Dan Langille

I've been playing with Open Source software, starting with FreeBSD, since New Zealand Post installed DSL on my street in 1998. From there, I started writing at The FreeBSD Diary, moving my work here after I discovered WordPress. Along the way, I started the BSDCan and PGCon conferences. I slowly moved from software development into full time systems administration and now work for very-well known company who has been a big force in the security industry.

Jul 092022
 

The July 4th tweet announced “dev, test, and stage .freshports.org are now running Python 3.9”. Three days later, “Is it coincidental that dev, test, and stage are all stuck on commits from July 4?”

I took notes as I explored the problem. The first clue was:


2022.07.07 00:12:03 git-delta.sh /usr/local/libexec/freshports/git-to-freshports-xml.py –repo ports –path /var/db/ingress/repos/ports –branch main –commit-range e92af65a1220ad4e3a567f67e3ab0ff259910631..271ce919763ea8e3bad7f642f13e4cc13fbad5ce –spooling /var/db/ingress/message-queues/spooling –output /var/db/ingress/message-queues/incoming
/usr/local/libexec/freshports/git-delta.sh: /usr/local/libexec/freshports/git-to-freshports-xml.py: not found

That file exists:

[dev-ingress01 dan /var/log/freshports] % pkg which /usr/local/libexec/freshports/git-to-freshports-xml.py                                                                                                                         19:27:27
/usr/local/libexec/freshports/git-to-freshports-xml.py was installed by package py39-freshports-git-proc-commit-0.1.1

The problem was the shebang:

[dev-ingress01 dan /var/log/freshports] % head /usr/local/libexec/freshports/git-to-freshports-xml.py                                                                                                                              19:27:46
#!/usr/local/bin/python3.8


Yeah, I shouldn't be doing that.

The code was fixed. Later, I modified the code to raise alarms which would be noticed.

Catching up on missing code

The code is now catching up on commits made after July 7th, because that’s when commit processing was manually stopped. Next, the system needs to process commits between July 4th and July 7th.

When a commits are processed, the hash of the last commit found is stored as a tag in the local copy of the repo. This tag is used as a reference when processing next occurs. It is the starting point. The old code was updating the even though processing failed to create the required XML file[s]. The new code does not not make this error.

My job now is is locate the hash of the missing code and reset it.

Looking at the data

Here is the SQL I ran. I should put this into a page on FreshPorts. It might be useful.

freshports.devgit=# select * from repo;
 id | name  |      description       |   repo_hostname    | path_to_repo | repository | db_root_prefix 
----+-------+------------------------+--------------------+--------------+------------+----------------
  1 | ports | The FreeBSD Ports tree | svnweb.freebsd.org | /ports       | subversion | 
  2 | doc   | The FreeBSD doc tree   | svnweb.freebsd.org | /doc         | subversion | 
  3 | src   | The FreeBSD src tree   | svnweb.freebsd.org | /base        | subversion | 
  9 | src   | The FreeBSD src tree   | cgit.freebsd.org   | /src         | git        | /base
  8 | doc   | The FreeBSD doc tree   | cgit.freebsd.org   | /doc         | git        | /doc
  7 | ports | The FreeBSD Ports tree | cgit.freebsd.org   | /ports       | git        | /ports
(6 rows)


freshports.devgit=# select id, message_id from commit_log where repo_id = 7 order by message_date desc limit 1;
   id   |                message_id                
--------+------------------------------------------
 911534 | db5eeb201b93c19c42724ec98f8ca1be9e88db15
(1 row)

freshports.devgit=# select id, message_id from commit_log where repo_id = 8 order by message_date desc limit 1;
   id   |                message_id                
--------+------------------------------------------
 911515 | 21de22b400a3970b2d3d4b2831c44702698f57e7
(1 row)

freshports.devgit=# select id, message_id from commit_log where repo_id = 9 order by message_date desc limit 1;
   id   |                message_id                
--------+------------------------------------------
 911537 | 03473e8ec8fa8d0f1ea30f85d8796ea9bf94bf29
(1 row)

freshports.devgit=#

I ran similar queries on test and stage to see how that works. They had different id values for repo_id, but the results were the same. I expect this, but verified it. This means I can run the same git tag commands on each database instance.

I know that I can do that in one query, but I can’t recall how. I have it in code somewhere.

Confirming the dates

I confirmed the dates of the above commits and compared it against the Python upgrade.

  1. src: 03473e8ec8fa8d0f1ea30f85d8796ea9bf94bf29 2022.07.04 20:45:04
  2. doc: 21de22b400a3970b2d3d4b2831c44702698f57e7 2022.07.04 16:51:02
  3. ports: db5eeb201b93c19c42724ec98f8ca1be9e88db15 2022.07.04 20:30:03

When was Python updated?

[dev-ingress01 dan /usr/local/libexec/freshports] % grep python39 /var/log/messages
Jul  4 20:49:21 dev-ingress01 pkg[66393]: python39-3.9.13 installed

Those dates look right.

Where I started to understand the tag

This is where I got confused and was not sure of the exact approach. The code did this


git tag -m “last known commit of ${refname}” -f freshports/${refname} ${refname}

The confusing part was parsing the above:


git tag -m “last known commit of main/origin” -f freshports/origin/main origin/main

I expected this command to take a commit hash. In a way, it is. It’s saying: the last commit I processed is the most recent commit (the one at the top).

Ahh! OK, but I can also supply a hash.

Let’s review the command:

  1. -m Use the given tag message
  2. -f Replace an existing tag with the given name (instead of failing)

What this does: it tags the last commit with freshports/origin/main.

The code uses that later. See my annotation of the code where I explain the code to myself. See also my attempt to find an online code reviewer and my earlier misunderstanding and reading of that code. That confusion lasted about 2 hours but I’m much better for it now.

Setting the tag

Let’s do it for doc first, because that’s a much lower volume repo.

Setting this will cause duplicate commits to be processed, but if a commit is already in FreshPorts, it is not reloaded into the database. I could invoke git-to-freshports-xml.py with a range, but I’d rather do it this way.

This would be:


git tag -m “last known commit of main/origin” -f freshports/origin/main 21de22b400a3970b2d3d4b2831c44702698f57e7

That hash value is from an earlier section.

[dev-ingress01 dan ~ingress/repos/doc] % echo 'git tag -m "last known commit of main/origin" -f freshports/origin/main 21de22b400a3970b2d3d4b2831c44702698f57e7' | sudo su -fm ingress
Updated tag 'freshports/origin/main' (was 6a70cd2969)

Now I wait…

There we go:

[dev-ingress01 dan ~ingress/repos/ports] % sudo xtail /var/log/freshports

*** /var/log/freshports/freshports.log ***
Jul  9 16:51:00 dev-ingress01 FreshPorts[10344]: into /usr/local/etc/periodic/everythreeminutes/100.fp_system_status
Jul  9 16:51:00 dev-ingress01 FreshPorts[10392]: into /usr/local/etc/periodic/everythreeminutes/215.fp_check_git_for_commits

*** /var/log/freshports/ingress-daemon.log ***
Jul  9 16:51:00 dev-ingress01 check_for_git_commits.sh[10398]: touching ~ingress/signals/check_git ~ingress/signals/job_waiting
Jul  9 16:51:00 dev-ingress01 check_for_git_commits.sh[10428]: done touching, going away now
Jul  9 16:51:02 dev-ingress01 ingress[71055]: yes, there is a job waiting
Jul  9 16:51:02 dev-ingress01 ingress[71055]: running /usr/local/bin/perl ./job-waiting.pl
Jul  9 16:51:02 dev-ingress01 ingress[71055]: from directory  /usr/local/libexec/freshports
Jul  9 16:51:02 dev-ingress01 ingress[71055]: -rw-r--r--  1 dan  dan  2571 Apr 24 18:40 ./job-waiting.pl

*** /var/log/freshports/freshports.log ***
Jul  9 16:51:03 dev-ingress01 FreshPorts[11369]: running job-waiting.pl 
Jul  9 16:51:03 dev-ingress01 FreshPorts[11369]: starting ./job-waiting.pl (/usr/local/libexec/freshports) 
Jul  9 16:51:03 dev-ingress01 FreshPorts[11369]: running ./job-waiting.pl as user = 'ingress' (/usr/local/libexec/freshports) 
Jul  9 16:51:03 dev-ingress01 FreshPorts[11369]: checking jobs for ingress (/usr/local/libexec/freshports) 
Jul  9 16:51:03 dev-ingress01 FreshPorts[11369]: /var/db/ingress/signals/check_git exists.  About to run check_git.sh (/usr/local/libexec/freshports) 
Jul  9 16:51:03 dev-ingress01 check_git.sh[11437]: /usr/local/libexec/freshports/check_git.sh has started
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '16f7503065af6905cf0c89f6bbe0c5f4e22d7058 website/themes/beastie/i18n/fr.toml: Fix some typos'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit 'd0e5718b926292f7e85b47a28c05fe7f5a143554 website/content/fr/where.adoc: Fix translation'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '21b5dd496e13ab140eee747d64e9dc4b477a222c - traditional Chinese Translation of the news items (March 2022)'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '5286308fc42391f43fa675580dd67e12521490bb fix build'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '763a2c6fbdf6f219a8c4d2880c25212d3af7467f - traditional Chinese Translation of the news items (April 2022)'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '19586a4dd1e7c2b65f9563e7c49c04814f8ab153 - traditional Chinese Translation of the news items (May 2022)'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '47dcae406e2e0ee34e3766dd9ee04ae4d10642b8 - traditional Chinese Translation of the news items (June 2002)'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit 'a6a3fc9c74a1a055bff161440220ca819caa15a8 fix typo and an untranslated item.'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit 'f814150c1af932259a239ad01c0237f58bdce402 New committer (doc): Graham Perrin, grahamperrin@'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '3a4370a41f988ad0b30f1f256c6ac73aa6e9b248 - traditional Chinese Translation of the latest news item (2022-06-01)'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit 'd9b55a60fba211836e97d39920c55a83cc4443b6 Update information about the clusteradm team'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit 'e321dc3829ee30d5eebdd4d14027dba139d85fc1 [doc-es][articles/contributors]: Keep up with latest changes'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '346a108dfb5f7bbfc2ccbe844c6a6a1aff449442 [doc-es][articles/contributing] Keep up with latest changes'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '43995b87b0ab9b5250283f5338ba824ee9bf32a8 Document FreeBSD version 1400062 and 1400063'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '8ae6611622a426406377d55a0b75ad9965a74ac2 Document FreeBSD version 1301505'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '393a57488dec89f58455ffdb9d3f94dcb03bf080 Document FreeBSD version 1203506 and 1203507'
Jul  9 16:51:03 dev-ingress01 git-to-freshports-xml.py[11506]:[INFO] Processing commit '31fe9dc1198f997305ace049b055254007fc7963 Update CORE Team liaison'

Checking… that first commit is from 4 July.

Looking in the logs, here’s one which was processed but already in the database:

[dev-ingress01 dan ~freshports/message-queues/recent] % cat 2022.07.08.20.04.11.000016.31fe9dc1198f997305ace049b055254007fc7963.log                                                      16:53:36
grabbing categories from disk
'accessibility arabic archivers astro audio base benchmarks biology cad chinese comms converters databases deskutils devel distfiles dns editors emulators finance french ftp games german graphics hebrew hungarian irc japanese java korean lang mail math misc multimedia net net-im net-mgmt net-p2p news polish ports-mgmt portuguese print russian science security shells sysutils textproc ukrainian vietnamese www x11 x11-clocks x11-drivers x11-fm x11-fonts x11-servers x11-themes x11-toolkits x11-wm'
categories already loaded
about to process
finished setting up the Parser
Processing file [/var/db/ingress/message-queues/incoming/2022.07.08.20.04.11.000016.31fe9dc1198f997305ace049b055254007fc7963.xml]...
parsing file now


 *** start of all updates ***


 *** end of all updates *** 
source in getSource is 'git'
That commit is of Type: 'git'
EOF
invoking XML_Munge_git because this is a git commit
about to process
Observer has noticed that processing has begun.
finished setting up the Parser
Processing file [/var/db/ingress/message-queues/incoming/2022.07.08.20.04.11.000016.31fe9dc1198f997305ace049b055254007fc7963.xml]...
dbname = freshports.devgit
parsing file now


 *** start of all updates ***

 --- start of an update --- 

 --- end of OS --- 
OS is 'FreeBSD' : branch = 'main' for git
after converting '$Updates{branch_git}' we have 'head'
next we need to strip any leading 'branches/' prefix
OS is 'FreeBSD' : branch = 'main' for git
OS is 'FreeBSD' : branch = 'head' for git
OS is 'FreeBSD' : branch = 'head' for database names
sql = 'select SystemIDGet('FreeBSD')'
SystemBranchIDGetOrCreate has converted 'head' to 'head' which will be used in the database
sql = 'select SystemBranchIDGet(1, 'head')'
OS is 'FreeBSD' (1) : branch = head (1)
found Committer= [bofh]
found Author= [Muhammad Moinur Rahman]
OS                   = [FreeBSD]
Branch git           = [main]
branch_database_name = [head]
branch_for_files     = [head]
Committer            = [bofh]
Date                 = [2022/07/08 20:04:11 UTC]
Repository     = [doc]
Revision       = [31fe9dc1198f997305ace049b055254007fc7963]
MessageId      = [31fe9dc1198f997305ace049b055254007fc7963]
short hash     = [31fe9dc]
Subject        = [Update CORE Team liaison]
Log            = [Update CORE Team liaison

The new CORE.12 has decided on their roles about liaisons with other
administrative teams.

Approved by:	core (bofh with core-secretary@ hat on)]
into handle_message_end, let's save that message now!

xml_munge_git.pm::SaveUpdateToDB --- start
GetExistingMessageID => sql=select id from commit_log where message_id = '31fe9dc1198f997305ace049b055254007fc7963'
message 31fe9dc1198f997305ace049b055254007fc7963 has already been added to the database
no commit id returned.  we'll just exit now shall we?

Good. Now I feel better. Let’s try src next.

src

First, the magic:

[dev-ingress01 dan ~ingress/repos/src] % echo 'git tag -m "last known commit of main/origin" -f freshports/origin/main 03473e8ec8fa8d0f1ea30f85d8796ea9bf94bf29' | sudo su -fm ingress
Updated tag 'freshports/origin/main' (was ea1d45c89a1)

There we go:

*** /var/log/freshports/freshports.log ***
Jul  9 16:57:00 dev-ingress01 FreshPorts[43668]: into /usr/local/etc/periodic/everythreeminutes/100.fp_system_status
Jul  9 16:57:00 dev-ingress01 FreshPorts[43694]: into /usr/local/etc/periodic/everythreeminutes/215.fp_check_git_for_commits

*** /var/log/freshports/ingress-daemon.log ***
Jul  9 16:57:00 dev-ingress01 check_for_git_commits.sh[43698]: touching ~ingress/signals/check_git ~ingress/signals/job_waiting
Jul  9 16:57:00 dev-ingress01 check_for_git_commits.sh[43724]: done touching, going away now
Jul  9 16:57:02 dev-ingress01 ingress[71055]: yes, there is a job waiting
Jul  9 16:57:02 dev-ingress01 ingress[71055]: running /usr/local/bin/perl ./job-waiting.pl
Jul  9 16:57:02 dev-ingress01 ingress[71055]: from directory  /usr/local/libexec/freshports
Jul  9 16:57:02 dev-ingress01 ingress[71055]: -rw-r--r--  1 dan  dan  2571 Apr 24 18:40 ./job-waiting.pl

*** /var/log/freshports/freshports.log ***
Jul  9 16:57:02 dev-ingress01 FreshPorts[43818]: running job-waiting.pl 
Jul  9 16:57:02 dev-ingress01 FreshPorts[43818]: starting ./job-waiting.pl (/usr/local/libexec/freshports) 
Jul  9 16:57:02 dev-ingress01 FreshPorts[43818]: running ./job-waiting.pl as user = 'ingress' (/usr/local/libexec/freshports) 
Jul  9 16:57:02 dev-ingress01 FreshPorts[43818]: checking jobs for ingress (/usr/local/libexec/freshports) 
Jul  9 16:57:02 dev-ingress01 FreshPorts[43818]: /var/db/ingress/signals/check_git exists.  About to run check_git.sh (/usr/local/libexec/freshports) 
Jul  9 16:57:02 dev-ingress01 check_git.sh[43836]: /usr/local/libexec/freshports/check_git.sh has started

*** /var/log/freshports/git.log ***
2022.07.09 16:57:02 git-delta.sh has started. Will check these repos: 'doc ports src'
2022.07.09 16:57:02 git-delta.sh XML dir is /var/db/ingress/message-queues/incoming
2022.07.09 16:57:02 git-delta.sh Now processing repo: doc ---------------
2022.07.09 16:57:02 git-delta.sh REPODIR='/var/db/ingress/repos/doc' exists
2022.07.09 16:57:02 git-delta.sh Repodir is /var/db/ingress/repos/doc
2022.07.09 16:57:02 git-delta.sh Running: /usr/local/bin/git fetch:
2022.07.09 16:57:02 git-delta.sh fetch completed.
2022.07.09 16:57:02 git-delta.sh working on 'origin/main'
2022.07.09 16:57:02 git-delta.sh Is freshports/origin/main defined on the repo 'doc'?
2022.07.09 16:57:02 git-delta.sh running: git rev-parse -q --verify freshports/origin/main^{}
31fe9dc1198f997305ace049b055254007fc7963
2022.07.09 16:57:02 git-delta.sh the latest commit we have for freshports/origin/main is:
31fe9dc1198f997305ace049b055254007fc7963
2022.07.09 16:57:02 git-delta.sh Running: /usr/local/bin/git rev-list freshports/origin/main..origin/main
2022.07.09 16:57:02 git-delta.sh Done.
2022.07.09 16:57:02 git-delta.sh No commits were found
2022.07.09 16:57:02 git-delta.sh Now processing repo: ports ---------------
2022.07.09 16:57:02 git-delta.sh REPODIR='/var/db/ingress/repos/ports' exists
2022.07.09 16:57:02 git-delta.sh Repodir is /var/db/ingress/repos/ports
2022.07.09 16:57:02 git-delta.sh Running: /usr/local/bin/git fetch:
2022.07.09 16:57:03 git-delta.sh fetch completed.
2022.07.09 16:57:03 git-delta.sh working on 'origin/2021Q2'
2022.07.09 16:57:03 git-delta.sh Is freshports/origin/2021Q2 defined on the repo 'ports'?
2022.07.09 16:57:03 git-delta.sh running: git rev-parse -q --verify freshports/origin/2021Q2^{}
d1da14bab7a800be62786aeb321b781179ea8b3f
2022.07.09 16:57:03 git-delta.sh the latest commit we have for freshports/origin/2021Q2 is:
d1da14bab7a800be62786aeb321b781179ea8b3f
2022.07.09 16:57:03 git-delta.sh Running: /usr/local/bin/git rev-list freshports/origin/2021Q2..origin/2021Q2
2022.07.09 16:57:03 git-delta.sh Done.
2022.07.09 16:57:03 git-delta.sh No commits were found
2022.07.09 16:57:03 git-delta.sh working on 'origin/2021Q3'
2022.07.09 16:57:03 git-delta.sh Is freshports/origin/2021Q3 defined on the repo 'ports'?
2022.07.09 16:57:03 git-delta.sh running: git rev-parse -q --verify freshports/origin/2021Q3^{}
5d6eb9d394c16d3e3ff4816090470feb64b39239
2022.07.09 16:57:03 git-delta.sh the latest commit we have for freshports/origin/2021Q3 is:
5d6eb9d394c16d3e3ff4816090470feb64b39239
2022.07.09 16:57:03 git-delta.sh Running: /usr/local/bin/git rev-list freshports/origin/2021Q3..origin/2021Q3
2022.07.09 16:57:03 git-delta.sh Done.
2022.07.09 16:57:03 git-delta.sh No commits were found
2022.07.09 16:57:03 git-delta.sh working on 'origin/main'
2022.07.09 16:57:03 git-delta.sh Is freshports/origin/main defined on the repo 'ports'?
2022.07.09 16:57:03 git-delta.sh running: git rev-parse -q --verify freshports/origin/main^{}
f46a28a1965dcaae036a25b7f387cc5304a3890a
2022.07.09 16:57:03 git-delta.sh the latest commit we have for freshports/origin/main is:
f46a28a1965dcaae036a25b7f387cc5304a3890a
2022.07.09 16:57:03 git-delta.sh Running: /usr/local/bin/git rev-list freshports/origin/main..origin/main
2022.07.09 16:57:03 git-delta.sh Done.
2022.07.09 16:57:03 git-delta.sh No commits were found
2022.07.09 16:57:03 git-delta.sh Now processing repo: src ---------------
2022.07.09 16:57:03 git-delta.sh REPODIR='/var/db/ingress/repos/src' exists
2022.07.09 16:57:03 git-delta.sh Repodir is /var/db/ingress/repos/src
2022.07.09 16:57:03 git-delta.sh Running: /usr/local/bin/git fetch:
2022.07.09 16:57:03 git-delta.sh fetch completed.
2022.07.09 16:57:03 git-delta.sh working on 'origin/main'
2022.07.09 16:57:03 git-delta.sh Is freshports/origin/main defined on the repo 'src'?
2022.07.09 16:57:03 git-delta.sh running: git rev-parse -q --verify freshports/origin/main^{}
03473e8ec8fa8d0f1ea30f85d8796ea9bf94bf29
2022.07.09 16:57:03 git-delta.sh the latest commit we have for freshports/origin/main is:
03473e8ec8fa8d0f1ea30f85d8796ea9bf94bf29
2022.07.09 16:57:03 git-delta.sh Running: /usr/local/bin/git rev-list freshports/origin/main..origin/main
2022.07.09 16:57:03 git-delta.sh Done.
2022.07.09 16:57:03 git-delta.sh The commits found are:
2022.07.09 16:57:03 git-delta.sh dff31ae1c59cab9437e88bfd0f2abd35ddaa98f1
2022.07.09 16:57:03 git-delta.sh 9ef1127008ce94cf626daed346a3c1ee03063617
2022.07.09 16:57:03 git-delta.sh eec3290266bc09b4c4b4d875d2269d611adc0016
2022.07.09 16:57:03 git-delta.sh 8f9972075cb3864d47a5796eb1abdb0f4d1be8fc
2022.07.09 16:57:03 git-delta.sh aeb6948d4319fdaef8a7a6ea72717968cf5ef79b

ports

The main event:

[dev-ingress01 dan ~ingress/repos/ports] % echo 'git tag -m "last known commit of main/origin" -f freshports/origin/main db5eeb201b93c19c42724ec98f8ca1be9e88db15' | sudo su -fm ingress
Updated tag 'freshports/origin/main' (was 8f48d2bcbf66)

As I type this, the system is both creating new XML files from the ports git repo while it’s processing the above commits from the src repo. I like queues, even if it’s only implemented via files on disk in a directory. Here I am checking the queue:

[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     16:59:40
      13
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:07
      26
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:09
      37
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:11
     105
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:23
     117
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:25
     145
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:30
     156
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:00:32
     318
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:01:01
     492
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:01:30
     552
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:02:49
     552
[dev-ingress01 dan ~ingress/repos/ports] % ls ~ingress/message-queues/incoming | wc -l     17:02:51
     551
[dev-ingress01 dan ~ingress/repos/ports] %                                                 17:02:56

test

I’m collecting the above commands here for future reference, when I do stage.

cd doc
echo 'git tag -m "last known commit of main/origin" -f freshports/origin/main 21de22b400a3970b2d3d4b2831c44702698f57e7' | sudo su -fm ingress
cd -
cd src
echo 'git tag -m "last known commit of main/origin" -f freshports/origin/main 03473e8ec8fa8d0f1ea30f85d8796ea9bf94bf29' | sudo su -fm ingress
cd -
cd ports
echo 'git tag -m "last known commit of main/origin" -f freshports/origin/main db5eeb201b93c19c42724ec98f8ca1be9e88db15' | sudo su -fm ingress

I did a sudo pkg upgrade on test, then ran the above commands, then started ingress and freshports services.

All three FreshPorts nodes are now updating.

Apr 202022
 

I need some help with the git processing shell script.

Look at line 82 in this script please. See those hardcoded branch names? That’s my problem.

Let’s reduce the shell script to a simple proof of concept.

% cat ~/tmp/poc.sh
#!/bin/sh

  git for-each-ref --format '%(objecttype) %(refname)' \
      | sed -n 's/^commit refs\/remotes\///p' \
      | while read -r refname
   do
     echo "working on '$refname'"
   done

When run from the root directory of a FreeBSD ports checkout, you should see this:

[dev-ingress01 dan ~ingress/repos/ports] % ~/tmp/poc.sh
working on 'origin/2014Q1'
working on 'origin/2014Q2'
working on 'origin/2014Q3'
working on 'origin/2014Q4'
working on 'origin/2015Q1'
working on 'origin/2015Q2'
working on 'origin/2015Q3'
working on 'origin/2015Q4'
working on 'origin/2016Q1'
working on 'origin/2016Q2'
working on 'origin/2016Q3'
working on 'origin/2016Q4'
working on 'origin/2017Q1'
working on 'origin/2017Q2'
working on 'origin/2017Q3'
working on 'origin/2017Q4'
working on 'origin/2018Q1'
working on 'origin/2018Q2'
working on 'origin/2018Q3'
working on 'origin/2018Q4'
working on 'origin/2019Q1'
working on 'origin/2019Q2'
working on 'origin/2019Q3'
working on 'origin/2019Q4'
working on 'origin/2020Q1'
working on 'origin/2020Q2'
working on 'origin/2020Q3'
working on 'origin/2020Q4'
working on 'origin/2021Q1'
working on 'origin/2021Q2'
working on 'origin/2021Q3'
working on 'origin/2021Q4'
working on 'origin/2022Q1'
working on 'origin/2022Q2'
working on 'origin/HEAD'
working on 'origin/main'
[dev-ingress01 dan ~ingress/repos/ports] % 

The issue to be solved: process only those branches which use git.

The first git branch was 2021Q2 – commits prior to that branch were imported into FreshPorts via subversion.

My request to you: modify the script so that prior branches are not processed.

Using something like what you see in the code please, reproduced here:

      if [ "$refname" != "origin/2021Q2" ] && [ "$refname" != "origin/2021Q3" ] && [ "$refname" != "$MAIN_BRANCH" ]

Thank you.

EDIT 2022-04-23

Following on from Allan Jude’s suggestion to eliminate the use of sed, I liked this code:

[dev-ingress01 dan ~ingress/repos/ports] % cat ~/tmp/poc-no-sed.sh                                                                                               14:38:14
#!/bin/sh

git for-each-ref --format '%(objecttype) %(refname:lstrip=2)' refs/remotes/ --sort=-refname | 
  while read -r objtype refname
  do
#     year=${${refname#origin/}%Q*}
     quarter=${refname#origin/????Q} 
     echo "working on '$refname' - $year - $quarter"
   done
[dev-ingress01 dan ~ingress/repos/ports] % ~/tmp/poc-no-sed.sh                                                                                                   14:39:15
working on 'origin/main' -  - origin/main
working on 'origin/HEAD' -  - origin/HEAD
working on 'origin/2022Q2' -  - 2
working on 'origin/2022Q1' -  - 1
working on 'origin/2021Q4' -  - 4
working on 'origin/2021Q3' -  - 3
working on 'origin/2021Q2' -  - 2
working on 'origin/2021Q1' -  - 1
working on 'origin/2020Q4' -  - 4
working on 'origin/2020Q3' -  - 3
working on 'origin/2020Q2' -  - 2
working on 'origin/2020Q1' -  - 1
working on 'origin/2019Q4' -  - 4
working on 'origin/2019Q3' -  - 3
working on 'origin/2019Q2' -  - 2
working on 'origin/2019Q1' -  - 1
working on 'origin/2018Q4' -  - 4
working on 'origin/2018Q3' -  - 3
working on 'origin/2018Q2' -  - 2
working on 'origin/2018Q1' -  - 1
working on 'origin/2017Q4' -  - 4
working on 'origin/2017Q3' -  - 3
working on 'origin/2017Q2' -  - 2
working on 'origin/2017Q1' -  - 1
working on 'origin/2016Q4' -  - 4
working on 'origin/2016Q3' -  - 3
working on 'origin/2016Q2' -  - 2
working on 'origin/2016Q1' -  - 1
working on 'origin/2015Q4' -  - 4
working on 'origin/2015Q3' -  - 3
working on 'origin/2015Q2' -  - 2
working on 'origin/2015Q1' -  - 1
working on 'origin/2014Q4' -  - 4
working on 'origin/2014Q3' -  - 3
working on 'origin/2014Q2' -  - 2
working on 'origin/2014Q1' -  - 1

That works. Interesting how we have both main and HEAD

Jan 122022
 

One of the known limitations of mkjail is updating of jails within jails. Unless you’re running a FreshPorts node or poudriere while you’re running mkjail, this is unlikely to affect you.

For me, to avoid this stoppage, this is my plan:

  1. ssh to each jail: csshX [dev,test,stage]-ingress01
  2. disable commit processing: sudo service freshports stop
  3. stop the jail: sudo service jail stop

Then run sudo mkjail update -all on my host.

Once that is done, go back to the ssh sessions and run:

sudo mkjail update -j freshports

Start the jail:

sudo service jail start

Finally, start the freshports service:

sudo service freshports start

Yep. I worked.

Oct 232021
 

Messages such as:

Internal error: I was expecting a short description and found nothing for databases/postgresql

indicate a cache entry which predates a change to the cache format. I could clear out the entire cache, but I want to try a targeted approach. In issue 339, some detail is provided. The common thread seems to be a deleted port.

My theory: at one time these database entries contains proper data. A script which updated all ports from the repo failed to detect a deleted port and information already in the database was lost during the update.

There is a table for recording items to be cleared from cache:

freshports.devgit=# \d cache_clearing_ports
                                        Table "public.cache_clearing_ports"
   Column   |            Type             | Collation | Nullable |                     Default                      
------------+-----------------------------+-----------+----------+--------------------------------------------------
 id         | integer                     |           | not null | nextval('cache_clearing_ports_id_seq'::regclass)
 port_id    | integer                     |           | not null | 
 category   | text                        |           | not null | 
 port       | text                        |           | not null | 
 date_added | timestamp without time zone |           | not null | now()
Indexes:
    "cache_clearing_ports_pkey" PRIMARY KEY, btree (id)
    "cache_clearing_ports_port_id_idx" UNIQUE CONSTRAINT, btree (port_id)
Foreign-key constraints:
    "cache_clearing_ports_port_id_fkey" FOREIGN KEY (port_id) REFERENCES ports(id) ON UPDATE CASCADE ON DELETE CASCADE

This populates the table with all deleted ports:

freshports.devgit=# begin;
BEGIN
freshports.devgit=# insert into cache_clearing_ports (port_id, category, port)  
select id, (select name from categories where id = category_id), (select name from element where id = element_id) from ports where status = 'D';
INSERT 0 20715
freshports.devgit=# select count(*) from cache_clearing_ports;
 count 
-------
 20715
(1 row)

freshports.devgit=# commit;
COMMIT

This command notifies the application which is listening on the front end:

freshports.devgit=# NOTIFY port_updated;
NOTIFY

In the logs of that application, I see:

Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: Just woke up! *************
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: Got NOTIFY: pid='33939', channel='port_updated', payload=''
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: found key port_updated
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: invoking RemoveCacheEntry()
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: checking for cache entries to remove...
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: COUNT: 20715 entries to process
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: removing glob /var/db/freshports/cache/ports/databases/phpmyadmin-devel/*
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: removing glob /var/db/freshports/cache/categories/databases/*
Oct 23 12:16:33 dev-nginx01 fp-listen[69025]: DELETE FROM cache_clearing_ports WHERE id = 32289779

It eventually ends around:

Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: DELETE FROM cache_clearing_ports WHERE id = 32310493
Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: finished
Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: invoking ClearMiscCaches()
Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: invoked: ClearMiscCaches()
Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: ClearMiscCaches() is clearing out entries in /var/db/freshports/cache/news/
Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: ClearMiscCaches() is removing /var/db/freshports/cache/news/index-html-head-pagesize100-pagenum1-html
Oct 23 12:31:48 dev-nginx01 fp-listen[69025]: finished: ClearMiscCaches()

That is about 15 minutes to clear out 20715 entries, roughly 1400 a minute or about 22 per second.

It is also doing one transactions per cache-clearing.

Oct 142021
 

Recently I started seeing this message in the production logs for FreshPorts:

Oct 13 15:35:38 aws-1-nginx01 FreshPorts[75290]: _pkgmessage_UCL found a type is it not prepared for : Array

What code produces that message?

GitHub makes searching for that message easy. I found it here:

syslog(LOG_ERR, '_pkgmessage_UCL found a type is it not prepared for : ' . $thing->type);

What port has this issue?

Searching the webserver logs, I find:

$ grep 15:35:38 /var/log/nginx/freshports.org-access.log.0
92.220.10.100 - - [13/Oct/2021:15:35:38 +0000] "GET /graphics/rawtherapee/?branch=2021Q3 
HTTP/1.1" 200 13068 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)"

Always be able to reproduce the issue

If I cannot reproduce the issue myself, I cannot be confident that any changes I make have fixed it.

After clearing the cache for that port I was able to reproduce the error message:

$ sudo rm -rf ~freshports/cache/ports/graphics/rawtherapee

Analysis of the problem

Looking at the code I can see it is saving the pkgmessage column (from the ports table) into a file. It then converts that to JSON and parses the output to create HTML.

The code is prepared to find various action values, such as upgrade, install, and remove.

But it’s getting an array.

Duplicating the issue from the command line

Let’s look at what ucl is bringing back. This is where some command line use of psql helps. I will abbreviate the output to reduce your scrolling.

freshports.devgit=# select pkgmessage from ports_active where name = 'rawtherapee';
                               pkgmessage                                
-------------------------------------------------------------------------
 [                                                                      +
 {type: [install, upgrade], message=<<EOD                               +
 LENSFUN INFORMATION:                                                   +
                                                                        +
 This package uses lensfun to correct lens aberrations. In case         +
 your camera or lens seem unsupported, try running                      +
 lensfun-update-data - this will download new lensfun databases.        +
                                                                        +
....

 remove older cache directories.                                        +
                                                                        +
 Also, after configurations have been moved to the new version's        +
 directory, older $HOME/.config/RawTherapee* directories may be removed.+
 EOD                                                                    +
 },                                                                     +
 ]
(5 rows)

I can not use that output in a file and run it through UCL. I need to get ride of the column header (—) and the field separators (+++).

I read the output of psql –help and came up with this:

[dan@pg02:~]: $ psql --no-align --tuples-only freshports.devgit -c "select pkgmessage from ports_active where name = 'rawtherapee'"
[
{type: [install, upgrade], message=<<EOD
LENSFUN INFORMATION:

This package uses lensfun to correct lens aberrations. In case
your camera or lens seem unsupported, try running
lensfun-update-data - this will download new lensfun databases.

DISK SPACE WARNING:

...

Also, after configurations have been moved to the new version's
directory, older $HOME/.config/RawTherapee* directories may be removed.
EOD
},
]

That is much better.

Let’s feed that into a file:

[dan@pg02:~]: $ psql --no-align --tuples-only freshports.devgit -c "select pkgmessage from ports_active where name = 'rawtherapee'" > rawtherapee.ucl

Now run ucl on it (the output has been wrapped to ease reading):

[dan@pg02:~]: $ /usr/local/bin/ucl_tool --in rawtherapee.ucl --format json
[
    {
        "type": [
            "install",
            "upgrade"
        ],
        "message": "LENSFUN INFORMATION:\n\nThis package uses lensfun to correct lens 
aberrations. In case\nyour camera or lens seem unsupported, try running\nlensfun-update-data - 
this will download new lensfun databases.\n\nDISK SPACE WARNING:\n\nNote that RawTherapee uses 
version-dependent cache and configuration\ndirectories.  Please be advised that cache 
directories can grow large,\nso be sure to check all users' $HOME/.cache/RawTherapee* and have 
them\nremove older cache directories.\n\nAlso, after configurations have been moved to the new 
version's\ndirectory, older $HOME/.config/RawTherapee* directories may be removed."
    }
]

There it is. type is an array in this case. The code always assumes it is a string.

Now it’s just a matter of adjusting the code to cater for this.

Sep 272021
 

This is the first of a series of posts which provide sample queries. Sometimes you need a starting point. This particular query will be used for showing the recent commits on a branch.

WITH branch_commits AS (
  SELECT distinct CL.id, CL.commit_DATE
    FROM commit_log CL
    JOIN commit_log_ports CLP on CL.id = CLP.commit_log_id
    JOIN commit_log_branches CLB ON CLP.commit_log_id = CLB.commit_log_id
    JOIN system_branch        SB ON SB.id = CLB.branch_id AND SB.branch_name = '2021Q3'
    ORDER BY CL.commit_DATE DESC
    LIMIT 100
)
SELECT CL.id, CL.commit_date, CL.message_id
  FROM branch_commits BC JOIN commit_log CL ON BC.id = CL.id
  ORDER BY CL.commit_date DESC;
Aug 252021
 

These are the steps I’m following to add the ports_to_refresh table.

This is a list of issues I will track through this upgrade.

  1. branch badge not populated for commits on branch #327
  2. base/binutils page broken #328
  3. Wrong info about hplip-plugin port when using search #322
  4. Package message not presented for x11/nvidia-hybrid-graphics/files/pkg-message.in … #321
  5. 404: Warning: htmlentities() expects parameter 1 to be string, resource given in /usr/local/www/freshports/rewrite/missing.php on line 38 #329
  6. port.pm has an if which can be deleted #325
  7. date.php has in correct links to previous and next dates #323
  8. Direction to use nonexistent path /var/db/repos/ports/distfiles #319
  9. Adjust color scheme (in dark mode?) #330
  10. distinfo sections are sometimes too wide #320

These are the steps to upgrade a node:

Run these items to update the database via psql:

\i datatype.txt
\i sp.txt
\i updates-2021-08-24-ports-to-refresh.ddl

On the website node:

sudo pkg upgrade

Restart the website node.

On the ingress node:

sudo service freshports stop
sudo service ingress stop
sudo sysrc freshports_enable="NO"
sudo sysrc ingress_enable="NO"
sudo pkg upgrade

Restart the ingress node.

cd /usr/local/etc/freshports
sudoedit config.pm config.pm.sample

Search for FreshPorts::Config::PortsToRefresh and copy it over from the sample file.

Look for diffs:

sudo diff -ruN config.pm config.pm.sample | less

Copy over changes:

sudoedit config.sh config.sh.sample

Check diffs:

sudo diff -ruN config.sh config.sh.sample | less
sudo sysrc ingress_enable="YES"
sudo service ingress start

Wait for the first commit to come in, then:

sudo service ingress stop
sudo sysrc freshports_enable="YES"
cd ~ingress/message-queues/incoming/
sudo mv -i * ../holding
cd ../holding

Move one .xml file over to ../incoming

Then start processing:

sudo service freshports start

Monitor the commit processing.

to be done: update for the other issues above.

For nrpe, the following source file needs to be refreshed on the ingress host:

roles/nrpe/templates/nrpe-sets/freshports-ingress.j2

Invoke this command to do the refresh:

ansible-playbook nrpe.yml --tags=nrpe_sets --limit=test-ingress01.int.unixathome.org

This is the required result:

[dan@test-ingress01:~] $ grep -r check_freshports_ports_to_refresh /usr/local/etc/nrpe.d/freshports-ingress.cfg
command[check_freshports_ports_to_refresh] = /usr/local/libexec/nagios-custom/check_freshports_ports_to_refresh

When ready to test the ports_to_refresh feature (the table is pre-populated with base/binutils by the DDL file run earlier), issue this command:

echo touch ~freshports/signals/ports_to_refresh ~freshports/signals/job_waiting | sudo su -fm freshports

validation

base/binutils

Verify that base/binutils on this node resembles:

badges on commits

Confirm that a badge is shown here:

https://test.freshports.org/commit.php?category=www&port=drupal7&files=yes&message_id=12184f4ef0a9565dcc8b8cac238ed34deb19b071 (adjust the hostname for the node you are working on. See https://github.com/FreshPorts/freshports/issues/327

P.license_restricted ports

re https://github.com/FreshPorts/freshports/issues/322

Issue this fix into postgresql:

freshports.devgit=# begin; insert into cache_clearing_ports (port_id, category, port) select P.id as port_id,
       C.name as category,
       E.name as port
  FROM ports P join categories C on p.category_id = C.id
               join element    E on p.element_id = E.id
 WHERE P.license_restricted is not null;

commit;

notify port_updated;

Monitor sudo tail -F /var/log/freshports/freshports.log while issuing the above. Much cache clearing should occur.

Then view https://www.freshports.org/search.php?query=hplip for the node in question.

pkg-message

re https://github.com/FreshPorts/freshports/issues/322

To refresh all nodes:

freshports.testgit=# begin;
BEGIN
freshports.testgit=# 
freshports.testgit=# insert into ports_to_refresh(port_id) select id from ports_active;
INSERT 0 46220
freshports.testgit=# 

Issue a commit.

Then on the ingress node:

echo touch ~freshports/signals/ports_to_refresh ~freshports/signals/job_waiting | sudo su -fm freshports

This update may take a while.

HTMEntities

re https://github.com/FreshPorts/freshports/issues/329

Visit https://test.freshports.org/audio/multimedia/ for the correct node and be logged in.

port.pm

re https://github.com/FreshPorts/freshports/issues/325

Nothing to check here, if things are working, it’s working.

date.php

re https://github.com/FreshPorts/freshports/issues/323

visit https://test.freshports.org/date.php?date=2021/7/24 for the correct node and be able to scroll through dates

nonexistant directories

re: https://github.com/FreshPorts/freshports/issues/319

This should already be handled by previous refreshes:

freshports.testgit=# begin;
BEGIN
freshports.testgit=# insert into ports_to_refresh(port_id) select id from ports_active where category = 'net' and name = 'citrix_ica';
INSERT 0 1
freshports.testgit=# commit;
COMMIT
freshports.testgit=# 

Then on the ingress node:

echo touch ~freshports/signals/ports_to_refresh ~freshports/signals/job_waiting | sudo su -fm freshports

Visit https://dev.freshports.org/net/citrix_ica/ for the correct node and see a reference /usr/ports.

dark mode colors

re https://github.com/FreshPorts/freshports/issues/330

wide distinfo

re https://github.com/FreshPorts/freshports/issues/320

see https://test.freshports.org/editors/aee#distinfo on the correct node.

Aug 142021
 

This post is the latest in a series of posts documenting the process of converting from using a chroot to using a full proper jail.

I spent about 2 hours of this fine Saturday morning writing this up and carrying out the steps.

As a result, both dev and test are now using a FreeBSD jail to extract data from ports in order to populate the database.

These are working notes, not so much a tutorial. However, you might find it useful too. I know I will when it comes to to convert stage tomorrow.

When you see mkjail below, that’s from sysutils/mkjail.

In this post:

  • on the jail – means the parent jail
  • on the child jail – means the child jail
  • on the host – means the server, the main server, hosting all the jails
    1. These are the steps used to update test-ingress01 from using ~freshports/ports-jail to /jails/freshports
      2021-08-14
      
      
      on the host:
      
      sudo zfs snapshot system/jails/test-ingress01@before-moving-to-jail-freshports
      
      on the jail:
      
      sudo service freshports stop
      sudo service ingress stop
      
      sudo sysrc freshports_enable="NO"
      sudo sysrc ingress_enable="NO"
      
      
      on the host:
      
      sudo service jail stop test-ingress01
      
      sudo mv /etc/fstab.test-ingress01 /etc/fstab.test-ingress01.NOT-IN-USE
      
      
      sudo zfs create -o mountpoint=none nvd/freshports/jailed/test-ingress01
      sudo zfs create -o mountpoint=none nvd/freshports/jailed/test-ingress01/jails
      sudo zfs create -o mountpoint=none nvd/freshports/jailed/test-ingress01/mkjail
      
      
      sudoedit /etc/jail.conf
      
      Add this to test-ingress01 jail definition:
      
          allow.chflags;
      
          # added when trying to get devfs in subjails
          allow.mount.fdescfs;
      
          allow.mount;
          allow.mount.devfs;
          allow.mount.linprocfs;
          allow.mount.nullfs;
          allow.mount.procfs;
          allow.mount.tmpfs = 1;
          allow.mount.zfs;
      
          allow.raw_sockets;
          allow.socket_af;
      
          children.max=6;
      
          exec.created+="zfs set jailed=on nvd/freshports/jailed/test-ingress01";
          exec.created+="zfs jail $name    nvd/freshports/jailed/test-ingress01";
      
          exec.poststart  += "jail -m allow.mount.linprocfs=1 name=$name";
      
          enforce_statfs=1;
      
      EDIT: 2021-09-09 - enforce_statfs was missing from the above - re https://twitter.com/DLangille/status/1435965521959215109
      
      
      Start the jail:
      
      sudo service jail start test-ingress01
      
      
      in the jail:
      
      verify zfs
      
      [dan@test-ingress01:~] $ zfs list
      [dan@test-ingress01:~] $ zfs list
      NAME                                          USED  AVAIL  REFER  MOUNTPOINT
      nvd                                          81.7G   133G    23K  none
      nvd/freshports                               81.5G   133G    23K  none
      nvd/freshports/jailed                        2.48G   133G    24K  none
      nvd/freshports/jailed/test-ingress01           72K   133G    24K  none
      nvd/freshports/jailed/test-ingress01/jails     24K   133G    24K  none
      nvd/freshports/jailed/test-ingress01/mkjail    24K   133G    24K  none
      [dan@test-ingress01:~] $ 
      
      
      Set mount points:
      
      sudo zfs set mountpoint=/jails         nvd/freshports/jailed/test-ingress01/jails
      sudo zfs set mountpoint=/var/db/mkjail nvd/freshports/jailed/test-ingress01/mkjail
      
      
      [dan@test-ingress01:~] $ zfs list
      NAME                                          USED  AVAIL  REFER  MOUNTPOINT
      nvd                                          81.7G   133G    23K  none
      nvd/freshports                               81.5G   133G    23K  none
      nvd/freshports/jailed                        2.48G   133G    24K  none
      nvd/freshports/jailed/test-ingress01           72K   133G    24K  none
      nvd/freshports/jailed/test-ingress01/jails     24K   133G    24K  /jails
      nvd/freshports/jailed/test-ingress01/mkjail    24K   133G    24K  /var/db/mkjail
      [dan@test-ingress01:~] $ 
      
      
      
      Creating the jail within a jail:
      
      sudo pkg install mkjail
      
      sudoedit /usr/local/etc/mkjail.conf :
      
      ZPOOL="nvd"
      JAILDATASET="freshports/jailed/test-ingress01/jails"
      
      sudo mkjail create -a amd64 -j freshports -v 12.2-RELEASE
      
      If that fails with:
      
      tar: could not chdir to '/12.2-RELEASE/'
      
      Then run the same command again.
      
      sudo sysrc jail_enable="YES"
      
      su to root, enter a bash shell, and run this:
      
      cat << EOF > /etc/jail.conf
      exec.start = "/bin/sh /etc/rc";
      exec.stop = "/bin/sh /etc/rc.shutdown";
      exec.clean;
      mount.devfs;
      path = /jails/\$name;
      allow.raw_sockets;
      securelevel = 2;
      exec.consolelog="/var/tmp/jail-\$name";
      
      host.hostname = "\$name\$(hostname)";
      
      persist;
      freshports {
          host.hostname = "freshports";
      
          ip4 = inherit;
          persist;
      
          devfs_ruleset=0;
      
          allow.mount=true;
          enforce_statfs=1;
          allow.mount.devfs;
          allow.mount.procfs;
      }
      EOF
      
      mkdir -p /jails/freshports/usr/local/etc/pkg/repos
      echo "FreeBSD: { enabled: no }" > /jails/freshports/usr/local/etc/pkg/repos/FreeBSD.conf
      
      cat << EOF > /jails/freshports/usr/local/etc/pkg/repos/local.conf
      local: {
         url: "pkg+http://fedex.unixathome.org/packages/122amd64-default-master-list/"
         mirror_type: "srv",
         signature_type: "PUBKEY",
         pubkey: "/etc/ssl/slocum.unixathome.org.cert",   
         enabled: true
      }
      EOF
      
      
      cat << EOF > /jails/freshports/etc/ssl/slocum.unixathome.org.cert
      -----BEGIN PUBLIC KEY-----
      MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuveHTXwrwGmdWG6oFWgN
      R/7bOQiQIE9iFmXmy4/MX9+01zMh2mjTfIOFe8IE1QqOK7X5EkVqhIdHCFg1Cg/x
      Gl5oxxQEhp/HQbtVN7pNcpXKIGl0t5sFcjwXQqXS1wb87JP+v6KuOSTCFzS3l/X2
      XtOo5QJZtxuF7+IM2PZlYb8MDmhVxriPw0pWRiP8lyW2LV1dSrN+VFpllZYinfIv
      Sr7sUArIVlHH+Ddrm5MWjqTsHid36og26NDmAQnfX96IBF1sXadSTxKy3YwCnEcv
      L7mBJhNyTIULuSbknM9zP9amkrlyLhWl+SdRGRkcOmXwHgzbdZsL62OlkXYIgkB+
      tK099ARziCSe+sclhgfjoixnXxk0h9gUU6h5BDafATvtP4KDmwDYQEXO/7OPS0/H
      vHFLEWLExcbW6hF0fyy2aA/HTlX83bBqJ+evsFtcvyxNfDp7tnjus/oAmJ82IU4F
      0ZmWMoJDeNznO+3iokHH0J8vxa4kd1hjoSaDh1+qOZCXGRcsqyDTgWQEdQ5Uy76j
      c9NgCJqHqJyjPqsiIZmPJNGUh1f7VaSUT8a131X5dwj6kx02s55UGJeIlK6F1d1f
      7+7pdfv4rzHK3iPlP1eXQlv8szGAxdDbkSFqLK6gIC8V/Mf0B0zN0aU1JZkaAvoH
      GopjN8IyF6fx/5yN9EAp8GUCAwEAAQ==
      -----END PUBLIC KEY-----
      EOF
      
      
      cat << EOF > /jails/freshports/etc/resolv.conf
      search unixathome.org int.unixathome.org
      nameserver 10.55.0.1 
      nameserver 10.55.0.73
      nameserver 10.55.0.13
      EOF
      
      
      cat << EOF > /jails/freshports/etc/rc.conf
      cron_enable="NO"
      syslogd_enable="NO"
      sendmail_enable="NO"
      sendmail_submit_enable="NO"
      sendmail_outbound_enable="NO"
      sendmail_msp_queue_enable="NO"
      EOF
      
      
      service jail start
      
      jexec freshports
      
      Nothing but this should be running:
      
      root@freshports:/ # ps auwwx
      USER  PID %CPU %MEM   VSZ  RSS TT  STAT STARTED    TIME COMMAND
      root 8106  0.0  0.0 13196 3800  5  SJ   14:11   0:00.01 /bin/csh -i
      root 8376  0.0  0.0 11768 2776  5  R+J  14:12   0:00.00 ps auwwx
      
      pkg install pkg
      
      exit
      
      Now, back in the parent jail
      
      cd /jails/freshports/usr
      sudo git clone https://git.FreeBSD.org/ports.git
      
      
      
      sudo mv ~freshports/ports-jail ~freshports/ports-jail.NO.LONGER.IN.USE
      
      sudo pkg upgrade
      
      cd /usr/local/etc/freshports
      
      reconcile the configuration files:
      
      sudoedit config.ini config.ini.sample
      
      sudoedit config.pm config.pm.sample
      sudo diff -ruN config.pm config.pm.sample | less
      
      sudoedit config.sh config.sh.sample
      sudo diff -ruN config.sh config.sh.sample  | less
      
      
      On ansible:
      
      ansible-playbook freshports-ingress-git.yml --limit=test-ingress01.int.unixathome.org --tags=sudoers
      
      
      on the parent jail:
      
      sudo sysrc ingress_enable="YES"
      sudo service ingress start
      
      Watch the logs, wait for some commits.
      
      sudo service ingress stop
      
      cd /var/db/ingress/message-queues/incoming
      sudo mv -i * ../holding/
      
      sudo sysrc freshports_enable="YES"
      sudo service freshports start
      cd ../holding/
      
      Move one of the xml files into incoming:
      
      sudo mv -i BLAH.xml ../incoming/
      
      check for errors, repeat until confidence is high.
      
Jul 282021
 

I was asked: Why does FreshPorts have links to both git and subversion repos?

The short answer is: because at the time, the commits were committed to those respective repos. The links to the other repo do not exist.

FreeBSD moved from using subversion to git.

During the transition, the subversion repo became read-only. All the commits before that date, point to the subversion repo. All the commits after that date, point to the git repo. In the code, there is more to it than a date, but that’s the basic generalization.

Take, for example, my port sysutils/anvil, all the commit before 06 Apr 2021 have a link to the git repo (https://cgit.freebsd.org/ports/), and all the commits before that, have a link to the subversion repo (https://svnweb.freebsd.org/ports/).

There is no need to change, from what I can see. However, there may be a way to link all older commits to git.

For example, can a link such as https://svnweb.freebsd.org/ports?view=revision&revision=554836 be easily converted into a link to the git repo?

Short answer: no.

Long answer: maybe.

From a discussion on #gitcvt:

[Jul 27 10:25] <@dvl> How can I locate svn revisions in git? e.g. 563183 -> https://svnweb.freebsd.org/ports?view=revision&revision=563183
[Jul 27 10:26] <@dvl> I’m hoping for a https://cgit.freebsd.org/ports/commit/?id= type URL
[Jul 27 10:28] <@dvl> See examples at https://www.freshports.org/x11-fonts/jetbrains-mono/#history

[Jul 27 15:44] <fbsdslack> <imp> dvl: find an answer yet?
[Jul 27 15:44] <fbsdslack> <imp> I have a git command recipe
[Jul 27 15:45] <fbsdslack> <imp> is that of interest?

[Jul 27 16:54] <fbsdslack> <imp> % git clone -o freebsd –config remote.freebsd.fetch=‘+refs/notes/*:refs/notes/*’ https://git.freebsd.org/${repo}.git
[Jul 27 16:55] <fbsdslack> <imp> grabs the notes, and then you can use –grep ‘revision=563183’
[Jul 27 16:55] <fbsdslack> <imp> with git log to find the commit.
[Jul 27 16:56] <fbsdslack> <imp> Details are in the committer’s guide in “Finding the Subversion Revision” section (there’s no anchor for this)
[Jul 27 16:56] <fbsdslack> <imp> % git config –add remote.freebsd.fetch “+refs/notes/*:refs/notes/*”
[Jul 27 16:57] <fbsdslack> <imp> may be needed if you already have a free (assuming your origin is ‘freebsd’)

In addition, there may be a way to redirect from subversion to git, based on the revision number.

[Jul 27 15:48] <@lwhsu> dvl: I’m thinking to generate a map file from svn revision to git hash, and use that file to send http redirection to cgit.f.o on svnweb.f.o
[Jul 27 15:49] <@lwhsu> to generate the map file, I think use the git note in each repository is a way.

My reading of the above: I can’t just provide a subversion revision number and create a link with that. I could run a one-off script, using the notes, and find a link for all the subversion commits.

For now, I’d rather not do that, given that the subversion repo is still online. Eventually, though, as imp pointed out: For FreshPorts, you can run a relatively simple script to scrape all that once and then have it forever because the mappings at this point will never change and there will be no new svn r numbers in the ports tree.

Jul 042021
 

Right now, we have have:

  • dev.freshports.org
  • devgit.freshports.org
  • test.freshports.org
  • testgit.freshports.org
  • stage.freshports.org
  • stagegit.freshports.org

The goal: three hosts: dev, test, stage.

I’ll delete the existing: dev, test, stage

I’ll rename:

  • devgit -> dev
  • testgit -> test
  • stagegit -> stage

I think this will be easier than moving content from one jail to another.

Each of the three renamed hosts will have redirects to the new hosts.

EDIT: 2021-07-05 This work has been completed.