mirror of
https://github.com/restic/restic.git
synced 2024-12-22 07:43:03 +00:00
Stabilize explicit-s3-anonymous-auth
and safe-forget-keep-tags
flags
The features can no longer be disabled.
This commit is contained in:
parent
8f9d755b44
commit
098db935f7
4 changed files with 11 additions and 10 deletions
7
changelog/unreleased/pull-5162
Normal file
7
changelog/unreleased/pull-5162
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
Change: Promote feature flags
|
||||||
|
|
||||||
|
The `explicit-s3-anonymous-auth` and `safe-forget-keep-tags` features are
|
||||||
|
now stable and can no longer be disabled. The feature flags will be removed
|
||||||
|
in restic 0.19.0.
|
||||||
|
|
||||||
|
https://github.com/restic/restic/pull/5162
|
|
@ -8,7 +8,6 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
"github.com/restic/restic/internal/errors"
|
"github.com/restic/restic/internal/errors"
|
||||||
"github.com/restic/restic/internal/feature"
|
|
||||||
"github.com/restic/restic/internal/restic"
|
"github.com/restic/restic/internal/restic"
|
||||||
"github.com/restic/restic/internal/ui/termstatus"
|
"github.com/restic/restic/internal/ui/termstatus"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
|
@ -271,7 +270,7 @@ func runForget(ctx context.Context, opts ForgetOptions, pruneOptions PruneOption
|
||||||
|
|
||||||
keep, remove, reasons := restic.ApplyPolicy(snapshotGroup, policy)
|
keep, remove, reasons := restic.ApplyPolicy(snapshotGroup, policy)
|
||||||
|
|
||||||
if feature.Flag.Enabled(feature.SafeForgetKeepTags) && !policy.Empty() && len(keep) == 0 {
|
if !policy.Empty() && len(keep) == 0 {
|
||||||
return fmt.Errorf("refusing to delete last snapshot of snapshot group \"%v\"", key.String())
|
return fmt.Errorf("refusing to delete last snapshot of snapshot group \"%v\"", key.String())
|
||||||
}
|
}
|
||||||
if len(keep) != 0 && !gopts.Quiet && !gopts.JSON {
|
if len(keep) != 0 && !gopts.Quiet && !gopts.JSON {
|
||||||
|
|
|
@ -129,12 +129,7 @@ func getCredentials(cfg Config, tr http.RoundTripper) (*credentials.Credentials,
|
||||||
// Fail if no credentials were found to prevent repeated attempts to (unsuccessfully) retrieve new credentials.
|
// Fail if no credentials were found to prevent repeated attempts to (unsuccessfully) retrieve new credentials.
|
||||||
// The first attempt still has to timeout which slows down restic usage considerably. Thus, migrate towards forcing
|
// The first attempt still has to timeout which slows down restic usage considerably. Thus, migrate towards forcing
|
||||||
// users to explicitly decide between authenticated and anonymous access.
|
// users to explicitly decide between authenticated and anonymous access.
|
||||||
if feature.Flag.Enabled(feature.ExplicitS3AnonymousAuth) {
|
return nil, fmt.Errorf("no credentials found. Use `-o s3.unsafe-anonymous-auth=true` for anonymous authentication")
|
||||||
return nil, fmt.Errorf("no credentials found. Use `-o s3.unsafe-anonymous-auth=true` for anonymous authentication")
|
|
||||||
}
|
|
||||||
|
|
||||||
debug.Log("using anonymous access for %#v", cfg.Endpoint)
|
|
||||||
creds = credentials.New(&credentials.Static{})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
roleArn := os.Getenv("RESTIC_AWS_ASSUME_ROLE_ARN")
|
roleArn := os.Getenv("RESTIC_AWS_ASSUME_ROLE_ARN")
|
||||||
|
|
|
@ -15,7 +15,7 @@ func init() {
|
||||||
Flag.SetFlags(map[FlagName]FlagDesc{
|
Flag.SetFlags(map[FlagName]FlagDesc{
|
||||||
BackendErrorRedesign: {Type: Beta, Description: "enforce timeouts for stuck HTTP requests and use new backend error handling design."},
|
BackendErrorRedesign: {Type: Beta, Description: "enforce timeouts for stuck HTTP requests and use new backend error handling design."},
|
||||||
DeviceIDForHardlinks: {Type: Alpha, Description: "store deviceID only for hardlinks to reduce metadata changes for example when using btrfs subvolumes. Will be removed in a future restic version after repository format 3 is available"},
|
DeviceIDForHardlinks: {Type: Alpha, Description: "store deviceID only for hardlinks to reduce metadata changes for example when using btrfs subvolumes. Will be removed in a future restic version after repository format 3 is available"},
|
||||||
ExplicitS3AnonymousAuth: {Type: Beta, Description: "forbid anonymous S3 authentication unless `-o s3.unsafe-anonymous-auth=true` is set"},
|
ExplicitS3AnonymousAuth: {Type: Stable, Description: "forbid anonymous S3 authentication unless `-o s3.unsafe-anonymous-auth=true` is set"},
|
||||||
SafeForgetKeepTags: {Type: Beta, Description: "prevent deleting all snapshots if the tag passed to `forget --keep-tags tagname` does not exist"},
|
SafeForgetKeepTags: {Type: Stable, Description: "prevent deleting all snapshots if the tag passed to `forget --keep-tags tagname` does not exist"},
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue