meissa/dda-backup
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: meissa:main
Branches Tags
meissa:main
meissa:credential-rotation
meissa:backup-monitoring
meissa:remove-the-jdk-dep
meissa:master
meissa:1.0.14
meissa:1.0.13
meissa:1.0.12
meissa:1.0.11
meissa:1.0.10
meissa:1.0.9
meissa:1.0.7
meissa:1.0.6
meissa:1.0.5
meissa:1.0.4
meissa:1.0.3
meissa:1.0.2
meissa:1.0.1
meissa:1.0.0
..
compare: meissa:remove-the-jdk-dep
Branches Tags
meissa:credential-rotation
meissa:main
meissa:backup-monitoring
meissa:remove-the-jdk-dep
meissa:master
meissa:1.0.14
meissa:1.0.13
meissa:1.0.12
meissa:1.0.11
meissa:1.0.10
meissa:1.0.9
meissa:1.0.7
meissa:1.0.6
meissa:1.0.5
meissa:1.0.4
meissa:1.0.3
meissa:1.0.2
meissa:1.0.1
meissa:1.0.0

1 commit
main ... remove-the

Author SHA1 Message Date
Michael Jerger
a55fead350 initial try outs 2024-08-30 14:15:47 +02:00
5 changed files with 18 additions and 113 deletions
Show stats Expand all files Collapse all files

9
deps.edn
View file

@ -17,16 +17,13 @@
;; --------------------------------------------------------- ;; ---------------------------------------------------------
:aliases :aliases
{ {
;; ------------
;; Add libraries and paths to support additional test tools
:test/env
{}
;; Test runner - local and CI ;; Test runner - local and CI
;; call with :watch? true to start file watcher and re-run tests on saved changes ;; call with :watch? true to start file watcher and re-run tests on saved changes
:test/run :test/run
{:extra-paths ["test"] {:extra-paths ["test"]
:extra-deps {lambdaisland/kaocha {:mvn/version "1.91.1392"}} :extra-deps {lambdaisland/kaocha {:mvn/version "1.91.1392"}
expound/expound {:mvn/version "0.9.0"}}
:main-opts ["-m" "kaocha.runner"] :main-opts ["-m" "kaocha.runner"]
:exec-fn kaocha.runner/exec-fn :exec-fn kaocha.runner/exec-fn
:exec-args {:randomize? false :exec-args {:randomize? false

104
docs/CredentialRotation.md
View file

@ -1,104 +0,0 @@
# Credential Rotation
## Example Data
Default
```json
[{
"current": true,
"id": "521e0760",
"userName": "root",
"hostName": "backup-restore-65bd9b6ff5-z69sn",
"created": "2024-10-18 13:08:16"
}]
```
Add another password
```json
[
{
"current": true,
"id": "521e0760",
"userName": "root",
"hostName": "backup-restore-65bd9b6ff5-z69sn",
"created": "2024-10-18 13:08:16"
},
{
"current": false,
"id": "b67161fb",
"userName": "root",
"hostName": "backup-restore-65bd9b6ff5-z69sn",
"created": "2024-10-18 13:16:54"
}
]
```
Change current password
```json
[
{
"current": false,
"id": "521e0760",
"userName": "root",
"hostName": "backup-restore-65bd9b6ff5-z69sn",
"created": "2024-10-18 13:08:16"
},
{
"current": true,
"id": "b67161fb",
"userName": "root",
"hostName": "backup-restore-65bd9b6ff5-z69sn",
"created": "2024-10-18 13:16:54"
}
]
```
Remove old password
```json
[
{
"current": true,
"id": "b67161fb",
"userName": "root",
"hostName": "backup-restore-65bd9b6ff5-z69sn",
"created": "2024-10-18 13:16:54"
}
]
```
## Steps
Steps need to be validated and performed seperately and work independently of each other.
To avoid problems where the program is shut down mid-transition.
### Stages
#### Initial State
Validation:
- Detect change requested: new password file environment is set
Steps to perform:
- Add new password
- `restic -r <repo> key add --new-password-file <file>`
#### New password has been added
Validation:
- List of passwords has 2 entries
- The password with the newer timestamp is not set as "current"
Steps to perform:
- Extract id of new password
- Extract id of old password
- Remove old password in favour of new one
- `restic -r <repo> key remove --key-hint <new-id> <old-id>`
- Unset new password file environment

3
infrastructure/backup/test/resources/bb.edn
View file

@ -1,3 +1,4 @@
{:deps {org.clojure/spec.alpha {:mvn/version "0.4.233"} {:deps {org.babashka/spec.alpha {:git/url "https://github.com/babashka/spec.alpha"
:git/sha "1a841c4cc1d4f6dab7505a98ed2d532dd9d56b78"}
orchestra/orchestra {:mvn/version "2021.01.01-1"} orchestra/orchestra {:mvn/version "2021.01.01-1"}
org.domaindrivenarchitecture/dda-backup {:local/root "/usr/local/lib/dda-backup"}}} org.domaindrivenarchitecture/dda-backup {:local/root "/usr/local/lib/dda-backup"}}}

2
test/dda/backup/backup/domain_test.clj
View file

@ -18,7 +18,7 @@
"file2" "file2"
"file2"]] "file2"]]
(cut/backup-files-command {:restic-repository "repo" (cut/backup-files-command {:restic-repository "repo"
:backup-path "dir-at-repo" ;:backup-path "dir-at-repo"
:execution-directory "dir-to-backup" :execution-directory "dir-to-backup"
:days-to-keep 39 :days-to-keep 39
:months-to-keep 3 :months-to-keep 3

13
tests.edn
View file

@ -10,4 +10,15 @@
;; --------------------------------------------------------- ;; ---------------------------------------------------------
#kaocha/v1 {} #kaocha/v1 {:plugins [:orchestra
:kaocha.plugin.alpha/info
:profiling
:print-invocations
:hooks
:notifier
:kaocha.plugin/version-filter]
:kaocha/bindings {kaocha.stacktrace/*stacktrace-filters* []
kaocha.stacktrace/*stacktrace-stop-list* []}
:reporter kaocha.report/documentation}