Backup-utility cannot pack up backup tar since version v8.6.2
Summary
Backup-utility cannot pack up backup tar and thus isn't able to complete backup operation since version v8.6.2
Steps to reproduce
Either via cron executed command or just through kubectl exec toolbox -it -- backup-utility
Configuration used
global:
hosts:
domain: "DOMAIN"
https: true
gitlab:
name: "GITLAB"
registry:
name: "REGISTRY"
pages:
name: "PAGES"
kas:
name: "KAS"
ingress:
tls:
secretName: SECRET
configureCertmanager: false
class: nginx
annotations:
"cert-manager.io/cluster-issuer": "letsencrypt-prod"
"kubernetes.io/tls-acme": true
nginx.ingress.kubernetes.io/proxy-body-size: "0"
psql:
host: HOST
port: PORT
database: DB
username: USR
password:
useSecret: true
secret: SECRET
key: KEY
redis:
host: HOST
auth:
enabled: true
secret: SECRET
key: KEY
registry:
bucket: REGISTRY
gitaly:
persistence:
size: 1000Gi
internal:
names:
- default
- replica1
logging:
level: 0
minio:
enabled: false
appConfig:
gitlab_kas:
enabled: true
externalUrl: "wss://KAS/"
lfs:
bucket: LFS
connection:
provider: gcs
secret: SECRET
key: KEY
artifacts:
bucket: ARTIFACTS
connection:
provider: gcs
secret: SECRET
key: KEY
uploads:
bucket: UPLOADS
connection:
provider: gcs
secret: SECRET
key: KEY
packages:
bucket: PACKAGES
connection:
provider: gcs
secret: SECRET
key: KEY
backups:
enabled: true
bucket: BACKUPS
tmpBucket: TMP
pages:
enabled: true
accessControl: true
host: PAGES
artifactsServer: true
objectStore:
bucket: PAGES
connection:
provider: gcs
secret: SECRET
key: KEY
email:
from: FROM
reply_to: TO
smtp:
enabled: true
address: SMTP
domain: DOMAIN
user_name: USER
authentication: login
password:
secret: SECRET
key: KEY
starttls_auto: true
gitlab:
gitlab-runner:
install: false
nginx-ingress:
enabled: false
postgresql:
install: false
redis:
install: false
prometheus:
server:
enabled: false
certmanager:
install: false
certmanager-issuer:
email: EMAIL
gitlab:
migrations:
enabled: false
gitaly:
resources:
requests:
cpu: 0.5
memory: 4Gi
limits:
memory: 6Gi
gitlab-pages:
ingress:
annotations:
"cert-manager.io/cluster-issuer": "letsencrypt-prod"
"kubernetes.io/tls-acme": true
tls:
enabled: true
secretName: SECRET
kas:
ingress:
annotations:
"cert-manager.io/cluster-issuer": "letsencrypt-prod"
"kubernetes.io/tls-acme": true
tls:
enabled: true
secretName: SECRET
toolbox:
persistence:
enabled: true
size: 1500Gi
backups:
cron:
enabled: true
timeZone: Europe/Paris
schedule: 0 1 * * 6
persistence:
storageClass: "standard"
enabled: true
size: 3000Gi
objectStorage:
config:
secret: SECRET
key: KEY
gcpProject: PROJECT
backend: gcs
webservice:
monitoring:
exporter:
enabled: true
replicaCount: 3
resources:
requests:
cpu: 1
memory: 3Gi
limits:
cpu: 1500m
memory: 4Gi
ingress:
tls:
secretName: SECRET
minio:
ingress:
tls:
secretName: SECRET
registry:
ingress:
annotations:
"cert-manager.io/cluster-issuer": "letsencrypt-prod"
"kubernetes.io/tls-acme": true
nginx.ingress.kubernetes.io/proxy-body-size: "0"
tls:
enabled: true
secretName: SECRET
storage:
secret: SECRET
key: KEY
extraKey: KEY
Current behavior
Backup-utility --backup returns an error when trying to archive the backup file:
Packing up backup tar module 'OpenSSL.crypto' has no attribute 'sign' command terminated with exit code 1
Expected behavior
The same behavior as version v8.6.1, no error while archiving the backup file and its upload to the backup bucket
Versions
- Chart: v8.6.2 (also not working with v8.7.0)
- Platform:
- Cloud: GKE
- Kubernetes:
- Client: v1.30.5-dispatcher
- Server: v1.30.5-gke.1443001
- Helm:
- Client: v3.16.1
Relevant logs
Packing up backup tar module 'OpenSSL.crypto' has no attribute 'sign' command terminated with exit code 1
For some reason the pyOpenSSL package version of this bug matches the one of the images with an archiving problem so maybe a dependency of this package might be the cause ?
- registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ee:v17.6.1 : pyOpenSSL 24.2.1 -> working
- registry.gitlab.com/gitlab-org/build/cng/gitlab-toolbox-ee:v17.6.2 & v17.7.0 : pyOpenSSL 24.3.0 -> not working