diff --git a/flows/backup.py b/flows/backup.py index 950eb4a..22f0e79 100644 --- a/flows/backup.py +++ b/flows/backup.py @@ -10,6 +10,7 @@ from pathlib import Path from tempfile import TemporaryDirectory from prefect import flow, task, get_run_logger +from prefect.blocks.system import Secret from prefect_aws import AwsCredentials import boto3 @@ -113,12 +114,12 @@ def pg_backup( pg_port: int = 5432, pg_database: str = "postgres", pg_user: str = "postgres", - pg_password: str = "", # S3 destination - s3_bucket: str = "backups", - s3_prefix: str = "postgresql", - # Prefect Block name for AWS credentials + s3_bucket: str = "postgres-backup", + s3_prefix: str = "default", + # Prefect Block names aws_credentials_block: str = "garage-credentials", + pg_password_block: str = "netbox-db-password", ) -> str: """ Flow principal de backup PostgreSQL vers S3. @@ -128,10 +129,10 @@ def pg_backup( pg_port: Port PostgreSQL pg_database: Nom de la base à sauvegarder pg_user: Utilisateur PostgreSQL - pg_password: Mot de passe PostgreSQL s3_bucket: Bucket S3 de destination s3_prefix: Préfixe (dossier) dans le bucket aws_credentials_block: Nom du block Prefect contenant les credentials AWS/S3 + pg_password_block: Nom du block Secret contenant le mot de passe PostgreSQL Returns: URI S3 du backup @@ -139,8 +140,9 @@ def pg_backup( logger = get_run_logger() logger.info(f"Starting backup of {pg_database}") - # Charger les credentials S3 depuis le block Prefect + # Charger les credentials depuis les blocks Prefect credentials = AwsCredentials.load(aws_credentials_block) + pg_password = Secret.load(pg_password_block).get() with TemporaryDirectory() as tmpdir: # Dump de la base @@ -171,5 +173,4 @@ if __name__ == "__main__": pg_host="postgresql.taila5ad8.ts.net", pg_database="netbox", pg_user="netbox", - pg_password="test", )