Address some review comments

Signed-off-by: pault84 <[email protected]>
portworx · Jun 15, 2021 · 1650948 · 1650948
1 parent 7c44a47
commit 1650948
Showing 1 changed file with 23 additions and 32 deletions.
diff --git a/cmd/3ncryptor/3ncryptor.go b/cmd/3ncryptor/3ncryptor.go
@@ -26,16 +26,14 @@ var (
 	dryRun           bool
 	includeEncrypted bool
 	volume_ids       string
-	secret           string
+	enc_secret       string
 )
 
-// listVolumes list all volumes in provided namespace
 func listVolumes(namespace string) ([]*api.Volume, error) {
 	vd := sdk.GetVolumeDriver()
 	return vd.Enumerate(&api.VolumeLocator{VolumeLabels: map[string]string{"namespace": namespace}}, nil)
 }
 
-// listVols list all volumes in provided namespace
 func inspectVolumes(volumeIds []string) ([]*api.Volume, error) {
 	vd := sdk.GetVolumeDriver()
 	return vd.Inspect(volumeIds)
@@ -59,30 +57,17 @@ func getSnapshot(vol *api.Volume) (*api.Volume, error) {
 func attachVol(vol *api.Volume, options map[string]string) error {
 	vd := sdk.GetVolumeDriver()
 	_, err := vd.Attach(vol.Id, options)
-	if err != nil {
-		return err
-	}
-
-	return nil
+	return err
 }
 
 func detachVol(vol *api.Volume, secret string) error {
 	vd := sdk.GetVolumeDriver()
-	if err := vd.Detach(vol.Id, map[string]string{options.OptionsUnmountBeforeDetach: "true"}); err != nil {
-		return err
-	}
-
-	return nil
+	return vd.Detach(vol.Id, map[string]string{options.OptionsUnmountBeforeDetach: "true"})
 }
 
 func mountVol(vol *api.Volume, path string, secret string) error {
 	vd := sdk.GetVolumeDriver()
-	err := vd.Mount(vol.Id, path, nil)
-	if err != nil {
-		return err
-	}
-
-	return nil
+	return vd.Mount(vol.Id, path, nil)
 }
 
 func createVol(locator *api.VolumeLocator, spec *api.VolumeSpec) (*api.Volume, error) {
@@ -162,8 +147,7 @@ func deleteVol(vol *api.Volume) error {
 
 func rsyncVol(src string, dest string) error {
 	cmd := exec.Command("rsync", "-actv", src, dest)
-	err := cmd.Run()
-	return err
+	return cmd.Run()
 }
 
 func rollBack(snapVol, encVol *api.Volume, origVolName string) error {
@@ -191,8 +175,8 @@ func main() {
 
 func NewCommand() *cobra.Command {
 	cmds := &cobra.Command{
-		Use:   "restic_executor",
-		Short: "a command executor for long running restic commands",
+		Use:   "encryptor",
+		Short: "Encryptor tool for unencrypted portworx volumes",
 	}
 
 	cmds.PersistentFlags().StringVarP(&namespace, "namespace", "n", "", "Namespace for this command")
@@ -335,7 +319,7 @@ func newRollbackCommand() *cobra.Command {
 				logrus.Infof("Rolling back volume: %v", origVolName)
 
 				snapVol = nil
-				if !vol.IsSnapshot() {
+				if !strings.Contains("-encryptorsnap", vol.Locator.Name) && !strings.Contains("-encrypted", vol.Locator.Name) {
 					snaps, err := inspectVolumes([]string{origVolName + "-encryptorsnap"})
 					if err != nil {
 						logrus.Errorf("Failed to find the encryptor snap for %v", origVolName)
@@ -419,6 +403,13 @@ func newEncryptCommand() *cobra.Command {
 				}
 			}
 
+			for _, vol := range volumes {
+				if vol.AttachedOn != "" {
+					logrus.Errorf("volume %v is attached, please make sure your apps are scaled down.")
+					return
+				}
+			}
+
 			for _, vol := range volumes {
 				var (
 					encVol, snapVol *api.Volume
@@ -443,7 +434,7 @@ func newEncryptCommand() *cobra.Command {
 				}
 
 				newSpec := vol.Spec
-				newSpec.Passphrase = secret
+				newSpec.Passphrase = enc_secret
 
 				if !dryRun {
 					encVol, err = createVol(locator, newSpec)
@@ -455,15 +446,15 @@ func newEncryptCommand() *cobra.Command {
 
 				logrus.Infof("Attaching snapshot: %v", snapVol.Locator.Name)
 				if !dryRun {
-					if err := attachVol(snapVol, map[string]string{options.OptionsSecret: secret}); err != nil {
+					if err := attachVol(snapVol, map[string]string{options.OptionsSecret: enc_secret}); err != nil {
 						logrus.Errorf("attachVol failed to attach snapshot %v with: %v", snapVol.Locator.Name, err)
 						return
 					}
 				}
 
 				logrus.Infof("Attaching encrypted volume: %v", encVol.Locator.Name)
 				if !dryRun {
-					if err := attachVol(encVol, map[string]string{options.OptionsSecret: secret}); err != nil {
+					if err := attachVol(encVol, map[string]string{options.OptionsSecret: enc_secret}); err != nil {
 						logrus.Errorf("attachVol failed to attach encrypted vol %v with: %v", encVol.Locator.Name, err)
 						return
 					}
@@ -480,7 +471,7 @@ func newEncryptCommand() *cobra.Command {
 
 				logrus.Infof("Mounting snapshot: %v at %v", snapVol.Locator.Name, dir)
 				if !dryRun {
-					if err := mountVol(snapVol, dir, secret); err != nil {
+					if err := mountVol(snapVol, dir, enc_secret); err != nil {
 						logrus.Errorf("mountVol failed to mount snapshot %v with: %v", snapVol.Locator.Name, err)
 						return
 					}
@@ -497,7 +488,7 @@ func newEncryptCommand() *cobra.Command {
 
 				logrus.Infof("Mounting volume: %v at %v", vol.Locator.Name, encDir)
 				if !dryRun {
-					if err := mountVol(encVol, encDir, secret); err != nil {
+					if err := mountVol(encVol, encDir, enc_secret); err != nil {
 						logrus.Errorf("mountVol failed to mount encrypted vol %v with: %v", encVol.Locator.Name, err)
 						return
 					}
@@ -513,15 +504,15 @@ func newEncryptCommand() *cobra.Command {
 
 				logrus.Infof("Detaching and unmounting snapshot: %v", snapVol.Locator.Name)
 				if !dryRun {
-					if err := detachVol(snapVol, secret); err != nil {
+					if err := detachVol(snapVol, enc_secret); err != nil {
 						logrus.Errorf("detachVol failed to detach and unmount snapshot %v with: %v", snapVol.Locator.Name, err)
 						return
 					}
 				}
 
 				logrus.Infof("Detaching and unmounting encrypted volume: %v", encVol.Locator.Name)
 				if !dryRun {
-					if err := detachVol(encVol, secret); err != nil {
+					if err := detachVol(encVol, enc_secret); err != nil {
 						logrus.Errorf("detachVol failed to detach and unmount encrypted volume %v with: %v", encVol.Locator.Name, err)
 						return
 					}
@@ -554,7 +545,7 @@ func newEncryptCommand() *cobra.Command {
 		},
 	}
 	encCommand.PersistentFlags().StringVarP(&volume_ids, "volume_ids", "v", "", "if provided, will use volume id instead of namespace")
-	encCommand.PersistentFlags().StringVarP(&secret, "secret", "s", "", "(required) secretstore password")
+	encCommand.PersistentFlags().StringVarP(&enc_secret, "enc_secret", "s", "", "(required) encryption secret")
 	encCommand.PersistentFlags().BoolVarP(&dryRun, "dryrun", "d", false, "if true, will dry-run operations")
 	encCommand.PersistentFlags().BoolVarP(&includeEncrypted, "include_encrypted", "i", false, "if true, will include secure volumes for re-encryption")
 	return encCommand