A new microversion 3.70 adds the ability to transfer a volume's
encryption key when transferring a volume to another project.
When the volume transfer is initiated, the volume's encryption
secret is essentially transferred to the cinder service.
- The cinder service creates a new encryption_key_id that contains
a copy of the volume's encryption secret.
- The volume (and its snapshots) is updated with the new
encryption_key_id (the one owned by the cinder service).
- The volume's original encryption_key_id (owned by the volume's
owner) is deleted.
When the transfer is accepted, the secret is transferred to the
user accepting the transfer.
- A new encryption_key_id is generated on behalf of the new user
that contains a copy of the volume's encryption secret.
- The volume (and its snapshots) is updated with the new
encryption_key_id (the one owned by the user).
- The intermediate encryption_key_id owned by the cinder service
is deleted.
When a transfer is cancelled (deleted), the same process is used
to transfer ownship back to the user that cancelled the transfer.
Implements: blueprint transfer-encrypted-volume
Change-Id: I459f06504e90025c9c0b539981d3d56a2a9394c7
Add a "mypy" tox environment which runs mypy
type checking against Cinder code.
Taken from Stephen Finucane's Nova work at
https://review.opendev.org/#/c/676208/
Added "show_error_codes" and "pretty" options.
Generates an html report in ./mypy-report/
This adds stubs for oslo.i18n, so that _() calls
are annotated as intended. It may be possible to
do this with less .pyi files carried along here.
Change-Id: I2589d22c1f16f2e177d34730a520591743c0c1e3
