From 6b1285d38bfa3920f9b1426d6cd86e33a7e0612f Mon Sep 17 00:00:00 2001
From: Niels de Vos <ndevos@redhat.com>
Date: Tue, 26 Jan 2021 16:47:14 +0100
Subject: [PATCH] rbd: copy passphrase for encrypted clones

When a source volume is encrypted, the passphrase needs to be copied and
stored for the newly cloned volume.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
---
 internal/rbd/rbd_util.go | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/internal/rbd/rbd_util.go b/internal/rbd/rbd_util.go
index 2660a3ec9..8afc39c78 100644
--- a/internal/rbd/rbd_util.go
+++ b/internal/rbd/rbd_util.go
@@ -1079,6 +1079,29 @@ func (rv *rbdVolume) cloneRbdImageFromSnapshot(ctx context.Context, pSnapOpts *r
 		return fmt.Errorf("failed to create rbd clone: %w", err)
 	}
 
+	// delete the cloned image if a next step fails
+	deleteClone := true
+	defer func() {
+		if deleteClone {
+			err = librbd.RemoveImage(rv.ioctx, rv.RbdImageName)
+			if err != nil {
+				util.ErrorLog(ctx, "failed to delete temporary image %q: %v", rv.String(), err)
+			}
+		}
+	}()
+
+	if pSnapOpts.isEncrypted() {
+		pSnapOpts.conn = rv.conn.Copy()
+
+		err = pSnapOpts.copyEncryptionConfig(&rv.rbdImage)
+		if err != nil {
+			return fmt.Errorf("failed to clone encryption config: %w", err)
+		}
+	}
+
+	// Success! Do not delete the cloned image now :)
+	deleteClone = false
+
 	return nil
 }