forked from TrueCloudLab/restic
Merge pull request #3107 from eleith/do-not-require-bucket-permissions-for-init
do not require gs bucket permissions to init repository
This commit is contained in:
commit
75eff92b56
2 changed files with 15 additions and 0 deletions
10
changelog/unreleased/issue-3100
Normal file
10
changelog/unreleased/issue-3100
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
Bugfix: Do not require gs bucket permissions when running init
|
||||||
|
|
||||||
|
Restic used to require bucket level permissions for the gs backend
|
||||||
|
in order to initialize a restic repository.
|
||||||
|
|
||||||
|
It now allows a gs service account to initialize a repository if the
|
||||||
|
bucket does exist and the service account has permissions to write/read
|
||||||
|
to that bucket.
|
||||||
|
|
||||||
|
https://github.com/restic/restic/issues/3100
|
|
@ -136,6 +136,11 @@ func Create(cfg Config, rt http.RoundTripper) (restic.Backend, error) {
|
||||||
ctx := context.Background()
|
ctx := context.Background()
|
||||||
exists, err := be.bucketExists(ctx, be.bucket)
|
exists, err := be.bucketExists(ctx, be.bucket)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
if e, ok := err.(*googleapi.Error); ok && e.Code == http.StatusForbidden {
|
||||||
|
// the bucket might exist!
|
||||||
|
// however, the client doesn't have storage.bucket.get permission
|
||||||
|
return be, nil
|
||||||
|
}
|
||||||
return nil, errors.Wrap(err, "service.Buckets.Get")
|
return nil, errors.Wrap(err, "service.Buckets.Get")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue