From 99da92cfd781b7a93116041f899400cfb6632936 Mon Sep 17 00:00:00 2001 From: Niels de Vos Date: Wed, 24 Mar 2021 09:54:57 +0100 Subject: [PATCH] rbd: move deletion of DEK to deleteImage() The ControllerServer should not need to care about support for encryption, ideally it is transparantly handled by the rbdVolume type and its internal API. Deleting the DEK was one of the last remainders that was explicitly done inside the ControllerServer. Signed-off-by: Niels de Vos --- internal/rbd/controllerserver.go | 6 ------ internal/rbd/rbd_util.go | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/internal/rbd/controllerserver.go b/internal/rbd/controllerserver.go index cf3d5c2ee..e8d7460aa 100644 --- a/internal/rbd/controllerserver.go +++ b/internal/rbd/controllerserver.go @@ -690,12 +690,6 @@ func (cs *ControllerServer) DeleteVolume(ctx context.Context, req *csi.DeleteVol return nil, status.Error(codes.Internal, err.Error()) } - if rbdVol.isEncrypted() { - if err = rbdVol.encryption.RemoveDEK(rbdVol.VolID); err != nil { - util.WarningLog(ctx, "failed to clean the passphrase for volume %s: %s", rbdVol.VolID, err) - } - } - return &csi.DeleteVolumeResponse{}, nil } diff --git a/internal/rbd/rbd_util.go b/internal/rbd/rbd_util.go index b0ff5a16a..eef2bba1f 100644 --- a/internal/rbd/rbd_util.go +++ b/internal/rbd/rbd_util.go @@ -475,6 +475,12 @@ func deleteImage(ctx context.Context, pOpts *rbdVolume, cr *util.Credentials) er util.DebugLog(ctx, "rbd: delete %s using mon %s, pool %s", image, pOpts.Monitors, pOpts.Pool) + if pOpts.isEncrypted() { + if err = pOpts.encryption.RemoveDEK(pOpts.VolID); err != nil { + util.WarningLog(ctx, "failed to clean the passphrase for volume %s: %s", pOpts.VolID, err) + } + } + err = pOpts.openIoctx() if err != nil { return err