5 - Better error message if daemon/scripts-security-upd
6 is not on scripts-security-upd list
8 - Add repository flag to migrate so that we can specify an
9 arbitrary repository to migrate to
11 - Build automation for generating config files; this automation
12 will be shared with the migrate script and the installer script
13 (migrate script needs to be able to pull out values from config
14 file, so will we; installer script needs to be able to run
15 the installer to generate config files, so will this)
17 - Fix parallel find to work with new style autoinstalls
19 - The great initial deploy:
20 - Turn on mediawiki new autoinstaller
21 - Migrate all mediawiki installs
24 - Need a scriptable autoinstaller, which means we rewrite
25 all of the autoinstall machinery
27 - Consider making usermode wizard operation a support mode
28 (mostly for letting users upgrade things themself)
30 - Implement proper deploy log parsing; this basically means we
31 need to be able to introspect Git Log. Consider using git-python
32 for this. There's also missing functionality, bad error handling
33 and hacks in the prototype implementation of upgrade
35 - Wordpress needs to have .scripts dir in all -scripts versions
36 (remember --no-walk!) (also make .scripts/.htaccess)
37 - Wordpress needs to have a .scripts/update script written for
38 its latest version (do this after its migration)
39 - Wordpress needs to check for php.ini files (which it almost
40 certianly has) and commit messages
41 - Wordpress needs user config and php.ini links made
43 - Summary script should be more machine friendly, and should not
44 output summary charts when I increase specificity
45 - Check how many autoinstalls are missing w bits for
46 daemon.scripts (this would need pyafs)
47 - Consider fixing Wizard's commit messages
49 PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
51 advancedpoll: Template file to fill out
52 django: Noodles of template files
53 gallery2: Multistage install process
55 mediawiki: One-step install process
56 phpbb: Multistage install process
57 phpical: Template file
60 wordpress: Multistage install process
62 PHILOSOPHY ABOUT LOGGING
64 Logging is most useful when performing a mass run. This
65 includes things such as mass-migration as well as when running
66 summary reports. An interesting property about mass-migration
67 or mass-upgrade, however, is that if they fail, they are
68 idempotent, so an individual case can be debugged simply running
69 the single-install equivalent with --debug on. (This, indeed,
70 may be easier to do than sifting through a logfile).
72 It is a different story when you are running a summary report:
73 you are primarily bound by your AFS cache and how quickly you can
74 iterate through all of the autoinstalls. Checking if a file
75 exists on a cold AFS cache may
76 take several minutes to perform; on a hot cache the same report
77 may take a mere 3 seconds. When you get to more computationally
78 expensive calculations, however, even having a hot AFS cache
79 is not enough to cut down your runtime.
81 There are certain calculations that someone may want to be
82 able to perform on manipulated data. As such, this data should
83 be cached on disk, if the process for extracting this data takes
84 a long time. Also, for usability sake, Wizard should generate
85 the common case reports.
87 Ensuring that machine parseable reports are made, and then making
88 the machinery to reframe this data, increases complexity. Therefore,
89 the recommendation is to assume that if you need to run iteratively,
90 you'll have a hot AFS cache at your fingerprints, and if that's not
91 fast enough, then cache the data.
93 COMMIT MESSAGE FIELDS:
95 Installed-by: username@hostname
96 Pre-commit-by: Real Name <username@mit.edu>
97 Upgraded-by: Real Name <username@mit.edu>
98 Migrated-by: Real Name <username@mit.edu>
99 Wizard-revision: abcdef1234567890
100 Wizard-args: /wizard/bin/wizard foo bar baz
104 Committer: Real Name <username@mit.edu>
105 Author: lockername locker <lockername@scripts.mit.edu>
109 - A perfectly formed autoinstall with upgrade paths for all of
110 the intervening versions is not really feasible to implement.
111 As such, we want to migrate everything to -scripts, and then
112 generate a -scripts2 with the correct .scripts directory.
113 We will then nop update some installs, but this will prevent
114 us from having to migrate and update concurrently. Treat
115 a scripts2 upgrade from migration the same way you would treat
116 a botched scripts upgrade.
118 - Currently all repositories are initialized with --shared, which
119 means they have basically ~no space footprint. However, it
120 also means that /mit/scripts/wizard/srv MUST NOT lose revs.
122 - Full fledged logging options. Namely:
123 x all loggers (delay implementing this until we actually have debug stmts)
125 - debug => loglevel = DEBUG
127 - default is WARNING (see below for exception)
128 - verbose => loglevel = INFO
129 x file logger (only allowed for serial processing)
131 - log-file => loglevel = INFO
132 x database logger (necessary for parallel processing, not implemented)
134 - log-db => loglevel = INFO
136 - More on the database logger: it will be very simple with one
137 table named `logs` in SQLite, with columns: `job`, `level`,
138 `message`. Job identifies the subprocess/thread that emitted
139 the log, so things can be correlated together. We will then
140 have `wizard dump` which takes a database like this and dumps
141 it into a file logger type file. The database may also store
142 a queue like structure which can be used to coordinate jobs.
146 * Some parts of the infrastructure will not be touched, although I plan
147 on documenting them. Specifically, we will be keeping:
149 - parallel-find.pl, and the resulting
150 /mitalso make .scripts/.htaccess/scripts/sec-tools/store/scriptslist
151 This script might need to be adapted if we decide to nuke
152 .scripts-version files.
154 - The current install scripts will be kept in place, sans changes
155 necessary to make them use Git install of copying the script over.
156 Porting these scripts to Python and making them modular would be
157 nice, but is priority. For the long term, seeing this scripts
158 be packaged with rest of our code would be optimal.
160 * The new procedure for generating an update is as follows:
161 (check out the mass-migration instructions for something in this spirit,
162 although uglier in some ways)
164 0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
165 bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
167 1. Have the Git repository and working copy for the project on hand.
169 2. Checkout the pristine branch
171 3. Remove all files from the working copy. Use `wipe-working-dir`
173 4. Download the new tarball
175 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
176 remember that the working copy is empty)
178 6. Check for empty directories and add stub files as necessary.
179 Use `preserve-empty-dir`
181 7. Git add it all, and then commit as a new pristine version (v1.2.3)
183 8. Checkout the master branch
185 9. [FOR EXISTING REPOSITORIES]
186 Merge the pristine branch in. Resolve any conflicts that our
187 patches have with new changes. Do NOT let Git auto-commit it
188 with --no-commit (otherwise, you want to git commit --amend
189 to keep our history clean
191 [FOR NEW REPOSITORIES]
192 See if any patches are needed to make this run smoothly on
195 [FOR NEW REPOSITORIES]
197 echo "Deny from all" > .scripts/.htaccess
198 touch .scripts/update
199 chmod a+x .scripts/update
201 10. Check if there are any special update procedures, and update/create the
202 .scripts/update shell script as necessary (this means that any
203 application specific update logic will be kept with the actual
204 source code. The language of this update script will vary
205 depending on context.)
207 11. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
208 you are amending an install without an upstream changes)
210 12. Test the new update procedure using
211 `wizard upgrade --with=/path/to/repo /your/autoinstall` (this will
212 read out master as your "latest" version).
213 Use git commit --amend to fix any bugs (alternatively, squash them
216 13. You can also do a "mass" version of this using:
217 `wizard -d testbed.txt massupgrade --with=/path/to/repo app`
218 You'll need perms for any testbed stuff you want.
220 GET APPROVAL BEFORE PROCEEDING ANY FURTHER
222 NOTE: The following commands are to be run on not-backward.mit.edu.
223 You'll need to add daemon.scripts-security-upd to
224 scripts-security-upd to get bits to do this. Make sure you remove
225 these bits when you're done.
227 14. Run `wizard research appname`
228 which uses Git commands to check how many
229 working copies apply the change cleanly, and writes out a logfile
230 with the working copies that don't apply cleanly. It also tells
231 us about "corrupt" working copies.
233 15. Run `wizard massupgrade appname`, which applies the update to all working
234 copies possible, and sends mail to users to whom the working copy
235 did not apply cleanly. It also frobs .scripts-version for successful
236 upgrades (maybe not, depending on our plans).
238 16. Run parallel-find.pl to update our inventory
240 * For mass importing into the repository, the steps are:
241 (this probably won't ever be automated, becuase there are fiddly bits)
244 # let app-1.2.3 be the scripts folder originally in deploydev
245 # let this folder be srv/
246 # you can also do a git clone
251 unfurl app-1.2.3 app # [FIDDLY BIT]
252 # NOTE: contents of application are now in app directory
255 git commit -s -m "App 1.2.3"
258 # NOTE: you're still on master branch
259 # WARNING: the following operation might require -p1
260 patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
261 # NOTE: please sanity check the patch!
263 # NOTE: -a flag is to handle if the patch deleted something
264 git commit -as -m "App 1.2.3-scripts"
265 git tag v1.2.3-scripts
268 # let this folder be srv/app.git
269 git checkout pristine
270 # NOTE: this preserves your .git folder, but removes everything
273 unfurl app-1.2.3 app # [FIDDLY BIT]
275 # NOTE: please sanity check app directory
277 # NOTE: -a is to take care of deletions
278 git commit -as -m "App 1.2.3"
280 [FIDDLE AROUND. FIDDLE AROUND]
281 [IF THE PATCH HAS CHANGED]
282 # You are on the pristine branch
283 # NOTE: Now, the tricky part (this is different from a real update)
284 git symbolic-ref HEAD refs/heads/master
285 # NOTE: Now, we think we're on the master branch, but we have
286 # pristine copy checked out
287 # NOTE: -p0 might need to be twiddled
288 patch -p0 < ../app-1.2.3/app-1.2.3.patch
290 # COMMENT: used to git checkout .scripts here
291 # then check if the directory needs an updated update script
292 # NOTE: Fake the merge
293 git rev-parse pristine > .git/MERGE_HEAD
294 [IF THE PATCH HASN'T CHANGED]
296 git merge --no-commit pristine
297 git commit -as -m "App 1.2.3-scripts"
298 git tag v1.2.3-scripts
300 * The repository for a given application will contain the following files:
302 - The actual application's files, as from the official tarball
304 - A .scripts directory, which contains the following information:
306 * .scripts/update shell script (with the +x bit set appropriately),
307 which performs the commands necessary to update a script. This can
310 * .scripts/.htaccess to prevent this directory from being accessed
313 * .scripts/database (generated) contains the database the
314 user installed the script to, so scripts-remove can clean it
316 XXX: Could cause problems if a user copies the autoinstall,
317 fiddles with the DB credentials, and then scripts-remove's
318 the autoinstall. Possible fix is to add the original
319 directory as a sanity check. Additionally, we could have
320 the application read out of this file.
322 * .scripts/old-version (optional) the old value of .scripts-versoin
324 * .scripts/install (eventually) interactively installs the
325 applicatoin from command line.
327 * The autoupgrade shall be the process of:
329 # Make the directory not accessible by the outside world (htaccess, but be careful!)
331 git commit -m 'automatically generated backup'
332 git pull origin master
333 if [ $? ne 0 ]; then git reset --hard; echo 'conflicts during upgrade'; fi
337 (with some more robust error checking, a proper dry run mechanism to, and
340 * Make 'wizard summary' generate nice pretty graphs of installs by date
341 (more histograms, will need to check actual .scripts-version files.)
343 * Update AFS patch to advertise its existence, so we can check for it