diff options
Diffstat (limited to 'lib/backup')
-rw-r--r-- | lib/backup/gitaly_backup.rb | 4 | ||||
-rw-r--r-- | lib/backup/manager.rb | 36 | ||||
-rw-r--r-- | lib/backup/pages.rb | 6 |
3 files changed, 34 insertions, 12 deletions
diff --git a/lib/backup/gitaly_backup.rb b/lib/backup/gitaly_backup.rb index 55fd68fd6e8..47b63990262 100644 --- a/lib/backup/gitaly_backup.rb +++ b/lib/backup/gitaly_backup.rb @@ -22,8 +22,8 @@ module Backup end args = [] - args += ['-parallel', @parallel.to_s] if type == :create && @parallel - args += ['-parallel-storage', @parallel_storage.to_s] if type == :create && @parallel_storage + args += ['-parallel', @parallel.to_s] if @parallel + args += ['-parallel-storage', @parallel_storage.to_s] if @parallel_storage @stdin, stdout, @thread = Open3.popen2(ENV, bin_path, command, '-path', backup_repos_path, *args) diff --git a/lib/backup/manager.rb b/lib/backup/manager.rb index 52810b0fb35..6c5350082e8 100644 --- a/lib/backup/manager.rb +++ b/lib/backup/manager.rb @@ -47,10 +47,12 @@ module Backup return end - directory = connect_to_remote_directory(Gitlab.config.backup.upload) + directory = connect_to_remote_directory + upload = directory.files.create(create_attributes) - if directory.files.create(create_attributes) + if upload progress.puts "done".color(:green) + upload else puts "uploading backup to #{remote_directory} failed".color(:red) raise Backup::Error, 'Backup failed' @@ -206,11 +208,16 @@ module Backup @backup_file_list.map {|item| item.gsub("#{FILE_NAME_SUFFIX}", "")} end - def connect_to_remote_directory(options) - config = ObjectStorage::Config.new(options) - config.load_provider + def object_storage_config + @object_storage_config ||= begin + config = ObjectStorage::Config.new(Gitlab.config.backup.upload) + config.load_provider + config + end + end - connection = ::Fog::Storage.new(config.credentials) + def connect_to_remote_directory + connection = ::Fog::Storage.new(object_storage_config.credentials) # We only attempt to create the directory for local backups. For AWS # and other cloud providers, we cannot guarantee the user will have @@ -280,10 +287,8 @@ module Backup key: remote_target, body: File.open(File.join(backup_path, tar_file)), multipart_chunk_size: Gitlab.config.backup.upload.multipart_chunk_size, - encryption: Gitlab.config.backup.upload.encryption, - encryption_key: Gitlab.config.backup.upload.encryption_key, storage_class: Gitlab.config.backup.upload.storage_class - } + }.merge(encryption_attributes) # Google bucket-only policies prevent setting an ACL. In any case, by default, # all objects are set to the default ACL, which is project-private: @@ -293,6 +298,19 @@ module Backup attrs end + def encryption_attributes + return object_storage_config.fog_attributes if object_storage_config.aws_server_side_encryption_enabled? + + # Use customer-managed keys. Also, this preserves + # backward-compatibility for existing usages of `SSE-S3` that + # don't set `backup.upload.storage_options.server_side_encryption` + # to `'AES256'`. + { + encryption_key: Gitlab.config.backup.upload.encryption_key, + encryption: Gitlab.config.backup.upload.encryption + } + end + def google_provider? Gitlab.config.backup.upload.connection&.provider&.downcase == 'google' end diff --git a/lib/backup/pages.rb b/lib/backup/pages.rb index ae293073ba2..393cf4108a1 100644 --- a/lib/backup/pages.rb +++ b/lib/backup/pages.rb @@ -2,12 +2,16 @@ module Backup class Pages < Backup::Files + # pages used to deploy tmp files to this path + # if some of these files are still there, we don't need them in the backup + LEGACY_PAGES_TMP_PATH = '@pages.tmp' + attr_reader :progress def initialize(progress) @progress = progress - super('pages', Gitlab.config.pages.path, excludes: [::Projects::UpdatePagesService::TMP_EXTRACT_PATH]) + super('pages', Gitlab.config.pages.path, excludes: [LEGACY_PAGES_TMP_PATH]) end end end |