From 2820c4ffdb711b377ae58180aa087e94af0ee525 Mon Sep 17 00:00:00 2001 From: Antoine Augusti Date: Tue, 29 Aug 2023 15:15:50 +0200 Subject: [PATCH] Buckets Scaleway : ajuste lifecycle rules (#3411) --- docs/scaleway/README.md | 37 +++++++++++++++++++ ...et_lifecycle_configuration_production.json | 16 ++++++-- ...ucket_lifecycle_configuration_staging.json | 16 ++++++-- 3 files changed, 63 insertions(+), 6 deletions(-) create mode 100644 docs/scaleway/README.md diff --git a/docs/scaleway/README.md b/docs/scaleway/README.md new file mode 100644 index 0000000000..71f4ac0a32 --- /dev/null +++ b/docs/scaleway/README.md @@ -0,0 +1,37 @@ +# Scaleway bucket configurations + +We use Scaleway for database backups replication. + +This folder holds configuration for: +- bucket policies (permissions) +- bucket lifecycles (how long to keep uploaded files, when to delete temporary files) + +## Scaleway documentation links + +- [Using bucket policies](https://www.scaleway.com/en/docs/storage/object/api-cli/using-bucket-policies/) +- [Managing the lifecycle of objects](https://www.scaleway.com/en/docs/storage/object/api-cli/lifecycle-rules-api/) + +[See the GitHub issue comment](https://github.com/etalab/transport-site/issues/1548#issuecomment-1083189225) explaining what has been implemented. + +## Seeing / applying configuration + +At the moment **these configuration are NOT automatically applied** through CI or something else. You'll need to run CLI commands. + +Grab Scaleway credentials from our password manager solution first and [install the AWS CLI](https://www.scaleway.com/en/docs/storage/object/api-cli/object-storage-aws-cli/). + +### CLI commands related to lifecycles +``` +# See the lifecycle configuration +aws --endpoint-url "https://s3.fr-par.scw.cloud" --region fr-par s3api get-bucket-lifecycle-configuration --bucket transport-staging-backups +aws --endpoint-url "https://s3.fr-par.scw.cloud" --region fr-par s3api get-bucket-lifecycle-configuration --bucket transport-prod-backups +# Apply a lifecycle configuration to a bucket +aws --endpoint-url "https://s3.fr-par.scw.cloud" --region fr-par s3api put-bucket-lifecycle-configuration --lifecycle-configuration file:///Users/antoineaugusti/Documents/transport-site/docs/scaleway/bucket_lifecycle_configuration_production.json --bucket transport-prod-backups + +### CLI commands related to bucket policies +``` +# See a bucket policy configuration +aws --endpoint-url "https://s3.fr-par.scw.cloud" --region fr-par s3api get-bucket-policy --bucket transport-prod-backups + +# Apply a bucket policy configuration to a bucket +aws --endpoint-url "https://s3.fr-par.scw.cloud" --region fr-par s3api put-bucket-policy --bucket transport-prod-backups --policy file://docs/scaleway/bucket_policy_production.json +``` diff --git a/docs/scaleway/bucket_lifecycle_configuration_production.json b/docs/scaleway/bucket_lifecycle_configuration_production.json index afe56c8ba5..52e12664e8 100644 --- a/docs/scaleway/bucket_lifecycle_configuration_production.json +++ b/docs/scaleway/bucket_lifecycle_configuration_production.json @@ -1,14 +1,24 @@ { "Rules":[ { + "ID":"delete-after-90-days", + "Status":"Enabled", + "Filter":{ + "Prefix":"" + }, "Expiration":{ "Days":90 - }, - "ID":"delete-after-90-days", + } + }, + { + "ID":"Remove uncompleted uploads", + "Status":"Enabled", "Filter":{ "Prefix":"" }, - "Status":"Enabled" + "AbortIncompleteMultipartUpload":{ + "DaysAfterInitiation":1 + } } ] } diff --git a/docs/scaleway/bucket_lifecycle_configuration_staging.json b/docs/scaleway/bucket_lifecycle_configuration_staging.json index 363b183fa7..c336d92ed6 100644 --- a/docs/scaleway/bucket_lifecycle_configuration_staging.json +++ b/docs/scaleway/bucket_lifecycle_configuration_staging.json @@ -1,14 +1,24 @@ { "Rules":[ { + "ID":"delete-after-30-days", + "Status":"Enabled", + "Filter":{ + "Prefix":"" + }, "Expiration":{ "Days":30 - }, - "ID":"delete-after-30-days", + } + }, + { + "ID":"Remove uncompleted uploads", + "Status":"Enabled", "Filter":{ "Prefix":"" }, - "Status":"Enabled" + "AbortIncompleteMultipartUpload":{ + "DaysAfterInitiation":1 + } } ] }