From 70b5a325ffe93cb55eaf0f6debfc4f5dd305c24b Mon Sep 17 00:00:00 2001
From: Alfredo Deza <adeza@redhat.com>
Date: Fri, 2 Feb 2018 08:12:05 -0500
Subject: [PATCH] ceph-volume simple.activate b64decode keys for activation as
 well

Signed-off-by: Alfredo Deza <adeza@redhat.com>
(cherry picked from commit 636ebc127797c8020cfb7aff09955b72beac8bdf)
---
 .../ceph_volume/devices/simple/activate.py           | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/ceph-volume/ceph_volume/devices/simple/activate.py b/src/ceph-volume/ceph_volume/devices/simple/activate.py
index 49900872ee9be..75537a8a64334 100644
--- a/src/ceph-volume/ceph_volume/devices/simple/activate.py
+++ b/src/ceph-volume/ceph_volume/devices/simple/activate.py
@@ -1,5 +1,6 @@
 from __future__ import print_function
 import argparse
+import base64
 import json
 import logging
 import os
@@ -35,7 +36,7 @@ class Activate(object):
             logger.warning('"type" was not defined, will assume "bluestore"')
             objectstore = 'bluestore'
 
-        # Go throuh all the device combinations that are absolutely required,
+        # Go through all the device combinations that are absolutely required,
         # raise an error describing what was expected and what was found
         # otherwise.
         if objectstore == 'filestore':
@@ -106,7 +107,14 @@ class Activate(object):
             # write the keyring always so that we can unlock
             encryption_utils.write_lockbox_keyring(osd_id, osd_fsid, lockbox_secret)
             # Store the secret around so that the decrypt method can reuse
-            self.dmcrypt_secret = encryption_utils.get_dmcrypt_key(osd_id, osd_fsid)
+            raw_dmcrypt_secret = encryption_utils.get_dmcrypt_key(osd_id, osd_fsid)
+            # Note how both these calls need b64decode. For some reason, the
+            # way ceph-disk creates these keys, it stores them in the monitor
+            # *undecoded*, requiring this decode call again. The lvm side of
+            # encryption doesn't need it, so we are assuming here that anything
+            # that `simple` scans, will come from ceph-disk and will need this
+            # extra decode call here
+            self.dmcrypt_secret = base64.b64decode(raw_dmcrypt_secret)
 
         cluster_name = osd_metadata.get('cluster_name', 'ceph')
         osd_dir = '/var/lib/ceph/osd/%s-%s' % (cluster_name, osd_id)
-- 
2.39.5