Allow to opt-out of S3 bucket creation in mysql-backup (#153)

This avoids the need to grant S3 list/read access to the backup user

mysql-backup-s3/Dockerfile

@@ -18,6 +18,7 @@ ENV S3_ENDPOINT **None**
 ENV S3_S3V4 no
 ENV S3_PREFIX 'backup'
 ENV S3_FILENAME **None**
+ENV S3_ENSURE_BUCKET_EXISTS yes
 ENV MULTI_FILES no
 ENV SCHEDULE **None**
 

mysql-backup-s3/README.md

@@ -23,6 +23,7 @@ $ docker run -e S3_ACCESS_KEY_ID=key -e S3_SECRET_ACCESS_KEY=secret -e S3_BUCKET
 - `S3_FILENAME` a consistent filename to overwrite with your backup.  If not set will use a timestamp.
 - `S3_REGION` the AWS S3 bucket region (default: us-west-1)
 - `S3_ENDPOINT` the AWS Endpoint URL, for S3 Compliant APIs such as [minio](https://minio.io) (default: none)
+- `S3_ENSURE_BUCKET_EXISTS` set to `no` to assume the bucket exists, avoiding the need of S3 read permissions (default: yes)
 - `S3_S3V4` set to `yes` to enable AWS Signature Version 4, required for [minio](https://minio.io) servers (default: no)
 - `MULTI_FILES` Allow to have one file per database if set `yes` default: no)
 - `SCHEDULE` backup schedule time, see explainatons below

mysql-backup-s3/backup.sh

@@ -50,11 +50,13 @@ copy_s3 () {
     AWS_ARGS="--endpoint-url ${S3_ENDPOINT}"
   fi
 
-  echo "Ensuring S3 bucket $S3_BUCKET exists"
-  EXISTS_ERR=`aws $AWS_ARGS s3api head-bucket --bucket "$S3_BUCKET" 2>&1 || true`
-  if [[ ! -z "$EXISTS_ERR" ]]; then
-    echo "Bucket $S3_BUCKET not found (or owned by someone else), attempting to create"
-    aws $AWS_ARGS s3api create-bucket --bucket $S3_BUCKET
+  if [ "${S3_ENSURE_BUCKET_EXISTS}" != "no" ]; then
+    echo "Ensuring S3 bucket $S3_BUCKET exists"
+    EXISTS_ERR=`aws $AWS_ARGS s3api head-bucket --bucket "$S3_BUCKET" 2>&1 || true`
+    if [[ ! -z "$EXISTS_ERR" ]]; then
+      echo "Bucket $S3_BUCKET not found (or owned by someone else), attempting to create"
+      aws $AWS_ARGS s3api create-bucket --bucket $S3_BUCKET
+    fi
   fi
 
   echo "Uploading ${DEST_FILE} on S3..."