azure-devops-repository-archiver
Project description
Azure DevOps Git Repository Archiver
Allows to backup regularly git repositories hosted in Azure DevOps to an S3 Bucket.
Features
The S3 bucket is configured as below
-
enabled versioning of objects
-
enabled encryption using an S3 managed Key
-
disallowing publich access
-
A lifecycle configuration for the archived repositories. They transistion through different storage classes
- Infrequent Access after 30 days
- Glacier after 90 days
- Deep Archive 180 days
- Expiry after 365 days
The CodeBuild projects are configured as below
-
Logging to CloudWatch
- Configurable retention period. Default is one month.
- Encryption using customer-managed KMS key
-
Notifications to SNS about uploaded objects
Planned Features
- Tagging of created AWS resources
Prerequisites
The connection to the Azure DevOps organization requires a personal access token. The PAT needs to have "Code read" permission and stored in a SecretsManager secret
aws secretsmanager create-secret --name rwest_archiver_rwest_platform --description "RWEST Archiver for RWEST-Platform organization" --secret-string "{\"pat\":\"<your_pat>\"}"
Example (Typescript)
-
Add the library to your dependencies, e.g to the
package.json
file"dependencies": { [...], "azure-devops-repository-archiver": "0.0.9", },
-
Per
BackupConfiguration
a secret containing the Azure DevOps PAT needs to be specified. It can e.g. be importedconst secret = Secret.fromSecretAttributes(this, 'azure-devops-pat', { secretCompleteArn: 'arn:aws:secretsmanager:eu-central-1:<aws_account_id>:secret:<secret_name>', });
-
When creating the construct the required
BackupConfiguration
s can be passed as below. The grouping is per organization and project.const backupConfigurations: BackupConfiguration[] = [ { organizationName: 'MyOrganization', projectName: 'project-1', repositoryNames: [ 'repository-1-a', 'repository-1-b', ], secretArn: secret.secretArn, }, { organizationName: 'MyOrganization', projectName: 'project-2', repositoryNames: [ 'repository-2-a', 'repository-2-b', ], secretArn: secret.secretArn, }, ]
-
The archiver properties and the archiver can then be created as
const archiverProps: ArchiverProperties = { retention: RetentionDays.ONE_WEEK, backupConfigurations: backupConfigurations, }; new Archiver(this, 'archiver', archiverProps);
Links
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for azure-devops-repository-archiver-0.0.17.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | a292000824c2eef3efee4cd4c0aab31fda7e5514f43648bac1f2909804da4130 |
|
MD5 | 151333b7dfb34b536b0b05bca766e5ac |
|
BLAKE2b-256 | 3065bb1c5224674a3d1f7492ade52acf3e86847f8a6deffd3373eabc028b33bd |
Hashes for azure_devops_repository_archiver-0.0.17-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5a53c312aade43f45c1d0bc557a30e2dda7fbf0868b1a00c08fdc3e63d6ccaa5 |
|
MD5 | a2de66d1e946e139275419faca478d3c |
|
BLAKE2b-256 | e6defcd569af75ad246971762cbd849d7ef7b13fddf5adf113111aae972e5f80 |