Re: [PATCH 00/12] Plannings for secure-testing repository migration to git

To: debian-security-tracker@lists.debian.org
Subject: Re: [PATCH 00/12] Plannings for secure-testing repository migration to git
From: Guido Günther <agx@sigxcpu.org>
Date: Thu, 28 Dec 2017 12:33:27 +0100
Message-id: <[🔎] 20171228113327.GA13094@bogon.m.sigxcpu.org>
Mail-followup-to: Guido Günther <agx@sigxcpu.org>, debian-security-tracker@lists.debian.org
In-reply-to: <[🔎] 20171227223253.GA27822@eldamar.local>
References: <[🔎] 20171227194301.32105-8-carnil@debian.org> <[🔎] 20171227194301.32105-7-carnil@debian.org> <[🔎] 20171227194301.32105-6-carnil@debian.org> <[🔎] 20171227194301.32105-5-carnil@debian.org> <[🔎] 20171227194301.32105-4-carnil@debian.org> <[🔎] 20171227194301.32105-3-carnil@debian.org> <[🔎] 20171227194301.32105-2-carnil@debian.org> <[🔎] 20171227194301.32105-1-carnil@debian.org> <[🔎] 20171227201452.GA27383@bogon.m.sigxcpu.org> <[🔎] 20171227223253.GA27822@eldamar.local>

Hi,
On Wed, Dec 27, 2017 at 11:32:53PM +0100, Salvatore Bonaccorso wrote:
[..snip..]
> have that already :). But I'm unahappy with my current versions, thus
> I have not sent those yet. Basically: I'm struggling with a proper
> replacement of such constructs:
> 
> cd /srv/security-tracker.debian.org/website/secure-testing/data && svn update && ../bin/update && svn commit -qm "automatic update" CVE && cd CVE && ../../bin/bts-update list

   cd /srv/security-tracker.debian.org/website/security-tracker/data && git pull origin master && ../bin/update && git commit -qm "automatic update" CVE && git push origin master && cd CVE && ../../bin/bts-update list

git commit might fail if there are no changes so we need to either guard
for that or use --allow-empty. git push might fail as well if there were
pushes in between. Since there are several commands that

    pull, modify, commit push

should we move this to a script that

    pulls, invokes the modification command, commits when there are
    changes, pushes. If that fails merges again && pushes again.

That won't save you from merge conflicts but that's the same with SVN a
assume?
Cheers,
 -- Guido

> > Should we create WiP/git-migration branches in the secure-testing and
> > security-tracker-service repos so others can send in pull requests?
> > 
> > We could rebase the branch in the secure-testing repo from time to time
> > so catch up with the changes in the svn repo.
> 
> Give me a bit of time to think about it. My intention was to not
> clutter now what we have on salsa as mirror and constantly push
> updates there. And once we go live, add the Debian group as allowed to
> push, and block the original svn repository.  I would like to avoid
> that people already start pushing to the git repository directly.
> 
> Or do you mean to still create the branches on the git repo on salsa
> (accessible readonly, so that people can contribute based on that,
> rather based on patch for pull requests? As said, I would like to not
> operate directly on the git repo until the switch  to not cause
> problems. Our live instance is currently still the svn repo).
> 
> I would expect we solve the open problems soonish enough so we can do
> the switch. That is:
> 
> 1/ desire of commit mailinglist
> 2/ how to do the updates with the sectracker role account specific to
> some files (e.g. automatic updates, data/CVE/list update, dsa
> canditate finding).
> 
> Thanks a lot for your contribution Guido!
> 
> Salvatore
>

Reply to:

Follow-Ups:
- Splitting the security-tracker repo [was Re: [PATCH 00/12] Plannings for secure-testing repository migration to git]
  - From: Guido Günther <agx@sigxcpu.org>

References:
- [PATCH 07/12] tracker service: Update references in footer to salsa
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 06/12] tracker service: Refer to the salsa project on the help out section
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 05/12] Cleanup documentation after move from Alioth to Salsa
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 04/12] In DLA mode: if git checkout found ask to push changes
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 03/12] update-lists: Update lists in data in git checkout
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 02/12] check-new-issues: Do not mention svn command for review process
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 01/12] review-update-needed: Adjust error message to only mention git checkout
  - From: Salvatore Bonaccorso <carnil@debian.org>
- [PATCH 00/12] Plannings for secure-testing repository migration to git
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: [PATCH 00/12] Plannings for secure-testing repository migration to git
  - From: Guido Günther <agx@sigxcpu.org>
- Re: [PATCH 00/12] Plannings for secure-testing repository migration to git
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Re: [PATCH 00/12] Plannings for secure-testing repository migration to git
Next by Date: Re: [PATCH 00/12] Plannings for secure-testing repository migration to git
Previous by thread: Re: [PATCH 00/12] Plannings for secure-testing repository migration to git
Next by thread: Splitting the security-tracker repo [was Re: [PATCH 00/12] Plannings for secure-testing repository migration to git]
Index(es):
- Date
- Thread