5 - Push su code to migrate, not mass-migrate (only do it
6 as root, this serves as a safe guard)
8 - Make parallel-find.pl use `sudo -u username git describe --tags`
10 - Make the installer use 'wizard install' /or/ do a migration
11 after doing a normal install (the latter makes it easier
14 - Better error message if daemon/scripts-security-upd
15 is not on scripts-security-upd list
17 - Fix retarded logging mechanism
18 - This is interesting because the non-retarded way would be
19 to have each subprocess send data through stdout, but
20 this runs the risk of filling up the tubes. Maybe just
21 create a log directory and give each process different
24 - The great initial deploy:
25 - Turn on mediawiki new autoinstaller
26 - Migrate all mediawiki installs
27 - Build research scripts, determine if a re-migration is necessary
29 - Make upgrade and install take version as a parameter
31 - Redo Wordpress conversion, with an eye for automating everything
32 possible (such as downloading the tarball and unpacking)
34 - Summary script should be more machine friendly, and should not
35 output summary charts when I increase specificity
37 Some other stuff to do in your copious free time:
38 - Summary script should do something intelligent when distinguishing
39 between old-style and new-style installs
40 - Check how many autoinstalls are missing w bits for
41 daemon.scripts (this would need pyafs)
42 - Make scripts AFS patch advertise its existence so we can check for it.
43 (This might be otherwise possible using `fs sysname`)
44 - Make 'wizard summary' generate nice pretty graphs of installs by date
45 (more histograms, will need to check actual .scripts-version files.)
46 - It should be able to handle installs like Django where there's a component
47 that gets installed in web_scripts and another directory that gets installed
50 PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
52 advancedpoll: Template file to fill out
53 django: Noodles of template files
54 gallery2: Multistage install process
56 mediawiki: One-step install process
57 phpbb: Multistage install process
58 phpical: Template file
61 wordpress: Multistage install process
63 PHILOSOPHY ABOUT LOGGING
65 Logging is most useful when performing a mass run. This
66 includes things such as mass-migration as well as when running
67 summary reports. An interesting property about mass-migration
68 or mass-upgrade, however, is that if they fail, they are
69 idempotent, so an individual case can be debugged simply running
70 the single-install equivalent with --debug on. (This, indeed,
71 may be easier to do than sifting through a logfile).
73 It is a different story when you are running a summary report:
74 you are primarily bound by your AFS cache and how quickly you can
75 iterate through all of the autoinstalls. Checking if a file
76 exists on a cold AFS cache may
77 take several minutes to perform; on a hot cache the same report
78 may take a mere 3 seconds. When you get to more computationally
79 expensive calculations, however, even having a hot AFS cache
80 is not enough to cut down your runtime.
82 There are certain calculations that someone may want to be
83 able to perform on manipulated data. As such, this data should
84 be cached on disk, if the process for extracting this data takes
85 a long time. Also, for usability sake, Wizard should generate
86 the common case reports.
88 Ensuring that machine parseable reports are made, and then making
89 the machinery to reframe this data, increases complexity. Therefore,
90 the recommendation is to assume that if you need to run iteratively,
91 you'll have a hot AFS cache at your fingerprints, and if that's not
92 fast enough, then cache the data.
94 COMMIT MESSAGE FIELDS:
96 Installed-by: username@hostname
97 Pre-commit-by: Real Name <username@mit.edu>
98 Upgraded-by: Real Name <username@mit.edu>
99 Migrated-by: Real Name <username@mit.edu>
100 Wizard-revision: abcdef1234567890
101 Wizard-args: /wizard/bin/wizard foo bar baz
105 Committer: Real Name <username@mit.edu>
106 Author: lockername locker <lockername@scripts.mit.edu>
110 - It is not expected or required for update scripts to exist for all
111 intervening versions that were present pre-migration; only for it
112 to work on the most recent migration.
114 - Currently all repositories are initialized with --shared, which
115 means they have basically ~no space footprint. However, it
116 also means that /mit/scripts/wizard/srv MUST NOT lose revs after
119 - Full fledged logging options. Namely:
120 x all loggers (delay implementing this until we actually have debug stmts)
122 - debug => loglevel = DEBUG
124 - default is WARNING (see below for exception)
125 - verbose => loglevel = INFO
126 x file logger (creates a dir and lots of little logfiles)
128 - log-file => loglevel = INFO
132 * Some parts of the infrastructure will not be touched, although I plan
133 on documenting them. Specifically, we will be keeping:
135 - parallel-find.pl, and the resulting
136 /mit/scripts/.htaccess/scripts/sec-tools/store/scriptslist
138 * The new procedure for generating an update is as follows:
139 (check out the mass-migration instructions for something in this spirit,
140 although uglier in some ways; A indicates the step /should/ be automated)
142 0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
143 bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
145 1. Have the Git repository and working copy for the project on hand.
147 /- wizard prepare-pristine --
149 A 2. Checkout the pristine branch
151 A 3. Remove all files from the working copy. Use `wipe-working-dir`
153 A 4. Download the new tarball
155 A 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
156 remember that the working copy is empty; this needs some intelligent
159 A 6. Check for empty directories and add stub files as necessary.
160 Use `preserve-empty-dir`
164 7. Git add it all, and then commit as a new pristine version (v1.2.3)
166 8. Checkout the master branch
168 9. [FOR EXISTING REPOSITORIES]
169 Merge the pristine branch in. Resolve any conflicts that our
170 patches have with new changes. Do NOT let Git auto-commit it
171 with --no-commit (otherwise, you want to git commit --amend
172 to keep our history clean
174 [FOR NEW REPOSITORIES]
175 Check if any patches are needed to make the application work
176 on Scripts (ideally, it shouldn't.
178 /- wizard prepare-new --
181 A echo "Deny from all" > .scripts/.htaccess
185 10. Check if there are any special update procedures, and update
186 the wizard.app.APPNAME module accordingly (or create it, if
189 11. Run 'wizard prepare-config' on a scripts server while in a checkout
190 of this newest version. This will prepare a new version of the
191 configuration file based on the application's latest installer.
192 Manually merge back in any custom changes we may have made.
193 Check if any of the regular expressions need tweaking by inspecting
194 the configuration files for user-specific gunk, and modify
195 wizard.app.APPNAME accordingly.
197 12. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
198 you are amending an install without an upstream changes)
200 NOTE: These steps should be run on a scripts server
202 13. Test the new update procedure using our test scripts. See integration
203 tests for more information on how to do this.
205 http://scripts.mit.edu/wizard/testing.html#acceptance-tests
207 GET APPROVAL BEFORE PROCEEDING ANY FURTHER
209 NOTE: The following commands are to be run on not-backward.mit.edu.
210 You'll need to add daemon.scripts-security-upd to
211 scripts-security-upd to get bits to do this. Make sure you remove
212 these bits when you're done.
214 A 14. Run `wizard research appname`
215 which uses Git commands to check how many
216 working copies apply the change cleanly, and writes out a logfile
217 with the working copies that don't apply cleanly. It also tells
218 us about "corrupt" working copies, i.e. working copies that
219 have over a certain threshold of changes.
221 A 15. Run `wizard mass-upgrade appname`, which applies the update to all working
222 copies possible, and sends mail to users to whom the working copy
223 did not apply cleanly.
225 16. Run parallel-find.pl to update our inventory
227 * For mass importing into the repository, there are a few extra things:
229 * Many applications had patches associated with them. Be sure to
230 apply them, so later merges work better.
232 # the following operation might require -p1
233 patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
235 * When running updates, if the patch has changed you will have to
236 do a special procedure for your merge:
238 git checkout pristine
239 # NOTE: Now, the tricky part (this is different from a real update)
240 git symbolic-ref HEAD refs/heads/master
241 # NOTE: Now, we think we're on the master branch, but we have
242 # pristine copy checked out
243 # NOTE: -p0 might need to be twiddled
244 patch -p0 < ../app-1.2.3/app-1.2.3.patch
246 # reconstitute .scripts directory
247 git checkout v1.2.2-scripts -- .scripts
249 # NOTE: Fake the merge
250 git rev-parse pristine > .git/MERGE_HEAD
252 You could also just try your luck with a manual merge using the patch
255 * The repository for a given application will contain the following files:
257 - The actual application's files, as from the official tarball
259 - A .scripts directory, which contains the following information:
261 * .scripts/.htaccess to prevent this directory from being accessed
264 * .scripts/old-version (optional) the old value of .scripts-version,
265 basically used for reverting an install to pre-migrated state.
267 * .scripts/lock (generated) which locks the autoinstall during an upgrade
269 * .scripts/version (deprecated)