5 - geofft/web_scripts.compromised/wiki* have malformed
6 .scripts-versions; user friendly error if parse error
8 - Something needs to be done if disk quota is exceeded:
9 - Catch the OSError and throw a domain-specific error
10 so massmigrate can deal gracefully
11 - Perform an added memory calculation, check this against
12 remaining quotai, and bail out if it's within some
13 percentage of their remaining quota
14 - Checks should also be performed against the partition
15 X with the new --shared flag this may not be necessary
16 as repos weighs less than 200K
17 - Check how many autoinstalls are missing w bits for
19 - Whiteboard the flow for performing an upgrade on a single
20 install. How assisted does it need to be?
21 - Conduct migration tool testing (check andersk, geofft for
23 - Set up migration server
24 - Run parallel-find.pl
25 - Migrate all mediawikis
26 - Wordpress needs to have a .scripts/update script written for
31 - A perfectly formed autoinstall with upgrade paths for all of
32 the intervening versions is not really feasible to implement.
33 As such, we want to migrate everything to -scripts, and then
34 generate a -scripts2 with the correct .scripts directory.
35 We will then nop update some installs, but this will prevent
36 us from having to migrate and update concurrently.
38 - summary and info are still not using loggers. Maybe they should,
41 - We should think about stewarding the amount of objects we use
42 by using some arcane Git flags and objects/alternates. Much
47 * Some parts of the infrastructure will not be touched, although I plan
48 on documenting them. Specifically, we will be keeping:
50 - parallel-find.pl, and the resulting
51 /mit/scripts/sec-tools/store/scriptslist
53 - The current install scripts will be kept in place, sans changes
54 necessary to make them use Git install of copying the script over.
55 Porting these scripts to Python and making them modular would be
56 nice, but is priority. For the long term, seeing this scripts
57 be packaged with rest of our code would be optimal.
59 * The new procedure for generating an update is as follows (this is
60 also similar to procedure for creating these repositories):
62 1. Have the Git repository and working copy for the project on hand.
64 2. Checkout the pristine branch
66 3. Remove all files from the working copy (rm -Rf *, and then delete
67 any dot stragglers. A script to do this would be handy)
69 4. Download the new tarball
71 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
72 remember that the working copy is empty)
74 6. Check for empty directories and add stub files as necessary
75 (use preserve-empty-dir)
77 7. Git add it all, and then commit as a new pristine version (v1.2.3)
79 8. Checkout the master branch
81 9. [FOR EXISTING REPOSITORIES]
82 Merge the pristine branch in. Resolve any conflicts that our
83 patches have with new changes. Do NOT let Git auto-commit it
84 with --no-commit (otherwise, you want to git commit --amend
85 to keep our history clean
88 Apply the scripts patch that was used for that version here
89 (usually patch -p1 < patch)
91 10. Check if there are any special update procedures, and update the
92 .scripts/update shell script as necessary (this means that any
93 application specific update logic will be kept with the actual
94 source code. The language of this update script will vary
95 depending on context.)
97 11. Commit your changes, and tag as v1.2.3-scripts
99 If you're setting up a repository from scratch, stop here, and
102 XXX: Should we force people to push to the real repository at
103 this point, or just make the repository that the script pulls
104 stuff out of configurable? (Twiddling origin can get you a
105 devel setup with no code changes)
107 12. Run the "dry-run script", which uses Git commands to check how many
108 working copies apply the change cleanly, and writes out a logfile
109 with the working copies that don't apply cleanly.
111 13. Run the "limited run" script, which applies the update to our
112 test-bed, and lets us check the basic functionality of the update.
113 This can include a script that lets us update a single directory
116 14. Run the "deploy" script, which applies the update to all working
117 copies possible, and sends mail to users to whom the working copy
118 did not apply cleanly. It also frobs .scripts/version for successful
121 15. Run parallel-find.pl
123 * For mass importing into the repository, the steps are:
126 # let app-1.2.3 be the scripts folder originally in deploydev
127 # let this folder be srv/
128 # you can also do a git clone
134 # NOTE: contents of application are now in app directory
137 git commit -s -m "App 1.2.3"
140 # NOTE: you're still on master branch
141 # WARNING: the following operation might require -p1
142 patch -p0 < ../app-1.2.3/app-1.2.3.patch
143 # NOTE: please sanity check the patch!
145 # NOTE: -a flag is to handle if the patch deleted something
146 git commit -as -m "App 1.2.3-scripts"
147 git tag v1.2.3-scripts
150 # let this folder be srv/app.git
151 git checkout pristine
152 # NOTE: this preserves your .git folder, but removes everything
157 # NOTE: please sanity check app directory
159 # NOTE: -a is to take care of deletions
160 git commit -as -m "App 1.2.3"
162 [IF THE PATCH HAS CHANGED]
163 # You are on the pristine branch
164 # NOTE: Now, the tricky part (this is different from a real update)
165 git symbolic-ref HEAD refs/heads/master
166 # NOTE: Now, we think we're on the master branch, but we have
167 # pristine copy checked out
168 # NOTE: -p0 might need to be twiddled
169 patch -p0 < ../app-1.2.3/app-1.2.3.patch
171 # COMMENT: used to git checkout .scripts here
172 # then check if the directory needs an updated update script
173 # NOTE: Fake the merge
174 git rev-parse pristine > .git/MERGE_HEAD
175 [IF THE PATCH HASN'T CHANGED]
177 git merge --no-commit pristine
178 git commit -as -m "App 1.2.3-scripts"
179 git tag v1.2.3-scripts
182 * The repository for a given application will contain the following files:
184 - The actual application's files, as from the official tarball
186 - A .scripts directory, which contains the following information:
188 [IF THIS IS THE FIRST UPDATE]
190 echo "Deny from all" > .scripts/.htaccess
191 touch .scripts/update
192 chmod a+x .scripts/update
193 # OPERATION: create the update script
195 * .scripts/update shell script (with the +x bit set appropriately),
196 which performs the commands necessary to update a script. This can
199 * .scripts/.htaccess to prevent this directory from being accessed
202 * .scripts/database (generated) contains the database the
203 user installed the script to, so scripts-remove can clean it
205 XXX: Could cause problems if a user copies the autoinstall,
206 fiddles with the DB credentials, and then scripts-remove's
207 the autoinstall. Possible fix is to add the original
208 directory as a sanity check. Additionally, we could have
209 the application read out of this file.
211 * .scripts/version (generated) which contains the version
212 last autoinstalled (as distinct from the actual version
213 the script is) (This is the same as .scripts-version right
214 now; probably want to keep that for now)
216 XXX: It's unclear if we want to move to this wholesale, or
217 delay this indefinitely.
219 * The migration process has been implemented, see 'wizard migrate'.
221 XXX: We have not decided what migration should do to .scripts-version;
222 if it does move it to .scripts, repositories should have a .gitignore
225 * The autoupgrade shall be the process of:
227 # Make the directory not accessible by the outside world (htaccess, but be careful!)
229 git commit -m 'automatically generated backup'
230 git pull origin master
231 if [ $? ne 0 ]; then git reset --hard; echo 'conflicts during upgrade'; fi
235 (with some more robust error checking)
237 * All code that operates on an untrusted Git repository, or runs
238 executable code, should be done on NOT-BACKWARD.mit.edu. Pending
239 accounts confirmation, it will also get a principal
240 daemon.scripts-security-upd, which is what we'll actually put
241 in the scripts-security-upd group.
243 * Make 'wizard summary' generate nice pretty graphs of installs by date
244 (more histograms, will need to check actual .scripts-version files.)