From c50794eead9dcc68d7206eec9f8e0989edc3c49e Mon Sep 17 00:00:00 2001 From: Pavel Raiskup Date: Tue, 12 May 2020 05:45:35 +0200 Subject: [PATCH] copr-keygen: better backup script We need to have YYYY-MM-DD in file name to actually have correct incremental backups. Since we don't overwrite the old backup files now and we have different filename each day, let's remove the old backup files and keep only the last one (this is to mimic what happens with DB backups on copr frontend, which runs roles/postgresql_server/files/backup-database). While on it, let's double-quote variable uses. Per advice in: https://pagure.io/fedora-infrastructure/issue/8904 --- roles/copr/keygen/files/backup_keyring.sh | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/roles/copr/keygen/files/backup_keyring.sh b/roles/copr/keygen/files/backup_keyring.sh index 21ad4685e0..11c76604fe 100644 --- a/roles/copr/keygen/files/backup_keyring.sh +++ b/roles/copr/keygen/files/backup_keyring.sh @@ -4,8 +4,20 @@ # root gpg keychain should have PUBLIC key with `user email` admin@fedoraproject.org PATH_TO_KEYRING_DIR="/var/lib/copr-keygen" -OUTPUT_FILE="/backup/copr_keygen_keyring.tar.gz.gpg" +BACKUP_DIR=/backup +OUTPUT_FILE="$BACKUP_DIR/copr_keygen_keyring_$(date -I).tar.gz.gpg" -tar --exclude="*agent*" -czPf - $PATH_TO_KEYRING_DIR | - gpg2 --output $OUTPUT_FILE.tmp --encrypt --recipient admin@fedoraproject.org --always-trust && - mv $OUTPUT_FILE.tmp $OUTPUT_FILE +tar --exclude="*agent*" -czPf - "$PATH_TO_KEYRING_DIR" \ + | gpg2 --output "$OUTPUT_FILE".tmp --encrypt \ + --recipient admin@fedoraproject.org --always-trust \ +&& mv "$OUTPUT_FILE.tmp" "$OUTPUT_FILE" + +# shell pattern matching provides sorted output +previous= +for file in "$BACKUP_DIR"/*; do + if test -n "$previous"; then + echo >&2 "removing $file" + rm "$file" + fi + previous=$file +done