oxirs-cluster 0.3.1

Raft-backed distributed dataset for high availability and horizontal scaling
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157

//! Backup policy definition.
//!
//! A `BackupPolicy` combines a schedule, retention tier, optional GFS
//! rotation, encryption configuration and destination into a single
//! serialisable struct that drives the backup executor.

use serde::{Deserialize, Serialize};

use super::{destination::DestinationConfig, gfs::GfsRotation, retention::RetentionTier};

/// A complete backup policy describing when, what, and where to back up.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct BackupPolicy {
    /// Human-readable identifier for this policy.
    pub name: String,
    /// When this policy runs.
    pub schedule: CronSchedule,
    /// How long to keep backups across hot/warm/cold tiers.
    pub retention: RetentionTier,
    /// Optional Grandfather-Father-Son rotation.
    pub gfs: Option<GfsRotation>,
    /// Encryption settings applied at write time.
    pub encryption: EncryptionConfig,
    /// Where to write backup artefacts.
    pub destination: DestinationConfig,
}

/// Cron-compatible schedule expression.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct CronSchedule {
    /// Standard 5-field cron expression (`minute hour day month weekday`).
    pub expression: String,
    /// Human-readable description.
    pub description: String,
}

impl CronSchedule {
    /// Every day at 02:00 UTC.
    pub fn daily() -> Self {
        CronSchedule {
            expression: "0 2 * * *".into(),
            description: "Every day at 02:00 UTC".into(),
        }
    }

    /// Every Sunday at 02:00 UTC.
    pub fn weekly() -> Self {
        CronSchedule {
            expression: "0 2 * * 0".into(),
            description: "Every Sunday at 02:00 UTC".into(),
        }
    }

    /// First day of every month at 02:00 UTC.
    pub fn monthly() -> Self {
        CronSchedule {
            expression: "0 2 1 * *".into(),
            description: "First day of month at 02:00 UTC".into(),
        }
    }
}

/// Encryption settings for a backup policy.
///
/// When `enabled` is `true`, the executor tags the backup artefact with
/// `key_id` so the restore path knows which key to use.  Actual
/// encryption is delegated to `oxirs_cluster::encryption`.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct EncryptionConfig {
    /// Whether encryption is required for this policy.
    pub enabled: bool,
    /// Key identifier looked up in the key-management store.
    pub key_id: Option<String>,
}

impl EncryptionConfig {
    /// Encryption disabled.
    pub fn none() -> Self {
        EncryptionConfig {
            enabled: false,
            key_id: None,
        }
    }

    /// Encryption enabled with the given key identifier.
    pub fn with_key(key_id: &str) -> Self {
        EncryptionConfig {
            enabled: true,
            key_id: Some(key_id.to_owned()),
        }
    }
}

// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------

#[cfg(test)]
mod tests {
    use super::*;
    use crate::backup::{
        destination::DestinationConfig, gfs::GfsRotation, retention::RetentionTier,
    };
    use std::env;

    fn make_policy(name: &str) -> BackupPolicy {
        BackupPolicy {
            name: name.into(),
            schedule: CronSchedule::daily(),
            retention: RetentionTier::standard(),
            gfs: Some(GfsRotation::default()),
            encryption: EncryptionConfig::none(),
            destination: DestinationConfig::Filesystem {
                path: env::temp_dir().join("oxirs_policy_test"),
            },
        }
    }

    #[test]
    fn policy_builds_and_serialises() {
        let p = make_policy("daily-test");
        let json = serde_json::to_string(&p).unwrap();
        let back: BackupPolicy = serde_json::from_str(&json).unwrap();
        assert_eq!(back.name, p.name);
        assert_eq!(back.schedule.expression, p.schedule.expression);
    }

    #[test]
    fn cron_schedules_have_correct_expressions() {
        assert_eq!(CronSchedule::daily().expression, "0 2 * * *");
        assert_eq!(CronSchedule::weekly().expression, "0 2 * * 0");
        assert_eq!(CronSchedule::monthly().expression, "0 2 1 * *");
    }

    #[test]
    fn encryption_config_none() {
        let cfg = EncryptionConfig::none();
        assert!(!cfg.enabled);
        assert!(cfg.key_id.is_none());
    }

    #[test]
    fn encryption_config_with_key() {
        let cfg = EncryptionConfig::with_key("key-abc");
        assert!(cfg.enabled);
        assert_eq!(cfg.key_id.as_deref(), Some("key-abc"));
    }

    #[test]
    fn encryption_config_serialises() {
        let cfg = EncryptionConfig::with_key("key-123");
        let json = serde_json::to_string(&cfg).unwrap();
        let back: EncryptionConfig = serde_json::from_str(&json).unwrap();
        assert_eq!(back.key_id.as_deref(), Some("key-123"));
        assert!(back.enabled);
    }
}