TODO NOW:
-- Add repository flag to migrate so that we can specify an
+- Better error message if daemon/scripts-security-upd
+ is not on scripts-security-upd list
+
+- Add repository flag so that we can specify an
arbitrary repository to migrate to
-- Move repositories
+- Fix retarded logging mechanism
- The great initial deploy:
- Turn on mediawiki new autoinstaller
- - Migrate all mediawik installs
+ - Migrate all mediawiki installs
+
+- Testing:
+ - Need a scriptable autoinstaller, which means we rewrite
+ all of the autoinstall machinery. This doesn't need
+ to be able to create pre-wizard autoinstalls, since migration
+ is easy to test+revert
+
+- Build automation for generating config files; this automation
+ will be shared with the migrate script and the installer script
+ (migrate script needs to be able to pull out values from config
+ file, so will we; installer script needs to be able to run
+ the installer to generate config files, so will this)
- Implement proper deploy log parsing; this basically means we
need to be able to introspect Git Log. Consider using git-python
- for this. There's also missing functionality, bad error handling
- and hacks in the prototype implementation of upgrade
+ for this.
-- Wordpress needs to have .scripts dir in all -scripts versions
- (remember --no-walk!) (also make .scripts/.htaccess)
-- Wordpress needs to have a .scripts/update script written for
- its latest version (do this after its migration)
+- This should all be automated:
+ - Wordpress needs to have .scripts dir in all -scripts versions
+ (also make .scripts/.htaccess)
+ - Wordpress needs to have a .scripts/update script written for
+ its latest version (do this after its migration)
+ - Wordpress needs to check for php.ini files (which it almost
+ certianly has) and commit messages
+ - Wordpress needs user config and php.ini links made
- Summary script should be more machine friendly, and should not
output summary charts when I increase specificity
+- Summary script needs to be updated for new format
- Check how many autoinstalls are missing w bits for
daemon.scripts (this would need pyafs)
+- Make scripts AFS patch advertise its existence so we can check for it
+
+PULLING OUT CONFIGURATION FILES IN AN AUTOMATED MANNER
+
+advancedpoll: Template file to fill out
+django: Noodles of template files
+gallery2: Multistage install process
+joomla: Template file
+mediawiki: One-step install process
+phpbb: Multistage install process
+phpical: Template file
+trac: NFC
+turbogears: NFC
+wordpress: Multistage install process
+
+PHILOSOPHY ABOUT LOGGING
+
+Logging is most useful when performing a mass run. This
+includes things such as mass-migration as well as when running
+summary reports. An interesting property about mass-migration
+or mass-upgrade, however, is that if they fail, they are
+idempotent, so an individual case can be debugged simply running
+the single-install equivalent with --debug on. (This, indeed,
+may be easier to do than sifting through a logfile).
+
+It is a different story when you are running a summary report:
+you are primarily bound by your AFS cache and how quickly you can
+iterate through all of the autoinstalls. Checking if a file
+exists on a cold AFS cache may
+take several minutes to perform; on a hot cache the same report
+may take a mere 3 seconds. When you get to more computationally
+expensive calculations, however, even having a hot AFS cache
+is not enough to cut down your runtime.
+
+There are certain calculations that someone may want to be
+able to perform on manipulated data. As such, this data should
+be cached on disk, if the process for extracting this data takes
+a long time. Also, for usability sake, Wizard should generate
+the common case reports.
+
+Ensuring that machine parseable reports are made, and then making
+the machinery to reframe this data, increases complexity. Therefore,
+the recommendation is to assume that if you need to run iteratively,
+you'll have a hot AFS cache at your fingerprints, and if that's not
+fast enough, then cache the data.
COMMIT MESSAGE FIELDS:
us from having to migrate and update concurrently. Treat
a scripts2 upgrade from migration the same way you would treat
a botched scripts upgrade.
+ ADDENDUM: You MUST NOT migrate to a -scripts2 version; the
+ machinery can't actually handle this.
- Currently all repositories are initialized with --shared, which
means they have basically ~no space footprint. However, it
on documenting them. Specifically, we will be keeping:
- parallel-find.pl, and the resulting
- /mitalso make .scripts/.htaccess/scripts/sec-tools/store/scriptslist
- This script might need to be adapted if we decide to nuke
- .scripts-version files.
-
- - The current install scripts will be kept in place, sans changes
- necessary to make them use Git install of copying the script over.
- Porting these scripts to Python and making them modular would be
- nice, but is priority. For the long term, seeing this scripts
- be packaged with rest of our code would be optimal.
+ /mit/scripts/.htaccess/scripts/sec-tools/store/scriptslist
* The new procedure for generating an update is as follows:
(check out the mass-migration instructions for something in this spirit,
0. ssh into not-backward, temporarily give the daemon.scripts-security-upd
bits by blanching it on system:scripts-security-upd, and run parallel-find.pl
- 1. Have the Git repository and working copy for the project on hand.
+A 1. Have the Git repository and working copy for the project on hand.
- 2. Checkout the pristine branch
+A 2. Checkout the pristine branch
- 3. Remove all files from the working copy. Use `wipe-working-dir`
+A 3. Remove all files from the working copy. Use `wipe-working-dir`
- 4. Download the new tarball
+A 4. Download the new tarball
- 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
- remember that the working copy is empty)
+A 5. Extract the tarball over the working copy (`cp -R a/. b` works well,
+ remember that the working copy is empty; this needs some intelligent
+ input)
- 6. Check for empty directories and add stub files as necessary.
+A 6. Check for empty directories and add stub files as necessary.
Use `preserve-empty-dir`
- 7. Git add it all, and then commit as a new pristine version (v1.2.3)
+A 7. Git add it all, and then commit as a new pristine version (v1.2.3)
- 8. Checkout the master branch
+A 8. Checkout the master branch
9. [FOR EXISTING REPOSITORIES]
Merge the pristine branch in. Resolve any conflicts that our
scripts.
[FOR NEW REPOSITORIES]
- mkdir .scripts
- echo "Deny from all" > .scripts/.htaccess
+A mkdir .scripts
+A echo "Deny from all" > .scripts/.htaccess
touch .scripts/update
chmod a+x .scripts/update
11. Commit your changes, and tag as v1.2.3-scripts (or scripts2, if
you are amending an install without an upstream changes)
+ NOTE: These steps should be run on a scripts server
+
12. Test the new update procedure using
`wizard upgrade --with=/path/to/repo /your/autoinstall` (this will
read out master as your "latest" version).
13. You can also do a "mass" version of this using:
`wizard -d testbed.txt massupgrade --with=/path/to/repo app`
- You'll need perms for any testbed stuff you want.
+ You'll need perms for any testbed stuff you want. (not implemented)
GET APPROVAL BEFORE PROCEEDING ANY FURTHER
which uses Git commands to check how many
working copies apply the change cleanly, and writes out a logfile
with the working copies that don't apply cleanly. It also tells
- us about "corrupt" working copies.
+ us about "corrupt" working copies, i.e. working copies that
+ have over a certain threshold of changes.
15. Run `wizard massupgrade appname`, which applies the update to all working
copies possible, and sends mail to users to whom the working copy
- did not apply cleanly. It also frobs .scripts-version for successful
- upgrades (maybe not, depending on our plans).
+ did not apply cleanly.
16. Run parallel-find.pl to update our inventory
directory as a sanity check. Additionally, we could have
the application read out of this file.
- * .scripts/old-version (optional) the old value of .scripts-versoin
-
- * .scripts/install (eventually) interactively installs the
- applicatoin from command line.
+ * .scripts/old-version (optional) the old value of .scripts-version
-* The autoupgrade shall be the process of:
+ * .scripts/version something like "app-1.2.3-scripts"
- # Make the directory not accessible by the outside world (htaccess, but be careful!)
- git add -u .
- git commit -m 'automatically generated backup'
- git pull origin master
- if [ $? ne 0 ]; then git reset --hard; echo 'conflicts during upgrade'; fi
- ./.scripts/update
- # Make it accessible
+ * .scripts/install (eventually) interactively installs the
+ application from command line. (This might go into wizard.app
+ Python module)
- (with some more robust error checking, a proper dry run mechanism to, and
- lots of su'ing)
+ * .scripts/lock which locks the autoinstall during an upgrade
* Make 'wizard summary' generate nice pretty graphs of installs by date
(more histograms, will need to check actual .scripts-version files.)
-* Update AFS patch to advertise its existence, so we can check for it
- here.