5 - Check how many autoinstalls are missing w bits for
6 daemon.scripts (this would need pyafs)
8 - Migrate all mediawikis
9 - Wordpress needs to have a .scripts/update script written for
12 - Need to upgrade the installer scripts to work out of the
14 - Need an upgrade script OR
19 - A perfectly formed autoinstall with upgrade paths for all of
20 the intervening versions is not really feasible to implement.
21 As such, we want to migrate everything to -scripts, and then
22 generate a -scripts2 with the correct .scripts directory.
23 We will then nop update some installs, but this will prevent
24 us from having to migrate and update concurrently. Treat
25 a scripts2 upgrade from migration the same way you would treat
26 a botched scripts upgrade.
28 - summary and info are still not using loggers. Maybe they should,
29 maybe they shouldn't. Using loggers means we lose interactivity
32 - Currently all repositories are initialized with --shared, which
33 means they have basically ~no space footprint. However, it
34 also means that /mit/scripts/wizard/srv MUST NOT lose revs.
36 - Full fledged logging options. Namely:
37 x all loggers (delay implementing this until we actually have debug stmts)
39 - debug => loglevel = DEBUG
41 - default is WARNING (see below for exception)
42 - verbose => loglevel = INFO
43 x file logger (only allowed for serial processing)
45 - log-file => loglevel = INFO
46 x database logger (necessary for parallel processing, not implemented)
48 - log-db => loglevel = INFO
50 - More on the database logger: it will be very simple with one
51 table named `logs` in SQLite, with columns: `job`, `level`,
52 `message`. Job identifies the subprocess/thread that emitted
53 the log, so things can be correlated together. We will then
54 have `wizard dump` which takes a database like this and dumps
55 it into a file logger type file. The database may also store
56 a queue like structure which can be used to coordinate jobs.
60 * Some parts of the infrastructure will not be touched, although I plan
61 on documenting them. Specifically, we will be keeping:
63 - parallel-find.pl, and the resulting
64 /mit/scripts/sec-tools/store/scriptslist
65 This script might need to be adapted if we decide to nuke
66 .scripts-version files.
68 - The current install scripts will be kept in place, sans changes
69 necessary to make them use Git install of copying the script over.
70 Porting these scripts to Python and making them modular would be
71 nice, but is priority. For the long term, seeing this scripts
72 be packaged with rest of our code would be optimal.
74 * The new procedure for generating an update is as follows:
75 (check out the mass-migration instructions for something in this spirit,
76 although uglier in some ways)
78 0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
79 bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
81 1. Have the Git repository and working copy for the project on hand.
83 2. Checkout the pristine branch
85 3. Remove all files from the working copy. Use `wipe-working-dir`
87 4. Download the new tarball
89 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
90 remember that the working copy is empty)
92 6. Check for empty directories and add stub files as necessary.
93 Use `preserve-empty-dir`
95 7. Git add it all, and then commit as a new pristine version (v1.2.3)
97 8. Checkout the master branch
99 9. [FOR EXISTING REPOSITORIES]
100 Merge the pristine branch in. Resolve any conflicts that our
101 patches have with new changes. Do NOT let Git auto-commit it
102 with --no-commit (otherwise, you want to git commit --amend
103 to keep our history clean
105 [FOR NEW REPOSITORIES]
106 See if any patches are needed to make this run smoothly on
109 [FOR NEW REPOSITORIES]
111 echo "Deny from all" > .scripts/.htaccess
112 touch .scripts/update
113 chmod a+x .scripts/update
115 10. Check if there are any special update procedures, and update/create the
116 .scripts/update shell script as necessary (this means that any
117 application specific update logic will be kept with the actual
118 source code. The language of this update script will vary
119 depending on context.)
121 11. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
122 you are amending an install without an upstream changes)
124 12. Test the new update procedure using
125 `wizard upgrade --with=/path/to/repo /your/autoinstall` (this will
126 read out master as your "latest" version).
127 Use git commit --amend to fix any bugs (alternatively, squash them
130 13. You can also do a "mass" version of this using:
131 `wizard -d testbed.txt massupgrade --with=/path/to/repo app`
132 You'll need perms for any testbed stuff you want.
134 GET APPROVAL BEFORE PROCEEDING ANY FURTHER
136 NOTE: The following commands are to be run on not-backward.mit.edu.
137 You'll need to add daemon.scripts-security-upd to
138 scripts-security-upd to get bits to do this. Make sure you remove
139 these bits when you're done.
141 14. Run `wizard research appname`
142 which uses Git commands to check how many
143 working copies apply the change cleanly, and writes out a logfile
144 with the working copies that don't apply cleanly. It also tells
145 us about "corrupt" working copies.
147 15. Run `wizard massupgrade appname`, which applies the update to all working
148 copies possible, and sends mail to users to whom the working copy
149 did not apply cleanly. It also frobs .scripts-version for successful
150 upgrades (maybe not, depending on our plans).
152 16. Run parallel-find.pl to update our inventory
154 * For mass importing into the repository, the steps are:
155 (this probably won't ever be automated, becuase there are fiddly bits)
158 # let app-1.2.3 be the scripts folder originally in deploydev
159 # let this folder be srv/
160 # you can also do a git clone
165 unfurl app-1.2.3 app # [FIDDLY BIT]
166 # NOTE: contents of application are now in app directory
169 git commit -s -m "App 1.2.3"
172 # NOTE: you're still on master branch
173 # WARNING: the following operation might require -p1
174 patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
175 # NOTE: please sanity check the patch!
177 # NOTE: -a flag is to handle if the patch deleted something
178 git commit -as -m "App 1.2.3-scripts"
179 git tag v1.2.3-scripts
182 # let this folder be srv/app.git
183 git checkout pristine
184 # NOTE: this preserves your .git folder, but removes everything
187 unfurl app-1.2.3 app # [FIDDLY BIT]
189 # NOTE: please sanity check app directory
191 # NOTE: -a is to take care of deletions
192 git commit -as -m "App 1.2.3"
194 [FIDDLE AROUND. FIDDLE AROUND]
195 [IF THE PATCH HAS CHANGED]
196 # You are on the pristine branch
197 # NOTE: Now, the tricky part (this is different from a real update)
198 git symbolic-ref HEAD refs/heads/master
199 # NOTE: Now, we think we're on the master branch, but we have
200 # pristine copy checked out
201 # NOTE: -p0 might need to be twiddled
202 patch -p0 < ../app-1.2.3/app-1.2.3.patch
204 # COMMENT: used to git checkout .scripts here
205 # then check if the directory needs an updated update script
206 # NOTE: Fake the merge
207 git rev-parse pristine > .git/MERGE_HEAD
208 [IF THE PATCH HASN'T CHANGED]
210 git merge --no-commit pristine
211 git commit -as -m "App 1.2.3-scripts"
212 git tag v1.2.3-scripts
215 * The repository for a given application will contain the following files:
217 - The actual application's files, as from the official tarball
219 - A .scripts directory, which contains the following information:
221 * .scripts/update shell script (with the +x bit set appropriately),
222 which performs the commands necessary to update a script. This can
225 * .scripts/.htaccess to prevent this directory from being accessed
228 * .scripts/database (generated) contains the database the
229 user installed the script to, so scripts-remove can clean it
231 XXX: Could cause problems if a user copies the autoinstall,
232 fiddles with the DB credentials, and then scripts-remove's
233 the autoinstall. Possible fix is to add the original
234 directory as a sanity check. Additionally, we could have
235 the application read out of this file.
237 * .scripts/version (generated) which contains the version
238 last autoinstalled (as distinct from the actual version
239 the script is) (This is the same as .scripts-version right
240 now; probably want to keep that for now)
242 XXX: It's unclear if we want to move to this wholesale, or
243 delay this indefinitely. quentin thinks that the Git
244 repository itself is a sufficient record.
246 * The migration process has been implemented, see 'wizard migrate'.
248 XXX: We have not decided what migration should do to .scripts-version;
249 if it does move it to .scripts, repositories should have a .gitignore
252 * The autoupgrade shall be the process of:
254 # Make the directory not accessible by the outside world (htaccess, but be careful!)
256 git commit -m 'automatically generated backup'
257 git pull origin master
258 if [ $? ne 0 ]; then git reset --hard; echo 'conflicts during upgrade'; fi
262 (with some more robust error checking, a proper dry run mechanism to, and
265 * All code that operates on an untrusted Git repository, or runs
266 executable code, should be done on NOT-BACKWARD.mit.edu. Pending
267 accounts confirmation, it will also get a principal
268 daemon.scripts-security-upd, which is what we'll actually put
269 in the scripts-security-upd group. parallel-find.pl should also
270 be run on not-backward, by virtue of its fat pipe to the AFS servers.
272 * Make 'wizard summary' generate nice pretty graphs of installs by date
273 (more histograms, will need to check actual .scripts-version files.)