Page MenuHomePhabricator
Create Task
Maniphest T6941

Move private Phacility repos to Phacility
Closed, ResolvedPublic
Actions

Description

For dogfooding, we should move private repositories to Phacility (dotorg, corp, etc).

Revisions and Commits

Restricted Differential RevisionRestricted Diffusion Commit
rP Phabricator
D11800rP02b174c2af04 Allow a different SSH host to be set in Diffusion

Event Timeline

chad created this task.Jan 12 2015, 4:43 PM
chad raised the priority of this task from to Needs Triage.
chad updated the task description. (Show Details)
chad added a project: Phacility.
chad moved this task to v1 Open Beta on the Phacility board.
chad added subscribers: chad, epriestley, btrahan.
epriestley added a comment.Jan 12 2015, 4:45 PM

Specificaly, we should move these:

  • rPCORP
  • rPORG

We should not move these:

  • rCORE
  • rSERVICES
  • rSAAS
  • rSSH

..since moving them to the Phacility infrastructure would make it depend on itself, and could make disaster recovery very hard.

chad triaged this task as Normal priority.Jan 12 2015, 4:52 PM
epriestley moved this task from v1 Open Beta to v0 Closed Beta on the Phacility board.Feb 4 2015, 3:55 PM
Krenair added a subscriber: Krenair.Feb 8 2015, 5:12 PM
epriestley assigned this task to btrahan.Feb 13 2015, 8:13 PM
epriestley added a subscriber: deploy.

I'll send you an invite to phacility.phacility.com (or we could pick some cooler name), then just create new repos and push to them.

Pushing may need to wait for me to fix some diffusion.x settings so we give you the right push URI. If you can't push/clone, yell at me.

Once rPCORP is moved:

  • Create a @deploy bot on phacility.phacility.com and add the public key core/conf/keys/deploy.key to it. Give this user access to the repositories (leaving them at "All Users" is probably fine). This will let the core/remote scripts download and update the repostiory on the production hosts.
  • In CoreWorkflow->getHostConfig(), update the rPCORP URI to point at phacility.phacility.com instead of secure.phabricator.com.
  • Use core/bin/remote ssh corp001 to rm -rf /core/lib/phacility-corp (so the old URI doesn't stick), then core/bin/remote deploy corp001 to restore + upgrade. If that doesn't work, I probably screwed something up.
epriestley added a comment.Feb 13 2015, 8:15 PM

This creates a tiny amount of peril because we'll be hosting and deploying rPCORP on the same infrastructure, but I think it's reasonable to assume that updating our corporate site won't be very important in a disaster recovery scenario.

btrahan added a comment.Feb 17 2015, 10:27 PM

@epriestley - can you make me an admin on phacility meta ? (phacility.phacility.com)

also, my suggestion for a cool name is "meta".

epriestley added a comment.Feb 17 2015, 10:28 PM

Let me just make meta, I like that better than phacility.phacility.com and it's more obviously "special" (too short for users to register).

btrahan added a comment.EditedFeb 17 2015, 10:47 PM

Here's what I did so far and I am not sure this is the right way to move these things to begin with...

  • made sure I had a copy of rPORG on disc
  • create a new hosted repository on meta.phacility.com, copying the settings like name and callsign
    • restricted all policy to "Administrators"
  • went to rPORG on disc
    • git remote -v #just making sure I had something
    • git remote rm origin
    • git remote add origin <uri to repository in step 2>
    • git push -u origin master #push to new repository

It stalls out on this last step after quite some time.

ssh: connect to host meta.phacility.com port 22: Operation timed out
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
epriestley added a comment.Feb 17 2015, 10:48 PM

For the URL, try meta@vault.phacility.com instead of meta@meta.phacility.com. If that doesn't work, I need to go fix some stuff.

btrahan added a comment.Feb 17 2015, 10:50 PM

Still fails with that change, but I get a new error...! I probably need to add ssh keys or something to meta for this to work too, right?

14:48:48 ~/Dropbox/code/phabricator-org (master)
~> git push -u origin master
ssh_exchange_identification: Connection closed by remote host
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
14:49:02 ~/Dropbox/code/phabricator-org (master)
~> git remote -v
origin	ssh://meta@vault.phacility.com/diffusion/PORG/phabricator-org.git (fetch)
origin	ssh://meta@vault.phacility.com/diffusion/PORG/phabricator-org.git (push)
btrahan added a comment.Feb 17 2015, 10:55 PM

...added my public key which works great on this instance with this laptop and I still get the ssh_exchange_identification flavor of the error.

epriestley claimed this task.Feb 17 2015, 11:03 PM

I'll figure out what's going on, I haven't really tested the setup end-to-end and probably have something broken somewhere.

epriestley added a revision: D11800: Allow a different SSH host to be set in Diffusion.Feb 18 2015, 4:20 PM
epriestley added a commit: rP02b174c2af04: Allow a different SSH host to be set in Diffusion.Feb 18 2015, 6:51 PM
epriestley reassigned this task from epriestley to btrahan.Feb 18 2015, 7:40 PM

There were like 10 little things that needed to be fixed, but I think this works now -- I pushed rPORG up. Try the rest of it and see what else you run into?

btrahan added a revision: Restricted Differential Revision.Feb 18 2015, 7:57 PM
btrahan added a commit: Restricted Diffusion Commit.Feb 18 2015, 7:58 PM
btrahan closed this task as Resolved.Feb 18 2015, 8:58 PM

This is now resolved. I've made two commits to each repository at their new home on meta.phacility.com. :D

Phabricator · Built by Phacility