diff options
-rw-r--r-- | Annex/Branch.hs | 26 | ||||
-rw-r--r-- | Command/Repair.hs | 41 | ||||
-rw-r--r-- | Git/LsFiles.hs | 9 | ||||
-rw-r--r-- | Git/Repair.hs (renamed from Git/RecoverRepository.hs) | 47 | ||||
-rw-r--r-- | doc/design/assistant/disaster_recovery.mdwn | 14 | ||||
-rw-r--r-- | git-recover-repository.hs | 4 |
6 files changed, 100 insertions, 41 deletions
diff --git a/Annex/Branch.hs b/Annex/Branch.hs index c704cef87..8192804a6 100644 --- a/Annex/Branch.hs +++ b/Annex/Branch.hs @@ -20,6 +20,7 @@ module Annex.Branch ( get, change, commit, + forceCommit, files, withIndex, performTransitions, @@ -168,7 +169,7 @@ updateTo pairs = do else inRepo $ Git.Branch.fastForward fullname refs if ff then updateIndex jl branchref - else commitBranch jl branchref merge_desc commitrefs + else commitIndex jl branchref merge_desc commitrefs liftIO cleanjournal {- Gets the content of a file, which may be in the journal, or in the index @@ -210,10 +211,15 @@ set = setJournalFile {- Stages the journal, and commits staged changes to the branch. -} commit :: String -> Annex () -commit message = whenM journalDirty $ lockJournal $ \jl -> do +commit = whenM journalDirty . forceCommit + +{- Commits the current index to the branch even without any journalleda + - changes. -} +forceCommit :: String -> Annex () +forceCommit message = lockJournal $ \jl -> do cleanjournal <- stageJournal jl ref <- getBranch - withIndex $ commitBranch jl ref message [fullname] + withIndex $ commitIndex jl ref message [fullname] liftIO cleanjournal {- Commits the staged changes in the index to the branch. @@ -234,12 +240,12 @@ commit message = whenM journalDirty $ lockJournal $ \jl -> do - previous point, though getting it a long time ago makes the race - more likely to occur. -} -commitBranch :: JournalLocked -> Git.Ref -> String -> [Git.Ref] -> Annex () -commitBranch jl branchref message parents = do +commitIndex :: JournalLocked -> Git.Ref -> String -> [Git.Ref] -> Annex () +commitIndex jl branchref message parents = do showStoringStateAction - commitBranch' jl branchref message parents -commitBranch' :: JournalLocked -> Git.Ref -> String -> [Git.Ref] -> Annex () -commitBranch' jl branchref message parents = do + commitIndex' jl branchref message parents +commitIndex' :: JournalLocked -> Git.Ref -> String -> [Git.Ref] -> Annex () +commitIndex' jl branchref message parents = do updateIndex jl branchref committedref <- inRepo $ Git.Branch.commit message fullname parents setIndexSha committedref @@ -265,7 +271,7 @@ commitBranch' jl branchref message parents = do - into the index, and recommit on top of the bad commit. -} fixrace committedref lostrefs = do mergeIndex jl lostrefs - commitBranch jl committedref racemessage [committedref] + commitIndex jl committedref racemessage [committedref] racemessage = message ++ " (recovery from race)" @@ -482,7 +488,7 @@ performTransitionsLocked jl ts neednewlocalbranch transitionedrefs = do setIndexSha committedref else do ref <- getBranch - commitBranch jl ref message (nub $ fullname:transitionedrefs) + commitIndex jl ref message (nub $ fullname:transitionedrefs) where message | neednewlocalbranch && null transitionedrefs = "new branch for transition " ++ tdesc diff --git a/Command/Repair.hs b/Command/Repair.hs index 0e655588b..b95934268 100644 --- a/Command/Repair.hs +++ b/Command/Repair.hs @@ -10,7 +10,9 @@ module Command.Repair where import Common.Annex import Command import qualified Annex -import Git.RecoverRepository (runRecovery) +import qualified Git.Repair +import qualified Annex.Branch +import Git.Fsck (MissingObjects) def :: [Command] def = [noCommit $ dontCheck repoExists $ @@ -20,6 +22,37 @@ seek :: [CommandSeek] seek = [withNothing start] start :: CommandStart -start = next $ next $ do - force <- Annex.getState Annex.force - inRepo $ runRecovery force +start = next $ next $ runRepair =<< Annex.getState Annex.force + +runRepair :: Bool -> Annex Bool +runRepair forced = do + (ok, stillmissing) <- inRepo $ Git.Repair.runRepair forced + when ok $ + repairAnnexBranch stillmissing + return ok + +{- After git repository repair, the .git/annex/index file could + - still be broken, by pointing to bad objects, or might just be corrupt on + - its own. Since this index file is not used to stage things + - for long durations of time, it can safely be deleted if it is broken. + - + - Otherwise, commit the index file to the git-annex branch. + - This way, if the git-annex branch got rewound to an old version by + - the repository repair, or was completely deleted, this will get it back + - to a good state. Note that in the unlikely case where the git-annex + - branch is ok, and has new changes from elsewhere not yet reflected in + - the index, this does properly merge those into the index before + - committing. + -} +repairAnnexBranch :: MissingObjects -> Annex () +repairAnnexBranch missing = ifM okindex + ( do + Annex.Branch.forceCommit "committing index after git repository repair" + liftIO $ putStrLn "Successfully recovered the git-annex branch using .git/annex/index" + , do + inRepo $ nukeFile . gitAnnexIndex + liftIO $ putStrLn "Had to delete the .git/annex/index file as it was corrupt. It would be a very good idea to run: git annex fsck --fast" + ) + where + okindex = Annex.Branch.withIndex $ + inRepo $ Git.Repair.checkIndex missing diff --git a/Git/LsFiles.hs b/Git/LsFiles.hs index d58fe162b..98cbac58e 100644 --- a/Git/LsFiles.hs +++ b/Git/LsFiles.hs @@ -20,6 +20,7 @@ module Git.LsFiles ( Conflicting(..), Unmerged(..), unmerged, + StagedDetails, ) where import Common @@ -79,18 +80,20 @@ staged' ps l = pipeNullSplit $ prefix ++ ps ++ suffix prefix = [Params "diff --cached --name-only -z"] suffix = Param "--" : map File l +type StagedDetails = (FilePath, Maybe Sha, Maybe FileMode) + {- Returns details about files that are staged in the index, - as well as files not yet in git. Skips ignored files. -} -stagedOthersDetails :: [FilePath] -> Repo -> IO ([(FilePath, Maybe Sha, Maybe FileMode)], IO Bool) +stagedOthersDetails :: [FilePath] -> Repo -> IO ([StagedDetails], IO Bool) stagedOthersDetails = stagedDetails' [Params "--others --exclude-standard"] {- Returns details about all files that are staged in the index. -} -stagedDetails :: [FilePath] -> Repo -> IO ([(FilePath, Maybe Sha, Maybe FileMode)], IO Bool) +stagedDetails :: [FilePath] -> Repo -> IO ([StagedDetails], IO Bool) stagedDetails = stagedDetails' [] {- Gets details about staged files, including the Sha of their staged - contents. -} -stagedDetails' :: [CommandParam] -> [FilePath] -> Repo -> IO ([(FilePath, Maybe Sha, Maybe FileMode)], IO Bool) +stagedDetails' :: [CommandParam] -> [FilePath] -> Repo -> IO ([StagedDetails], IO Bool) stagedDetails' ps l repo = do (ls, cleanup) <- pipeNullSplit params repo return (map parse ls, cleanup) diff --git a/Git/RecoverRepository.hs b/Git/Repair.hs index 1ae817fbc..bb540fbd7 100644 --- a/Git/RecoverRepository.hs +++ b/Git/Repair.hs @@ -5,13 +5,14 @@ - Licensed under the GNU GPL version 3 or higher. -} -module Git.RecoverRepository ( - runRecovery, +module Git.Repair ( + runRepair, cleanCorruptObjects, retrieveMissingObjects, resetLocalBranches, removeTrackingBranches, rewriteIndex, + checkIndex, emptyGoodCommits, ) where @@ -355,14 +356,33 @@ verifyTree missing treesha r -- as long as ls-tree succeeded, we're good else cleanup +{- Checks that the index file only refers to objects that are not missing. -} +checkIndex :: MissingObjects -> Repo -> IO Bool +checkIndex missing r = do + (bad, _good, cleanup) <- partitionIndex missing r + if null bad + then cleanup + else do + void cleanup + return False + +partitionIndex :: MissingObjects -> Repo -> IO ([LsFiles.StagedDetails], [LsFiles.StagedDetails], IO Bool) +partitionIndex missing r = do + (indexcontents, cleanup) <- LsFiles.stagedDetails [repoPath r] r + let (bad, good) = partition ismissing indexcontents + return (bad, good, cleanup) + where + getblob (_file, Just sha, Just _mode) = Just sha + getblob _ = Nothing + ismissing = maybe False (`S.member` missing) . getblob + {- Rewrites the index file, removing from it any files whose blobs are - missing. Returns the list of affected files. -} rewriteIndex :: MissingObjects -> Repo -> IO [FilePath] rewriteIndex missing r | repoIsLocalBare r = return [] | otherwise = do - (indexcontents, cleanup) <- LsFiles.stagedDetails [repoPath r] r - let (bad, good) = partition ismissing indexcontents + (bad, good, cleanup) <- partitionIndex missing r unless (null bad) $ do nukeFile (localGitDir r </> "index") UpdateIndex.streamUpdateIndex r @@ -370,9 +390,6 @@ rewriteIndex missing r void cleanup return $ map fst3 bad where - getblob (_file, Just sha, Just _mode) = Just sha - getblob _ = Nothing - ismissing = maybe False (`S.member` missing) . getblob reinject (file, Just sha, Just mode) = case toBlobType mode of Nothing -> return Nothing Just blobtype -> Just <$> @@ -404,14 +421,14 @@ displayList items header | otherwise = items {- Put it all together. -} -runRecovery :: Bool -> Repo -> IO Bool -runRecovery forced g = do +runRepair :: Bool -> Repo -> IO (Bool, MissingObjects) +runRepair forced g = do putStrLn "Running git fsck ..." fsckresult <- findBroken False g missing <- cleanCorruptObjects fsckresult g stillmissing <- retrieveMissingObjects missing g if S.null stillmissing - then successfulfinish + then successfulfinish stillmissing else do putStrLn $ unwords [ show (S.size stillmissing) @@ -435,7 +452,7 @@ runRecovery forced g = do displayList deindexedfiles "Removed these missing files from the index. You should look at what files are present in your working tree and git add them back to the index when appropriate." if null resetbranches && null deletedbranches - then successfulfinish + then successfulfinish stillmissing else do unless (repoIsLocalBare g) $ do mcurr <- Branch.currentUnsafe g @@ -449,19 +466,19 @@ runRecovery forced g = do ] putStrLn "Successfully recovered repository!" putStrLn "Please carefully check that the changes mentioned above are ok.." - return True + return (True, stillmissing) else do if repoIsLocalBare g then do putStrLn "If you have a clone of this bare repository, you should add it as a remote of this repository, and re-run git-recover-repository." putStrLn "If there are no clones of this repository, you can instead run git-recover-repository with the --force parameter to force recovery to a possibly usable state." else putStrLn "To force a recovery to a usable state, run this command again with the --force parameter." - return False + return (False, stillmissing) where - successfulfinish = do + successfulfinish stillmissing = do mapM_ putStrLn [ "Successfully recovered repository!" , "You should run \"git fsck\" to make sure, but it looks like" , "everything was recovered ok." ] - return True + return (True, stillmissing) diff --git a/doc/design/assistant/disaster_recovery.mdwn b/doc/design/assistant/disaster_recovery.mdwn index f7e3482b2..798b0fea5 100644 --- a/doc/design/assistant/disaster_recovery.mdwn +++ b/doc/design/assistant/disaster_recovery.mdwn @@ -55,7 +55,7 @@ everything) to have the assistant do. Note that Remote.Git already tries to use this, but the assistant does not call it for non-local remotes. -## git fsck +## git fsck and repair Add git fsck to scheduled self fsck **done** @@ -64,11 +64,14 @@ TODO: Add git fsck of local remotes to scheduled remote fscks. TODO: Display an alert to nudge user to schedule a fsck, if none is scheduled. Without being annoying about it. -TODO: If committing to the repository fails, after resolving any dangling lock -files (see above), it should git fsck. +TODO: If committing to the repository fails, after resolving any dangling +lock files (see above), it should git fsck. If git fsck finds problems, launch git repository repair. +TODO: git annex fsck --fast at end of repository repair to ensure +git-annex branch is accurate. + TODO: along with displaying alert when there is a problem, send an email alert. (Using system MTA?) @@ -144,10 +147,7 @@ that was found for it. uncommitted. Or if the index is missing/corrupt, any files in the tree will show as modified and uncommitted. User (or git-annex assistant) can then commit as appropriate. Print appropriate warning message. **done** -* TODO: Special handling for git-annex branch: Reset to last good commit - (or to dummy empty commit is there is not one), and - then commit `.git/annex/index` over top of that, and then run a - `git annex fsck --fast` to fix up any object location info. +* Special handling for git-annex branch and index. **done** * Remote tracking branches can just be removed, and then `git fetch` from the remote, which will re-download missing objects from it and reinstate the tracking branch. **done** diff --git a/git-recover-repository.hs b/git-recover-repository.hs index 9f1ffb423..556e2a39b 100644 --- a/git-recover-repository.hs +++ b/git-recover-repository.hs @@ -12,7 +12,7 @@ import Common import qualified Git import qualified Git.CurrentRepo import qualified Git.Fsck -import qualified Git.RecoverRepository +import qualified Git.Repair import qualified Git.Config import qualified Git.Branch @@ -35,7 +35,7 @@ main = do forced <- parseArgs g <- Git.Config.read =<< Git.CurrentRepo.get - ifM (Git.RecoverRepository.runRecovery forced g) + ifM (fst <$> Git.Repair.runRepair forced g) ( exitSuccess , exitFailure ) |