diff --git a/internal/csi-addons/rbd/encryptionkeyrotation.go b/internal/csi-addons/rbd/encryptionkeyrotation.go index b45ce4468..27c85f6aa 100644 --- a/internal/csi-addons/rbd/encryptionkeyrotation.go +++ b/internal/csi-addons/rbd/encryptionkeyrotation.go @@ -32,11 +32,15 @@ import ( type EncryptionKeyRotationServer struct { *ekr.UnimplementedEncryptionKeyRotationControllerServer + driver string volLock *util.VolumeLocks } -func NewEncryptionKeyRotationServer(volLock *util.VolumeLocks) *EncryptionKeyRotationServer { - return &EncryptionKeyRotationServer{volLock: volLock} +func NewEncryptionKeyRotationServer(driver string, volLock *util.VolumeLocks) *EncryptionKeyRotationServer { + return &EncryptionKeyRotationServer{ + driver: driver, + volLock: volLock, + } } func (ekrs *EncryptionKeyRotationServer) RegisterService(svc grpc.ServiceRegistrar) { @@ -58,15 +62,10 @@ func (ekrs *EncryptionKeyRotationServer) EncryptionKeyRotate( } defer ekrs.volLock.Release(volID) - // Get the credentials required to authenticate - // against a ceph cluster - creds, err := util.NewUserCredentials(req.GetSecrets()) - if err != nil { - return nil, status.Error(codes.Internal, err.Error()) - } - defer creds.DeleteCredentials() + mgr := rbd.NewManager(ekrs.driver, nil, req.GetSecrets()) + defer mgr.Destroy(ctx) - rbdVol, err := rbd.GenVolFromVolID(ctx, volID, creds, req.GetSecrets()) + rbdVol, err := mgr.GetVolumeByID(ctx, volID) if err != nil { switch { case errors.Is(err, rbd.ErrImageNotFound): diff --git a/internal/rbd/driver/driver.go b/internal/rbd/driver/driver.go index 98b9ca401..8afaa55f8 100644 --- a/internal/rbd/driver/driver.go +++ b/internal/rbd/driver/driver.go @@ -249,7 +249,7 @@ func (r *Driver) setupCSIAddonsServer(conf *util.Config) error { rs := casrbd.NewReclaimSpaceNodeServer(r.ns.VolumeLocks) r.cas.RegisterService(rs) - ekr := casrbd.NewEncryptionKeyRotationServer(r.ns.VolumeLocks) + ekr := casrbd.NewEncryptionKeyRotationServer(conf.InstanceID, r.ns.VolumeLocks) r.cas.RegisterService(ekr) }