This blog has moved to Medium

Subscribe via email


Archive for August 2012

How to do a production hotfix

Situation
It’s Thursday/Friday evening, the daily version / master branch was deemed too risky to install, and you decide to wait for Sunday/Monday with the deploy to production.

There’s a new critical bug found in production.
We do not want to install the bug on top of all the other changes, because of the risk factor.

What do we do?
Develop the fix on top of the production branch, in our local machine, git push, and deploy the fix, without all the other changes.

How can I do this?

My example uses a Play Framework service, but that’s immaterial.

  1. gitk –all – review the situation
  2. Suppose the latest version deployed in prod is 1.2.3, and master has some commits after that.
  3. You checkout this version:

    git checkout 1.2.3

  4. Create a new branch for this hotfix.

    git checkout -b 1.2.3_hotfix1

  5. Fix the bug locally, and commit.
  6. Test it locally.
  7. git push
  8. On the production machine:
    1. git fetch (not pull!)
    2. sudo service play stop
    3. git checkout 1.2.3_hotfix1
    4. sudo service play start
  9. Test on production
  10. Merge the fix back to master:
    1. git checkout master
    2. git merge 1.2.3_hotfix1
    3. git push
  11. Clean up the local branch:

    git branch -d 1.2.3_hotfix1

    (Note: the branch will still be saved on origin, you’re not losing any information by deleting it locally)

Summary of Javascript Weekly 90

Summary of JSW 90:

Hello PGP World

Update – This experiment didn’t work so well, due to formatting errors. The message below won’t actually verify as signed by me. If you want to verify it, view it in its original form on this github gist.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

FYI World, I now have an official public key.

It is availble here: http://pgp.mit.edu:11371/pks/lookup?search=ron+gross&op=index
Specifically, it is this one: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x6016B419893E4632

I've been meaning to generate a public key for some time, and finally I had an actualy need for this.
(A company I'm doing business with asked me to verify my identity and communications via PGP)

If you want to do the same:
1. Download gpg from http://www.gnupg.org/
2. Install (it took quite some time ... I thought it's stuck, but it finished at last).
3. Install some frontend for it. GPG is a command line utility only. I'm trying out Cryptophane - http://code.google.com/p/cryptophane/
The full list of frontends is here: http://www.gnupg.org/related_software/frontends.html
4. Create a private key for yourself (make sure to use a strong passphrase) & back it up.
5. Upload the public key to mit servers: Keys-->Send To Server
6. That's it - you can sign messages from now on.
7. You can also use it for encryption ... read a tutorial if you're interested.


Here is the public key itself, as retrieved from http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x6016B419893E4632



Public Key Server -- Get ``0x6016b419893e4632 ''

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.0

mQGiBFAZogoRBADhk+2Gcmpy9LrPXZCYiUeszvag7udW8LPrNPGy4wxGMNgHD1yp6t1X5QBZ
P0ZHF3kC8CnucFXkGxme85gH98Yj4lBVfW93ZowHeFkz0jGdQGEUMJt0Y1q2H0Swj+D4wbu7
/7wq0/G6E+35SJTEYPlZlDwitzPOVZExM3CI4LkfAwCgwJ8c7l/gcWE0J8V/XzYd7oDUQU0D
/RY9YwRp/r4ZKi6PSbyKn8cF4lSzZ6dV+wyys9oBXfAz+g3QJVrXei0sHxW0ZyaN4veRP84J
BQty+SBBYD7wb1J6JZH/soAE6AjnSu3xE3ak2TXTpPFFmwnzniUP5PgcBpqaFbORdMC5289F
ZLXkHY7/cvWOUH53i3ulShIXBUBwA/9Ed85ZpnwphKnCQBPbF216coubc6xqsYZqR81YiAch
S3xp4AW/Jp8WL3syFpnSIzn2z8lVXs//C2seQFZQNewW3vHl4p3yfC0Lc7US8mRVrE8/XGEe
mzUCMTWgeW/OM+w7Y+L/4SRtBhhGcI/gG/4KdsnmMVodP2QpbzJfbwDuLbQfUm9uIEdyb3Nz
IDxyb24uZ3Jvc3NAZ21haWwuY29tPohdBBMRAgAdBQJQGaIKBgsJCAcDAgQVAggDBBYCAwEC
HgECF4AACgkQYBa0GYk+RjKwewCcDV+XHJsq5eLzLYKIZhyvU6Zgyj8An1D/FPBQ70WAyMVu
ZPgjAHkYYrDXuQINBFAZog4QCACrWGUPJh9ueqQ+JlPKnRLHKbdzJ9Zl30+jc6XXNExKsQdJ
pMLUay34PhK2D7NRdb4Sz/eCzlo7aosXJBeAPK8T2BGLT0b0Uo+b0A9j/Qb82DYFMgahzysM
MfOZj8RmIsX5u8B1o+36Q+wa2DaTBx0cKdkL7DAXaYJwr6QGoBGnVyx3srJ/G91/D8fOGWXj
o5U0HX9d8FXgiLr71NlCgudBV6mqaSPdJfr6QIf7AFNpbORpK0LpA4RK4Z72dxYGHKhGeBp9
aK3pokE1eOCY3F2COLMCIrQtHaCQ2euTPD6uSnWXZQKJivJuOVyJMt9kAi03RDTz8X1sIZd+
KT1+t2MTAAMFB/0RapZBNPtqMuZafVbXKJKr26HjLWigdw4Qo+Rwz8oGp3I8+IZO8o/NT7c9
JqCp6EHjumK7a308J4hOCadvVv2LMecUAMUepIjC5FtZS7NwCCfJUkp4dC9ufSpfgHdCgn3W
WejKitrFu3dOyPkIVjE4AwUxhtZLh4JfaK/D72AXyAR3Bd+cDi40aoG0B+vsYTx02PhpN8h+
MlHnoEc2rFbm5jNFXa1pfu9LwvYBAq1jB/dZoyymEAE8HVsOMMXn3iMNb3Hb0ElVYm0nxXxv
WHhq77QhW52rK0pT9ArSrcZJiVdcoQES066SAfxKAR+aB4T7F6qUK9EA6IZ7+OuDTUm7iEYE
GBECAAYFAlAZog4ACgkQYBa0GYk+RjK89ACgpID/G8H9WFm+v4kwn/LI08D0ULgAnRJqFnJ9
0xlDKHu06gL/bX6Sx3IS
=yZoW
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQFQGaujYBa0GYk+RjIRAgciAJ9hqWvfaGcleo0Hb9MUCFkRo9f11wCfX+jW
A3zECBDorlkrOQfjDajI7fI=
=iXSN
-----END PGP SIGNATURE-----