TODO NOW:
-- We have safe, non-braindead
- version detection with `git describe --tags`. Switch
- everything to use it. (I think the only thing left is
- parallel-find.pl)
-- wizard.util is pretty braindead at this point. Fix up
- the wildly varying conventions in it.
-- Move migration code into Wizard, since we already deal
- with installation there anyway.
-
-- Better error message if daemon/scripts-security-upd
- is not on scripts-security-upd list
-
-- Fix retarded logging mechanism
-
-- The great initial deploy:
- - Turn on mediawiki new autoinstaller
- - Migrate all mediawiki installs
-
-Doing Wordpress:
-- Build automation for generating config files; this automation
- will be shared with the migrate script and the installer script
- (migrate script needs to be able to pull out values from config
- file, so will we; installer script needs to be able to run
- the installer to generate config files, so will this)
-- This should all be automated:
- - Wordpress needs to have .scripts dir in all -scripts versions
- (also make .scripts/.htaccess)
- - Wordpress needs to have a .scripts/update script written for
- its latest version (do this after its migration)
- - Wordpress needs to check for php.ini files (which it almost
- certianly has) and commit messages
- - Wordpress needs user config and php.ini links made
-
-- Summary script should be more machine friendly, and should not
- output summary charts when I increase specificity
-- Summary script needs to be updated for new format
-
-Some other stuff to do in your copious free time:
-- Check how many autoinstalls are missing w bits for
- daemon.scripts (this would need pyafs)
-- Make scripts AFS patch advertise its existence so we can check for it.
- (This might be otherwise possible using `fs sysname`
-- Implement proper deploy log parsing; this basically means we
- need to be able to introspect Git Log. Consider using git-python
- for this.
-- Make 'wizard summary' generate nice pretty graphs of installs by date
- (more histograms, will need to check actual .scripts-version files.)
+- Keep my sanity when upgrading 1000 installs
+ - Custom merge algo: absolute php.ini symlinks to relative symlinks (this
+ does not seem to have been a problem in practice)
+ - Custom merge algo: check if it's got extra \r's in the file,
+ and dos2unix it if it does, before performing the merge
+ - Prune -7 call errors and automatically reprocess them (with a
+ strike out counter of 3)--this requires better error parsing.
+ - IOError should be aggregated, right now contains custom string
+ that makes this not possible. Partition on a colon.
+ - Replace gaierror with a more descriptive name (this is a DNS error)
+ - Stronger skips means that backup failures should also be avoided
+ - Distinguish between types of backup failures
+ - Ignore empty blacklists; they should all have reasons
+ - wizard upgrade should have different exit codes for merge failure
+ and blacklist error
+
+- Distinguish from logging and reporting (so we can easily send mail
+ to users)
+ - Figure out a way of collecting blacklist data from .scripts/blacklisted
+ and aggregate it together
+
+- Let users use Wizard when ssh'ed into Scripts
+ - Make single user mass-migrate work when not logged in as root
+
+- Make the rest of the world use Wizard
+ - Make parallel-find.pl use `sudo -u username git describe --tags`
+ to determine version. Make parallel-find.pl have this have greater
+ precedence. This also means, however, that we get
+ full mediawiki-1.2.3-2-abcdef names (Have patch, pending testing and commit)
+ - Make deployed installer use 'wizard install' /or/ do a migration
+ after doing a normal install (the latter makes it easier
+ for mass-rollbacks).
+
+- Pre-emptively check if daemon/scripts-security-upd
+ is not on scripts-security-upd list (/mit/moira/bin/blanche)
+
+- Redo Wordpress conversion, with an eye for automating everything
+ possible (such as downloading the tarball and unpacking)
+
+- Pay back code debt
+ - Genericize callAsUser and drop_priviledges in shell
+ - Summary script should be more machine friendly, and should not
+ output summary charts when I increase specificity
+ - Summary script should do something intelligent when distinguishing
+ between old-style and new-style installs
+ - Report code in wizard/command/__init__.py is ugly as sin. Also,
+ the Report object should operate at a higher level of abstraction
+ so we don't have to manually increment fails. (in fact, that should
+ probably be called something different). The by-percent errors should
+ also be automated.
+ - Indents in upgrade.py are getting pretty ridiculous; more breaking
+ into functions is probably a good idea
+ - Move resolutions in mediawiki.py to a text file
+ - Investigate QuotaParseErrors
+
+- Other stuff
+ - Don't use the scripts heuristics unless we're on scripts with the
+ AFS patch. Check with `fs sysname`
+ - Make 'wizard summary' generate nice pretty graphs of installs by date
+ (more histograms, will need to check actual .scripts-version files.)
+ - It should be able to handle installs like Django where there's a component
+ that gets installed in web_scripts and another directory that gets installed
+ in Scripts.
+ - ACLs is a starting point for sending mail to users, but it has
+ several failure modes:
+ - Old maintainers who don't care who are still on the ACL
+ - Private AFS groups that aren't mailing lists and that we
+ can't get to
+ A question is whether or not sending mail actually helps us:
+ many users will probably have to come back to us for help; many
+ other users won't care.
PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
- Currently all repositories are initialized with --shared, which
means they have basically ~no space footprint. However, it
- also means that /mit/scripts/wizard/srv MUST NOT lose revs.
+ also means that /mit/scripts/wizard/srv MUST NOT lose revs after
+ deployment.
- Full fledged logging options. Namely:
x all loggers (delay implementing this until we actually have debug stmts)
x stdout logger
- default is WARNING (see below for exception)
- verbose => loglevel = INFO
- x file logger (only allowed for serial processing)
+ x file logger (creates a dir and lots of little logfiles)
- default is OFF
- log-file => loglevel = INFO
- x database logger (necessary for parallel processing, not implemented)
- - default is OFF
- - log-db => loglevel = INFO
-
-- More on the database logger: it will be very simple with one
- table named `logs` in SQLite, with columns: `job`, `level`,
- `message`. Job identifies the subprocess/thread that emitted
- the log, so things can be correlated together. We will then
- have `wizard dump` which takes a database like this and dumps
- it into a file logger type file. The database may also store
- a queue like structure which can be used to coordinate jobs.
OVERALL PLAN:
* The new procedure for generating an update is as follows:
(check out the mass-migration instructions for something in this spirit,
- although uglier in some ways; A indicates the step /should/ be automated.)
+ although uglier in some ways; A indicates the step /should/ be automated)
0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
-A 1. Have the Git repository and working copy for the project on hand.
+ 1. Have the Git repository and working copy for the project on hand.
+
+/- wizard prepare-pristine --
A 2. Checkout the pristine branch
A 6. Check for empty directories and add stub files as necessary.
Use `preserve-empty-dir`
-A 7. Git add it all, and then commit as a new pristine version (v1.2.3)
+\---
+
+ 7. Git add it all, and then commit as a new pristine version (v1.2.3)
-A 8. Checkout the master branch
+ 8. Checkout the master branch
9. [FOR EXISTING REPOSITORIES]
Merge the pristine branch in. Resolve any conflicts that our
to keep our history clean
[FOR NEW REPOSITORIES]
- See if any patches are needed to make this run smoothly on
- scripts.
+ Check if any patches are needed to make the application work
+ on Scripts (ideally, it shouldn't.
+
+/- wizard prepare-new --
+
+ Currently not used for anything besides parallel-find.pl, but
+ we reserve the right to place files in here in the future.
- [FOR NEW REPOSITORIES]
A mkdir .scripts
A echo "Deny from all" > .scripts/.htaccess
- touch .scripts/update
- chmod a+x .scripts/update
- 10. Check if there are any special update procedures, and update/create the
- .scripts/update shell script as necessary (this means that any
- application specific update logic will be kept with the actual
- source code. The language of this update script will vary
- depending on context.)
+\---
+
+ 10. Check if there are any special update procedures, and update
+ the wizard.app.APPNAME module accordingly (or create it, if
+ need be).
- 11. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
+ 11. Run 'wizard prepare-config' on a scripts server while in a checkout
+ of this newest version. This will prepare a new version of the
+ configuration file based on the application's latest installer.
+ Manually merge back in any custom changes we may have made.
+ Check if any of the regular expressions need tweaking by inspecting
+ the configuration files for user-specific gunk, and modify
+ wizard.app.APPNAME accordingly.
+
+ 12. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
you are amending an install without an upstream changes)
NOTE: These steps should be run on a scripts server
- 12. Test the new update procedure using
- `wizard upgrade --with=/path/to/repo /your/autoinstall` (this will
- read out master as your "latest" version).
- Use git commit --amend to fix any bugs (alternatively, squash them
- together later).
+ 13. Test the new update procedure using our test scripts. See integration
+ tests for more information on how to do this.
- 13. You can also do a "mass" version of this using:
- `wizard -d testbed.txt massupgrade --with=/path/to/repo app`
- You'll need perms for any testbed stuff you want. (not implemented)
+ http://scripts.mit.edu/wizard/testing.html#acceptance-tests
GET APPROVAL BEFORE PROCEEDING ANY FURTHER
scripts-security-upd to get bits to do this. Make sure you remove
these bits when you're done.
- 14. Run `wizard research appname`
+A 14. Run `wizard research appname`
which uses Git commands to check how many
working copies apply the change cleanly, and writes out a logfile
with the working copies that don't apply cleanly. It also tells
us about "corrupt" working copies, i.e. working copies that
have over a certain threshold of changes.
- 15. Run `wizard massupgrade appname`, which applies the update to all working
+A 15. Run `wizard mass-upgrade appname`, which applies the update to all working
copies possible, and sends mail to users to whom the working copy
did not apply cleanly.
16. Run parallel-find.pl to update our inventory
-* For mass importing into the repository, the steps are:
- (this probably won't ever be automated, becuase there are fiddly bits)
-
-[TO SET IT UP]
-# let app-1.2.3 be the scripts folder originally in deploydev
-# let this folder be srv/
-# you can also do a git clone
- mkdir app
- cd app
- git init
- cd ..
-unfurl app-1.2.3 app # [FIDDLY BIT]
-# NOTE: contents of application are now in app directory
-cd app
-git add .
-git commit -s -m "App 1.2.3"
-git tag v1.2.3
-git branch pristine
-# NOTE: you're still on master branch
-# WARNING: the following operation might require -p1
-patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
-# NOTE: please sanity check the patch!
-git add .
-# NOTE: -a flag is to handle if the patch deleted something
-git commit -as -m "App 1.2.3-scripts"
-git tag v1.2.3-scripts
-
-[TO ADD AN UPDATE]
-# let this folder be srv/app.git
-git checkout pristine
-# NOTE: this preserves your .git folder, but removes everything
-wipe-working-dir .
-cd ..
-unfurl app-1.2.3 app # [FIDDLY BIT]
-cd app
-# NOTE: please sanity check app directory
-git add .
-# NOTE: -a is to take care of deletions
-git commit -as -m "App 1.2.3"
-git tag v1.2.3
-[FIDDLE AROUND. FIDDLE AROUND]
-[IF THE PATCH HAS CHANGED]
- # You are on the pristine branch
- # NOTE: Now, the tricky part (this is different from a real update)
- git symbolic-ref HEAD refs/heads/master
- # NOTE: Now, we think we're on the master branch, but we have
- # pristine copy checked out
- # NOTE: -p0 might need to be twiddled
- patch -p0 < ../app-1.2.3/app-1.2.3.patch
- git add .
- # COMMENT: used to git checkout .scripts here
- # then check if the directory needs an updated update script
- # NOTE: Fake the merge
- git rev-parse pristine > .git/MERGE_HEAD
-[IF THE PATCH HASN'T CHANGED]
- git checkout master
- git merge --no-commit pristine
-git commit -as -m "App 1.2.3-scripts"
-git tag v1.2.3-scripts
+* For mass importing into the repository, there are a few extra things:
-* The repository for a given application will contain the following files:
+ * Many applications had patches associated with them. Be sure to
+ apply them, so later merges work better.
- - The actual application's files, as from the official tarball
+ # the following operation might require -p1
+ patch -p0 < ../app-1.2.3/app-1.2.3.patch # [FIDDLY BIT]
- - A .scripts directory, which contains the following information:
+ * When running updates, if the patch has changed you will have to
+ do a special procedure for your merge:
- * .scripts/update shell script (with the +x bit set appropriately),
- which performs the commands necessary to update a script. This can
- be in any language. (XXX: This is going to get removed soon)
+ git checkout pristine
+ # NOTE: Now, the tricky part (this is different from a real update)
+ git symbolic-ref HEAD refs/heads/master
+ # NOTE: Now, we think we're on the master branch, but we have
+ # pristine copy checked out
+ # NOTE: -p0 might need to be twiddled
+ patch -p0 < ../app-1.2.3/app-1.2.3.patch
+ git add .
+ # reconstitute .scripts directory
+ git checkout v1.2.2-scripts -- .scripts
+ git add .scripts
+ # NOTE: Fake the merge
+ git rev-parse pristine > .git/MERGE_HEAD
- * .scripts/.htaccess to prevent this directory from being accessed
- from the web.
+ You could also just try your luck with a manual merge using the patch
+ as your guide.
- * .scripts/old-version (optional) the old value of .scripts-version,
- basically used for reverting an install to pre-migrated state.
+* The repository for a given application will contain the following files:
+
+ - The actual application's files, as from the official tarball
- * .scripts/lock (generated) which locks the autoinstall during an upgrade
+ - A .scripts directory, with the intent of holding Scripts specific files
+ if they become necessary.
+ * .scripts/lock (generated) which locks an autoinstall during upgrade
scripts.mit.edu / wizard.git / blobdiff