Assuming this task is about wikidiff2, hence adding project tag so others can find this task when searching for tasks under that project or looking at that project workboard.

Just as a random note here for the case it's relevant: There's a patch still waiting for review[1] and an already merged patch[2], that are both not part of the latest ( released ) version 1.9.0.

[1] https://gerrit.wikimedia.org/r/#/c/mediawiki/php/wikidiff2/+/546231/
[2] https://gerrit.wikimedia.org/r/#/c/mediawiki/php/wikidiff2/+/539906/

@Tsevener we're working to get review on the patch.

I've written some comments in Gerrit. This is not ready for deployment just yet.

I'd like to get an update on this.

In T236963#5658175, @eprodromou wrote:

I'd like to get an update on this.

Above patch are merged and a new version could be released if nothing else is currently on the monitor that should go in. After the release it could be deployed to the servers then. @Legoktm or me could at least do the release part.

I've uploaded the version bump to Gerrit. I've reviewed both the changes that were merged while I was out, and the more recent ones. I think it's ready to go now. I would appreciate it if @jijiki or someone else from SRE could merge the version update and build and deploy new packages.

Currently we have 1.9.0 on releases.w.o and on the servers. Please upload the new version on releases, and I can go ahead with the build.

@eprodromou I suggest we add the wikidiff version in the task title so to keep track of this and future rollouts.

In T236963#5662843, @jijiki wrote:

Currently we have 1.9.0 on releases.w.o and on the servers. Please upload the new version on releases, and I can go ahead with the build.

@eprodromou I suggest we add the wikidiff version in the task title so to keep track of this and future rollouts.

I updated it to 1.10.0. I'm trying to find someone who knows how to deploy stuff to releases.wikimedia.org.

So, I don't know if there's anyone on our team except Tim who has access to the releases server. @tstarling would you mind making the tarball and uploading it? I guess @jijiki will take it from there.

There are different releasers group for different software. The people who can upload releases of wikidiff2 are:

members: [demon, legoktm, wmde-fisch, thiemowmde]

This group was created in T202473 to split it away from MediaWiki releasers group.

If you would like to update the group members please let us know via an access-request ticket and it will be handled quickly by the clinic duty person.

I haven't made a tarball for wikidiff2 before and I can't find any documentation of how that is meant to be done. It looks like wikidiff2 is the only PHP extension that is released in this way. I assume I just do a git archive and sign it with gpg, then upload it to releases1001:/srv/org/wikimedia/releases/wikidiff2 ? There's no other procedure to follow or script to run? I don't need to be in that wikidiff2 group because I have root.

Never mind, I found https://www.mediawiki.org/wiki/Extension:Wikidiff2/Release_process

Should be done now.

Version 1.10.0-1~wmf1 has been deployed to deployment-mediawiki-09 and deployment-mediawiki-07. Please let me know if it works as it should so we can proceed with the canaries in prod.

Hehe... @jijiki could you do deployment-mediawiki-parsoid-* as well please? all the rest.php requests are routed there..

In T236963#5679379, @jijiki wrote:

Version 1.10.0-1~wmf1 has been deployed to deployment-mediawiki-09 and deployment-mediawiki-07. Please let me know if it works as it should so we can proceed with the canaries in prod.

I see the section diff output here: https://en.wikipedia.beta.wmflabs.org/w/rest.php/v1/revision/373415/compare/374150

I think that means it's working correctly, so progressing to production makes sense.

OK, I jumped the gun. Apparently that's not output from the 1.10.0 version.

In T236963#5680172, @Pchelolo wrote:

Hehe... @jijiki could you do deployment-mediawiki-parsoid-* as well please? all the rest.php requests are routed there..

done :)

Mentioned in SAL (#wikimedia-operations) [2019-11-22T11:29:44Z] <effie> upload wikidiff2 1.10.0-1 - T236963

Mentioned in SAL (#wikimedia-operations) [2019-11-22T11:34:25Z] <effie> Roll out wikidiff2 1.10.0-1 to canaries - T236963

Version 1.10.0 has been deployed to the canaries, we can roll out to production on Monday

Thanks @jijiki!

@jijiki Do you know when the rollout will be complete to all prod?

@WDoranWMF Today after the SRE meeting, I will roll out to production. We had some minor issues with our api servers this morning, so I decided to delay it a bit.

Mentioned in SAL (#wikimedia-operations) [2019-11-25T18:07:22Z] <effie> Upgrade php-wikidiff2 to 1.10.0 to all servers - T236963

Mentioned in SAL (#wikimedia-operations) [2019-11-25T18:16:08Z] <effie> Restart php-fpm on mw* and wtp* servers in eqiad and codfw - T236963

Version 1.10.0 is live, please mark this as resolved if everything works as expected:)

@tstarling is the gpg key that you used to sign that release available anywhere? https://www.mediawiki.org/keys/keys.txt still has your old ones. I'm currently not able to verify the release to update it in Debian.

user@DD:~/debian/wikidiff2$ gbp import-orig --uscan
gbp:info: Launching uscan...
gpgv: Signature made Tue 19 Nov 2019 04:16:54 PM PST
gpgv:                using RSA key F64EBF5F20996AB514F198A873F146FECF9D333C
gpgv: Can't check signature: No public key
uscan die: OpenPGP signature did not verify. at /usr/share/perl5/Devscripts/Uscan/Output.pm line 58.
gbp:error: Uscan failed: OpenPGP signature did not verify.

In T236963#5696069, @Legoktm wrote:

@tstarling is the gpg key that you used to sign that release available anywhere? https://www.mediawiki.org/keys/keys.txt still has your old ones. I'm currently not able to verify the release to update it in Debian.

It's in the keyservers with five signatures, including yourself twice. It's available here, along with the old keys: https://tstarling.com/stuff/pgp.txt

Do you think https://www.mediawiki.org/keys/keys.txt needs to have every key I've ever used? I've got keys from 2008, 2009, 2012 and 2014, and at that point I stopped rotating them and started adjusting the expiry, so the 2014 one should remain valid going forward.

keys.txt only has my 2008 and 2009 keys, since that's when I was doing MediaWiki releases.