevent the possibility of a change in       |
+| of Instance C      |             |              | ownership of the root disk secret if, for example,   |
+|                    |             |              | an admin user shelves a non-admin user's instance.   |
+|                    |             |              | This approach could be avoided if there is some way  |
+|                    |             |              | we could create a new secret using the instance's    |
+|                    |             |              | user/project rather than the shelver's user/project  |
++--------------------+-------------+--------------+------------------------------------------------------+
+| Rescue disk        | disk (root) | Secret 11    | Secret 11 is stashed in the instance's system        |
+| created by rescue  |             | (new secret  | metadata with key                                    |
+| of Instance A      |             | is created)  | ``rescue_disk_ephemeral_encryption_secret_uuid``.    |
+|                    |             |              | This is done because a BDM record for the rescue     |
+|                    |             |              | disk is not going to be persisted to the database.   |
++--------------------+-------------+--------------+------------------------------------------------------+
 
 Snapshots of instances with ephemeral encryption
 ````````````````````````````````````````````````