On Fri, Apr 03, 2020 at 02:40:26PM +0100, Phillip Wood wrote: > Hi Patrick > > On 02/04/2020 08:10, Patrick Steinhardt wrote: > > The git-update-ref(1) command can only handle queueing transactions > > right now via its "--stdin" parameter, but there is no way for users to > > handle the transaction itself in a more explicit way. E.g. in a > > replicated scenario, one may imagine a coordinator that spawns > > git-update-ref(1) for multiple repositories and only if all agree that > > an update is possible will the coordinator send a commit. Such a > > transactional session could look like > > > > > start > > < start: ok > > > update refs/heads/master $OLD $NEW > > > prepare > > < prepare: ok > > # All nodes have returned "ok" > > > commit > > < commit: ok > > > > or > > > > > start > > < start: ok > > > create refs/heads/master $OLD $NEW > > > prepare > > < fatal: cannot lock ref 'refs/heads/master': reference already exists > > # On all other nodes: > > > abort > > < abort: ok > > > > In order to allow for such transactional sessions, this commit > > introduces four new commands for git-update-ref(1), which matches those > > we have internally already with the exception of "start": > > > > - start: start a new transaction > > > > - prepare: prepare the transaction, that is try to lock all > > references and verify their current value matches the > > expected one > > > > - commit: explicitly commit a session, that is update references to > > match their new expected state > > > > - abort: abort a session and roll back all changes > > > > By design, git-update-ref(1) will commit as soon as standard input is > > being closed. While fine in a non-transactional world, it is definitely > > unexpected in a transactional world. Because of this, as soon as any of > > the new transactional commands is used, the default will change to > > aborting without an explicit "commit". To avoid a race between queueing > > updates and the first "prepare" that starts a transaction, the "start" > > command has been added to start an explicit transaction. > > > > Add some tests to exercise this new functionality. > > > > Signed-off-by: Patrick Steinhardt > > --- > > Documentation/git-update-ref.txt | 26 ++++++ > > builtin/update-ref.c | 106 +++++++++++++++++++++++-- > > t/t1400-update-ref.sh | 131 +++++++++++++++++++++++++++++++ > > 3 files changed, 255 insertions(+), 8 deletions(-) > > > > diff --git a/Documentation/git-update-ref.txt b/Documentation/git-update-ref.txt > > index 9bd039ce08..3e737c2360 100644 > > --- a/Documentation/git-update-ref.txt > > +++ b/Documentation/git-update-ref.txt > > @@ -66,6 +66,10 @@ performs all modifications together. Specify commands of the form: > > delete SP [SP ] LF > > verify SP [SP ] LF > > option SP LF > > + start LF > > + prepare LF > > + commit LF > > + abort LF > > > > With `--create-reflog`, update-ref will create a reflog for each ref > > even if one would not ordinarily be created. > > @@ -83,6 +87,10 @@ quoting: > > delete SP NUL [] NUL > > verify SP NUL [] NUL > > option SP NUL > > + start NUL > > + prepare NUL > > + commit NUL > > + abort NUL > > > > In this format, use 40 "0" to specify a zero value, and use the empty > > string to specify a missing value. > > @@ -114,6 +122,24 @@ option:: > > The only valid option is `no-deref` to avoid dereferencing > > a symbolic ref. > > > > +start:: > > + Start a transaction. In contrast to a non-transactional session, > > I found the talk of "non-transactional" sessions a bit confusing because > the normal --stdin does update all the refs it is given as a single > transaction, so that if it cannot update one ref none of them are > updated. If I've understood correctly these changes are about > coordinating transactions across several repositories. I'm not sure how > best to convey that in the man page - perhaps we could call them single > repository transactions and multi repository transaction or something. The ultimate goal is to be able to create something that sits atop a set of repos that's able to coordinate multiple reference transactions at the same time and then do an all or nothing commit across all repos or abort in case any of the repos will not be able to perform the update. The proposed change is still about a single repository, only, and have the aim of actually enabling transaction semantics in the first place. Until now, it's only possible to start a transaction via git-update-refs(1), but you can't really control it except for the fnial commit. So with that being said I'm not quite sure whether it makes sense to document the potential for handling transactions across multiple repos. It does show that I could improve the documentation, though, and make the intent and scope clearer. I'll try to do that for the next version, thanks for your feedback! Patrick