Encryption key is not deleted on encrypted volume creation revert (volume quota exceeded for example)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Cinder |
In Progress
|
High
|
Unassigned | ||
Bug Description
If an encrypted volume fails to create -on volume quota exceeded for project for example- the encryption key that was created is not deleted. Project ends up with an orphaned key that has to be manually cleaned up.
To reproduce the issue on a given openstack project:
- set 'volumes' quota to 0 or to the number of volumes already present on the project
- check the number of encryption keys/secrets
- create an encrypted volume
- wait for error "VolumeLimitExc
- check out again the number of keys on the project - should be +1 compared to previous check
- you can also verify in cinder database that you can't find any volume with 'encryption_
| summary: |
Encryption key is not deleted on encrypted volume creation revert - (volume quota exceeded for instance) + (volume quota exceeded for example) |
| Changed in cinder: | |
| importance: | Undecided → High |

Fix proposed to branch: master /review. opendev. org/c/openstack /cinder/ +/975303
Review: https:/