public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: Jeremiah Cox <jerecox@microsoft.com>
To: Rebecca Cran <rebecca@bluestop.org>,
	"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Subject: Re: [edk2-announce] Research Request
Date: Wed, 28 Nov 2018 18:19:33 +0000	[thread overview]
Message-ID: <MWHPR21MB017673D2BCC000CDE34E8406ADD10@MWHPR21MB0176.namprd21.prod.outlook.com> (raw)
In-Reply-To: <5160554.8gLySxXtyI@photon.int.bluestop.org>

There is a question of how the below is automated such that when there is a security advisory, a Phabricator instance is patched in a timely fashion.  Perhaps there is a mailing list that would announce these and that could trigger an auto-update script.

It looks like Phabricator has publicly paid out 36 security bug bounties:
https://hackerone.com/phabricator/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Abounty-awarded%20to%3Aphabricator&text_query=&page=1 

-----Original Message-----
From: Rebecca Cran <rebecca@bluestop.org> 
Sent: Tuesday, November 27, 2018 2:24 PM
To: edk2-devel@lists.01.org; Jeremiah Cox <jerecox@microsoft.com>
Cc: Knop, Ryszard <ryszard.knop@intel.com>; stephano <stephano.cetola@linux.intel.com>
Subject: Re: [edk2] [edk2-announce] Research Request

On Tuesday, 27 November 2018 14:16:18 MST Jeremiah Cox via edk2-devel wrote:

> Do we have data on what it takes to deploy and operate Phabricator 
> with Harbormaster or Jenkins?  The up front development/deployment 
> activity/costs and then also the ongoing 
> patching/servicing/maintenance costs?  Is Intel planning to provide this?

I haven't integrated Harbormaster or Jenkins, but for just Phabricator the patching/servicing has ben really simple for the year+ I've been running it. 
I'd not consider it 'production' since I'm the only person using it and I'm running from Git master, not a stable branch - but maintenance has been as simple as the following (which could of course be put in a script to reduce the number of steps!):

# Stop the Phabricator daemon
./bin/phd stop
# Update Phabricator
git pull
# Update libphputil
cd ../libphputil && git pull
# Upgrade arcanist (commandline interface) cd ../arcanist && git pull # Upgrade database schema ./bin/storage upgrade # Start Phabricator daemon ./bin/phd start # Reload web server service nginx restart service php-fpm restart

The "storage upgrade" command goes through the database looking for any inconsistencies - missing keys, wrong data types etc., and offers to fix them.

--
Rebecca




  reply	other threads:[~2018-11-28 18:19 UTC|newest]

Thread overview: 43+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-14 18:34 [edk2-announce] Research Request stephano
2018-11-20 23:47 ` Jeremiah Cox
2018-11-21  0:58   ` stephano
2018-11-26 21:43     ` Jeremiah Cox
2018-11-26 22:27       ` stephano
2018-11-27  9:33       ` Knop, Ryszard
2018-11-27 21:16         ` Jeremiah Cox
2018-11-27 22:23           ` Rebecca Cran
2018-11-28 18:19             ` Jeremiah Cox [this message]
2018-11-28 19:21               ` Rebecca Cran
2018-11-27 12:53       ` Laszlo Ersek
2018-11-27 21:55         ` Brian J. Johnson
2018-11-28 11:07           ` Laszlo Ersek
2018-11-28 18:31             ` Jeremiah Cox
2018-11-28 22:01               ` Laszlo Ersek
2018-11-29  1:07                 ` Jeremiah Cox
2018-11-29  9:48                   ` Laszlo Ersek
2018-11-29 21:20                     ` Rebecca Cran
2018-12-03  9:29                       ` Laszlo Ersek
2018-12-03 21:39                         ` Rebecca Cran
2018-12-04 18:00                           ` Laszlo Ersek
2018-12-05 12:55                           ` Laszlo Ersek
2018-12-05 17:26                             ` Rebecca Cran
2018-12-06 14:05                               ` Laszlo Ersek
2018-12-06 14:07                                 ` Laszlo Ersek
2018-12-06 14:13                               ` Laszlo Ersek
2018-12-06 15:25                                 ` Rebecca Cran
2018-12-07  6:10                                 ` Rebecca Cran
2018-12-07 12:00                                   ` my Phabricator findings [was: Research Request] Laszlo Ersek
2018-12-07 13:11                                     ` Rebecca Cran
2018-12-05 17:31                             ` [edk2-announce] Research Request Rebecca Cran
2018-12-06 13:51                               ` Laszlo Ersek
2018-12-03 17:22                     ` Jeremiah Cox
2018-12-04 18:26                       ` Laszlo Ersek
2018-12-05 19:09                         ` Jeremiah Cox
2018-12-06 13:33                           ` Laszlo Ersek
2018-11-28  5:54 ` Desimone, Nathaniel L
2018-11-28  6:22   ` Stephano Cetola
2018-12-04 18:20 ` Philippe Mathieu-Daudé
2018-12-05 16:03   ` stephano
2018-12-12 13:20 ` GitLab results from my POV [was: Research Request] Laszlo Ersek
2018-12-20 17:46   ` Rebecca Cran
2019-01-10 20:17 ` about 'sr.ht' " Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=MWHPR21MB017673D2BCC000CDE34E8406ADD10@MWHPR21MB0176.namprd21.prod.outlook.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox