Block attempts to transfer encrypted volumes

Block attempts to transfer encrypted volumes until [1] gets resolved. [1] documents the fact that encryption keys are not properly transferred to the new volume owner. Resolving this will be tricky because Key Managers such as Barbican currently provide no API for transferring ownership, and Key Manager ACLs are insufficient because they don't allow the new volume owner to delete the key. [1] https://bugs.launchpad.net/cinder/+bug/1735285 Related-Bug: #1735285 Change-Id: I5dbeb46adc9da1fce6359a96b981aa8d673d50c4
2018-01-04 16:26:25 +00:00 · 2018-01-04 16:26:25 +00:00 · 04d7e2d80d
parent 5419ca908c
commit 04d7e2d80d
2 changed files with 14 additions and 0 deletions
--- a/cinder/tests/unit/test_volume_transfer.py
+++ b/cinder/tests/unit/test_volume_transfer.py
@ -17,6 +17,7 @@ import mock
 from oslo_utils import timeutils

 from cinder import context
+from cinder import db
 from cinder import exception
 from cinder import objects
 from cinder import quota
@ -68,6 +69,16 @@ class VolumeTransferTestCase(test.TestCase):
        volume = objects.Volume.get_by_id(self.ctxt, volume.id)
        self.assertEqual('in-use', volume['status'], 'Unexpected state')

+    def test_transfer_invalid_encrypted_volume(self):
+        tx_api = transfer_api.API()
+        volume = utils.create_volume(self.ctxt, updated_at=self.updated_at)
+        db.volume_update(self.ctxt,
+                         volume.id,
+                         {'encryption_key_id': fake.ENCRYPTION_KEY_ID})
+        self.assertRaises(exception.InvalidVolume,
+                          tx_api.create,
+                          self.ctxt, volume.id, 'Description')
+
    @mock.patch('cinder.volume.utils.notify_about_volume_usage')
    def test_transfer_accept_invalid_authkey(self, mock_notify):
        svc = self.start_service('volume', host='test_host')
--- a/cinder/transfer/api.py
+++ b/cinder/transfer/api.py
@ -120,6 +120,9 @@ class API(base.Base):
        volume_ref = self.db.volume_get(context, volume_id)
        if volume_ref['status'] != "available":
            raise exception.InvalidVolume(reason=_("status must be available"))
+        if volume_ref['encryption_key_id'] is not None:
+            raise exception.InvalidVolume(
+                reason=_("transferring encrypted volume is not supported"))

        volume_utils.notify_about_volume_usage(context, volume_ref,
                                               "transfer.create.start")