From c06d82563526c715d3ed508fa3cc5f9dc0963294 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexander=20Gr=C3=A4b?= <alexander.graeb@secustack.com>
Date: Tue, 7 Jul 2020 11:04:33 +0200
Subject: [PATCH] Fix uploading an signed image does not work if private
 signing key is encrypted

Change-Id: Ia7c84aa7b840bf92aeb7db7246d14119eb727b03
Story: 2007890
Task: 40269
---
 openstackclient/image/v2/image.py                          | 6 ++++++
 releasenotes/notes/fix-story-2007890-0974f3e69f26801e.yaml | 7 +++++++
 2 files changed, 13 insertions(+)
 create mode 100644 releasenotes/notes/fix-story-2007890-0974f3e69f26801e.yaml

diff --git a/openstackclient/image/v2/image.py b/openstackclient/image/v2/image.py
index 53ce560dcd..50a64d4cd4 100644
--- a/openstackclient/image/v2/image.py
+++ b/openstackclient/image/v2/image.py
@@ -429,8 +429,14 @@ class CreateImage(command.ShowOne):
                         prompt=("Please enter private key password, leave "
                                 "empty if none: "),
                         confirm=False)
+
                     if not pw or len(pw) < 1:
                         pw = None
+                    else:
+                        # load_private_key() requires the password to be
+                        # passed as bytes
+                        pw = pw.encode()
+
                     signer.load_private_key(
                         sign_key_path,
                         password=pw)
diff --git a/releasenotes/notes/fix-story-2007890-0974f3e69f26801e.yaml b/releasenotes/notes/fix-story-2007890-0974f3e69f26801e.yaml
new file mode 100644
index 0000000000..87d6f18bae
--- /dev/null
+++ b/releasenotes/notes/fix-story-2007890-0974f3e69f26801e.yaml
@@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    While uploading a signed image, a private key to sign that image must be
+    specified. The CLI client asks for the password of that private key. Due
+    to wrong encoding handling while using Python 3, the password is not
+    accepted, whether it is correct or not.