Skip to content

Resolve "Create MVC for backing up object storage data in GCP"

What does this MR do and why?

Adds support to gitlab-backup-cli for backing up object storage.

  • The object storage buckets to backup is pulled from the gitlab.yml file

  • You need to provide a bucket to backup to via the --backup-bucket command line option
  • If run on GCP, it will use the local service account, but with a warning
  • You can provide a separate service account key in /etc/gitlab/backup-account-credentials.json
  • Service accounts will need the following permissions. Probably best to create a Role with these permissions, then add that role to the appropriate service account
    • storagetransfer.jobs.create
    • storagetransfer.jobs.get
    • storagetransfer.jobs.run
    • storagetransfer.jobs.update
    • storagetransfer.operations.get
    • storagetransfer.projects.getServiceAccount
  • To backup up container registry, you will need to pass the --registy-bucket option. This info is only available via the gitlab.rb file, or the generated config file, which may not be available from where the backup command is run.
  • I will open a separate MR with documentation for this.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

  • For development, I used a checkout running against a live Geo instance. I needed to copy the gitlab.yml, and database.yml files into the local checkout. I did comment out the non object storage related tasks from gems/gitlab-backup-cli/lib/gitlab/backup/cli/tasks.rb

Related to #455385 (closed)

Edited by Ian Baum

Merge request reports

Loading