Uploads encrypted/zipped latest versions of target GitLab projects to s3 bucket.
This works in tandem with gitlab-sync-s3-pull to sync GitLab instances in isolated environments.
age x25519 format keys are utilized.
- AWS_ACCESS_KEY_ID - s3 CRUD permissions required
- AWS_SECRET_ACCESS_KEY
- AWS_REGION
- AWS_S3_BUCKET - the name. not an ARN
- GITLAB_BASE_URL - GitLab instance base url. Ex: https://gitlab.foobar.com
- GITLAB_USERNAME
- GITLAB_TOKEN - repository read permission required
- GRAPHQL_SERVER - url to graphql server for querying
- PUBLIC_KEY - value of x25519 format public key. See age encryption
- GRAPHQL_QUERY_FILE - absolute path to graphql query file. defaults to
/query.graphql - GRAPHQL_USERNAME
- GRAPHQL_PASSWORD
- RECONCILE_SLEEP_TIME - time between runs. defaults to 5 minutes (5m)
- WORKDIR - local directory where io operations will be performed
Uploaded keys are base64 encoded. Decoded, the key is a json string with following structure:
{
"group":"some-gitlab-group",
"project_name":"some-gitlab-project",
"commit_sha":"full-commit-sha",
"branch":"master"
}
Note: the values within each json will mirror values for each destination defined within config file (exluding commit_sha which is the latest commit pulled from source)