From 2212c0da4912be65c44847172d20b06fa8c3a275 Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Mon, 29 Jun 2026 20:57:59 -0500 Subject: [PATCH] Update to Rails 8.1, Ruby 3.4 * Gem updates for Rails 8.1 compatibility and latest security fixes. * Load the 8.1 config defaults. * Update config files with new 8.1 configuration. * Ensure Docker library doesn't crash inside Podman. * Minor style fixes for Rubocop. * Update SimpleCov to 1.0.0.rc4; it gets confused otherwise. * Update .simplecov file to new standards to avoid deprecation warnings. Closes: AP-758 --- .idea/galc-api.iml | 309 +++++++++--------- .idea/misc.xml | 5 +- .rubocop.yml | 8 +- .simplecov | 11 +- Dockerfile | 4 +- Gemfile | 10 +- Gemfile.lock | 187 ++++++----- .../concerns/exception_handlers.rb | 2 +- bin/brakeman | 7 + bin/bundler-audit | 6 + bin/ci | 6 + bin/dev | 2 + bin/rubocop | 8 + bin/setup | 23 +- config/application.rb | 2 +- config/bundler-audit.yml | 5 + config/ci.rb | 18 + config/environments/development.rb | 47 +-- config/environments/production.rb | 46 +-- config/environments/test.rb | 35 +- config/initializers/cors.rb | 2 +- .../initializers/filter_parameter_logging.rb | 6 +- config/initializers/inflections.rb | 2 + lib/docker.rb | 2 + spec/models/image_spec.rb | 6 +- spec/spec_helper.rb | 2 + 26 files changed, 408 insertions(+), 353 deletions(-) create mode 100755 bin/brakeman create mode 100755 bin/bundler-audit create mode 100755 bin/ci create mode 100755 bin/dev create mode 100755 bin/rubocop create mode 100644 config/bundler-audit.yml create mode 100644 config/ci.rb diff --git a/.idea/galc-api.iml b/.idea/galc-api.iml index 89d37f3..0dbeb90 100644 --- a/.idea/galc-api.iml +++ b/.idea/galc-api.iml @@ -27,130 +27,157 @@ - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -164,9 +191,11 @@ diff --git a/.idea/misc.xml b/.idea/misc.xml index 723a6ca..420ebb5 100644 --- a/.idea/misc.xml +++ b/.idea/misc.xml @@ -1,4 +1,7 @@ - + + + true + \ No newline at end of file diff --git a/.rubocop.yml b/.rubocop.yml index df1abec..88f66da 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -2,7 +2,7 @@ plugins: - rubocop-rails AllCops: - TargetRailsVersion: 8.0 + TargetRailsVersion: 8.1 UseCache: false Exclude: # Exclude generated files @@ -12,6 +12,12 @@ AllCops: # Exclude vendor files in GitHub build - 'vendor/**/*' +# Disable block length check in spec files. +Layout/BlockLength: + Exclude: + - 'config/environments/*' + - 'spec/**/*' + # Allow one line around block body (Layout/EmptyLines will still disallow two or more) Layout/EmptyLinesAroundBlockBody: Enabled: false diff --git a/.simplecov b/.simplecov index bedb0f5..1248e57 100644 --- a/.simplecov +++ b/.simplecov @@ -1,8 +1,7 @@ require 'simplecov-rcov' -SimpleCov.start 'rails' do - add_filter %w[/bin/ /db/] - coverage_dir 'artifacts' - formatter SimpleCov::Formatter::RcovFormatter - minimum_coverage 100 -end +SimpleCov.load_profile 'rails' +SimpleCov.skip %w[/bin/ /db/] +SimpleCov.coverage_dir 'artifacts' +SimpleCov.formatter SimpleCov::Formatter::RcovFormatter +SimpleCov.minimum_coverage 100 diff --git a/Dockerfile b/Dockerfile index 7562713..369a98f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ # The base stage scaffolds elements which are common to building and running # the application, such as installing ca-certificates, creating the app user, # and installing runtime system dependencies. -FROM ruby:3.3-slim AS base +FROM ruby:3.4-slim AS base # ------------------------------------------------------------ # Declarative metadata @@ -88,7 +88,7 @@ RUN apt-get update -qq && apt-get install -y --no-install-recommends \ USER $APP_USER # Base image ships with an older version of bundler -RUN gem install bundler --version 2.7.2 +RUN gem install bundler --version 4.0.8 # Install gems. We don't enforce the validity of the Gemfile.lock until the # final (production) stage. diff --git a/Gemfile b/Gemfile index f4ecfe8..1d07cb6 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source 'https://rubygems.org' git_source(:github) { |repo| "https://github.com/#{repo}.git" } -ruby '~> 3.3' +ruby '~> 3.4' gem 'berkeley_library-alma', '~> 0.1.1' gem 'berkeley_library-logging', '~> 0.3' @@ -10,16 +10,16 @@ gem 'drb' gem 'image_processing', '~> 1.12' gem 'jsonapi.rb', '~> 2.0' gem 'jsonapi-serializer', '~> 2.2' -gem 'jwt', '~> 2.4' +gem 'jwt', '~> 2.10', '>= 2.10.3' gem 'mutex_m' gem 'omniauth', '~> 2.1' gem 'omniauth-cas', '~> 3.0' gem 'pg', '~> 1.4' gem 'pg_search', '~> 2.3' -gem 'puma', '~> 7.2' +gem 'puma', '~> 7.2', '>= 7.2.1' gem 'puma-plugin-delayed_stop', '~> 0.1.2' gem 'rack-cors' -gem 'rails', '~> 8.0.5' +gem 'rails', '~> 8.1.3' gem 'ransack', '~> 4.2' gem 'zaru', '~> 0.3.0' @@ -44,7 +44,7 @@ group :test do gem 'rspec', '~> 3.13' gem 'rspec_junit_formatter', '~> 0.6' gem 'rspec-rails', '~> 8.0' - gem 'simplecov', '~> 0.22', require: false + gem 'simplecov', '~> 1.0.0.rc4', require: false gem 'simplecov-rcov', '~> 0.3', require: false gem 'webmock', require: false end diff --git a/Gemfile.lock b/Gemfile.lock index bd037cb..be46a55 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,29 +1,31 @@ GEM remote: https://rubygems.org/ specs: - actioncable (8.0.5) - actionpack (= 8.0.5) - activesupport (= 8.0.5) + action_text-trix (2.1.19) + railties + actioncable (8.1.3) + actionpack (= 8.1.3) + activesupport (= 8.1.3) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (8.0.5) - actionpack (= 8.0.5) - activejob (= 8.0.5) - activerecord (= 8.0.5) - activestorage (= 8.0.5) - activesupport (= 8.0.5) + actionmailbox (8.1.3) + actionpack (= 8.1.3) + activejob (= 8.1.3) + activerecord (= 8.1.3) + activestorage (= 8.1.3) + activesupport (= 8.1.3) mail (>= 2.8.0) - actionmailer (8.0.5) - actionpack (= 8.0.5) - actionview (= 8.0.5) - activejob (= 8.0.5) - activesupport (= 8.0.5) + actionmailer (8.1.3) + actionpack (= 8.1.3) + actionview (= 8.1.3) + activejob (= 8.1.3) + activesupport (= 8.1.3) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (8.0.5) - actionview (= 8.0.5) - activesupport (= 8.0.5) + actionpack (8.1.3) + actionview (= 8.1.3) + activesupport (= 8.1.3) nokogiri (>= 1.8.5) rack (>= 2.2.4) rack-session (>= 1.0.1) @@ -31,42 +33,43 @@ GEM rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) useragent (~> 0.16) - actiontext (8.0.5) - actionpack (= 8.0.5) - activerecord (= 8.0.5) - activestorage (= 8.0.5) - activesupport (= 8.0.5) + actiontext (8.1.3) + action_text-trix (~> 2.1.15) + actionpack (= 8.1.3) + activerecord (= 8.1.3) + activestorage (= 8.1.3) + activesupport (= 8.1.3) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (8.0.5) - activesupport (= 8.0.5) + actionview (8.1.3) + activesupport (= 8.1.3) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (8.0.5) - activesupport (= 8.0.5) + activejob (8.1.3) + activesupport (= 8.1.3) globalid (>= 0.3.6) - activemodel (8.0.5) - activesupport (= 8.0.5) - activerecord (8.0.5) - activemodel (= 8.0.5) - activesupport (= 8.0.5) + activemodel (8.1.3) + activesupport (= 8.1.3) + activerecord (8.1.3) + activemodel (= 8.1.3) + activesupport (= 8.1.3) timeout (>= 0.4.0) - activestorage (8.0.5) - actionpack (= 8.0.5) - activejob (= 8.0.5) - activerecord (= 8.0.5) - activesupport (= 8.0.5) + activestorage (8.1.3) + actionpack (= 8.1.3) + activejob (= 8.1.3) + activerecord (= 8.1.3) + activesupport (= 8.1.3) marcel (~> 1.0) - activesupport (8.0.5) + activesupport (8.1.3) base64 - benchmark (>= 0.3) bigdecimal concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + json logger (>= 1.4.2) minitest (>= 5.1) securerandom (>= 0.3) @@ -77,7 +80,6 @@ GEM amazing_print (1.8.1) ast (2.4.3) base64 (0.3.0) - benchmark (0.5.0) berkeley_library-alma (0.1.1) berkeley_library-logging (~> 0.2) berkeley_library-marc (~> 0.3.1) @@ -107,19 +109,18 @@ GEM bundler (>= 1.2.0) thor (~> 1.0) colorize (1.1.0) - concurrent-ruby (1.3.6) + concurrent-ruby (1.3.7) connection_pool (3.0.2) crack (1.0.1) bigdecimal rexml - crass (1.0.6) + crass (1.0.7) database_cleaner-active_record (2.2.2) activerecord (>= 5.a) database_cleaner-core (~> 2.0) database_cleaner-core (2.0.1) date (3.5.1) diff-lcs (1.6.2) - docile (1.4.1) domain_name (0.6.20240107) drb (2.2.3) erb (6.0.4) @@ -137,7 +138,7 @@ GEM ffi (1.17.4-x86_64-darwin) ffi (1.17.4-x86_64-linux-gnu) ffi (1.17.4-x86_64-linux-musl) - globalid (1.3.0) + globalid (1.4.0) activesupport (>= 6.1) hashdiff (1.0.1) hashie (5.1.0) @@ -145,7 +146,7 @@ GEM http-accept (1.7.0) http-cookie (1.1.6) domain_name (~> 0.5) - i18n (1.14.8) + i18n (1.15.2) concurrent-ruby (~> 1.0) image_processing (1.14.0) mini_magick (>= 4.9.5, < 6) @@ -156,13 +157,13 @@ GEM prism (>= 1.3.0) rdoc (>= 4.0.0) reline (>= 0.4.2) - json (2.19.5) + json (2.20.0) jsonapi-serializer (2.2.0) activesupport (>= 4.2) jsonapi.rb (2.1.1) jsonapi-serializer rack - jwt (2.10.2) + jwt (2.10.3) base64 language_server-protocol (3.17.0.5) lint_roller (1.1.0) @@ -184,7 +185,7 @@ GEM marc (1.4.0) nokogiri (~> 1.0) rexml - marcel (1.1.0) + marcel (1.2.1) mime-types (3.7.0) logger mime-types-data (~> 3.2025, >= 3.2025.0507) @@ -196,7 +197,7 @@ GEM drb (~> 2.0) prism (~> 1.5) mutex_m (0.3.0) - net-imap (0.6.4) + net-imap (0.6.4.1) date net-protocol net-pop (0.1.2) @@ -207,23 +208,23 @@ GEM net-protocol netrc (0.11.0) nio4r (2.7.5) - nokogiri (1.19.3-aarch64-linux-gnu) + nokogiri (1.19.4-aarch64-linux-gnu) racc (~> 1.4) - nokogiri (1.19.3-aarch64-linux-musl) + nokogiri (1.19.4-aarch64-linux-musl) racc (~> 1.4) - nokogiri (1.19.3-arm-linux-gnu) + nokogiri (1.19.4-arm-linux-gnu) racc (~> 1.4) - nokogiri (1.19.3-arm-linux-musl) + nokogiri (1.19.4-arm-linux-musl) racc (~> 1.4) - nokogiri (1.19.3-arm64-darwin) + nokogiri (1.19.4-arm64-darwin) racc (~> 1.4) - nokogiri (1.19.3-x86_64-darwin) + nokogiri (1.19.4-x86_64-darwin) racc (~> 1.4) - nokogiri (1.19.3-x86_64-linux-gnu) + nokogiri (1.19.4-x86_64-linux-gnu) racc (~> 1.4) - nokogiri (1.19.3-x86_64-linux-musl) + nokogiri (1.19.4-x86_64-linux-musl) racc (~> 1.4) - oj (3.17.0) + oj (3.17.3) bigdecimal (>= 3.0) ostruct (>= 0.2) omniauth (2.1.4) @@ -253,15 +254,12 @@ GEM pg_search (2.3.7) activerecord (>= 6.1) activesupport (>= 6.1) - pp (0.6.3) + pp (0.6.4) prettyprint prettyprint (0.2.0) prism (1.9.0) - psych (5.3.1) - date - stringio public_suffix (7.0.5) - puma (7.2.0) + puma (7.2.1) nio4r (~> 2.0) puma-plugin-delayed_stop (0.1.2) puma (>= 5.0, < 8) @@ -281,20 +279,20 @@ GEM rack (>= 1.3) rackup (2.3.1) rack (>= 3) - rails (8.0.5) - actioncable (= 8.0.5) - actionmailbox (= 8.0.5) - actionmailer (= 8.0.5) - actionpack (= 8.0.5) - actiontext (= 8.0.5) - actionview (= 8.0.5) - activejob (= 8.0.5) - activemodel (= 8.0.5) - activerecord (= 8.0.5) - activestorage (= 8.0.5) - activesupport (= 8.0.5) + rails (8.1.3) + actioncable (= 8.1.3) + actionmailbox (= 8.1.3) + actionmailer (= 8.1.3) + actionpack (= 8.1.3) + actiontext (= 8.1.3) + actionview (= 8.1.3) + activejob (= 8.1.3) + activemodel (= 8.1.3) + activerecord (= 8.1.3) + activestorage (= 8.1.3) + activesupport (= 8.1.3) bundler (>= 1.15.0) - railties (= 8.0.5) + railties (= 8.1.3) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -306,9 +304,9 @@ GEM rails-html-sanitizer (1.7.0) loofah (~> 2.25) nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0) - railties (8.0.5) - actionpack (= 8.0.5) - activesupport (= 8.0.5) + railties (8.1.3) + actionpack (= 8.1.3) + activesupport (= 8.1.3) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) @@ -321,9 +319,14 @@ GEM activerecord (>= 7.2) activesupport (>= 7.2) i18n - rdoc (7.2.0) + rbs (4.0.3) + logger + prism (>= 1.6.0) + tsort + rdoc (8.0.0) erb - psych (>= 4.0.0) + prism (>= 1.6.0) + rbs (>= 4.0.0) tsort regexp_parser (2.12.0) reline (0.6.3) @@ -395,15 +398,9 @@ GEM ffi (~> 1.12) logger securerandom (0.4.1) - simplecov (0.22.0) - docile (~> 1.1) - simplecov-html (~> 0.11) - simplecov_json_formatter (~> 0.1) - simplecov-html (0.13.2) + simplecov (1.0.0.rc4) simplecov-rcov (0.3.7) simplecov (>= 0.4.1) - simplecov_json_formatter (0.1.4) - stringio (3.2.0) thor (1.5.0) timeout (0.6.1) tsort (0.2.0) @@ -419,12 +416,12 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - websocket-driver (0.8.0) + websocket-driver (0.8.2) base64 websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) zaru (0.3.0) - zeitwerk (2.7.5) + zeitwerk (2.8.2) PLATFORMS aarch64-linux-gnu @@ -451,16 +448,16 @@ DEPENDENCIES image_processing (~> 1.12) jsonapi-serializer (~> 2.2) jsonapi.rb (~> 2.0) - jwt (~> 2.4) + jwt (~> 2.10, >= 2.10.3) mutex_m omniauth (~> 2.1) omniauth-cas (~> 3.0) pg (~> 1.4) pg_search (~> 2.3) - puma (~> 7.2) + puma (~> 7.2, >= 7.2.1) puma-plugin-delayed_stop (~> 0.1.2) rack-cors - rails (~> 8.0.5) + rails (~> 8.1.3) rails-controller-testing ransack (~> 4.2) rspec (~> 3.13) @@ -470,13 +467,13 @@ DEPENDENCIES rubocop-rails (~> 2.34) rubocop-rspec (~> 3.6) rubocop-rspec_rails (~> 2.30) - simplecov (~> 0.22) + simplecov (~> 1.0.0.rc4) simplecov-rcov (~> 0.3) webmock zaru (~> 0.3.0) RUBY VERSION - ruby 3.3.11p205 + ruby 3.4.5p51 BUNDLED WITH - 2.7.2 + 4.0.8 diff --git a/app/controllers/concerns/exception_handlers.rb b/app/controllers/concerns/exception_handlers.rb index 79c7682..0296bbb 100644 --- a/app/controllers/concerns/exception_handlers.rb +++ b/app/controllers/concerns/exception_handlers.rb @@ -128,6 +128,6 @@ def record_from(exception) return exception.send(attr) if exception.respond_to?(attr) end - nil + nil # simplecov:disable end end diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 0000000..ace1c9b --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/bin/bundler-audit b/bin/bundler-audit new file mode 100755 index 0000000..e2ef226 --- /dev/null +++ b/bin/bundler-audit @@ -0,0 +1,6 @@ +#!/usr/bin/env ruby +require_relative "../config/boot" +require "bundler/audit/cli" + +ARGV.concat %w[ --config config/bundler-audit.yml ] if ARGV.empty? || ARGV.include?("check") +Bundler::Audit::CLI.start diff --git a/bin/ci b/bin/ci new file mode 100755 index 0000000..4137ad5b --- /dev/null +++ b/bin/ci @@ -0,0 +1,6 @@ +#!/usr/bin/env ruby +require_relative "../config/boot" +require "active_support/continuous_integration" + +CI = ActiveSupport::ContinuousIntegration +require_relative "../config/ci.rb" diff --git a/bin/dev b/bin/dev new file mode 100755 index 0000000..5f91c20 --- /dev/null +++ b/bin/dev @@ -0,0 +1,2 @@ +#!/usr/bin/env ruby +exec "./bin/rails", "server", *ARGV diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 0000000..5a20504 --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,8 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +# Explicit RuboCop config increases performance slightly while avoiding config confusion. +ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__)) + +load Gem.bin_path("rubocop", "rubocop") diff --git a/bin/setup b/bin/setup index 57b65c8..79f824d 100755 --- a/bin/setup +++ b/bin/setup @@ -1,11 +1,10 @@ #!/usr/bin/env ruby require "fileutils" -# path to your application root. -APP_ROOT = File.expand_path("..", __dir__) +APP_ROOT = File.expand_path('..', __dir__) def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do @@ -13,13 +12,19 @@ FileUtils.chdir APP_ROOT do # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts "== Installing dependencies ==" - system! "gem install bundler --conservative" - system("bundle check") || system!("bundle install") + puts '== Installing dependencies ==' + system('bundle check') || system!('bundle install') + + puts "\n== Preparing database ==" + system! 'bin/rails db:prepare' + system! 'bin/rails db:reset' if ARGV.include?('--reset') puts "\n== Removing old logs and tempfiles ==" - system! "bin/rails log:clear tmp:clear" + system! 'bin/rails log:clear tmp:clear' - puts "\n== Restarting application server ==" - system! "bin/rails restart" + unless ARGV.include?('--skip-server') + puts "\n== Starting development server ==" + STDOUT.flush # flush the output before exec(2) so that it displays + exec 'bin/dev' + end end diff --git a/config/application.rb b/config/application.rb index 551a648..4a55088 100644 --- a/config/application.rb +++ b/config/application.rb @@ -25,7 +25,7 @@ module GalcApi class Application < Rails::Application - config.load_defaults 8.0 + config.load_defaults 8.1 config.api_only = true diff --git a/config/bundler-audit.yml b/config/bundler-audit.yml new file mode 100644 index 0000000..e74b3af --- /dev/null +++ b/config/bundler-audit.yml @@ -0,0 +1,5 @@ +# Audit all gems listed in the Gemfile for known security problems by running bin/bundler-audit. +# CVEs that are not relevant to the application can be enumerated on the ignore list below. + +ignore: + - CVE-THAT-DOES-NOT-APPLY diff --git a/config/ci.rb b/config/ci.rb new file mode 100644 index 0000000..c8ffd66 --- /dev/null +++ b/config/ci.rb @@ -0,0 +1,18 @@ +# Run using bin/ci + +CI.run do + step 'Setup', 'bin/setup --skip-server' + + step 'Style: Ruby', 'bin/rubocop' + + step 'Security: Gem audit', 'bin/bundler-audit' + step 'Security: Brakeman code analysis', 'bin/brakeman --quiet --no-pager --exit-on-warn --exit-on-error' + + # Optional: set a green GitHub commit status to unblock PR merge. + # Requires the `gh` CLI and `gh extension install basecamp/gh-signoff`. + # if success? + # step 'Signoff: All systems go. Ready for merge and deploy.', 'gh signoff' + # else + # failure 'Signoff: CI failed. Do not merge or deploy.', 'Fix the issues and try again.' + # end +end diff --git a/config/environments/development.rb b/config/environments/development.rb index 46a8354..bb0e81f 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -3,10 +3,8 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded any time - # it changes. This slows down response time but is perfect for development - # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + # Make code changes take effect immediately without server restart. + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -14,47 +12,52 @@ # Show full error reports. config.consider_all_requests_local = true - # Enable server timing + # Enable server timing. config.server_timing = true # Disable serving static files from the `/public` folder by default since # we don't have any, except public.html which is served by AuthController#index config.public_file_server.enabled = false - # Enable/disable caching. By default caching is disabled. - # Run rails dev:cache to toggle caching. - if Rails.root.join('tmp', 'caching-dev.txt').exist? + # Enable/disable Action Controller caching. By default Action Controller caching is disabled. + # Run rails dev:cache to toggle Action Controller caching. + if Rails.root.join('tmp/caching-dev.txt').exist? config.cache_store = :memory_store - # config.public_file_server.headers = { - # 'Cache-Control' => "public, max-age=#{2.days.to_i}" - # } else config.action_controller.perform_caching = false config.cache_store = :null_store end + # Don't care if the mailer can't send. + config.action_mailer.raise_delivery_errors = false + + # Make template changes take effect immediately. + config.action_mailer.perform_caching = false + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true + + # Append comments with runtime information tags to SQL queries in logs. + config.active_record.query_log_tags_enabled = true - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true + + # Highlight code that triggered redirect in logs. + config.action_dispatch.verbose_redirect_logs = true # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true - - # Uncomment if you wish to allow Action Cable access from any origin. - # config.action_cable.disable_request_forgery_protection = true + config.action_view.annotate_rendered_view_with_filenames = true - # Fake sending of emails - config.action_mailer.delivery_method = :test - config.action_mailer.perform_caching = false + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = true Rails.application.config.hosts = [ IPAddr.new('0.0.0.0/0'), # All IPv4 addresses. diff --git a/config/environments/production.rb b/config/environments/production.rb index 465f00f..e8e3447 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -4,22 +4,15 @@ # Settings specified here will take precedence over those in config/application.rb. # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false - # Eager load code on boot. This eager loads most of Rails and - # your application in memory, allowing both threaded web servers - # and those relying on copy on write to perform better. - # Rake tasks automatically ignore this option for performance. + # Eager load code on boot for better performance and memory savings (ignored by Rake tasks). # config.eager_load = true config.eager_load = false - # Full error reports are disabled and caching is turned on. + # Full error reports are disabled. config.consider_all_requests_local = false - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] - # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). - # config.require_master_key = true - # Disable serving static files from the `/public` folder by default since # we don't have any, except public.html which is served by AuthController#index config.public_file_server.enabled = false @@ -27,42 +20,33 @@ # Enable serving of images, stylesheets, and JavaScripts from an asset server. # config.asset_host = "http://assets.example.com" - # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache - # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX - # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true - # Include generic and useful information about system operation, but avoid logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). + # Change to "debug" to log everything (including potentially personally-identifiable information!). config.log_level = :info # Prepend all log lines with the following tags. config.log_tags = [:request_id] - # Use a different cache store in production. - # config.cache_store = :mem_cache_store - - # Enable locale fallbacks for I18n (makes lookups for any locale fall back to - # the I18n.default_locale when a translation cannot be found). - config.i18n.fallbacks = true - # Don't log any deprecations. config.active_support.report_deprecations = false + # Replace the default in-process memory cache store with a durable alternative. + # config.cache_store = :mem_cache_store + # Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new - # Use a different logger for distributed setups. - # require "syslog/logger" - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation cannot be found). + config.i18n.fallbacks = true + + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false - # if ENV['RAILS_LOG_TO_STDOUT'].present? - # logger = ActiveSupport::Logger.new($stdout) - # logger.formatter = config.log_formatter - # config.logger = ActiveSupport::TaggedLogging.new(logger) - # end + # Only use :id for inspections in production. + config.active_record.attributes_for_inspect = [:id] # ------------------------------------------------------------ # Mailer configuration diff --git a/config/environments/test.rb b/config/environments/test.rb index aada6ff..c63ac55 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,5 +1,3 @@ -require 'active_support/core_ext/integer/time' - # The test environment is used exclusively to run your application's # test suite. You never need to work with it otherwise. Remember that # your test database is "scratch space" for the test suite and is wiped @@ -8,21 +6,21 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # Turn false under Spring and add config.action_view.cache_template_loading = true. - config.cache_classes = true + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false - # Eager loading loads your whole application. When running a single test locally, - # this probably isn't necessary. It's a good idea to do in a continuous integration - # system, or in some way before deploying your code. + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. config.eager_load = ENV['CI'].present? # Disable serving static files from the `/public` folder by default since # we don't have any, except public.html which is served by AuthController#index config.public_file_server.enabled = false - # Show full error reports and disable caching. - config.consider_all_requests_local = true - config.action_controller.perform_caching = false + # Show full error reports. + config.consider_all_requests_local = true config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. @@ -31,24 +29,23 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false + # Tell Action Mailer not to deliver emails to the real world. + # The :test delivery method accumulates sent emails in the + # ActionMailer::Base.deliveries array. + config.action_mailer.delivery_method = :test + config.action_mailer.perform_caching = false + # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raise exceptions for disallowed deprecations. - config.active_support.disallowed_deprecation = :raise - - # Tell Active Support which deprecation messages to disallow. - config.active_support.disallowed_deprecation_warnings = [] - # Raises error for missing translations. # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # Fake sending of emails - config.action_mailer.delivery_method = :test - config.action_mailer.perform_caching = false + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = true Rails.application.config.hosts.append( ActionDispatch::Integration::Session::DEFAULT_HOST, diff --git a/config/initializers/cors.rb b/config/initializers/cors.rb index f0ac234..5023a98 100644 --- a/config/initializers/cors.rb +++ b/config/initializers/cors.rb @@ -1,7 +1,7 @@ # Be sure to restart your server when you modify this file. # Avoid CORS issues when API is called from the frontend app. -# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests. +# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin Ajax requests. # Read more: https://github.com/cyu/rack-cors diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index eafcd36..f72dcdf 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,8 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure parameters to be filtered from the log file. Use this to limit dissemination of -# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported -# notations and behaviors. +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += %i[ passw email secret token _key crypt salt certificate otp ssn cvv cvc ] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index b736630..ae0a666 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -1,3 +1,5 @@ +# Be sure to restart your server when you modify this file. + ActiveSupport::Inflector.inflections(:en) do |inflect| %w[JWT MMS].each { |a| inflect.acronym(a) } end diff --git a/lib/docker.rb b/lib/docker.rb index 397b13f..7ffc22b 100644 --- a/lib/docker.rb +++ b/lib/docker.rb @@ -13,6 +13,8 @@ def setup_environment!(fileglob = '/run/secrets/*') # rubocop:disable Naming/AccessorMethodName def set_env_from(filepath) + return unless File.file?(filepath) + secret = File.read(filepath) secret_name = File.basename(filepath) return logger.warn("Can't set ENV[#{secret_name}]; #{filepath} is empty") if secret.empty? diff --git a/spec/models/image_spec.rb b/spec/models/image_spec.rb index 8e2fd58..5886856 100644 --- a/spec/models/image_spec.rb +++ b/spec/models/image_spec.rb @@ -22,11 +22,7 @@ def uploaded_file t.rewind end - options = { - tempfile: tmp, - filename: File.basename(source_file_path), - type: 'image/jpeg' - } + options = { tempfile: tmp, filename: File.basename(source_file_path), type: 'image/jpeg' } @uploaded_file = ActionDispatch::Http::UploadedFile.new(options) end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index fa0aaf4..c297666 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -29,3 +29,5 @@ WebMock.allow_net_connect! end end + +SimpleCov.start if ENV['COVERAGE']