From 29782bf377907e5d1e9413a0f148e1cc7f77693b Mon Sep 17 00:00:00 2001
From: Yug Gupta <yuggupta27@gmail.com>
Date: Mon, 3 Jan 2022 21:47:34 +0530
Subject: [PATCH] rbd: implement UnfenceClusterNetwork

implement UnfenceClusterNetwork grpc call
which allows to unblock the access to a
CIDR block by removing it from network fence.

Signed-off-by: Yug Gupta <yuggupta27@gmail.com>
---
 internal/csi-addons/rbd/network_fence.go | 28 ++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/internal/csi-addons/rbd/network_fence.go b/internal/csi-addons/rbd/network_fence.go
index c88e64846..a06347784 100644
--- a/internal/csi-addons/rbd/network_fence.go
+++ b/internal/csi-addons/rbd/network_fence.go
@@ -84,3 +84,31 @@ func (fcs *FenceControllerServer) FenceClusterNetwork(
 
 	return &fence.FenceClusterNetworkResponse{}, nil
 }
+
+// UnfenceClusterNetwork unblocks the access to a CIDR block by removing the network fence.
+func (fcs *FenceControllerServer) UnfenceClusterNetwork(
+	ctx context.Context,
+	req *fence.UnfenceClusterNetworkRequest) (*fence.UnfenceClusterNetworkResponse, error) {
+	err := validateNetworkFenceReq(req.GetCidrs(), req.Parameters)
+	if err != nil {
+		return nil, status.Error(codes.InvalidArgument, err.Error())
+	}
+
+	cr, err := util.NewUserCredentials(req.GetSecrets())
+	if err != nil {
+		return nil, status.Error(codes.InvalidArgument, err.Error())
+	}
+	defer cr.DeleteCredentials()
+
+	nwFence, err := nf.NewNetworkFence(ctx, cr, req.Cidrs, req.GetParameters())
+	if err != nil {
+		return nil, status.Error(codes.Internal, err.Error())
+	}
+
+	err = nwFence.RemoveNetworkFence(ctx)
+	if err != nil {
+		return nil, status.Errorf(codes.Internal, "failed to unfence CIDR block %q: %s", nwFence.Cidr, err.Error())
+	}
+
+	return &fence.UnfenceClusterNetworkResponse{}, nil
+}