From 4b3cce51bf9fd5ed2ac4b00fb48b5bc32bb6b5be Mon Sep 17 00:00:00 2001 From: Peter Cai <222655+pcai@users.noreply.github.com> Date: Thu, 1 Dec 2022 19:56:20 -0500 Subject: [PATCH] upgrade ruby/rails and add fly.io config (#59) * upgrade ruby/rails and add fly.io config * dont crash if next event data isnt present --- .dockerignore | 16 + .github/workflows/ci.yml | 25 +- .sample.env | 2 +- Dockerfile | 116 +++++++ Gemfile | 10 +- Gemfile.lock | 286 ++++++++++-------- app/helpers/application_helper.rb | 2 +- app/helpers/events_helper.rb | 8 +- bin/rails | 6 +- bin/rake | 4 +- bin/setup | 48 ++- config/application.rb | 33 +- config/boot.rb | 4 +- config/environment.rb | 2 +- config/environments/development.rb | 57 ++-- config/environments/production.rb | 60 ++-- config/environments/test.rb | 45 +-- config/initializers/assets.rb | 9 +- .../initializers/content_security_policy.rb | 25 ++ config/initializers/disable_xml_params.rb | 3 - .../initializers/filter_parameter_logging.rb | 8 +- config/initializers/inflections.rb | 8 +- .../new_framework_defaults_7_0.rb | 135 +++++++++ config/initializers/permissions_policy.rb | 11 + fly.toml | 50 +++ lib/tasks/fly.rake | 14 + 26 files changed, 716 insertions(+), 271 deletions(-) create mode 100644 .dockerignore create mode 100755 Dockerfile create mode 100644 config/initializers/content_security_policy.rb delete mode 100644 config/initializers/disable_xml_params.rb create mode 100644 config/initializers/new_framework_defaults_7_0.rb create mode 100644 config/initializers/permissions_policy.rb create mode 100644 fly.toml create mode 100644 lib/tasks/fly.rake diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..0e34b06 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,16 @@ +.git +tmp +!tmp/pids +log +public/assets +public/packs +.bundle + +db/*.sqlite3 +db/*.sqlite3-* + +storage +config/master.key +config/credentials/*.key + +node_modules diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7efaf6c..1ace162 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,22 +2,21 @@ name: CI on: push: - branches: [ master ] pull_request: - branches: [ master ] + branches: [master] jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Set up Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: 2.7.1 - - name: Install dependencies - run: bundle install - - name: Copy sample ENV vars - run: cp .sample.env .env - - name: Run tests - run: bundle exec rake + - uses: actions/checkout@v2 + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.1.2 + - name: Install dependencies + run: bundle install + - name: Copy sample ENV vars + run: cp .sample.env .env + - name: Run tests + run: bundle exec rake diff --git a/.sample.env b/.sample.env index 3355abc..16f4432 100644 --- a/.sample.env +++ b/.sample.env @@ -5,4 +5,4 @@ NEXT_EVENT_ID=GET_FROM_EVENTBRITE VENUE_MAP_URL=GET_FROM_GOOGLE_MAPS EVENT_URL=GET_FROM_EVENT_PLATFORM VENUE_NAME=GET_VENUE_NAME -VENUE_ADDRESS=VENUE_ADDRESS \ No newline at end of file +VENUE_ADDRESS=VENUE_ADDRESS diff --git a/Dockerfile b/Dockerfile new file mode 100755 index 0000000..f300f30 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,116 @@ +# syntax = docker/dockerfile:experimental + +# Dockerfile used to build a deployable image for a Rails application. +# Adjust as required. +# +# Common adjustments you may need to make over time: +# * Modify version numbers for Ruby, Bundler, and other products. +# * Add library packages needed at build time for your gems, node modules. +# * Add deployment packages needed by your application +# * Add (often fake) secrets needed to compile your assets + +####################################################################### + +# Learn more about the chosen Ruby stack, Fullstaq Ruby, here: +# https://github.com/evilmartians/fullstaq-ruby-docker. +# +# We recommend using the highest patch level for better security and +# performance. + +ARG RUBY_VERSION=3.1.2 +ARG VARIANT=jemalloc-bullseye-slim +FROM quay.io/evl.ms/fullstaq-ruby:${RUBY_VERSION}-${VARIANT} as base + +LABEL fly_launch_runtime="rails" + +ARG BUNDLER_VERSION=2.3.7 + +ARG RAILS_ENV=production +ENV RAILS_ENV=${RAILS_ENV} + +ENV RAILS_SERVE_STATIC_FILES true +ENV RAILS_LOG_TO_STDOUT true + +ARG BUNDLE_WITHOUT=development:test +ARG BUNDLE_PATH=vendor/bundle +ENV BUNDLE_PATH ${BUNDLE_PATH} +ENV BUNDLE_WITHOUT ${BUNDLE_WITHOUT} + +RUN mkdir /app +WORKDIR /app +RUN mkdir -p tmp/pids + +RUN gem update --system --no-document && \ + gem install -N bundler -v ${BUNDLER_VERSION} + +####################################################################### + +# install packages only needed at build time + +FROM base as build_deps + +ARG BUILD_PACKAGES="git build-essential wget vim curl gzip xz-utils libsqlite3-dev" +ENV BUILD_PACKAGES ${BUILD_PACKAGES} + +RUN --mount=type=cache,id=dev-apt-cache,sharing=locked,target=/var/cache/apt \ + --mount=type=cache,id=dev-apt-lib,sharing=locked,target=/var/lib/apt \ + apt-get update -qq && \ + apt-get install --no-install-recommends -y ${BUILD_PACKAGES} \ + && rm -rf /var/lib/apt/lists /var/cache/apt/archives + +####################################################################### + +# install gems + +FROM build_deps as gems + +COPY Gemfile* ./ +RUN bundle install && rm -rf vendor/bundle/ruby/*/cache + +####################################################################### + +# install deployment packages + +FROM base + +ARG DEPLOY_PACKAGES="file vim curl gzip nodejs" +ENV DEPLOY_PACKAGES=${DEPLOY_PACKAGES} + +RUN --mount=type=cache,id=prod-apt-cache,sharing=locked,target=/var/cache/apt \ + --mount=type=cache,id=prod-apt-lib,sharing=locked,target=/var/lib/apt \ + apt-get update -qq && \ + apt-get install --no-install-recommends -y \ + ${DEPLOY_PACKAGES} \ + && rm -rf /var/lib/apt/lists /var/cache/apt/archives + +# copy installed gems +COPY --from=gems /app /app +COPY --from=gems /usr/lib/fullstaq-ruby/versions /usr/lib/fullstaq-ruby/versions +COPY --from=gems /usr/local/bundle /usr/local/bundle + +####################################################################### + +# Deploy your application +COPY . . + +# Adjust binstubs to run on Linux and set current working directory +RUN chmod +x /app/bin/* && \ + sed -i 's/ruby.exe\r*/ruby/' /app/bin/* && \ + sed -i '/^#!/aDir.chdir File.expand_path("..", __dir__)' /app/bin/* + +# The following enable assets to precompile on the build server. Adjust +# as necessary. If no combination works for you, see: +# https://fly.io/docs/rails/getting-started/existing/#access-to-environment-variables-at-build-time +ENV SECRET_KEY_BASE 1 +# ENV AWS_ACCESS_KEY_ID=1 +# ENV AWS_SECRET_ACCESS_KEY=1 + +# Run build task defined in lib/tasks/fly.rake +ARG BUILD_COMMAND="bin/rails fly:build" +RUN ${BUILD_COMMAND} + +# Default server start instructions. Generally Overridden by fly.toml. +ENV PORT 8080 +ARG SERVER_COMMAND="bin/rails server" +ENV SERVER_COMMAND ${SERVER_COMMAND} +CMD ${SERVER_COMMAND} diff --git a/Gemfile b/Gemfile index 15fc32a..cff062d 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source "https://rubygems.org" -ruby "2.7.6" +ruby "3.1.2" gem "airbrake" gem "autoprefixer-rails" @@ -12,9 +12,9 @@ gem "httparty" gem "jquery-rails" gem "neat", "~> 1.7.0" gem "normalize-rails", "~> 3.0.0" -gem "rack-contrib" -gem "rails", "~> 4.2.11" -gem "rake", "< 12.0" +gem "puma" +gem "rails", "~> 7.0" +gem "rake" gem "refills" gem "sass-rails", "~> 5.0" gem "uglifier" @@ -26,7 +26,7 @@ group :development, :test do gem "byebug" gem "dotenv-rails" gem "pry-rails" - gem "rspec-rails", "~> 3.1.0" + gem "rspec-rails" end group :test do diff --git a/Gemfile.lock b/Gemfile.lock index 05fbe88..3a51458 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,60 +1,90 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (4.2.11.3) - actionpack (= 4.2.11.3) - actionview (= 4.2.11.3) - activejob (= 4.2.11.3) + actioncable (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) + nio4r (~> 2.0) + websocket-driver (>= 0.6.1) + actionmailbox (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) + mail (>= 2.7.1) + net-imap + net-pop + net-smtp + actionmailer (7.0.4) + actionpack (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activesupport (= 7.0.4) mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.11.3) - actionview (= 4.2.11.3) - activesupport (= 4.2.11.3) - rack (~> 1.6) - rack-test (~> 0.6.2) - rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (4.2.11.3) - activesupport (= 4.2.11.3) - builder (~> 3.1) - erubis (~> 2.7.0) - rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (4.2.11.3) - activesupport (= 4.2.11.3) - globalid (>= 0.3.0) - activemodel (4.2.11.3) - activesupport (= 4.2.11.3) + net-imap + net-pop + net-smtp + rails-dom-testing (~> 2.0) + actionpack (7.0.4) + actionview (= 7.0.4) + activesupport (= 7.0.4) + rack (~> 2.0, >= 2.2.0) + rack-test (>= 0.6.3) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.0, >= 1.2.0) + actiontext (7.0.4) + actionpack (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) + globalid (>= 0.6.0) + nokogiri (>= 1.8.5) + actionview (7.0.4) + activesupport (= 7.0.4) builder (~> 3.1) - activerecord (4.2.11.3) - activemodel (= 4.2.11.3) - activesupport (= 4.2.11.3) - arel (~> 6.0) - activesupport (4.2.11.3) - i18n (~> 0.7) - minitest (~> 5.1) - thread_safe (~> 0.3, >= 0.3.4) - tzinfo (~> 1.1) - addressable (2.8.0) - public_suffix (>= 2.0.2, < 5.0) - airbrake (13.0.0) + erubi (~> 1.4) + rails-dom-testing (~> 2.0) + rails-html-sanitizer (~> 1.1, >= 1.2.0) + activejob (7.0.4) + activesupport (= 7.0.4) + globalid (>= 0.3.6) + activemodel (7.0.4) + activesupport (= 7.0.4) + activerecord (7.0.4) + activemodel (= 7.0.4) + activesupport (= 7.0.4) + activestorage (7.0.4) + actionpack (= 7.0.4) + activejob (= 7.0.4) + activerecord (= 7.0.4) + activesupport (= 7.0.4) + marcel (~> 1.0) + mini_mime (>= 1.1.0) + activesupport (7.0.4) + concurrent-ruby (~> 1.0, >= 1.0.2) + i18n (>= 1.6, < 2) + minitest (>= 5.1) + tzinfo (~> 2.0) + addressable (2.8.1) + public_suffix (>= 2.0.2, < 6.0) + airbrake (13.0.3) airbrake-ruby (~> 6.0) - airbrake-ruby (6.1.0) + airbrake-ruby (6.2.0) rbtree3 (~> 0.5) - arel (6.0.4) autoprefixer-rails (10.4.7.0) execjs (~> 2) awesome_print (1.9.2) bigdecimal (1.4.4) - bourbon (4.2.7) + bourbon (4.2.3) sass (~> 3.4) - thor (~> 0.19) + thor builder (3.2.4) - bundler-audit (0.7.0.1) + bundler-audit (0.9.1) bundler (>= 1.2.0, < 3) - thor (>= 0.18, < 2) + thor (~> 1.0) byebug (11.1.3) - capybara (3.36.0) + capybara (3.38.0) addressable matrix mini_mime (>= 0.1.3) @@ -63,42 +93,43 @@ GEM rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) - climate_control (1.0.1) + climate_control (1.2.0) coderay (1.1.3) concurrent-ruby (1.1.10) crack (0.4.5) rexml crass (1.0.6) diff-lcs (1.5.0) - dotenv (2.7.6) - dotenv-rails (2.7.6) - dotenv (= 2.7.6) + dotenv (2.8.1) + dotenv-rails (2.8.1) + dotenv (= 2.8.1) railties (>= 3.2) - erubis (2.7.0) + erubi (1.11.0) execjs (2.8.1) ffi (1.15.5) flutie (2.2.0) - globalid (0.4.2) - activesupport (>= 4.2.0) + globalid (1.0.0) + activesupport (>= 5.0) hashdiff (1.0.1) high_voltage (3.1.2) httparty (0.20.0) mime-types (~> 3.0) multi_xml (>= 0.5.2) - i18n (0.9.5) + i18n (1.12.0) concurrent-ruby (~> 1.0) - jquery-rails (4.4.0) + jquery-rails (4.5.1) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) kgio (2.11.4) launchy (2.5.0) addressable (~> 2.7) - loofah (2.17.0) + loofah (2.19.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) + marcel (1.0.2) matrix (0.4.2) method_source (1.0.0) mime-types (3.4.1) @@ -106,12 +137,21 @@ GEM mime-types-data (3.2022.0105) mini_mime (1.1.2) mini_portile2 (2.8.0) - minitest (5.15.0) + minitest (5.16.3) multi_xml (0.6.0) neat (1.7.4) bourbon (>= 4.0) sass (>= 3.3) - nokogiri (1.13.4) + net-imap (0.3.1) + net-protocol + net-pop (0.1.2) + net-protocol + net-protocol (0.1.3) + timeout + net-smtp (0.3.3) + net-protocol + nio4r (2.5.8) + nokogiri (1.13.9) mini_portile2 (~> 2.8.0) racc (~> 1.4) normalize-rails (3.0.3) @@ -120,71 +160,74 @@ GEM method_source (~> 1.0) pry-rails (0.3.9) pry (>= 0.10.4) - public_suffix (4.0.7) + public_suffix (5.0.0) + puma (6.0.0) + nio4r (~> 2.0) racc (1.6.0) - rack (1.6.13) - rack-contrib (1.8.0) - rack (~> 1.4) - rack-test (0.6.3) - rack (>= 1.0) - rack-timeout (0.6.0) - rails (4.2.11.3) - actionmailer (= 4.2.11.3) - actionpack (= 4.2.11.3) - actionview (= 4.2.11.3) - activejob (= 4.2.11.3) - activemodel (= 4.2.11.3) - activerecord (= 4.2.11.3) - activesupport (= 4.2.11.3) - bundler (>= 1.3.0, < 2.0) - railties (= 4.2.11.3) - sprockets-rails - rails-deprecated_sanitizer (1.0.4) - activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.9) - activesupport (>= 4.2.0, < 5.0) - nokogiri (~> 1.6) - rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.4.2) + rack (2.2.4) + rack-test (2.0.2) + rack (>= 1.3) + rack-timeout (0.6.3) + rails (7.0.4) + actioncable (= 7.0.4) + actionmailbox (= 7.0.4) + actionmailer (= 7.0.4) + actionpack (= 7.0.4) + actiontext (= 7.0.4) + actionview (= 7.0.4) + activejob (= 7.0.4) + activemodel (= 7.0.4) + activerecord (= 7.0.4) + activestorage (= 7.0.4) + activesupport (= 7.0.4) + bundler (>= 1.15.0) + railties (= 7.0.4) + rails-dom-testing (2.0.3) + activesupport (>= 4.2.0) + nokogiri (>= 1.6) + rails-html-sanitizer (1.4.3) loofah (~> 2.3) rails_stdout_logging (0.0.5) - railties (4.2.11.3) - actionpack (= 4.2.11.3) - activesupport (= 4.2.11.3) - rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) + railties (7.0.4) + actionpack (= 7.0.4) + activesupport (= 7.0.4) + method_source + rake (>= 12.2) + thor (~> 1.0) + zeitwerk (~> 2.5) raindrops (0.20.0) - rake (11.3.0) - rb-fsevent (0.11.1) + rake (13.0.6) + rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) rbtree3 (0.7.0) refills (0.2.0) - regexp_parser (2.3.1) + regexp_parser (2.6.1) rexml (3.2.5) - rspec-core (3.1.7) - rspec-support (~> 3.1.0) - rspec-expectations (3.1.2) + rspec-core (3.12.0) + rspec-support (~> 3.12.0) + rspec-expectations (3.12.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.1.0) - rspec-mocks (3.1.3) - rspec-support (~> 3.1.0) - rspec-rails (3.1.0) - actionpack (>= 3.0) - activesupport (>= 3.0) - railties (>= 3.0) - rspec-core (~> 3.1.0) - rspec-expectations (~> 3.1.0) - rspec-mocks (~> 3.1.0) - rspec-support (~> 3.1.0) - rspec-support (3.1.2) + rspec-support (~> 3.12.0) + rspec-mocks (3.12.0) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.12.0) + rspec-rails (6.0.1) + actionpack (>= 6.1) + activesupport (>= 6.1) + railties (>= 6.1) + rspec-core (~> 3.11) + rspec-expectations (~> 3.11) + rspec-mocks (~> 3.11) + rspec-support (~> 3.11) + rspec-support (3.12.0) sass (3.7.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.7) - railties (>= 4.0.0, < 6) + sass-rails (5.1.0) + railties (>= 5.2.0) sass (~> 3.1) sprockets (>= 2.8, < 4.0) sprockets-rails (>= 2.0, < 4.0) @@ -192,26 +235,30 @@ GEM sprockets (3.7.2) concurrent-ruby (~> 1.0) rack (> 1, < 3) - sprockets-rails (3.2.2) - actionpack (>= 4.0) - activesupport (>= 4.0) + sprockets-rails (3.4.2) + actionpack (>= 5.2) + activesupport (>= 5.2) sprockets (>= 3.0.0) - thor (0.20.3) - thread_safe (0.3.6) - tilt (2.0.10) - tzinfo (1.2.9) - thread_safe (~> 0.1) + thor (1.2.1) + tilt (2.0.11) + timeout (0.3.0) + tzinfo (2.0.5) + concurrent-ruby (~> 1.0) uglifier (4.2.0) execjs (>= 0.3.0, < 3) unicorn (6.1.0) kgio (~> 2.6) raindrops (~> 0.7) - webmock (3.14.0) + webmock (3.18.1) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) + websocket-driver (0.7.5) + websocket-extensions (>= 0.1.0) + websocket-extensions (0.1.5) xpath (3.2.0) nokogiri (~> 1.8) + zeitwerk (2.6.6) PLATFORMS ruby @@ -235,20 +282,17 @@ DEPENDENCIES neat (~> 1.7.0) normalize-rails (~> 3.0.0) pry-rails - rack-contrib + puma rack-timeout - rails (~> 4.2.11) + rails (~> 7.0) rails_stdout_logging - rake (< 12.0) + rake refills - rspec-rails (~> 3.1.0) + rspec-rails sass-rails (~> 5.0) uglifier unicorn webmock RUBY VERSION - ruby 2.7.6p219 - -BUNDLED WITH - 2.0.0.pre.3 + ruby 3.1.2p20 diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 65b2a0c..5e39e23 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -4,7 +4,7 @@ def signup_form_url end def venue_map_url - ENV.fetch("VENUE_MAP_URL") + ENV.fetch("VENUE_MAP_URL", "") end def data_links diff --git a/app/helpers/events_helper.rb b/app/helpers/events_helper.rb index 8972f48..c65b392 100644 --- a/app/helpers/events_helper.rb +++ b/app/helpers/events_helper.rb @@ -2,7 +2,7 @@ module EventsHelper def next_event OpenStruct.new( venue: venue, - url: ENV.fetch("EVENT_URL") + url: ENV.fetch("EVENT_URL", "") ) # @next_event ||= Eventbrite::EventFinder.find(ENV.fetch("NEXT_EVENT_ID")) end @@ -13,12 +13,12 @@ def next_event_venue def venue OpenStruct.new( - name: ENV.fetch("VENUE_NAME"), - address: ENV.fetch("VENUE_ADDRESS") + name: ENV.fetch("VENUE_NAME", ""), + address: ENV.fetch("VENUE_ADDRESS", "") ) end def show_registration? - ENV["HIDE_REGISTRATION"] != "true" + ENV["HIDE_REGISTRATION"] != "true" && next_event.url.present? end end diff --git a/bin/rails b/bin/rails index 5191e69..efc0377 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -APP_PATH = File.expand_path('../../config/application', __FILE__) -require_relative '../config/boot' -require 'rails/commands' +APP_PATH = File.expand_path("../config/application", __dir__) +require_relative "../config/boot" +require "rails/commands" diff --git a/bin/rake b/bin/rake index 1724048..4fbf10b 100755 --- a/bin/rake +++ b/bin/rake @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -require_relative '../config/boot' -require 'rake' +require_relative "../config/boot" +require "rake" Rake.application.run diff --git a/bin/setup b/bin/setup index 7711cf5..57b65c8 100755 --- a/bin/setup +++ b/bin/setup @@ -1,35 +1,25 @@ -#!/usr/bin/env sh +#!/usr/bin/env ruby +require "fileutils" -# Set up Rails app. Run this script immediately after cloning the codebase. -# https://github.com/thoughtbot/guides/tree/master/protocol +# path to your application root. +APP_ROOT = File.expand_path("..", __dir__) -# Exit if any subcommand fails -set -e +def system!(*args) + system(*args) || abort("\n== Command #{args} failed ==") +end -# Set up Ruby dependencies via Bundler -gem install bundler --conservative -bundle check || bundle install +FileUtils.chdir APP_ROOT do + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. + # Add necessary setup steps to this file. -# Set up configurable environment variables -if [ ! -f .env ]; then - cp .sample.env .env -fi + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") -# Add binstubs to PATH via export PATH=".git/safe/../../bin:$PATH" in ~/.zshenv -mkdir -p .git/safe + puts "\n== Removing old logs and tempfiles ==" + system! "bin/rails log:clear tmp:clear" -# Pick a port for Foreman -if ! grep --quiet --no-messages --fixed-strings 'port' .foreman; then - printf 'port: 4000\n' >> .foreman -fi - -if ! command -v foreman > /dev/null; then - printf 'Foreman is not installed.\n' - printf 'See https://github.com/ddollar/foreman for install instructions.\n' -fi - -if [ -z "$CI" ]; then - # Set up staging and production git remotes - git remote add staging git@heroku.com:railsbridge-boston-staging.git || true - git remote add production git@heroku.com:railsbridge-boston.git || true -fi + puts "\n== Restarting application server ==" + system! "bin/rails restart" +end diff --git a/config/application.rb b/config/application.rb index 6da5374..fe923b4 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,12 +1,17 @@ -require File.expand_path('../boot', __FILE__) +require_relative "boot" require "rails" # Pick the frameworks you want: require "active_model/railtie" require "active_job/railtie" +# require "active_record/railtie" +# require "active_storage/engine" require "action_controller/railtie" +# require "action_mailer/railtie" +# require "action_mailbox/engine" +# require "action_text/engine" require "action_view/railtie" -require "sprockets/railtie" +# require "action_cable/engine" # require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems @@ -15,20 +20,20 @@ module RailsbridgebostonDotOrg class Application < Rails::Application - config.i18n.enforce_available_locales = true + # Initialize configuration defaults for originally generated Rails version. + config.load_defaults 5.0 - config.generators do |generate| - generate.helper false - generate.javascript_engine false - generate.request_specs false - generate.routing_specs false - generate.stylesheets false - generate.test_framework :rspec - generate.view_specs false - end + # Configuration for the application, engines, and railties goes here. + # + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. + # + # config.time_zone = "Central Time (US & Canada)" + # config.eager_load_paths << Rails.root.join("extras") - config.autoload_paths += %W(#{config.root}/lib) + config.hosts << ".preview.app.github.dev" << ".example.com" - config.action_controller.action_on_unpermitted_parameters = :raise + # Don't generate system test files. + config.generators.system_tests = nil end end diff --git a/config/boot.rb b/config/boot.rb index 6b750f0..2820116 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,3 +1,3 @@ -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) -require 'bundler/setup' # Set up gems listed in the Gemfile. +require "bundler/setup" # Set up gems listed in the Gemfile. diff --git a/config/environment.rb b/config/environment.rb index ee8d90d..cac5315 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -1,5 +1,5 @@ # Load the Rails application. -require File.expand_path('../application', __FILE__) +require_relative "application" # Initialize the Rails application. Rails.application.initialize! diff --git a/config/environments/development.rb b/config/environments/development.rb index c63459a..09114d7 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,35 +1,56 @@ +require "active_support/core_ext/integer/time" + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded on - # every request. This slows down response time but is perfect for development + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. config.cache_classes = false # Do not eager load code on boot. config.eager_load = false - # Show full error reports and disable caching. - config.consider_all_requests_local = true - config.action_controller.perform_caching = false + # Show full error reports. + config.consider_all_requests_local = true + + # Enable server timing + config.server_timing = true + + # Enable/disable caching. By default caching is disabled. + # Run rails dev:cache to toggle caching. + if Rails.root.join("tmp/caching-dev.txt").exist? + config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true + + config.cache_store = :memory_store + config.public_file_server.headers = { + "Cache-Control" => "public, max-age=#{2.days.to_i}" + } + else + config.action_controller.perform_caching = false + + config.cache_store = :null_store + end # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + + # Suppress logger output for asset requests. + config.assets.quiet = true - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true - # Adds additional error checking when serving assets at runtime. - # Checks for improperly declared sprockets dependencies. - # Raises helpful error messages. - config.assets.raise_runtime_errors = true + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true - # Raises error for missing translations - config.action_view.raise_on_missing_translations = true + # Uncomment if you wish to allow Action Cable access from any origin. + # config.action_cable.disable_request_forgery_protection = true end diff --git a/config/environments/production.rb b/config/environments/production.rb index 263aab2..ecc74a7 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -1,3 +1,5 @@ +require "active_support/core_ext/integer/time" + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. @@ -14,59 +16,63 @@ config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Enable Rack::Cache to put a simple HTTP cache in front of your application - # Add `rack-cache` to your Gemfile before enabling this. - # For large-scale production use, consider using a caching reverse proxy like - # NGINX, varnish or squid. - # config.action_dispatch.rack_cache = true + # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] + # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. - config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present? - config.static_cache_control = "public, max-age=#{1.year.to_i}" - # Enable deflate / gzip compression of controller-generated responses - config.middleware.use Rack::Deflater + config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? - # Compress JavaScripts and CSS. - config.assets.js_compressor = :uglifier + # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true - - # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = "http://assets.example.com" # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true - # Use the lowest log level to ensure availability of diagnostic information - # when problems arise. - config.log_level = :debug + # Include generic and useful information about system operation, but avoid logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). + config.log_level = :info # Prepend all log lines with the following tags. - # config.log_tags = [ :subdomain, :uuid ] - - # Use a different logger for distributed setups. - # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) + config.log_tags = [ :request_id ] # Use a different cache store in production. # config.cache_store = :mem_cache_store + # Use a real queuing backend for Active Job (and separate queues per environment). + # config.active_job.queue_adapter = :resque + # config.active_job.queue_name_prefix = "railsbridgeboston_dot_org_production" + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify + # Don't log any deprecations. + config.active_support.report_deprecations = false # Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new + + # Use a different logger for distributed setups. + # require "syslog/logger" + # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") + + if ENV["RAILS_LOG_TO_STDOUT"].present? + logger = ActiveSupport::Logger.new(STDOUT) + logger.formatter = config.log_formatter + config.logger = ActiveSupport::TaggedLogging.new(logger) + end + + config.hosts << ENV['HOSTNAME'] end diff --git a/config/environments/test.rb b/config/environments/test.rb index cd94ea9..eb2f171 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -1,24 +1,31 @@ +require "active_support/core_ext/integer/time" + +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # The test environment is used exclusively to run your application's - # test suite. You never need to work with it otherwise. Remember that - # your test database is "scratch space" for the test suite and is wiped - # and recreated between test runs. Don't rely on the data there! + # Turn false under Spring and add config.action_view.cache_template_loading = true. config.cache_classes = true - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Eager loading loads your whole application. When running a single test locally, + # this probably isn't necessary. It's a good idea to do in a continuous integration + # system, or in some way before deploying your code. + config.eager_load = ENV["CI"].present? - # Configure static file server for tests with Cache-Control for performance. - config.serve_static_files = true - config.static_cache_control = 'public, max-age=3600' + # Configure public file server for tests with Cache-Control for performance. + config.public_file_server.enabled = true + config.public_file_server.headers = { + "Cache-Control" => "public, max-age=#{1.hour.to_i}" + } # Show full error reports and disable caching. config.consider_all_requests_local = true config.action_controller.perform_caching = false + config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. config.action_dispatch.show_exceptions = false @@ -26,14 +33,18 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false - # Randomize the order test cases are executed. - config.active_support.test_order = :random - # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raises error for missing translations - config.action_view.raise_on_missing_translations = true + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true - config.active_job.queue_adapter = :inline + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true end diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 13abef8..2eeef96 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -1,11 +1,12 @@ # Be sure to restart your server when you modify this file. # Version of your assets, change this if you want to expire all your assets. -Rails.application.config.assets.version = (ENV["ASSETS_VERSION"] || "1.0") +Rails.application.config.assets.version = "1.0" -# Add additional assets to the asset load path +# Add additional assets to the asset load path. # Rails.application.config.assets.paths << Emoji.images_path # Precompile additional assets. -# application.js, application.css, and all non-JS/CSS in app/assets folder are already added. -# Rails.application.config.assets.precompile += %w( search.js ) +# application.js, application.css, and all non-JS/CSS in the app/assets +# folder are already added. +# Rails.application.config.assets.precompile += %w( admin.js admin.css ) diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb new file mode 100644 index 0000000..54f47cf --- /dev/null +++ b/config/initializers/content_security_policy.rb @@ -0,0 +1,25 @@ +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header + +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap and inline scripts +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true +# end diff --git a/config/initializers/disable_xml_params.rb b/config/initializers/disable_xml_params.rb deleted file mode 100644 index c24d969..0000000 --- a/config/initializers/disable_xml_params.rb +++ /dev/null @@ -1,3 +0,0 @@ -# Protect against injection attacks -# http://www.kb.cert.org/vuls/id/380039 -ActionDispatch::ParamsParser::DEFAULT_PARSERS.delete(Mime::XML) diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 4a994e1..adc6568 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,4 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password] +# Configure parameters to be filtered from the log file. Use this to limit dissemination of +# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported +# notations and behaviors. +Rails.application.config.filter_parameters += [ + :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn +] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index ac033bf..3860f65 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -4,13 +4,13 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end # These inflection rules are supported but not enabled by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.acronym 'RESTful' +# inflect.acronym "RESTful" # end diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb new file mode 100644 index 0000000..4d58024 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_0.rb @@ -0,0 +1,135 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +# `button_to` view helper will render `