-
-
Notifications
You must be signed in to change notification settings - Fork 764
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Optimize storage and speed when making an encrypted backup #1825
base: v8
Are you sure you want to change the base?
Conversation
LGTM! Would you be as kind to spare a few minutes on this one @freekmurze?:) |
Will do to, could you rebase against |
@freekmurze are you asking me? If yes, I can do a PR against main, after getting this merged under v8. |
There are merge conflicts preventing this from being merged. You can rebase against the v8 branch. |
@freekmurze rebased |
Is there anything else that can be done to help merge this PR? I am emphasizing the issue of having unencrypted archives make it to a remote storage (i.e. s3) under specific circumstances. |
} else { | ||
app()->call('\Spatie\Backup\Listeners\EncryptBackupArchive@handle', ['event' => new BackupZipWasCreated($pathToZip)]); | ||
} | ||
$this->sendNotification(new BackupZipWasCreated($pathToZip)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should only send notifications if $this->notifications
is set to true
|
||
namespace Spatie\Backup\Tasks\Backup; | ||
|
||
class Encryption |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename this class to BackupEncryptionConfig
return $this->encryption; | ||
} | ||
|
||
public function loadEncryption() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Move all of this logic to a new static method loadFromConfigFile
on the BackupEncryptionClass
so the Zip
becomes smaller
This PR addresses two issues:
In more detail:
Using a Listener to wait for a successful creation of backup had the side effect of first creating a zip archive, unencrypted, then create the encrypted zip archive using the unencrypted one, which demanded double the available disk space, as well as more time.
Further to the above, and most concerning, is when the Listener fails to encrypt the zip file, it shows a warning about a notification failed to be sent, but it continues to store the archive on the destination disks, allowing for the unencrypted version to make it to a remote destination with possible privacy implications. A very likely scenario for this to happen, is when there is not enough disk space available for the encrypted backup to be generated, but the unencrypted one was successfully created.
This PR tackles the issue by setting the zip archive to use encryption as soon as the files are added, without the need of first making an unencrypted version on the temp folder. This also has a nice side-effect of needing the same available disk space as if no encryption was configured.
Happy to create a PR also for v9
Note: Tide-up the tests related to the encryption, as the Listener is no longer used.