5 - Keep my sanity when upgrading 1000 installs
6 - Distinguish between errors(?)
7 - Custom merge algo: absolute php.ini symlinks to relative symlinks (this
8 does not seem to have been a problem in practice)
9 - Custom merge algo: check if it's got extra \r's in the file,
10 and dos2unix it if it does, before performing the merge
11 - `vos exa` in order to check what a person's quota is. We can
12 figure out roughly how big the upgrade is going to be by
13 doing a size comparison of the tars: `git pull` MUST NOT
14 fail, otherwise things are left conflicted, and not easy to fix.
15 - Prune -7 call errors and automatically reprocess them (with a
16 strike out counter of 3)--this requires better error parsing
17 - Report stats if I C-C the process
19 - Distinguish from logging and reporting (so we can easily send mail
21 - Figure out a way of collecting blacklist data from .scripts/blacklisted
22 and aggregate it together
23 - Failed migrations should be wired to have wizard commands in them
24 automatically log to the relevant file. In addition, the seen file
25 should get updated when one of them gets fixed.
26 - Failed migration should report how many unmerged files there are
27 (so we can auto-punt if it's over a threshold)
29 - Let users use Wizard when ssh'ed into Scripts
30 - Make single user mass-migrate work when not logged in as root
32 - Make the rest of the world use Wizard
33 - Make parallel-find.pl use `sudo -u username git describe --tags`
34 to determine version. Make parallel-find.pl have this have greater
35 precedence. This also means, however, that we get
36 full mediawiki-1.2.3-2-abcdef names (Have patch, pending testing and commit)
37 - Make deployed installer use 'wizard install' /or/ do a migration
38 after doing a normal install (the latter makes it easier
41 - Pre-emptively check if daemon/scripts-security-upd
42 is not on scripts-security-upd list (/mit/moira/bin/blanche)
44 - Redo Wordpress conversion, with an eye for automating everything
45 possible (such as downloading the tarball and unpacking)
48 - Genericize callAsUser and drop_priviledges in shell
49 - Summary script should be more machine friendly, and should not
50 output summary charts when I increase specificity
51 - Summary script should do something intelligent when distinguishing
52 between old-style and new-style installs
53 - Report code in wizard/command/__init__.py is ugly as sin
56 - Don't use the scripts heuristics unless we're on scripts with the
57 AFS patch. Check with `fs sysname`
58 - Make 'wizard summary' generate nice pretty graphs of installs by date
59 (more histograms, will need to check actual .scripts-version files.)
60 - It should be able to handle installs like Django where there's a component
61 that gets installed in web_scripts and another directory that gets installed
63 - ACLs is a starting point for sending mail to users, but it has
64 several failure modes:
65 - Old maintainers who don't care who are still on the ACL
66 - Private AFS groups that aren't mailing lists and that we
68 A question is whether or not sending mail actually helps us:
69 many users will probably have to come back to us for help; many
70 other users won't care.
72 PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
74 advancedpoll: Template file to fill out
75 django: Noodles of template files
76 gallery2: Multistage install process
78 mediawiki: One-step install process
79 phpbb: Multistage install process
80 phpical: Template file
83 wordpress: Multistage install process
85 PHILOSOPHY ABOUT LOGGING
87 Logging is most useful when performing a mass run. This
88 includes things such as mass-migration as well as when running
89 summary reports. An interesting property about mass-migration
90 or mass-upgrade, however, is that if they fail, they are
91 idempotent, so an individual case can be debugged simply running
92 the single-install equivalent with --debug on. (This, indeed,
93 may be easier to do than sifting through a logfile).
95 It is a different story when you are running a summary report:
96 you are primarily bound by your AFS cache and how quickly you can
97 iterate through all of the autoinstalls. Checking if a file
98 exists on a cold AFS cache may
99 take several minutes to perform; on a hot cache the same report
100 may take a mere 3 seconds. When you get to more computationally
101 expensive calculations, however, even having a hot AFS cache
102 is not enough to cut down your runtime.
104 There are certain calculations that someone may want to be
105 able to perform on manipulated data. As such, this data should
106 be cached on disk, if the process for extracting this data takes
107 a long time. Also, for usability sake, Wizard should generate
108 the common case reports.
110 Ensuring that machine parseable reports are made, and then making
111 the machinery to reframe this data, increases complexity. Therefore,
112 the recommendation is to assume that if you need to run iteratively,
113 you'll have a hot AFS cache at your fingerprints, and if that's not
114 fast enough, then cache the data.
116 COMMIT MESSAGE FIELDS:
118 Installed-by: username@hostname
119 Pre-commit-by: Real Name <username@mit.edu>
120 Upgraded-by: Real Name <username@mit.edu>
121 Migrated-by: Real Name <username@mit.edu>
122 Wizard-revision: abcdef1234567890
123 Wizard-args: /wizard/bin/wizard foo bar baz
127 Committer: Real Name <username@mit.edu>
128 Author: lockername locker <lockername@scripts.mit.edu>
132 - It is not expected or required for update scripts to exist for all
133 intervening versions that were present pre-migration; only for it
134 to work on the most recent migration.
136 - Currently all repositories are initialized with --shared, which
137 means they have basically ~no space footprint. However, it
138 also means that /mit/scripts/wizard/srv MUST NOT lose revs after
141 - Full fledged logging options. Namely:
142 x all loggers (delay implementing this until we actually have debug stmts)
144 - debug => loglevel = DEBUG
146 - default is WARNING (see below for exception)
147 - verbose => loglevel = INFO
148 x file logger (creates a dir and lots of little logfiles)
150 - log-file => loglevel = INFO
154 * Some parts of the infrastructure will not be touched, although I plan
155 on documenting them. Specifically, we will be keeping:
157 - parallel-find.pl, and the resulting
158 /mit/scripts/.htaccess/scripts/sec-tools/store/scriptslist
160 * The new procedure for generating an update is as follows:
161 (check out the mass-migration instructions for something in this spirit,
162 although uglier in some ways; A indicates the step /should/ be automated)
164 0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
165 bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
167 1. Have the Git repository and working copy for the project on hand.
169 /- wizard prepare-pristine --
171 A 2. Checkout the pristine branch
173 A 3. Remove all files from the working copy. Use `wipe-working-dir`
175 A 4. Download the new tarball
177 A 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
178 remember that the working copy is empty; this needs some intelligent
181 A 6. Check for empty directories and add stub files as necessary.
182 Use `preserve-empty-dir`
186 7. Git add it all, and then commit as a new pristine version (v1.2.3)
188 8. Checkout the master branch
190 9. [FOR EXISTING REPOSITORIES]
191 Merge the pristine branch in. Resolve any conflicts that our
192 patches have with new changes. Do NOT let Git auto-commit it
193 with --no-commit (otherwise, you want to git commit --amend
194 to keep our history clean
196 [FOR NEW REPOSITORIES]
197 Check if any patches are needed to make the application work
198 on Scripts (ideally, it shouldn't.
200 /- wizard prepare-new --
202 Currently not used for anything besides parallel-find.pl, but
203 we reserve the right to place files in here in the future.
206 A echo "Deny from all" > .scripts/.htaccess
210 10. Check if there are any special update procedures, and update
211 the wizard.app.APPNAME module accordingly (or create it, if
214 11. Run 'wizard prepare-config' on a scripts server while in a checkout
215 of this newest version. This will prepare a new version of the
216 configuration file based on the application's latest installer.
217 Manually merge back in any custom changes we may have made.
218 Check if any of the regular expressions need tweaking by inspecting
219 the configuration files for user-specific gunk, and modify
220 wizard.app.APPNAME accordingly.
222 12. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
223 you are amending an install without an upstream changes)
225 NOTE: These steps should be run on a scripts server
227 13. Test the new update procedure using our test scripts. See integration
228 tests for more information on how to do this.
230 http://scripts.mit.edu/wizard/testing.html#acceptance-tests
232 GET APPROVAL BEFORE PROCEEDING ANY FURTHER
234 NOTE: The following commands are to be run on not-backward.mit.edu.
235 You'll need to add daemon.scripts-security-upd to
236 scripts-security-upd to get bits to do this. Make sure you remove
237 these bits when you're done.
239 A 14. Run `wizard research appname`
240 which uses Git commands to check how many
241 working copies apply the change cleanly, and writes out a logfile
242 with the working copies that don't apply cleanly. It also tells
243 us about "corrupt" working copies, i.e. working copies that
244 have over a certain threshold of changes.
246 A 15. Run `wizard mass-upgrade appname`, which applies the update to all working
247 copies possible, and sends mail to users to whom the working copy
248 did not apply cleanly.
250 16. Run parallel-find.pl to update our inventory
252 * For mass importing into the repository, there are a few extra things:
254 * Many applications had patches associated with them. Be sure to
255 apply them, so later merges work better.
257 # the following operation might require -p1
258 patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
260 * When running updates, if the patch has changed you will have to
261 do a special procedure for your merge:
263 git checkout pristine
264 # NOTE: Now, the tricky part (this is different from a real update)
265 git symbolic-ref HEAD refs/heads/master
266 # NOTE: Now, we think we're on the master branch, but we have
267 # pristine copy checked out
268 # NOTE: -p0 might need to be twiddled
269 patch -p0 < ../app-1.2.3/app-1.2.3.patch
271 # reconstitute .scripts directory
272 git checkout v1.2.2-scripts -- .scripts
274 # NOTE: Fake the merge
275 git rev-parse pristine > .git/MERGE_HEAD
277 You could also just try your luck with a manual merge using the patch
280 * The repository for a given application will contain the following files:
282 - The actual application's files, as from the official tarball
284 - A .scripts directory, with the intent of holding Scripts specific files
285 if they become necessary.
287 * .scripts/lock (generated) which locks an autoinstall during upgrade