6 - Wipe temp directories if the upgrade succeeds
7 - Put temp directories on tmpfs before merging, then move to disk
8 if it fails and needs resolution. /var/run is a pretty good
9 choice if your running as root, not so good if you're not. Find
10 other common tmpfs locations (mount | grep tmpfs) and perhaps
11 check some common ones.
12 - Certain classes of error will continually fail, so they should
13 put in a different "seen" file which also skips them, unless
14 we have some sort of gentle force
16 - Keep my sanity when upgrading 1000 installs
17 - Distinguish between errors(?)
18 - Custom merge algo: absolute php.ini symlinks to relative symlinks (this
19 does not seem to have been a problem in practice)
20 - Custom merge algo: check if it's got extra \r's in the file,
21 and dos2unix it if it does, before performing the merge
22 - `vos exa` in order to check what a person's quota is. We can
23 figure out roughly how big the upgrade is going to be by
24 doing a size comparison of the tars: `git pull` MUST NOT
25 fail, otherwise things are left conflicted, and not easy to fix.
26 - Prune -7 call errors and automatically reprocess them (with a
27 strike out counter of 3)
28 - Snap-in conflict resolution teaching:
29 1. View the merge conflicts after doing a short run
30 2. Identify common merge conflicts
31 3. Copypaste the conflict markers to the application. Scrub
32 user-specific data; this may mean removing the entire
33 upper bit which is the user-version.
34 4. Specify which section to keep. /Usually/ this means
35 punting the new change, but if the top was specified
36 it means we get a little more flexibility. Try to
37 minimize wildcarding: those things need to be put into
38 subpatterns and then reconstituted into the output.
47 [1] # discard system string
55 ['R'] # keep the new upstream string
56 # This would be useful if a particular upstream change
57 # is really close to where user changes are, so that
58 # the conflict pops up a lot and it's actually spurious
70 ['R', 1, 2, 3] # should be evident
71 # it's not actually clear to me if this is useful
72 To resolve: do we need the power of regexes? This might suck
73 because it means we need to implement escaping. We might want
74 simple globbing to the end of line since that's common in
77 - Distinguish from logging and reporting (so we can easily send mail
79 - Remove "already migrated" cruft that will accumulate if we do small
80 --limit and then increase.
81 - Logs aren't actually useful, /because/ most operations are idempotent.
82 Thus, scratch logfile and make our report files more useful: error.log
83 needs error information; we don't care too much about machinability.
84 All report files should be overwritten on the next run, since we like
85 using --limit to incrementally increase the number of things we run. Note
86 that if we add soft ignores, you /do/ lose information, so there needs
87 to be some way to also have the soft ignore report a "cached error"
88 - Report the identifier number at the beginning of all of the stdout logs
89 - Log files that already exist should be initialized with some sort
90 of separator THAT CONTAINS THE LOCATION OF THE INSTALL
91 - Don't really care about having the name in the logfile name, but
92 have a lookup txt file
93 - Figure out a way of collecting blacklist data from .scripts/blacklisted
94 and aggregate it together
95 - Failed migrations should be wired to have wizard commands in them
96 automatically log to the relevant file. In addition, the seen file
97 should get updated when one of them gets fixed.
98 - Log files need to have dates, since it looks like upgrades will be
100 - Failed migration should report how many unmerged files there are
101 (so we can auto-punt if it's over a threshold)
102 - Verification failures should be written to a report file, possibly
103 with short HTML fingerprints so we can inspect them easily and
104 numbers to look at the log files
106 - Let users use Wizard when ssh'ed into Scripts
107 - Make single user mass-migrate work when not logged in as root
109 - Make the rest of the world use Wizard
110 - Make parallel-find.pl use `sudo -u username git describe --tags`
111 to determine version. Make parallel-find.pl have this have greater
112 precedence. This also means, however, that we get
113 full mediawiki-1.2.3-2-abcdef names (Have patch, pending testing and commit)
114 - Make deployed installer use 'wizard install' /or/ do a migration
115 after doing a normal install (the latter makes it easier
118 - Pre-emptively check if daemon/scripts-security-upd
119 is not on scripts-security-upd list (/mit/moira/bin/blanche)
121 - Redo Wordpress conversion, with an eye for automating everything
122 possible (such as downloading the tarball and unpacking)
125 - Genericize callAsUser and drop_priviledges in shell
126 - Summary script should be more machine friendly, and should not
127 output summary charts when I increase specificity
128 - Summary script should do something intelligent when distinguishing
129 between old-style and new-style installs
132 - Don't use the scripts heuristics unless we're on scripts with the
133 AFS patch. Check with `fs sysname`
134 - Make 'wizard summary' generate nice pretty graphs of installs by date
135 (more histograms, will need to check actual .scripts-version files.)
136 - It should be able to handle installs like Django where there's a component
137 that gets installed in web_scripts and another directory that gets installed
139 - ACLs is a starting point for sending mail to users, but it has
140 several failure modes:
141 - Old maintainers who don't care who are still on the ACL
142 - Private AFS groups that aren't mailing lists and that we
144 A question is whether or not sending mail actually helps us:
145 many users will probably have to come back to us for help; many
146 other users won't care.
148 PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
150 advancedpoll: Template file to fill out
151 django: Noodles of template files
152 gallery2: Multistage install process
153 joomla: Template file
154 mediawiki: One-step install process
155 phpbb: Multistage install process
156 phpical: Template file
159 wordpress: Multistage install process
161 PHILOSOPHY ABOUT LOGGING
163 Logging is most useful when performing a mass run. This
164 includes things such as mass-migration as well as when running
165 summary reports. An interesting property about mass-migration
166 or mass-upgrade, however, is that if they fail, they are
167 idempotent, so an individual case can be debugged simply running
168 the single-install equivalent with --debug on. (This, indeed,
169 may be easier to do than sifting through a logfile).
171 It is a different story when you are running a summary report:
172 you are primarily bound by your AFS cache and how quickly you can
173 iterate through all of the autoinstalls. Checking if a file
174 exists on a cold AFS cache may
175 take several minutes to perform; on a hot cache the same report
176 may take a mere 3 seconds. When you get to more computationally
177 expensive calculations, however, even having a hot AFS cache
178 is not enough to cut down your runtime.
180 There are certain calculations that someone may want to be
181 able to perform on manipulated data. As such, this data should
182 be cached on disk, if the process for extracting this data takes
183 a long time. Also, for usability sake, Wizard should generate
184 the common case reports.
186 Ensuring that machine parseable reports are made, and then making
187 the machinery to reframe this data, increases complexity. Therefore,
188 the recommendation is to assume that if you need to run iteratively,
189 you'll have a hot AFS cache at your fingerprints, and if that's not
190 fast enough, then cache the data.
192 COMMIT MESSAGE FIELDS:
194 Installed-by: username@hostname
195 Pre-commit-by: Real Name <username@mit.edu>
196 Upgraded-by: Real Name <username@mit.edu>
197 Migrated-by: Real Name <username@mit.edu>
198 Wizard-revision: abcdef1234567890
199 Wizard-args: /wizard/bin/wizard foo bar baz
203 Committer: Real Name <username@mit.edu>
204 Author: lockername locker <lockername@scripts.mit.edu>
208 - It is not expected or required for update scripts to exist for all
209 intervening versions that were present pre-migration; only for it
210 to work on the most recent migration.
212 - Currently all repositories are initialized with --shared, which
213 means they have basically ~no space footprint. However, it
214 also means that /mit/scripts/wizard/srv MUST NOT lose revs after
217 - Full fledged logging options. Namely:
218 x all loggers (delay implementing this until we actually have debug stmts)
220 - debug => loglevel = DEBUG
222 - default is WARNING (see below for exception)
223 - verbose => loglevel = INFO
224 x file logger (creates a dir and lots of little logfiles)
226 - log-file => loglevel = INFO
230 * Some parts of the infrastructure will not be touched, although I plan
231 on documenting them. Specifically, we will be keeping:
233 - parallel-find.pl, and the resulting
234 /mit/scripts/.htaccess/scripts/sec-tools/store/scriptslist
236 * The new procedure for generating an update is as follows:
237 (check out the mass-migration instructions for something in this spirit,
238 although uglier in some ways; A indicates the step /should/ be automated)
240 0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
241 bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
243 1. Have the Git repository and working copy for the project on hand.
245 /- wizard prepare-pristine --
247 A 2. Checkout the pristine branch
249 A 3. Remove all files from the working copy. Use `wipe-working-dir`
251 A 4. Download the new tarball
253 A 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
254 remember that the working copy is empty; this needs some intelligent
257 A 6. Check for empty directories and add stub files as necessary.
258 Use `preserve-empty-dir`
262 7. Git add it all, and then commit as a new pristine version (v1.2.3)
264 8. Checkout the master branch
266 9. [FOR EXISTING REPOSITORIES]
267 Merge the pristine branch in. Resolve any conflicts that our
268 patches have with new changes. Do NOT let Git auto-commit it
269 with --no-commit (otherwise, you want to git commit --amend
270 to keep our history clean
272 [FOR NEW REPOSITORIES]
273 Check if any patches are needed to make the application work
274 on Scripts (ideally, it shouldn't.
276 /- wizard prepare-new --
278 Currently not used for anything besides parallel-find.pl, but
279 we reserve the right to place files in here in the future.
282 A echo "Deny from all" > .scripts/.htaccess
286 10. Check if there are any special update procedures, and update
287 the wizard.app.APPNAME module accordingly (or create it, if
290 11. Run 'wizard prepare-config' on a scripts server while in a checkout
291 of this newest version. This will prepare a new version of the
292 configuration file based on the application's latest installer.
293 Manually merge back in any custom changes we may have made.
294 Check if any of the regular expressions need tweaking by inspecting
295 the configuration files for user-specific gunk, and modify
296 wizard.app.APPNAME accordingly.
298 12. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
299 you are amending an install without an upstream changes)
301 NOTE: These steps should be run on a scripts server
303 13. Test the new update procedure using our test scripts. See integration
304 tests for more information on how to do this.
306 http://scripts.mit.edu/wizard/testing.html#acceptance-tests
308 GET APPROVAL BEFORE PROCEEDING ANY FURTHER
310 NOTE: The following commands are to be run on not-backward.mit.edu.
311 You'll need to add daemon.scripts-security-upd to
312 scripts-security-upd to get bits to do this. Make sure you remove
313 these bits when you're done.
315 A 14. Run `wizard research appname`
316 which uses Git commands to check how many
317 working copies apply the change cleanly, and writes out a logfile
318 with the working copies that don't apply cleanly. It also tells
319 us about "corrupt" working copies, i.e. working copies that
320 have over a certain threshold of changes.
322 A 15. Run `wizard mass-upgrade appname`, which applies the update to all working
323 copies possible, and sends mail to users to whom the working copy
324 did not apply cleanly.
326 16. Run parallel-find.pl to update our inventory
328 * For mass importing into the repository, there are a few extra things:
330 * Many applications had patches associated with them. Be sure to
331 apply them, so later merges work better.
333 # the following operation might require -p1
334 patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
336 * When running updates, if the patch has changed you will have to
337 do a special procedure for your merge:
339 git checkout pristine
340 # NOTE: Now, the tricky part (this is different from a real update)
341 git symbolic-ref HEAD refs/heads/master
342 # NOTE: Now, we think we're on the master branch, but we have
343 # pristine copy checked out
344 # NOTE: -p0 might need to be twiddled
345 patch -p0 < ../app-1.2.3/app-1.2.3.patch
347 # reconstitute .scripts directory
348 git checkout v1.2.2-scripts -- .scripts
350 # NOTE: Fake the merge
351 git rev-parse pristine > .git/MERGE_HEAD
353 You could also just try your luck with a manual merge using the patch
356 * The repository for a given application will contain the following files:
358 - The actual application's files, as from the official tarball
360 - A .scripts directory, with the intent of holding Scripts specific files
361 if they become necessary.
363 * .scripts/lock (generated) which locks an autoinstall during upgrade