From a4d8592815c4b4ef41c15523f2a01dcea5cc1e83 Mon Sep 17 00:00:00 2001 From: "A. F. Dudley" Date: Mon, 2 Feb 2026 19:28:53 -0500 Subject: [PATCH] Preserve original etcd backup until restore is verified Move original to .bak, move new into place, then delete bak. If anything fails before the swap, original remains intact. Co-Authored-By: Claude Opus 4.5 --- stack_orchestrator/deploy/k8s/helpers.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/stack_orchestrator/deploy/k8s/helpers.py b/stack_orchestrator/deploy/k8s/helpers.py index fa5b4141..76a216cb 100644 --- a/stack_orchestrator/deploy/k8s/helpers.py +++ b/stack_orchestrator/deploy/k8s/helpers.py @@ -207,14 +207,19 @@ except: pass docker stop laconic-etcd-cleanup docker rm laconic-etcd-cleanup - # Replace original etcd - docker run --rm -v {etcd_path}:/etcd $ALPINE_IMAGE rm -rf /etcd/member + # Restore to temp location first to verify it works docker run --rm \ -v {temp_dir}/etcd-data/cleaned-snapshot.db:/data/db:ro \ - -v {etcd_path}:/restore \ + -v {temp_dir}:/restore \ {etcd_image} \ - etcdutl snapshot restore /data/db --data-dir=/restore --skip-hash-check \ - 2>/dev/null + etcdutl snapshot restore /data/db --data-dir=/restore/new-etcd \ + --skip-hash-check 2>/dev/null + + # Only after successful restore, swap directories + docker run --rm -v {etcd_path}:/etcd -v {temp_dir}:/tmp-work $ALPINE_IMAGE \ + sh -c "mv /etcd/member /etcd/member.bak && \ + mv /tmp-work/new-etcd/member /etcd/member && \ + rm -rf /etcd/member.bak" # Cleanup docker run --rm -v /tmp:/tmp $ALPINE_IMAGE rm -rf {temp_dir}