Enable bucket retention policy and locking abilities (!15) · Merge requests · Information Services / DevOps / Tools / Google Cloud SQL Backup

Ryan Kowalewski requested to merge 10-bucket-lock into master Apr 04, 2024

This MR implements the ability to configure retention policies and bucket locks for buckets created/managed by this tool.

Things to note:

The existing arg retention_period was misleading in that it actually referred to the lifecycle delete policy age. So, to ensure that it is clear going forward, I've added the lifecycle-delete-rule-age arg instead, and the retention-period arg now refers to the retention period itself.

It is also worth mentioning that object versioning cannot be used in conjunction with retention policies so I've implemented the required logic to disable versioning when necessary.

The tool's defaults are now to create a bucket with the following:

COLDLINE storage.
Retention period set to 91 days (1 day longer than the COLDLINE minimum storage duration).
A lifecycle policy to delete objects after 180 days (this was the existing default and I see no reason to change it).

The new --enable-bucket-lock arg can be used to permanently lock the bucket's retention policy. This arg will be added to our scheduled task to ensure our SQL backup buckets are locked.

Finally, the --bucket-patch-retention-policy arg exists to patch existing buckets as a one off task which I'll do once this MR is approved/merged.

Closes #10 (closed)

Edited Apr 04, 2024 by Ryan Kowalewski

Enable bucket retention policy and locking abilities

Merge request reports