diff --git a/share/github-backup-utils/ghe-restore-mysql b/share/github-backup-utils/ghe-restore-mysql index 9b368d94c..066d23a34 100755 --- a/share/github-backup-utils/ghe-restore-mysql +++ b/share/github-backup-utils/ghe-restore-mysql @@ -27,7 +27,7 @@ ghe_remote_version_required "$GHE_HOSTNAME" export GHE_RESTORE_SNAPSHOT # The directory holding the snapshot to restore -snapshot_dir="$GHE_DATA_DIR/$GHE_RESTORE_SNAPSHOT" +GHE_RESTORE_SNAPSHOT_PATH="$GHE_DATA_DIR/$GHE_RESTORE_SNAPSHOT" if is_external_database_snapshot; then if [ -n "$EXTERNAL_DATABASE_RESTORE_SCRIPT" ]; then @@ -40,7 +40,7 @@ if is_external_database_snapshot; then bm_end "$(basename $0)" exit 0 else - if is_binary_backup "$snapshot_dir"; then + if is_binary_backup "$GHE_RESTORE_SNAPSHOT_PATH"; then echo "Error: Restore of a binary backup to appliance with an external database configured is not supported." echo "Please provide a custom external database restore script with EXTERNAL_DATABASE_RESTORE_SCRIPT" exit 1 @@ -63,18 +63,22 @@ if is_external_database_snapshot; then fi if is_binary_backup_feature_on; then + # Always restore the password pepper here since it is tied to the MySQL data. + restore-secret "password pepper" "password-pepper" "secrets.github.user-password-secrets" # Feature "mysql.backup.binary" is on, which means new backup scripts are available - if is_binary_backup "$snapshot_dir"; then + if is_binary_backup "$GHE_RESTORE_SNAPSHOT_PATH"; then ghe-restore-mysql-binary $GHE_HOSTNAME else ghe-restore-mysql-logical $GHE_HOSTNAME fi else # We do not allow to restore binary backup without "mysql.backup.binary" set - if is_binary_backup "$snapshot_dir"; then + if is_binary_backup "$GHE_RESTORE_SNAPSHOT_PATH"; then echo "To restore from a binary backup, you have to set ghe-config \"mysql.backup.binary\" to true" >&2 exit 2 else + # Always restore the password pepper here since it is tied to the MySQL data. + restore-secret "password pepper" "password-pepper" "secrets.github.user-password-secrets" if is_default_external_database_snapshot; then ghe-restore-mysql-logical $GHE_HOSTNAME else diff --git a/share/github-backup-utils/ghe-restore-settings b/share/github-backup-utils/ghe-restore-settings index 5edafc4cb..63dc7aa45 100755 --- a/share/github-backup-utils/ghe-restore-settings +++ b/share/github-backup-utils/ghe-restore-settings @@ -40,8 +40,6 @@ restore-secret "external MySQL password" "external-mysql-password" "secrets.exte # Restore management console password hash if present. restore-secret "management console password" "manage-password" "secrets.manage" -# Restore password pepper if present -restore-secret "password pepper" "password-pepper" "secrets.github.user-password-secrets" # Restore SAML keys if present. if [ -f "$GHE_RESTORE_SNAPSHOT_PATH/saml-keys.tar" ]; then