Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to safely upgrade Rails
Search
Takashi Kokubun
March 28, 2016
Programming
6
13k
How to safely upgrade Rails
Rails Upgrade Casual Talks at Crowd Works
https://cw-meetup.doorkeeper.jp/events/40728
Takashi Kokubun
March 28, 2016
Tweet
Share
More Decks by Takashi Kokubun
See All by Takashi Kokubun
YJIT Makes Rails 1.7x faster / RubyKaigi 2024
k0kubun
7
8.4k
Ruby JIT Hacking Guide / RubyKaigi 2023
k0kubun
2
9.2k
YJIT: Dive into Ruby's JIT compiler written in Rust / Rust.Tokyo 2022
k0kubun
1
1.9k
Towards Ruby 4 JIT / RubyKaigi 2022
k0kubun
3
10k
Optimizing Production Performance with MRI JIT / RubyConf 2021
k0kubun
1
380
Why Ruby's JIT was slow / RubyKaigi Takeout 2021
k0kubun
3
1.8k
数時間かかる週一リリースを毎日何度も爆速でできるようにするまで / CI/CD Conference 2021
k0kubun
21
14k
Ruby 3 JIT's roadmap / RubyConf China 2020
k0kubun
0
710
Ruby 3.0 JIT on Rails
k0kubun
9
8.9k
Other Decks in Programming
See All in Programming
英語
s_shimotori
1
220
スクラムマスターって孤独じゃないですか?
yoshitaroyoyo
1
140
ぼっちを避けて楽しむためのアノテコノテ / Various Tips and Tricks to Avoid Loneliness and Have Fun
nrslib
3
1.7k
Rubyのパフォーマンスプロファイリングの改善 / Enhancing performance profiling for Ruby
osyoyu
1
410
Rust.Nagoya #1
codemountains
0
170
CSC307 Lecture 12
javiergs
PRO
0
220
DynamoDB コスト最適化っぽいことの基本 with Terraform
kuro_kurorrr
2
250
Jetpack for KMP
fornewid
1
290
なぜ宣言的 UI は壊れにくいのか / Why declarative UI is less fragile
uenitty
29
13k
From Spring Boot 2 to Spring Boot 3 with Java 22 and Jakarta EE
ivargrimstad
0
1.9k
Folding Cheat Sheet #7
philipschwarz
PRO
0
150
I/O Extended Android in Korea 2024 ~ Whats new in Android development tools
pluu
0
250
Featured
See All Featured
Code Reviewing Like a Champion
maltzj
517
39k
The World Runs on Bad Software
bkeepers
PRO
63
11k
Building a Scalable Design System with Sketch
lauravandoore
458
32k
Bash Introduction
62gerente
607
210k
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
Become a Pro
speakerdeck
PRO
15
4.8k
The Cult of Friendly URLs
andyhume
75
5.9k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
662
120k
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.9k
Building Applications with DynamoDB
mza
89
5.8k
Designing for Performance
lara
604
67k
Designing with Data
zakiwarfel
96
5k
Transcript
How to safely upgrade Rails Rails Upgrade Casual Talks @k0kubun
ࣗݾհ • Takashi Kokubun (@k0kubun) • ΫοΫύου ٕज़෦ ։ൃج൫άϧʔϓ •
Rails 4.1 -> 4.2 ͷΞοϓάϨʔυΛ్த͔Β୲
ࠓ͢͜ͱ • CookpadͷRailsΞοϓάϨʔυͷྲྀΕ • ϦϦʔεલͷ4ஈ֊ͷಈ࡞֬ೝ • Cookpad͕ૺ۰ͨ͠Rails 4.2ͷόά
Cookpadͷ RailsΞοϓάϨʔυͷྲྀΕ Rails 4.1 → 4.2 ͷྫ
CIʹRails 4.2༻δϣϒΛ༻ҙ • ·ͣςετΛ௨͢ • @a_matsuda ͞Μ͕failΓ5ݸ·ͰݮΒͨ͠ͷΛҾ͖ܧ ͗ɺΓΛ௨͢ͷΛ୲ • ϦϦʔε͢Δ·Ͱmaster͔Βrebase͠ଓ͚Δrails42ϒϥϯ
ν͕ςετΛ௨Δঢ়ଶΛอͭͨΊɺCIʹδϣϒΛ༻ҙ͢Δ • CIαʔόʔͷϦιʔε͕ۭ͍͍ͯΔૣேʹ࣮ߦ͢Δ
cherry-pick • σϓϩΠޙͷͷΓ͚Λ༰қʹͨ͠ΓɺϨϏϡʔ ͷෛ୲ܰݮͷͨΊϓϧϦΛׂ͢Δ • 4.1, 4.2྆ํͰಈ͘मਖ਼ઌʹग़ͯ͠͠·͏ • ઌʹΞοϓάϨʔυͰ͖Δgemઌʹ͓ͬͯ͘
cherry-pick failΓ5ͷ࣌ 1308 additions 1087 deletions 650 additions 477 deletions
Ϛʔδͨ͠ϓϧϦ
ඇޓͷҰ࣌త੍ • Rails 4.2ͷAuthenticity TokenͷมߋϩʔϧόοΫͰ͖ ͳ͍ͷͰɺRails 4.1ͷڍಈʹϞϯΩʔύονͰݻఆ • Masked Authenticity
Token ͰຖճϥϯμϜͳtokenΛ ฦ͢Α͏ʹͳΔͷͰɺޙํޓੑ͕ͳ͍ • Rails 4.2σϓϩΠޙམ͍͔ͪͭͯΒ͜ͷύονΛ֎ͨ͠
ඇޓͷҰ࣌త੍ ActiveSupport.on_load(:action_controller) do module ActionController module RequestForgeryProtectionExtension def form_authenticity_token session[:_csrf_token]
||= SecureRandom.base64(32) end end Base.prepend RequestForgeryProtectionExtension end end • Masked Authenticity TokenͷมߋΛ੍͢Δύον
ಈ࡞֬ೝ • ن͕େ͖͘ɺશͯͷӨڹൣғͷѲ͕ࠔͳͷͰɺ • ؔ෦ॺ͕ಈ࡞֬ೝͰ͖ΔظؒΛ2िؒఔઃ͚Δ • ຊ൪ʹ͍ۙڥͰΤϥʔ͕ग़Δ͔֬ೝ͢Δ • ৄࡉޙͷεϥΠυͰ
cookpad.com ͷϦϦʔε • લ͔ΒίʔυϑϦʔζ • ӨڹΛখ͘͢͞ΔͨΊɺޕલ7࣌ग़ࣾɾ8࣌σϓϩΠ • ͳΔ͘τϥϑΟοΫ͕͍࣌ؒଳʹσϓϩΠ͍ͨ͠ ͕ɺؔऀશһʹਂͷग़ࣾΛཁٻ͢Δ΄ͲͰͳ͍
ෳϒϥϯνӡ༻ • ಉ͡ϦϙδτϦʹ cookpad.com ΛؚΉ8ͭͷΞϓϦ͕ಉډ ͍ͯ͠Δ͕ɺҰʹશ෦ϦϦʔε͠ͳ͍ • 8ͭͷΞϓϦ: ཧը໘, όον,
API, ϫʔΧʔ, ... • 1ि͔͚ؒͯஈ֊తʹσϓϩΠ͢Δ • શͯRails 4.2ʹҠߦ͢Δ·ͰRails 4.1༻ͷrails41ϒϥϯν Λ࡞ΓmasterͷมߋΛόοΫϙʔτ͠ଓ͚Δ
σϓϩΠޙͷࢹ • ҎԼͷ2ͭΛࢹ͢Δ • Sentry: Τϥʔ • ࣗࣾϞχλϦϯάπʔϧ: ϨεϙϯελΠϜ
σϓϩΠޙͷࢹ ϨεϙϯελΠϜ Τϥʔ
ΞοϓάϨʔυϑϩʔͷ·ͱΊ • ςετΛ௨͠CIʹδϣϒΛ༻ҙ͢Δ • ϓϧϦͷׂඇޓͷ੍ʹΑΓมߋͷཻΛখ͘͢͞Δ • 2िؒಈ࡞֬ೝ • ෳͷΞϓϦΛ1ि͔͚ؒͯஈ֊తʹϦϦʔε͢Δ •
σϓϩΠޙɺϨεϙϯελΠϜͱΤϥʔΛࢹ
ϦϦʔεલͷ4ஈ֊ͷಈ࡞֬ೝ
1. ։ൃ༻ͷݕূڥͰͷ֬ೝ • ։ൃ༻ͷDBΛࢀর͢ΔݕূڥʹRails 4.2ͷϒϥϯνΛ σϓϩΠ • ΞοϓάϨʔυؔͳ͘ͱͱҙͷϒϥϯνΛҙ ͷαϒυϝΠϯʹσϓϩΠͰ͖ΔΑ͏ʹͳ͍ͬͯΔ •
ྫ: https://rails42.staging.ʙ/ • ͜ͷڥͰ֤෦ॺʹಈ࡞֬ೝΛґཔ
2. ຊ൪ڥͰͷखಈ֬ೝ • Rails 4.2༻ͷϒϥϯνΛσϓϩΠͨ͠ຊ൪ڥΛ༻ҙ • Webͷ߹ • ಛผͳΫοΩʔΛ࣋ͭ߹ͷΈͦͷڥʹϓϩΩγ͞Ε ΔΑ͏ʹͯ͠खಈͰಈ࡞֬ೝ
• ϞόΠϧΞϓϦ༻APIͷ߹ • ಛผͳϦΫΤετϔομʔΛ࣋ͭ߹ͷΈϓϩΩγ
2. ຊ൪ڥͰͷखಈ֬ೝ *OUFSOFU "QBDIF SBJMT SBJMT ௨ৗͷΫοΩʔ foocookie=1 • Webͷ߹
consoleͰదʹ $.cookie('foocookie', 1) CSPXTFS
2. ຊ൪ڥͰͷखಈ֬ೝ • ϞόΠϧΞϓϦ༻APIͷ߹ *OUFSOFU "QBDIF SBJMT SBJMT .PCJMF "QQ
NJUNQSPYZ ϦΫΤετϔομʹ X-Foo=1 Λ͚ͭΔ X-Foo=1 ී௨ͷϦΫΤετ
3. Kage • https://github.com/cookpad/kage • ͋ΔαʔόʔʹདྷͨϦΫΤετΛRails 4.2ΛσϓϩΠͨ͠ͷʹྲྀ ͠ɺDBͳͲͷॻ͖ࠐΈࢭ͢Δ • MySQLͳΒBLACKHOLEɺmemcached
ͳͲִ͢Δ • Τϥʔͷ༗ແύϑΥʔϚϯεΛ֬ೝ͢Δ • tail -f production.log • nginxͷϨεϙϯελΠϜunicornͷϦιʔε༻ྔ
3. Kage *OUFSOFU "QBDIF SBJMT ,BHF SBJMT ಉ͡ϦΫΤετ ϨεϙϯεࣺͯΔ Ϣʔβʔʹฦ͢
4. Production Test • CIޭޙࣗಈతʹσϓϩΠ͞ΕΔɺ΄΅ຊ൪ͷڥ • ΞοϓάϨʔυؔͳ͍ͭ͘Ͱ͜͜Ͱಈ࡞֬ೝΛ͔ͯ͠ ΒσϓϩΠ͢Δ
Cookpad͕ૺ۰ͨ͠Rails 4.2ͷόά
Encoding::UndefinedConversionError • ϚϧνόΠτจࣈྻ͔ͭ֯ͷ"%"ΛؚΉϑΝΠϧ໊ͷϑ ΝΠϧΛΞοϓϩʔυͨ͠ࡍʹग़ΔϨΞͳΤϥʔ • Rails 4.1 → 4.2 ΞοϓάϨʔυ࣌ʹ།Ұग़ͨΤϥʔ
• ຊՈʹ @eagletmt ͕ϓϧϦΛ͛ɺ4.2.4ʹऔΓࠐ·Εͨ • https://github.com/rails/rails/pull/21131
Encoding::UndefinedConversionError
undefined method `unpack' for nil:NilClass • Rails 4.2.4ͱRuby 2.0.0ͷΈ߹ΘͤͰͷΈൃੜ͢ΔΤϥʔ •
Ruby 2.0.0ͩͱ ERB::Util.url_encode ͷgsubͷϒϩο ΫͰ $& Λࢀর͢Δ͕ɺAS::SafeBuffer ͩͱಈ͔ͳ͍ • ຊՈʹ @k0kubun ͕ϓϧϦΛ͛ɺ4.2.5ʹऔΓࠐ·Εͨ • https://github.com/rails/rails/pull/21402
undefined method `unpack' for nil:NilClass
·ͱΊ • ҰʹσϓϩΠ͞ΕΔมߋΛখ͘͢͞Δ • ͳΔ͘ଟ͘ͷखͰɺͳΔ͘ຊ൪ʹ͍ۙڥͰಈ࡞֬ೝ • ΫοΫύουͰૺ۰ͨ͠Rails 4.2ͷόάຊՈͰमਖ਼ࡁ