Archive Azure DevOps git repositories to AWS S3
Project description
Azure DevOps Git Repository Archiver
Allows to backup regularly git repositories hosted in Azure DevOps to an S3 Bucket. In the S3 bucket the backups are placed in a "directory" structure like
|
|--- organization 1
| |
| |--- project 1
| | |
| | |--- repository 1
| | |
| | |--- repository 2
| | | ...
| |
| |--- project 2
| |
| |--- ...
|
|
|--- organization 2
| ...
Features
The S3 bucket is configured as below
-
enabled versioning of objects
-
enabled encryption using an S3 managed Key
-
disallowing public access
-
A lifecycle configuration for the archived repositories. They and their versions transistion through different storage classes
- Infrequent Access after 30 days
- Glacier after 90 days
- Deep Archive 180 days
- Expiry after 365 days
-
configurable notifications to SNS about uploaded/ expired objects
The CodeBuild projects are configured as below
-
Logging to CloudWatch
- Configurable retention period. Default is one month.
- Encryption using customer-managed KMS key
-
Schedule based execution.
- The default schedule is one week and can be overriden as part of the backup configuration.
Prerequisites
The connection to the Azure DevOps organization requires a personal access token. The PAT needs to have "Code read" permission and stored in a SecretsManager secret
aws secretsmanager create-secret --name repository_archiver --description "Secret for the repository archiver" --secret-string "{\"pat\":\"<your_pat>\"}"
How to use
Example
-
Add the library to your dependencies, e.g to the
package.json
file"dependencies": { [...], "azure-devops-repository-archiver": "1.4.0", },
-
Per
BackupConfiguration
a secret containing the Azure DevOps PAT needs to be specified. It can e.g. be importedconst secret = Secret.fromSecretAttributes(this, 'azure-devops-pat', { secretCompleteArn: 'arn:aws:secretsmanager:eu-central-1:<aws_account_id>:secret:<secret_name>', });
-
When creating the construct the required
BackupConfiguration
s can be passed as below. The grouping is per organization and project.const backupConfigurations: BackupConfiguration[] = [ { organizationName: 'MyOrganization', projectName: 'project-1', repositoryNames: [ 'repository-1-a', 'repository-1-b', ], secretArn: secret.secretArn, }, { organizationName: 'MyOrganization', projectName: 'project-2', repositoryNames: [ 'repository-2-a', 'repository-2-b', ], secretArn: secret.secretArn, }, ]
-
The archiver properties and the archiver can then be created as
const archiverProps: ArchiverProperties = { retention: RetentionDays.ONE_WEEK, backupConfigurations: backupConfigurations, }; new Archiver(this, 'archiver', archiverProps);
Restoring a repository
-
Download the archive from S3 to your local machine.
-
Extract the archive.
tar xzf backup.tar
-
Create a new directory and run a
git clone
operation.mkdir backup-repo cd backup-repo git clone ../backup.git
Links
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for azure-devops-repository-archiver-1.5.11.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1f39819d9583b3c0ef39355fb290d4122bc1c2923c64e32e7599b2872145e0ce |
|
MD5 | 160f48a9ebc1d2304a0bd1c5362aaad8 |
|
BLAKE2b-256 | 723d4f4fcca3dfe30210731b1f03bad2fae339b6b9281b3aa37f33a264747045 |
Hashes for azure_devops_repository_archiver-1.5.11-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fa23316019033239afe90cfa3841e580d941f981ba2d55b100fa559bc811751f |
|
MD5 | 76ab94a12c89156ec81f33c19a35babd |
|
BLAKE2b-256 | 0ea1957fc1962867d8fe0232480cc038636b78655fde676cfbb8c76d2a61af5e |