« Intel iMac set-up notes | Main | WordPress security tip »
June 02, 2006
WordPress updates via Subversion
I don't run WordPress on this website, but I do run it elsewhere. Here are some notes I made while streamlining the process of performing WordPress upgrades by using Subversion to pull down updates and merge them automatically. This is a technique already used by successful projects like Bugzilla and MediaWiki. The WordPress folks aren't quite with the times yet (they haven't managed to tag the last two releases in the repository, but you can follow the 2.0 branch instead of following tagged releases instead).
We start off by doing a checkout of the latest release in the 2.0 branch (2.0.3) at the time of writing:
sudo mkdir wp cd wp sudo svn co http://svn.automattic.com/wordpress/branches/2.0/ .
Then it's time to do a diff to see the differences between the freshly-checked-out copy of WordPress 2.0.3 and the installed, customized copy of 2.0.2 already on the server. It's necessary to manually merge in these changes, but only on this initial switch to Subversion. Once the first merge is done, future upgrades are as easy as running svn up.
diff -r path-to-checked-out-copy path-to-installed-copy
Concretely, in my case this meant that I had to use the following paths:
diff -r wp public_html/wp
Given that most of my existing WordPress install was not customized I found that it was more useful to do a non-recursive diff and then examine the appropriate subdirectories manually:
diff wp public_html/wp
The diff output immediately indicated to me a couple of missing files that I would need to copy over from my old install to the new copy:
sudo cp public_html/wp/.htaccess wp/ sudo cp public_html/wp/wp-config.php wp/
There were a couple of common subdirectories that I could skip over and exclude from consideration because I've applied no customizations to the WordPress code itself:
Common subdirectories: wp/wp-admin and public_html/wp/wp-admin Common subdirectories: wp/wp-includes and public_html/wp/wp-includes
Likewise there was a wp-images folder in the old install that is evidently not present in the latest version of WordPress, so I didn't bother to copy it over:
Only in public_html/wp: wp-images
The key directory that I needed to examine carefully was the wp-content directory:
Common subdirectories: wp/wp-content and public_html/wp/wp-content
I did a non-recursive diff on that too:
diff wp/wp-content public_html/wp/wp-content
There were a few directories that needed to be copied over:
Only in public_html/wp/wp-content: backup-xxxxx Only in public_html/wp/wp-content: cache Only in public_html/wp/wp-content: uploads
These were copied as follows:
sudo cp -R public_html/wp/wp-content/backup-xxxxx wp/wp-content/ sudo cp -R public_html/wp/wp-content/cache wp/wp-content/ sudo cp -R public_html/wp/wp-content/uploads wp/wp-content/
There were a couple of common subdirectories that needed closer attention:
Common subdirectories: wp/wp-content/plugins and public_html/wp/wp-content/plugins Common subdirectories: wp/wp-content/themes and public_html/wp/wp-content/themes
So, another non-recursive diff:
diff wp/wp-content/plugins public_html/wp/wp-content/plugins
This was really the only subdirectory that I cared about:
Only in public_html/wp/wp-content/plugins: text-control
And I copied it thusly:
sudo cp -R public_html/wp/wp-content/plugins/text-control wp/wp-content/plugins/
Likewise I did a non-recursive diff of the themes subdirectory:
diff wp/wp-content/themes public_html/wp/wp-content/themes
Once again only one subdirectory to worry about:
Only in public_html/wp/wp-content/themes: hemingway
Copied like this:
sudo cp -R public_html/wp/wp-content/themes/hemingway wp/wp-content/themes/
It was then time to set the permissions and ownership on the new install (especially important seeing as I am running under PHP safe mode which is much more sensitive to permissions):
cd wp sudo chown -R user:user . cd wp-content sudo chmod 777 backup-xxxxx cache sudo chown apache:apache backup-xxxxx/index.php sudo chmod -R 777 uploads/* cd cache sudo chown -R apache:apache *
It was then time to make the actual switch from 2.0.2 to 2.0.3 on the live site. This consisted of five steps:
- Backup the database.
- Disable all plug-ins.
- Move the old directory out of the way and the new one into place (in my case achieved with sudo mv public_html/wp ./wp-old followed by sudo mv wp public_html/).
- Visit http://example.com/wp/wp-admin/ and follow the prompts to update the database structure.
- Re-enable plug-ins.
And that's all there is to it. To see differences between the installed version of WordPress and the last version that was checked out it's a simple matter of doing an svn status from inside the installation directory. On my installation I see the following output:
? wp-config.php ? .htaccess ? wp-content/cache ? wp-content/backup-xxxxx ? wp-content/uploads ? wp-content/plugins/text-control ? wp-content/plugins/markdown.php X wp-content/plugins/akismet ? wp-content/themes/hemingway
Performing status on external item at 'wp-content/plugins/akismet'
As you can see, the changes correspond to those that I made during my manual merge. For more information on the svn status command type svn help status. For (much) more detail on the differences you can do an svn diff.
Now, when the next version of WordPress comes out, all you have to do is run an sudo svn update. Given the sensitivity of PHP Safe Mode you should also make sure no new root-owned files have been created during the update:
sudo svn update find . -user root
Any root-owned files will need to be appropriately modified using commands like the following.
sudo chown -R user:user directory sudo chown user:user file
Posted by wincent at June 2, 2006 06:41 PM
