From 55344b302984756e2061f5e65c286a74bc73972f Mon Sep 17 00:00:00 2001 From: Alwyn Pan Date: Sun, 31 May 2026 01:21:05 +1000 Subject: [PATCH] fix: scope S3/minio cleanup to the current job's backup files S3 cleanup deleted every object older than the retention window with no filename filter, risking deletion of other jobs' backups sharing the bucket/path. Scope deletion to this job's filename base, matching the filesystem and blobxfer branches. --- install/assets/functions/10-db-backup | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/install/assets/functions/10-db-backup b/install/assets/functions/10-db-backup index 63aec23..b897e9c 100644 --- a/install/assets/functions/10-db-backup +++ b/install/assets/functions/10-db-backup @@ -1131,8 +1131,13 @@ cleanup_old_data() { if [[ $s3_createdate -le $s3_olderthan ]] ; then s3_filename=$(echo $s3_file | awk {'print $4'}) if [ "$s3_filename" != "" ] ; then - write_log debug "Deleting $s3_filename" - run_as_user aws ${PARAM_AWS_ENDPOINT_URL} s3 rm s3://${backup_job_s3_bucket}/${backup_job_s3_path}/${s3_filename} ${s3_ssl} ${s3_ca_cert} ${backup_job_s3_extra_opts} + if { [ -n "${backup_job_filename_base}" ] && [[ "${s3_filename,,}" == "${backup_job_filename_base,,}"* ]] ; } || \ + { var_true "${_postgres_backup_globals}" && [ -n "${backup_job_global_base}" ] && [[ "${s3_filename,,}" == "${backup_job_global_base,,}"* ]] ; } ; then + write_log debug "Deleting $s3_filename" + run_as_user aws ${PARAM_AWS_ENDPOINT_URL} s3 rm s3://${backup_job_s3_bucket}/${backup_job_s3_path}/${s3_filename} ${s3_ssl} ${s3_ca_cert} ${backup_job_s3_extra_opts} + else + write_log debug "Skipping $s3_filename (does not match this backup job's filename prefix)" + fi fi fi done