From e0e201c9a9c884924bc81c43de8e6c59816c91e3 Mon Sep 17 00:00:00 2001
From: "Amy Marrich (spotz)" <amy@demarco.com>
Date: Tue, 25 Apr 2017 23:27:39 -0500
Subject: [PATCH] Volume Type Encryption added to v2 api-ref

Added volume type encryption sections to volumes v2 types and
added related parameters to parameters file.

Appropriate sample files added.

Had to add for v2 to several headings to pass tox/gates

Change-Id: I7a35551c4ebd345ce2d6c42217015b29c324d96c
Closes-Bug: #1679736
---
 api-ref/source/v2/parameters.yaml             |  84 ++++++++
 .../encryption-type-create-request.json       |   8 +
 .../encryption-type-create-response.json      |  10 +
 .../encryption-type-show-response.json        |  12 ++
 .../encryption-type-update-request.json       |   7 +
 .../encryption-type-update-response.json      |   7 +
 api-ref/source/v2/volumes-v2-types.inc        | 183 +++++++++++++++++-
 7 files changed, 305 insertions(+), 6 deletions(-)
 create mode 100644 api-ref/source/v2/samples/encryption-type-create-request.json
 create mode 100644 api-ref/source/v2/samples/encryption-type-create-response.json
 create mode 100644 api-ref/source/v2/samples/encryption-type-show-response.json
 create mode 100644 api-ref/source/v2/samples/encryption-type-update-request.json
 create mode 100644 api-ref/source/v2/samples/encryption-type-update-response.json

diff --git a/api-ref/source/v2/parameters.yaml b/api-ref/source/v2/parameters.yaml
index e0586d35de6..61c2d2e7668 100644
--- a/api-ref/source/v2/parameters.yaml
+++ b/api-ref/source/v2/parameters.yaml
@@ -31,6 +31,12 @@ consistencygroup_id_2:
   in: path
   required: false
   type: string
+encryption_id:
+  description: |
+    The ID of the encryption type.
+  in: path
+  required: true
+  type: string
 force_3:
   description: |
     To delete a QoS specification even if it is in-
@@ -345,6 +351,13 @@ cgsnapshot_id:
   in: body
   required: false
   type: string
+cipher:
+  description: |
+    The encryption algorithm or mode. For example, aes-xts-plain64. The default
+    value is None.
+  in: body
+  required: false
+  type: string
 connector:
   description: |
     The ``connector`` object.
@@ -381,6 +394,13 @@ container:
   in: body
   required: true
   type: string
+control_location:
+  description: |
+    Notional service where encryption is performed. Valid values are
+    "front-end" or "back-end". The default value is "front-end".
+  in: body
+  required: false
+  type: string
 cores:
   description: |
     The number of instance cores that are allowed for
@@ -412,6 +432,33 @@ created_at_1:
   in: body
   required: true
   type: string
+deleted:
+  description: |
+    The resource is deleted or not.
+  in: body
+  required: true
+  type: boolean
+deleted_at:
+  description: |
+    The date and time when the resource was deleted.
+
+    The date and time stamp format is `ISO 8601
+    <https://en.wikipedia.org/wiki/ISO_8601>`_:
+
+    ::
+
+       CCYY-MM-DDThh:mm:ss±hh:mm
+
+    For example, ``2015-08-27T09:49:58-05:00``.
+
+    The ``±hh:mm`` value, if included, is the time zone as an offset
+    from UTC. In the previous example, the offset value is ``-05:00``.
+
+    If the ``deleted_at`` date and time stamp is not set, its value is
+    ``null``.
+  in: body
+  required: true
+  type: string
 description:
   description: |
     The backup description or null.
@@ -503,6 +550,18 @@ encrypted:
   in: body
   required: true
   type: boolean
+encryption:
+  description: |
+    The encryption information.
+  in: body
+  required: true
+  type: object
+encryption_id_body:
+  description: |
+    The UUID of the encryption.
+  in: body
+  required: true
+  type: string
 extra_specs:
   description: |
     A set of key and value pairs that contains the
@@ -728,6 +787,13 @@ key_pairs:
   in: body
   required: true
   type: integer
+key_size:
+  description: |
+    Size of encryption key, in bits. For example, 128 or 256. The default value
+    is None.
+  in: body
+  required: false
+  type: integer
 keys:
   description: |
     List of Keys.
@@ -1179,6 +1245,18 @@ properties:
   in: body
   required: true
   type: object
+provider:
+  description: |
+    The class that provides encryption support.
+  in: body
+  required: true
+  type: string
+provider_optional:
+  description: |
+    The class that provides encryption support.
+  in: body
+  required: false
+  type: string
 qos_specs:
   description: |
     A ``qos_specs`` object.
@@ -1645,6 +1723,12 @@ volume_type_5:
   in: body
   required: true
   type: array
+volume_type_id_body:
+  description: |
+    The UUID of the volume type.
+  in: body
+  required: true
+  type: string
 volume_types:
   description: |
     The list of volume types.  In an environment with
diff --git a/api-ref/source/v2/samples/encryption-type-create-request.json b/api-ref/source/v2/samples/encryption-type-create-request.json
new file mode 100644
index 00000000000..f93c1426144
--- /dev/null
+++ b/api-ref/source/v2/samples/encryption-type-create-request.json
@@ -0,0 +1,8 @@
+{
+    "encryption":{
+        "key_size": 128,
+        "provider": "nova.volume.encryptors.luks.LuksEncryptor",
+        "control_location":"front-end",
+        "cipher": "aes-xts-plain64"
+    }
+}
diff --git a/api-ref/source/v2/samples/encryption-type-create-response.json b/api-ref/source/v2/samples/encryption-type-create-response.json
new file mode 100644
index 00000000000..3e2a2aeec58
--- /dev/null
+++ b/api-ref/source/v2/samples/encryption-type-create-response.json
@@ -0,0 +1,10 @@
+{
+    "encryption": {
+        "volume_type_id": "2d29462d-76cb-417c-8a9f-fb23140f1577",
+        "control_location": "front-end",
+        "encryption_id": "81e069c6-7394-4856-8df7-3b237ca61f74",
+        "key_size": 128,
+        "provider": "nova.volume.encryptors.luks.LuksEncryptor",
+        "cipher": "aes-xts-plain64"
+    }
+}
diff --git a/api-ref/source/v2/samples/encryption-type-show-response.json b/api-ref/source/v2/samples/encryption-type-show-response.json
new file mode 100644
index 00000000000..83ecab88bba
--- /dev/null
+++ b/api-ref/source/v2/samples/encryption-type-show-response.json
@@ -0,0 +1,12 @@
+{
+    "volume_type_id": "2d29462d-76cb-417c-8a9f-fb23140f1577",
+    "control_location": "front-end",
+    "deleted": false,
+    "created_at": "2016-12-28T02:32:25.000000",
+    "updated_at": null,
+    "encryption_id": "81e069c6-7394-4856-8df7-3b237ca61f74",
+    "key_size": 128,
+    "provider": "nova.volume.encryptors.luks.LuksEncryptor",
+    "deleted_at": null,
+    "cipher": "aes-xts-plain64"
+}
\ No newline at end of file
diff --git a/api-ref/source/v2/samples/encryption-type-update-request.json b/api-ref/source/v2/samples/encryption-type-update-request.json
new file mode 100644
index 00000000000..7a587b77146
--- /dev/null
+++ b/api-ref/source/v2/samples/encryption-type-update-request.json
@@ -0,0 +1,7 @@
+{
+    "encryption":{
+        "key_size": 64,
+        "provider": "cinder.keymgr.conf_key_mgr.ConfKeyManager",
+        "control_location":"back-end"
+    }
+}
\ No newline at end of file
diff --git a/api-ref/source/v2/samples/encryption-type-update-response.json b/api-ref/source/v2/samples/encryption-type-update-response.json
new file mode 100644
index 00000000000..7a587b77146
--- /dev/null
+++ b/api-ref/source/v2/samples/encryption-type-update-response.json
@@ -0,0 +1,7 @@
+{
+    "encryption":{
+        "key_size": 64,
+        "provider": "cinder.keymgr.conf_key_mgr.ConfKeyManager",
+        "control_location":"back-end"
+    }
+}
\ No newline at end of file
diff --git a/api-ref/source/v2/volumes-v2-types.inc b/api-ref/source/v2/volumes-v2-types.inc
index 0f8b54c9cad..de3b9c75da2 100644
--- a/api-ref/source/v2/volumes-v2-types.inc
+++ b/api-ref/source/v2/volumes-v2-types.inc
@@ -113,8 +113,8 @@ Response Example
    :language: javascript
 
 
-Show volume type details
-~~~~~~~~~~~~~~~~~~~~~~~~
+Show volume type details for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. rest_method::  GET /v2/{tenant_id}/types/{volume_type_id}
 
@@ -171,8 +171,8 @@ Request
    - tenant_id: tenant_id
 
 
-List volume types
-~~~~~~~~~~~~~~~~~
+List all volume types for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. rest_method::  GET /v2/{tenant_id}/types
 
@@ -212,8 +212,8 @@ Response Example
    :language: javascript
 
 
-Create volume type
-~~~~~~~~~~~~~~~~~~
+Create volume type for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. rest_method::  POST /v2/{tenant_id}/types
 
@@ -270,3 +270,174 @@ Response Example
 .. literalinclude:: ./samples/volume-type-show-response.json
    :language: javascript
 
+Show an encryption type for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. rest_method::  GET //v2/{tenant_id}/types/{volume_type_id}/encryption
+
+Show an encryption type.
+
+To show an encryption type for an existing volume type.
+
+Normal response codes: 200
+Error response codes:
+
+
+Request
+-------
+
+.. rest_parameters:: parameters.yaml
+
+   - volume_type_id: volume_type_id
+   - tenant_id: tenant_id
+
+
+Response Parameters
+-------------------
+
+.. rest_parameters:: parameters.yaml
+
+   - volume_type_id: volume_type_id_body
+   - encryption_id: encryption_id
+   - encryption: encryption
+   - key_size: key_size
+   - provider: provider
+   - control_location: control_location
+   - cipher: cipher
+   - deleted: deleted
+   - created_at: created_at
+   - updated_at: updated_at
+   - deleted_at: deleted_at
+
+Response Example
+----------------
+
+.. literalinclude:: ./samples/encryption-type-show-response.json
+   :language: javascript
+
+
+Delete an encryption type for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. rest_method::  GET //v2/{tenant_id}/types/{volume_type_id}/encryption/{encryption_id}
+
+Delete an encryption type.
+
+To delete an encryption type for an existing volume type.
+
+Normal response codes: 202
+Error response codes:
+
+
+Request
+-------
+
+.. rest_parameters:: parameters.yaml
+
+   - volume_type_id: volume_type_id
+   - tenant_id: tenant_id
+   - encryption_id: encryption_id
+
+Create an encryption type for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. rest_method::  POST //v2/{tenant_id}/types/{volume_type_id}/encryption
+
+Creates an encryption type.
+
+To create an encryption type for an existing volume type.
+
+Normal response codes: 200
+Error response codes:
+
+
+Request
+-------
+
+.. rest_parameters:: parameters.yaml
+
+   - volume_type_id: volume_type_id
+   - tenant_id: tenant_id
+   - encryption: encryption
+   - key_size: key_size
+   - provider: provider
+   - control_location: control_location
+   - cipher: cipher
+
+Request Example
+---------------
+
+.. literalinclude:: ./samples/encryption-type-create-request.json
+   :language: javascript
+
+
+Response Parameters
+-------------------
+
+.. rest_parameters:: parameters.yaml
+
+   - volume_type_id: volume_type_id_body
+   - encryption_id: encryption_id
+   - encryption: encryption
+   - key_size: key_size
+   - provider: provider
+   - control_location: control_location
+   - cipher: cipher
+
+Response Example
+----------------
+
+.. literalinclude:: ./samples/encryption-type-create-response.json
+   :language: javascript
+
+
+Update an encryption type for v2
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. rest_method::  POST //v2/{tenant_id}/types/{volume_type_id}/encryption/{encryption_id}
+
+Update an encryption type.
+
+To update an encryption type for an existing volume type.
+
+Normal response codes: 200
+Error response codes:
+
+
+Request
+-------
+
+.. rest_parameters:: parameters.yaml
+
+   - volume_type_id: volume_type_id
+   - tenant_id: tenant_id
+   - encryption_id: encryption_id
+   - encryption: encryption
+   - key_size: key_size
+   - provider: provider_optional
+   - control_location: control_location
+   - cipher: cipher
+
+Request Example
+---------------
+
+.. literalinclude:: ./samples/encryption-type-update-request.json
+   :language: javascript
+
+
+Response Parameters
+-------------------
+
+.. rest_parameters:: parameters.yaml
+
+   - encryption: encryption
+   - key_size: key_size
+   - provider: provider_optional
+   - control_location: control_location
+   - cipher: cipher
+
+Response Example
+----------------
+
+.. literalinclude:: ./samples/encryption-type-update-response.json
+   :language: javascript