5 - Check for extensions, have DB rollback
6 - Implement "group" filtering using blanche for limited rollouts.
8 - Remove "already migrated" cruft that will accumulate if we do small
9 --limit and then increase.
10 - Allow to migrate just one user (user filtering of installs, also
11 has userland capabilities, although it means we need some way of
12 selectively publishing the versions directory)
13 - Make migrate script rollback if it's interrupted (especially if
16 - Make parallel-find.pl use `sudo -u username git describe --tags`
17 to determine version. Make parallel-find.pl have this have greater
18 precedence. This also means, however, that we get
19 full mediawiki-1.2.3-2-abcdef names (Have patch, pending testing and commit)
20 - Make the installer use 'wizard install' /or/ do a migration
21 after doing a normal install (the latter makes it easier
23 - Have the upgrader do locking (.scripts/lock, probably)
25 - Relax MediaWiki regexes to terminate on semicolon, and not
28 - Better error message if daemon/scripts-security-upd
29 is not on scripts-security-upd list
31 - MediaWiki upgrade script does not give proper exit code;
32 if it fails, so be sure to check for "Done" in the last 10 characters.
33 - Custom merge algo: absolute php.ini symlinks to relative symlinks
34 - Custom merge algo: re-constitute AdminSettings.php if missing. It looks
35 like this is the case for most 1.5.8 installs (check what the merges
36 do in both directions). All 1.11.0 installs except four have
37 the other (check diff -u with all in /root)
39 - Make upgrade and install take version as a parameter
41 - Redo Wordpress conversion, with an eye for automating everything
42 possible (such as downloading the tarball and unpacking)
44 - Genericize callAsUser and drop_priviledges in shell
45 - Summary script should be more machine friendly, and should not
46 output summary charts when I increase specificity
48 Some other stuff to do in your copious free time:
49 - Summary script should do something intelligent when distinguishing
50 between old-style and new-style installs
51 - Check how many autoinstalls are missing w bits for
52 daemon.scripts (this would need pyafs)
53 - Make scripts AFS patch advertise its existence so we can check for it.
54 (This might be otherwise possible using `fs sysname`)
55 - Make 'wizard summary' generate nice pretty graphs of installs by date
56 (more histograms, will need to check actual .scripts-version files.)
57 - It should be able to handle installs like Django where there's a component
58 that gets installed in web_scripts and another directory that gets installed
61 PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
63 advancedpoll: Template file to fill out
64 django: Noodles of template files
65 gallery2: Multistage install process
67 mediawiki: One-step install process
68 phpbb: Multistage install process
69 phpical: Template file
72 wordpress: Multistage install process
74 PHILOSOPHY ABOUT LOGGING
76 Logging is most useful when performing a mass run. This
77 includes things such as mass-migration as well as when running
78 summary reports. An interesting property about mass-migration
79 or mass-upgrade, however, is that if they fail, they are
80 idempotent, so an individual case can be debugged simply running
81 the single-install equivalent with --debug on. (This, indeed,
82 may be easier to do than sifting through a logfile).
84 It is a different story when you are running a summary report:
85 you are primarily bound by your AFS cache and how quickly you can
86 iterate through all of the autoinstalls. Checking if a file
87 exists on a cold AFS cache may
88 take several minutes to perform; on a hot cache the same report
89 may take a mere 3 seconds. When you get to more computationally
90 expensive calculations, however, even having a hot AFS cache
91 is not enough to cut down your runtime.
93 There are certain calculations that someone may want to be
94 able to perform on manipulated data. As such, this data should
95 be cached on disk, if the process for extracting this data takes
96 a long time. Also, for usability sake, Wizard should generate
97 the common case reports.
99 Ensuring that machine parseable reports are made, and then making
100 the machinery to reframe this data, increases complexity. Therefore,
101 the recommendation is to assume that if you need to run iteratively,
102 you'll have a hot AFS cache at your fingerprints, and if that's not
103 fast enough, then cache the data.
105 COMMIT MESSAGE FIELDS:
107 Installed-by: username@hostname
108 Pre-commit-by: Real Name <username@mit.edu>
109 Upgraded-by: Real Name <username@mit.edu>
110 Migrated-by: Real Name <username@mit.edu>
111 Wizard-revision: abcdef1234567890
112 Wizard-args: /wizard/bin/wizard foo bar baz
116 Committer: Real Name <username@mit.edu>
117 Author: lockername locker <lockername@scripts.mit.edu>
121 - It is not expected or required for update scripts to exist for all
122 intervening versions that were present pre-migration; only for it
123 to work on the most recent migration.
125 - Currently all repositories are initialized with --shared, which
126 means they have basically ~no space footprint. However, it
127 also means that /mit/scripts/wizard/srv MUST NOT lose revs after
130 - Full fledged logging options. Namely:
131 x all loggers (delay implementing this until we actually have debug stmts)
133 - debug => loglevel = DEBUG
135 - default is WARNING (see below for exception)
136 - verbose => loglevel = INFO
137 x file logger (creates a dir and lots of little logfiles)
139 - log-file => loglevel = INFO
143 * Some parts of the infrastructure will not be touched, although I plan
144 on documenting them. Specifically, we will be keeping:
146 - parallel-find.pl, and the resulting
147 /mit/scripts/.htaccess/scripts/sec-tools/store/scriptslist
149 * The new procedure for generating an update is as follows:
150 (check out the mass-migration instructions for something in this spirit,
151 although uglier in some ways; A indicates the step /should/ be automated)
153 0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
154 bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
156 1. Have the Git repository and working copy for the project on hand.
158 /- wizard prepare-pristine --
160 A 2. Checkout the pristine branch
162 A 3. Remove all files from the working copy. Use `wipe-working-dir`
164 A 4. Download the new tarball
166 A 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
167 remember that the working copy is empty; this needs some intelligent
170 A 6. Check for empty directories and add stub files as necessary.
171 Use `preserve-empty-dir`
175 7. Git add it all, and then commit as a new pristine version (v1.2.3)
177 8. Checkout the master branch
179 9. [FOR EXISTING REPOSITORIES]
180 Merge the pristine branch in. Resolve any conflicts that our
181 patches have with new changes. Do NOT let Git auto-commit it
182 with --no-commit (otherwise, you want to git commit --amend
183 to keep our history clean
185 [FOR NEW REPOSITORIES]
186 Check if any patches are needed to make the application work
187 on Scripts (ideally, it shouldn't.
189 /- wizard prepare-new --
191 Currently not used for anything besides parallel-find.pl, but
192 we reserve the right to place files in here in the future.
195 A echo "Deny from all" > .scripts/.htaccess
199 10. Check if there are any special update procedures, and update
200 the wizard.app.APPNAME module accordingly (or create it, if
203 11. Run 'wizard prepare-config' on a scripts server while in a checkout
204 of this newest version. This will prepare a new version of the
205 configuration file based on the application's latest installer.
206 Manually merge back in any custom changes we may have made.
207 Check if any of the regular expressions need tweaking by inspecting
208 the configuration files for user-specific gunk, and modify
209 wizard.app.APPNAME accordingly.
211 12. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
212 you are amending an install without an upstream changes)
214 NOTE: These steps should be run on a scripts server
216 13. Test the new update procedure using our test scripts. See integration
217 tests for more information on how to do this.
219 http://scripts.mit.edu/wizard/testing.html#acceptance-tests
221 GET APPROVAL BEFORE PROCEEDING ANY FURTHER
223 NOTE: The following commands are to be run on not-backward.mit.edu.
224 You'll need to add daemon.scripts-security-upd to
225 scripts-security-upd to get bits to do this. Make sure you remove
226 these bits when you're done.
228 A 14. Run `wizard research appname`
229 which uses Git commands to check how many
230 working copies apply the change cleanly, and writes out a logfile
231 with the working copies that don't apply cleanly. It also tells
232 us about "corrupt" working copies, i.e. working copies that
233 have over a certain threshold of changes.
235 A 15. Run `wizard mass-upgrade appname`, which applies the update to all working
236 copies possible, and sends mail to users to whom the working copy
237 did not apply cleanly.
239 16. Run parallel-find.pl to update our inventory
241 * For mass importing into the repository, there are a few extra things:
243 * Many applications had patches associated with them. Be sure to
244 apply them, so later merges work better.
246 # the following operation might require -p1
247 patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
249 * When running updates, if the patch has changed you will have to
250 do a special procedure for your merge:
252 git checkout pristine
253 # NOTE: Now, the tricky part (this is different from a real update)
254 git symbolic-ref HEAD refs/heads/master
255 # NOTE: Now, we think we're on the master branch, but we have
256 # pristine copy checked out
257 # NOTE: -p0 might need to be twiddled
258 patch -p0 < ../app-1.2.3/app-1.2.3.patch
260 # reconstitute .scripts directory
261 git checkout v1.2.2-scripts -- .scripts
263 # NOTE: Fake the merge
264 git rev-parse pristine > .git/MERGE_HEAD
266 You could also just try your luck with a manual merge using the patch
269 * The repository for a given application will contain the following files:
271 - The actual application's files, as from the official tarball
273 - A .scripts directory, with the intent of holding Scripts specific files
274 if they become necessary.
276 * .scripts/lock (generated) which locks an autoinstall during upgrade