Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to safely upgrade Rails
Search
Takashi Kokubun
March 28, 2016
Programming
6
14k
How to safely upgrade Rails
Rails Upgrade Casual Talks at Crowd Works
https://cw-meetup.doorkeeper.jp/events/40728
Takashi Kokubun
March 28, 2016
Tweet
Share
More Decks by Takashi Kokubun
See All by Takashi Kokubun
Deoptimization: How YJIT Speeds Up Ruby by Slowing Down / RubyKaigi 2025
k0kubun
2
3k
YJIT Makes Rails 1.7x faster / RubyKaigi 2024
k0kubun
7
14k
Ruby JIT Hacking Guide / RubyKaigi 2023
k0kubun
2
10k
YJIT: Dive into Ruby's JIT compiler written in Rust / Rust.Tokyo 2022
k0kubun
1
2.2k
Towards Ruby 4 JIT / RubyKaigi 2022
k0kubun
3
11k
Optimizing Production Performance with MRI JIT / RubyConf 2021
k0kubun
1
470
Why Ruby's JIT was slow / RubyKaigi Takeout 2021
k0kubun
3
1.9k
数時間かかる週一リリースを毎日何度も爆速でできるようにするまで / CI/CD Conference 2021
k0kubun
21
14k
Ruby 3 JIT's roadmap / RubyConf China 2020
k0kubun
0
820
Other Decks in Programming
See All in Programming
猫と暮らす Google Nest Cam生活🐈 / WebRTC with Google Nest Cam
yutailang0119
0
140
Composerが「依存解決」のためにどんな工夫をしているか #phpcon
o0h
PRO
1
270
なぜ適用するか、移行して理解するClean Architecture 〜構造を超えて設計を継承する〜 / Why Apply, Migrate and Understand Clean Architecture - Inherit Design Beyond Structure
seike460
PRO
3
780
Hack Claude Code with Claude Code
choplin
4
2.2k
10 Costly Database Performance Mistakes (And How To Fix Them)
andyatkinson
0
400
“いい感じ“な定量評価を求めて - Four Keysとアウトカムの間の探求 -
nealle
2
10k
ペアプロ × 生成AI 現場での実践と課題について / generative-ai-in-pair-programming
codmoninc
2
18k
地方に住むエンジニアの残酷な現実とキャリア論
ichimichi
5
1.6k
Is Xcode slowly dying out in 2025?
uetyo
1
280
Rails Frontend Evolution: It Was a Setup All Along
skryukov
0
160
Blazing Fast UI Development with Compose Hot Reload (droidcon New York 2025)
zsmb
1
300
PHP 8.4の新機能「プロパティフック」から学ぶオブジェクト指向設計とリスコフの置換原則
kentaroutakeda
2
930
Featured
See All Featured
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Code Review Best Practice
trishagee
69
19k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
45
7.5k
Build The Right Thing And Hit Your Dates
maggiecrowley
36
2.8k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.9k
Faster Mobile Websites
deanohume
307
31k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
For a Future-Friendly Web
brad_frost
179
9.8k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3.1k
Transcript
How to safely upgrade Rails Rails Upgrade Casual Talks @k0kubun
ࣗݾհ • Takashi Kokubun (@k0kubun) • ΫοΫύου ٕज़෦ ։ൃج൫άϧʔϓ •
Rails 4.1 -> 4.2 ͷΞοϓάϨʔυΛ్த͔Β୲
ࠓ͢͜ͱ • CookpadͷRailsΞοϓάϨʔυͷྲྀΕ • ϦϦʔεલͷ4ஈ֊ͷಈ࡞֬ೝ • Cookpad͕ૺ۰ͨ͠Rails 4.2ͷόά
Cookpadͷ RailsΞοϓάϨʔυͷྲྀΕ Rails 4.1 → 4.2 ͷྫ
CIʹRails 4.2༻δϣϒΛ༻ҙ • ·ͣςετΛ௨͢ • @a_matsuda ͞Μ͕failΓ5ݸ·ͰݮΒͨ͠ͷΛҾ͖ܧ ͗ɺΓΛ௨͢ͷΛ୲ • ϦϦʔε͢Δ·Ͱmaster͔Βrebase͠ଓ͚Δrails42ϒϥϯ
ν͕ςετΛ௨Δঢ়ଶΛอͭͨΊɺCIʹδϣϒΛ༻ҙ͢Δ • CIαʔόʔͷϦιʔε͕ۭ͍͍ͯΔૣேʹ࣮ߦ͢Δ
cherry-pick • σϓϩΠޙͷͷΓ͚Λ༰қʹͨ͠ΓɺϨϏϡʔ ͷෛ୲ܰݮͷͨΊϓϧϦΛׂ͢Δ • 4.1, 4.2྆ํͰಈ͘मਖ਼ઌʹग़ͯ͠͠·͏ • ઌʹΞοϓάϨʔυͰ͖Δgemઌʹ͓ͬͯ͘
cherry-pick failΓ5ͷ࣌ 1308 additions 1087 deletions 650 additions 477 deletions
Ϛʔδͨ͠ϓϧϦ
ඇޓͷҰ࣌త੍ • Rails 4.2ͷAuthenticity TokenͷมߋϩʔϧόοΫͰ͖ ͳ͍ͷͰɺRails 4.1ͷڍಈʹϞϯΩʔύονͰݻఆ • Masked Authenticity
Token ͰຖճϥϯμϜͳtokenΛ ฦ͢Α͏ʹͳΔͷͰɺޙํޓੑ͕ͳ͍ • Rails 4.2σϓϩΠޙམ͍͔ͪͭͯΒ͜ͷύονΛ֎ͨ͠
ඇޓͷҰ࣌త੍ ActiveSupport.on_load(:action_controller) do module ActionController module RequestForgeryProtectionExtension def form_authenticity_token session[:_csrf_token]
||= SecureRandom.base64(32) end end Base.prepend RequestForgeryProtectionExtension end end • Masked Authenticity TokenͷมߋΛ੍͢Δύον
ಈ࡞֬ೝ • ن͕େ͖͘ɺશͯͷӨڹൣғͷѲ͕ࠔͳͷͰɺ • ؔ෦ॺ͕ಈ࡞֬ೝͰ͖ΔظؒΛ2िؒఔઃ͚Δ • ຊ൪ʹ͍ۙڥͰΤϥʔ͕ग़Δ͔֬ೝ͢Δ • ৄࡉޙͷεϥΠυͰ
cookpad.com ͷϦϦʔε • લ͔ΒίʔυϑϦʔζ • ӨڹΛখ͘͢͞ΔͨΊɺޕલ7࣌ग़ࣾɾ8࣌σϓϩΠ • ͳΔ͘τϥϑΟοΫ͕͍࣌ؒଳʹσϓϩΠ͍ͨ͠ ͕ɺؔऀશһʹਂͷग़ࣾΛཁٻ͢Δ΄ͲͰͳ͍
ෳϒϥϯνӡ༻ • ಉ͡ϦϙδτϦʹ cookpad.com ΛؚΉ8ͭͷΞϓϦ͕ಉډ ͍ͯ͠Δ͕ɺҰʹશ෦ϦϦʔε͠ͳ͍ • 8ͭͷΞϓϦ: ཧը໘, όον,
API, ϫʔΧʔ, ... • 1ि͔͚ؒͯஈ֊తʹσϓϩΠ͢Δ • શͯRails 4.2ʹҠߦ͢Δ·ͰRails 4.1༻ͷrails41ϒϥϯν Λ࡞ΓmasterͷมߋΛόοΫϙʔτ͠ଓ͚Δ
σϓϩΠޙͷࢹ • ҎԼͷ2ͭΛࢹ͢Δ • Sentry: Τϥʔ • ࣗࣾϞχλϦϯάπʔϧ: ϨεϙϯελΠϜ
σϓϩΠޙͷࢹ ϨεϙϯελΠϜ Τϥʔ
ΞοϓάϨʔυϑϩʔͷ·ͱΊ • ςετΛ௨͠CIʹδϣϒΛ༻ҙ͢Δ • ϓϧϦͷׂඇޓͷ੍ʹΑΓมߋͷཻΛখ͘͢͞Δ • 2िؒಈ࡞֬ೝ • ෳͷΞϓϦΛ1ि͔͚ؒͯஈ֊తʹϦϦʔε͢Δ •
σϓϩΠޙɺϨεϙϯελΠϜͱΤϥʔΛࢹ
ϦϦʔεલͷ4ஈ֊ͷಈ࡞֬ೝ
1. ։ൃ༻ͷݕূڥͰͷ֬ೝ • ։ൃ༻ͷDBΛࢀর͢ΔݕূڥʹRails 4.2ͷϒϥϯνΛ σϓϩΠ • ΞοϓάϨʔυؔͳ͘ͱͱҙͷϒϥϯνΛҙ ͷαϒυϝΠϯʹσϓϩΠͰ͖ΔΑ͏ʹͳ͍ͬͯΔ •
ྫ: https://rails42.staging.ʙ/ • ͜ͷڥͰ֤෦ॺʹಈ࡞֬ೝΛґཔ
2. ຊ൪ڥͰͷखಈ֬ೝ • Rails 4.2༻ͷϒϥϯνΛσϓϩΠͨ͠ຊ൪ڥΛ༻ҙ • Webͷ߹ • ಛผͳΫοΩʔΛ࣋ͭ߹ͷΈͦͷڥʹϓϩΩγ͞Ε ΔΑ͏ʹͯ͠खಈͰಈ࡞֬ೝ
• ϞόΠϧΞϓϦ༻APIͷ߹ • ಛผͳϦΫΤετϔομʔΛ࣋ͭ߹ͷΈϓϩΩγ
2. ຊ൪ڥͰͷखಈ֬ೝ *OUFSOFU "QBDIF SBJMT SBJMT ௨ৗͷΫοΩʔ foocookie=1 • Webͷ߹
consoleͰదʹ $.cookie('foocookie', 1) CSPXTFS
2. ຊ൪ڥͰͷखಈ֬ೝ • ϞόΠϧΞϓϦ༻APIͷ߹ *OUFSOFU "QBDIF SBJMT SBJMT .PCJMF "QQ
NJUNQSPYZ ϦΫΤετϔομʹ X-Foo=1 Λ͚ͭΔ X-Foo=1 ී௨ͷϦΫΤετ
3. Kage • https://github.com/cookpad/kage • ͋ΔαʔόʔʹདྷͨϦΫΤετΛRails 4.2ΛσϓϩΠͨ͠ͷʹྲྀ ͠ɺDBͳͲͷॻ͖ࠐΈࢭ͢Δ • MySQLͳΒBLACKHOLEɺmemcached
ͳͲִ͢Δ • Τϥʔͷ༗ແύϑΥʔϚϯεΛ֬ೝ͢Δ • tail -f production.log • nginxͷϨεϙϯελΠϜunicornͷϦιʔε༻ྔ
3. Kage *OUFSOFU "QBDIF SBJMT ,BHF SBJMT ಉ͡ϦΫΤετ ϨεϙϯεࣺͯΔ Ϣʔβʔʹฦ͢
4. Production Test • CIޭޙࣗಈతʹσϓϩΠ͞ΕΔɺ΄΅ຊ൪ͷڥ • ΞοϓάϨʔυؔͳ͍ͭ͘Ͱ͜͜Ͱಈ࡞֬ೝΛ͔ͯ͠ ΒσϓϩΠ͢Δ
Cookpad͕ૺ۰ͨ͠Rails 4.2ͷόά
Encoding::UndefinedConversionError • ϚϧνόΠτจࣈྻ͔ͭ֯ͷ"%"ΛؚΉϑΝΠϧ໊ͷϑ ΝΠϧΛΞοϓϩʔυͨ͠ࡍʹग़ΔϨΞͳΤϥʔ • Rails 4.1 → 4.2 ΞοϓάϨʔυ࣌ʹ།Ұग़ͨΤϥʔ
• ຊՈʹ @eagletmt ͕ϓϧϦΛ͛ɺ4.2.4ʹऔΓࠐ·Εͨ • https://github.com/rails/rails/pull/21131
Encoding::UndefinedConversionError
undefined method `unpack' for nil:NilClass • Rails 4.2.4ͱRuby 2.0.0ͷΈ߹ΘͤͰͷΈൃੜ͢ΔΤϥʔ •
Ruby 2.0.0ͩͱ ERB::Util.url_encode ͷgsubͷϒϩο ΫͰ $& Λࢀর͢Δ͕ɺAS::SafeBuffer ͩͱಈ͔ͳ͍ • ຊՈʹ @k0kubun ͕ϓϧϦΛ͛ɺ4.2.5ʹऔΓࠐ·Εͨ • https://github.com/rails/rails/pull/21402
undefined method `unpack' for nil:NilClass
·ͱΊ • ҰʹσϓϩΠ͞ΕΔมߋΛখ͘͢͞Δ • ͳΔ͘ଟ͘ͷखͰɺͳΔ͘ຊ൪ʹ͍ۙڥͰಈ࡞֬ೝ • ΫοΫύουͰૺ۰ͨ͠Rails 4.2ͷόάຊՈͰमਖ਼ࡁ