1
0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2024-12-14 10:13:05 +02:00
Commit Graph

3064 Commits

Author SHA1 Message Date
Stefan Fercot
047d85c263
Automatically determine cipher passphrase in repo-get command.
The prior code was only able to use the main passphrase automatically and expected sub passphrases to be specified for each operation. This was fine for testing but hardly sufficient for a user-facing feature.

Update the code to determine which passphrase to use for any file in the repository and error when an invalid file or location is selected.

The repo-get command is still internal for now, but with this improvement it should be ready to be made public.
2020-07-16 12:24:03 -04:00
David Steele
aa4e13b665 Move encrypted files as raw in integration tests.
The encryption key should not be changed when moving a file so no need to decrypt/encrypt.
2020-07-16 11:27:14 -04:00
David Steele
50ff5d905e Update comment and parameter in HttpRequest. 2020-07-15 13:54:01 -04:00
David Steele
88b0f6245d Run non version specific real/tests on the expect version.
There are a few non version specific tests that need to be run in integration because we can't get coverage in the unit tests.

To save some time we'll only run those tests against the same version we use for expect testing.
2020-07-15 13:19:16 -04:00
David Steele
574f36c9d2 Rename httpRequest() to httpRequestResponse() and fix comment. 2020-07-14 15:14:41 -04:00
David Steele
620a8d17cf
Automatic retry for backup, restore, archive-get, and archive-push.
If a local command, e.g. backupFile(), fails it will stop the entire process. Instead, retry local commands to deal with transient errors.

Remove special logic in the S3 storage driver to retry RequestTimeTooSkewed errors since this is now handled by the general retry mechanism in the places where it is most likely to happen, i.e. file read/write. Also, this error should have been entirely eliminated by the asynchronous TLS implementation.
2020-07-14 15:05:31 -04:00
David Steele
91c7adc834 Allow redactions for HTTP queries.
The Azure storage driver exposes secrets in the query when using SAS authorization. These secrets can show up during logging or when an error occurs.

Allow redaction of queries to prevent secrets from being exposed in logs and errors.
2020-07-14 13:09:48 -04:00
Stefan Fercot
d3dd32a031
Add expire-auto option.
This allows automatic expiration after a successful backup to be disabled.
2020-07-14 08:12:25 -04:00
David Steele
083350aeda Inline Buffer functions when possible.
It makes sense to inline these functions for the same reasons String functions were inlined in fbff2995 and f1edf0ad.
2020-07-10 08:18:15 -04:00
David Steele
f1edf0ad10 Inline strSize().
Inlining strPtr() in fbff2995 does not seem to have caused any problems so do the same with strSize().
2020-07-10 08:00:18 -04:00
David Steele
d5df3974b5 Read segment size from WAL headers.
This allows validation of the WAL segment size for PostgreSQL versions <= 10.
2020-07-09 17:32:36 -04:00
David Steele
2f7823c627
Add shared access signature (SAS) authorization for Azure.
A shared access signature (SAS) provides granular, delegated access to resources in a storage account. This is often preferable to using a shared key which provides more access and is a greater security risk if compromised.
2020-07-09 14:46:48 -04:00
David Steele
511e5db5bf Improve buffer size limit implementation.
Rework size limits so that this->size is always the current size no matter how much is allocated.

Most importantly, this removes the conditional in bufSize(), which makes it a better candidate for inlining.
2020-07-09 11:16:45 -04:00
David Steele
15502f5b4b Remove bufNewUseC().
This was used in the Perl LibC interface to wrap Perl-allocated buffers but is no longer needed since LibC was removed.
2020-07-09 07:16:15 -04:00
David Steele
18f36752ae Add ASSERT_INLINE() macro.
When coverage testing ASSERT() macros in inline functions will be expanded and won't be recognized in our coverage rules that ignore ASSERT(). Since there are then uncovered conditions the coverage is incomplete.

The prior method required copying several lines of code and an explanatory comment into each inline function. Instead create a special macro for inclusion in inline functions.

Another possibility would be to automatically identify inline functions and add them to the coverage exclusions but that's an idea for another day.
2020-07-08 17:31:48 -04:00
David Steele
eaa05fdc49 Write HTTP request as a buffer to hide secrets.
The prior method of writing headers as strings could expose secrets in trace level logs.

Instead write the entire request as a buffer to prevent secrets from being logged and also reduce the amount of logging.
2020-07-08 15:07:29 -04:00
David Steele
dd9e14b628 Add pgLsnFromWalSegment().
Provides the reverse operation for pgLsnToWalSegment().
2020-07-08 12:25:39 -04:00
David Steele
a27ff7c335 Remove dead test code that should have been removed in 3f4371d7. 2020-07-07 08:24:08 -04:00
David Steele
57ddd38c51 S3 storage driver cleanup inspired by Azure review.
These improvements were suggested during the review of 3f4371d7 and it seemed a good idea to apply them to the S3 driver as well.
2020-07-06 16:57:12 -04:00
David Steele
682ac656f5
Fix restore --force acting like --force --delta.
This caused restore to replace files based on timestamp and size rather than overwriting, which meant some files that should have been updated were left unchanged. Normal restore and restore --delta were not affected by this issue.
2020-07-06 15:03:24 -04:00
Cynthia Shang
8409ab7b2b Fix typo. 2020-07-06 12:04:35 -04:00
David Steele
cf284fbe8a Add httpUriDecode(), httpQueryNewStr(), and httpQueryMerge().
httpUriDecode() reverses the encoding in httpUriEncode().

httpQueryNewStr() creates a new HttpQuery by parsing a query string.

httpQueryMerge() merges the contents of one query into another query.
2020-07-06 07:48:12 -04:00
David Steele
3f4371d7a2 Azure support for repository storage.
Azure and Azure-compatible object stores can now be used for repository storage.

Currently only shared key authentication is supported but SAS will be added soon.
2020-07-02 16:24:34 -04:00
Cynthia Shang
3e2c8874f7 Fix typo. 2020-07-01 07:39:29 -04:00
David Steele
be16bf69a8 Remove internal commands from HTML and man command references.
Some of these commands will be made public in the future but for now their interfaces are not stable so they remain internal.
2020-06-29 15:07:17 -04:00
David Steele
c2dea180fb Remove redundant storage type constants.
These constants predate the C storage drivers which now provide their own constants.
2020-06-26 16:50:29 -04:00
David Steele
1416dc3225 Add missing end braces in debug log functions.
These had no effect on functionality but made debug messages harder to read.
2020-06-26 16:44:10 -04:00
David Steele
96adf8e513 PostgreSQL 13 beta2 support.
There don't appear to be any behavioral changes since PostgreSQL 12 and all the tests pass.

Changes to the control/catalog/WAL versions in subsequent betas may break compatibility but pgBackRest will be updated with each release to keep pace.
2020-06-26 07:44:56 -04:00
David Steele
e53de3ce46 Add/update comments in storage/s3 module. 2020-06-26 06:50:20 -04:00
David Steele
974cc10b90 Minor improvements to storage/s3 unit test. 2020-06-26 06:46:25 -04:00
David Steele
e46eeefada
Add review for ea04ec7b. 2020-06-26 06:34:21 -04:00
David Steele
ea04ec7b3f Disable query parallelism in PostgreSQL sessions used for backup control.
There is no need to have parallelism enabled in a backup control session. In particular, 9.6 marks pg_stop_backup() as parallel-safe but an error will be thrown if pg_stop_backup() is run in a worker.
2020-06-25 08:02:48 -04:00
David Steele
c5a507b9a6 Add comment about setting application_name. 2020-06-24 19:33:56 -04:00
David Steele
ce98e326e1 Replace HRNPQ_MACRO_OPEN_92() test macro with HRNPQ_MACRO_OPEN_GE_92(). 2020-06-24 18:40:19 -04:00
David Steele
f55cb386d4 Fix versions passed to HRNPQ_MACRO_OPEN_GE_92() test macro.
These were not noticed because currently 9.3 and 9.6 behave the same on open.
2020-06-24 18:33:20 -04:00
David Steele
c5892d1291
Asynchronous S3 multipart upload.
When uploading large files the upload is split into multiple parts which are assembled at the end to create the final file. Previously we waited until each part was acknowledged before starting on the processing (i.e. compression, etc.) of the next part.

Now, the request for each part is sent while processing continues and the response is read just before sending the request for the next part. This asynchronous method allows us to continue processing while the S3 server formulates a response.

Testing from outside AWS in a high-bandwidth, low-latency environment showed a 35% improvement in the upload time of 1GB files. The time spent waiting for multipart notifications was reduced by ~300% (this measurement included the final part which is not uploaded asynchronously).

There are still some possible improvements: 1) the creation of the multipart id could be made asynchronous when it looks like the upload will need to be multipart (this may incur cost if the upload turns out not to be multipart). 2) allow more than one async request (this will use more memory).

A fair amount of refactoring was required to make the HTTP responses asynchronous. This may seem like overkill but having well-defined request, response, and session objects will also be advantageous for the upcoming HTTP server functionality.

Another advantage is that the lifecycle of an HttpSession is better defined. We only want to reuse sessions that complete the request/response cycle successfully, otherwise we consider the session to be in a bad state and would prefer to start clean with a new one. Previously, this required complex notifications to mark a session as "successfully done". Now, ownership of the session is passed to the request and then the response and only returned to the client after a successful response. If an error occurs anywhere along the way the session will be automatically closed by the object destructor when the request/response object is freed (depending on which one currently owns the session).
2020-06-24 13:44:00 -04:00
David Steele
45d9b03136
Add strCatZ().
strCat() did not follow our convention of appending Z to functions that accept zero-terminated strings rather than String objects.

Add strCatZ() to accept zero-terminated strings and update strCat() to accept String objects.

Use LF_STR where appropriate but don't use other String constants because they do not improve readability.
2020-06-24 12:09:24 -04:00
David Steele
dab00e2010 Remove expect logs obsoleted in a3e5e66f.
These expect logs are no longer used but are not automatically removed by test.pl.
2020-06-24 07:45:00 -04:00
David Steele
a3e5e66f05 Simplify test matrix for real/all tests.
Test matrices were previously simplified for the mock/* tests (e.g. d4410611, d489eb87) but not for real/all since the rules for which tests would run with which options was extremely complex. This only got more complex when new compression formats were added.

Because the loop-generated matrix was so large, mosts tests were skipped for most option combinations following arcane logic which was nearly impossible to decipher even when reading the code, and completely impossible from the test.pl interface. As a consequence, important tests got excluded. For example, backup from standby was excluded for most versions of PostgreSQL because it was only run once per distro, against the latest version to be included in that distro.

Simplify the tests by having a single run per PostgreSQL version and vary test parameters according to the capabilities of each version and the underlying distro. So, ZST testing is based on whether the distro supports ZST. Every test is run for each set of parameters based on the capabilities of the PostgreSQL version, e.g. backup from standby is not attempted on versions that don't support it.

Note that since more tests are running the overall time to run the mock/all tests has increased by about 20-25%. Some time may be saved my removing tests that are adequately covered by unit tests but that should the subject of another commit. Another option would be to limit some non version-specific tests to a single, well defined version of PostgreSQL, .e.g the version that is run by expect tests, currently 9.6.

The motivation for this refactor is that new storage drivers are coming and the loop-generated test matrix simply was not up to the task of adding them.

The following is an example of the new test log (note longer runtime of each test):

module=real, test=all, run=1, pg-version=10 (106.91s)
module=real, test=all, run=1, pg-version=9.5 (151.09s)
module=real, test=all, run=1, pg-version=9.2 (123.11s)
module=real, test=all, run=1, pg-version=9.1 (129s)

vs. the old test log (sub-second tests were skipped entirely):

module=real, test=all, run=2, pg-version=10 (0.31s)
module=real, test=all, run=3, pg-version=10 (0.26s)
module=real, test=all, run=4, pg-version=10 (60.39s)
module=real, test=all, run=1, pg-version=10 (69.12s)
module=real, test=all, run=6, pg-version=10 (34s)
module=real, test=all, run=5, pg-version=10 (42.75s)
module=real, test=all, run=2, pg-version=9.5 (0.21s)
module=real, test=all, run=3, pg-version=9.5 (0.21s)
module=real, test=all, run=4, pg-version=9.5 (0.21s)
module=real, test=all, run=5, pg-version=9.5 (0.26s)
module=real, test=all, run=6, pg-version=9.5 (0.21s)
module=real, test=all, run=1, pg-version=9.2 (72.78s)
module=real, test=all, run=2, pg-version=9.2 (0.26s)
module=real, test=all, run=3, pg-version=9.2 (0.31s)
module=real, test=all, run=4, pg-version=9.2 (0.21s)
module=real, test=all, run=5, pg-version=9.2 (0.21s)
module=real, test=all, run=6, pg-version=9.2 (0.21s)
module=real, test=all, run=1, pg-version=9.5 (88.41s)
module=real, test=all, run=2, pg-version=9.1 (0.21s)
module=real, test=all, run=3, pg-version=9.1 (0.26s)
module=real, test=all, run=4, pg-version=9.1 (0.21s)
module=real, test=all, run=5, pg-version=9.1 (0.31s)
module=real, test=all, run=6, pg-version=9.1 (0.26s)
module=real, test=all, run=1, pg-version=9.1 (72.4s)
2020-06-23 13:44:29 -04:00
David Steele
d560c1bf19 Ignore "unsupported frontend protocol" error on Centos/RHEL 6.
The unsupported version error is showing up on older versions of PostgreSQL (e.g. 9.1, 9.2) on RHEL6 when setting up a standby with streaming replication. The error occurs when a client does not properly send a version number and it's not clear why it is happening here, but it does not appear to have anything to do with pgBackRest and only affects RHEL6, i.e. 9.1 and 9.2 do not show this error on other distros.

For now ignore the error since RHEL6 is nearly EOL.
2020-06-23 12:42:46 -04:00
David Steele
04b2e4a831 Increase log level of checkManifest() to debug.
This function is only called once and is very likely throw errors so debug level is more appropriate.
2020-06-23 09:24:18 -04:00
David Steele
1aedc75b03 Rename http/Http to HTTP in comments and messages.
HTTP is an acronym so it should be capitalized. Coding conventions dictate otherwise for function and type names but that should not have been propagated to comments and messages.
2020-06-21 11:47:41 -04:00
David Steele
911384d9b9 Add httpDateFromTime().
Also rename httpLastModifiedToTime() to httpDateToTime() since the RFC-2822 date format used by HTTP is used in all Date headers.
2020-06-21 11:07:18 -04:00
David Steele
fbff29957c
Inline strPtr() to increase profiling accuracy.
strPtr() is called more than any other function and during profiling (with or without optimization) it can end up using a disproportionate amount of the total runtime. Even though it is fast, the profiler has a minimum resolution for each function call so strPtr() will often end up towards the top of the list even though the real runtime is quite small.

Instead, inline strPtr() and indicate to gcc that it should be inlined even for non-optimized builds, since that's how profiles are usually generated.

To make strPtr() smaller require "this" to be non-NULL and add another function, strPtrNull(), to deal with the few cases where we need NULL handling.

As a bonus this makes the executable about 1% smaller even when compared to a prior optimized build which would inline some percentage of strPtr() calls.
2020-06-18 13:13:55 -04:00
David Steele
3d74ec1190
Use PostgreSQL instead of postmaster where appropriate.
Using postmaster in messages was not very helpful since users rarely interact directly with the postmaster. Using PostgreSQL instead seems clearer.
2020-06-17 15:14:59 -04:00
David Steele
417818dcca Add --no-coverage-report to test.pl to disable report generation.
There is no sense in generating detailed coverage reports in CI environments where they will never be seen. It takes time and format differences in some older versions can cause problems in the report generation code.

Note that missing coverage will still be reported on stdout and the test will fail.
2020-06-17 15:07:30 -04:00
David Steele
ea984c4d3e Update TEST_RESULT_PTR() to TEST_RESULT_STR() where appropriate.
These were missed in d41eea68 when the functionality of TEST_RESULT_STR() was changed. Using TEST_RESULT_STR() instead of TEST_RESULT_PTR() is more type-safe and clearer.

Add a comment to make it clear that TEST_RESULT_PTR() should be used only when a better alternative is not available.
2020-06-17 09:46:09 -04:00
David Steele
c4fe09dabe Fix incorrect param log types. 2020-06-16 19:25:16 -04:00
David Steele
6a851994f3 Make sure functions/types needed for profiling are defined.
Profiling runs with debugging disabled but the tests still need TestError and stackTraceTestFileLineSet() to be valid even if they are noops.
2020-06-16 15:40:32 -04:00
David Steele
0680cfc8dc Rename most instances of master to primary in tests.
This aligns better with general PostgreSQL usage and our own documentation (updated in 4bcef702).

Usage in the backup.manifest tests has not been updated since it might break the file format.
2020-06-16 14:06:38 -04:00