From mboxrd@z Thu Jan  1 00:00:00 1970
From: zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze)
Subject: GSoC 2019 Recap
Date: Mon, 19 Aug 2019 19:20:47 -0400
Message-ID: <87y2zoeo8g.fsf@sdf.lonestar.org>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:46801)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <zerodaysfordays@sdf.lonestar.org>)
 id 1hzqxV-0000qd-RZ
 for guix-devel@gnu.org; Mon, 19 Aug 2019 19:21:07 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <zerodaysfordays@sdf.lonestar.org>)
 id 1hzqxS-0003Cb-9U
 for guix-devel@gnu.org; Mon, 19 Aug 2019 19:21:03 -0400
Received: from mx.sdf.org ([205.166.94.20]:59415)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <zerodaysfordays@sdf.lonestar.org>)
 id 1hzqxS-00037J-1C
 for guix-devel@gnu.org; Mon, 19 Aug 2019 19:21:02 -0400
Received: from Upsilon (pool-173-76-53-40.bstnma.fios.verizon.net
 [173.76.53.40]) (authenticated (0 bits))
 by mx.sdf.org (8.15.2/8.14.5) with ESMTPSA id x7JNKocK026583
 (using TLSv1.2 with cipher AES256-GCM-SHA384 (256 bits) verified NO)
 for <guix-devel@gnu.org>; Mon, 19 Aug 2019 23:20:56 GMT
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain

Hi all,

Google Summer of Code requires a "work product submission" [1] publicly
documenting the project's results, so I'm writing this to summarize the
state of 'guix deploy' and to share my visions for next steps.

GSoC-related patches accepted into 'master': [2]

- Initial implementation of 'guix deploy'.
  - ssh: Add 'identity' keyword to 'open-ssh-session'. (a9b09ed776)
  - gnu: Add machine type for deployment specifications. (fa9edf09e9)
  - Add 'guix deploy'. (5cbb832fb1)
  - doc: Add section for 'guix deploy'. (02a962c8e0)
  - Remove references to non-existent 'tests/machine.scm'. (834b8a4110)
- Refactoring to share code between 'guix deploy' and 'guix system reconfigure'.
  - guix system: Add 'reconfigure' module. (5c793753b3)
  - guix system: Reimplement 'reconfigure'. (5c8c8c4554)
  - tests: Add reconfigure system test. (d23a00b599)
- Various bugfixes and improvements.
  - reconfigure: Reload all shepherd files when upgrading services. (1db6f137d9)
  - doc: Add note about signing keys. (5bc751925d)
  - machine: Rename 'system' field. (d97ce20400)
  - reconfigure: Fix GC root installation. (5f04e9f962)
  - machine: Implement safety checks. (fd3119db4f)
  - reconfigure: Improve tests for system activation. (ec12235ce2)
  - deploy: Use all machine modules when loading deployment (55e238f2ab)
  - machine: Add 'build-locally?' field for managed hosts. (d84e9b75b2)
  - remote: Build derivations appropriate for the remote's (2c8e04f136)
  - remote: Remove '--system' argument. (03cbd94d48)
  - machine: Allow non-root users to deploy. (5ea7537b9a)
  - machine: Implement 'roll-back-machine'. (9c70c460a0)
  - machine: Automatically authorize the coordinator's signing key. (3033d59ac9)
  - doc: Add description of 'build-locally?'. (3967a946c6)
  - remote: Use (%daemon-socket-uri) rather than hard-coded path. (5f32531770)
  - remote: Resolve missing 'G_'. (ddef146b89)
  - machine: Use 'become-command'. (4cc5e5204b)

At this point, I feel the "simple case" of upgrading or configuring a
remote machine that's already running the Guix system is reasonably
well-supported. Assuming that you're running Guix from 'master', 'guix
deploy' is right at your fingertips.

More work is necessary if we want 'guix deploy' to be a proper DevOps
tool, however. The most significant of those features is support for
more advanced use-cases such as automatic provisioning of resources from
Virtual Private Server providers (which I have made some progress on
[3]). I feel the newly-generalized "reconfiguration code" could use some
attention as well.

Thanks for a great summer, guys. I'm excited to continue working on
this.

Regards,
Jakob

[1]: https://developers.google.com/open-source/gsoc/help/work-product
[2]: https://git.savannah.gnu.org/cgit/guix.git/log/?qt=author&q=Jakob+L.+Kreuze
[3]: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=37083

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEa1VJLOiXAjQ2BGSm9Qb9Fp2P2VoFAl1bLtAACgkQ9Qb9Fp2P
2Vrh8hAAm3FAAUWfJEHS+sQsOHmlxlgZrTTXHsRJsXG1kGjeTEaHpaQMYJVty1Xu
H8NXMg87NetWsmIVKhRnf7zljUvZ4oOy8sKbGcQhJiBfupGZwioKZl1pjFCjIh+J
FUlyaJQo1PXye7e7Mo4QGYtAG1gZGQfxu2dCfDuYwIWdpCwpyU8s4k8w5qEDtqDw
fzuvhmeriHgDBv0Lb0Tu39nKDPhPOdWdGxHhs8hcFOZsrQQwc+U98+8PeV4KihTk
PE70rPFW3q3ieOUDYqZBTkpWV42P2bPdOsVJ8vB11dPE9ATSG/A+L3BkDOKbmc8a
hLZIY1/mIBwglY31nx1oY1NFSQ71kcyq7kveaNmPmyo6q1cxQ89dyp6x1pTzNnRR
ccE12JhGfjx0qy0BrnJ9zzeFRXVWQ7dWU4bWF2A7rqW/EqllnNppemvgZNsScQe0
0XCQH4w8yTnOJL2iacM+I3W4Wx09R6CmEpYZC6VRypYk1DK6DHkwhNd0T9z9PZxH
Bp7ND64yfQSM2bR/HbEqS+u+BAHYaBBNB22YatTMfP4/iU1PvyM0fnxTqAaaugDF
2JKp/TPep+DUwKeKALbdpz2k79+Czly7Aox7c6qjAFjRBqz26RACtZk6T6dHwR+d
kYh2UQe3P2c6XDHWbNhgusfHDjMwVuqGDVcOSQSVJLbjjDUbIEU=
=i85I
-----END PGP SIGNATURE-----
--=-=-=--