Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
How to safely upgrade Rails
Search
Takashi Kokubun
March 28, 2016
Programming
6
13k
How to safely upgrade Rails
Rails Upgrade Casual Talks at Crowd Works
https://cw-meetup.doorkeeper.jp/events/40728
Takashi Kokubun
March 28, 2016
Tweet
Share
More Decks by Takashi Kokubun
See All by Takashi Kokubun
Ruby JIT Hacking Guide / RubyKaigi 2023
k0kubun
1
8.9k
YJIT: Dive into Ruby's JIT compiler written in Rust / Rust.Tokyo 2022
k0kubun
1
1.8k
Towards Ruby 4 JIT / RubyKaigi 2022
k0kubun
3
10k
Optimizing Production Performance with MRI JIT / RubyConf 2021
k0kubun
1
340
Why Ruby's JIT was slow / RubyKaigi Takeout 2021
k0kubun
3
1.7k
数時間かかる週一リリースを毎日何度も爆速でできるようにするまで / CI/CD Conference 2021
k0kubun
21
14k
Ruby 3 JIT's roadmap / RubyConf China 2020
k0kubun
0
660
Ruby 3.0 JIT on Rails
k0kubun
9
8.8k
JIT ロードマップ / Ruby 3 さみっと
k0kubun
2
1.2k
Other Decks in Programming
See All in Programming
PHPの次期バージョンはこの時期どうなっているのか - Internalsの開発体制について - PHPカンファレンス小田原
youkidearitai
PRO
1
210
dbtのドメイン分割による データ基盤の改善とDigdagとの連携
sakama
0
430
Next.js App Router
quramy
11
1.5k
GitHub Actionsで泣かないためにやっておきたい設定 / Recommended GHA settings to avoid crying
pinkumohikan
3
560
AmperとFleetを使ったAndroidアプリ
yoppie
0
240
Sheets API使ってみた
toshi0383
2
150
Java 22 Overview
kishida
1
190
Hanami and htmx
bkuhlmann
0
220
Implementing Design Systems in Swift
seyfoyun
0
370
Elm 0.19.0 Changes
bkuhlmann
0
490
Site Reliability Engineering for GMO
pyama86
8
1.1k
はてなにおける CSS Modules、及び CSS Modules に足りないもの / CSS Modules in Hatena, and CSS Modules missing parts
mizdra
7
960
Featured
See All Featured
Agile that works and the tools we love
rasmusluckow
325
20k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
126
32k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
6
1.3k
The Invisible Side of Design
smashingmag
294
49k
Why You Should Never Use an ORM
jnunemaker
PRO
51
8.6k
Statistics for Hackers
jakevdp
790
220k
Building Better People: How to give real-time feedback that sticks.
wjessup
356
18k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
222
21k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
Raft: Consensus for Rubyists
vanstee
133
6.3k
YesSQL, Process and Tooling at Scale
rocio
165
13k
Transcript
How to safely upgrade Rails Rails Upgrade Casual Talks @k0kubun
ࣗݾհ • Takashi Kokubun (@k0kubun) • ΫοΫύου ٕज़෦ ։ൃج൫άϧʔϓ •
Rails 4.1 -> 4.2 ͷΞοϓάϨʔυΛ్த͔Β୲
ࠓ͢͜ͱ • CookpadͷRailsΞοϓάϨʔυͷྲྀΕ • ϦϦʔεલͷ4ஈ֊ͷಈ࡞֬ೝ • Cookpad͕ૺ۰ͨ͠Rails 4.2ͷόά
Cookpadͷ RailsΞοϓάϨʔυͷྲྀΕ Rails 4.1 → 4.2 ͷྫ
CIʹRails 4.2༻δϣϒΛ༻ҙ • ·ͣςετΛ௨͢ • @a_matsuda ͞Μ͕failΓ5ݸ·ͰݮΒͨ͠ͷΛҾ͖ܧ ͗ɺΓΛ௨͢ͷΛ୲ • ϦϦʔε͢Δ·Ͱmaster͔Βrebase͠ଓ͚Δrails42ϒϥϯ
ν͕ςετΛ௨Δঢ়ଶΛอͭͨΊɺCIʹδϣϒΛ༻ҙ͢Δ • CIαʔόʔͷϦιʔε͕ۭ͍͍ͯΔૣேʹ࣮ߦ͢Δ
cherry-pick • σϓϩΠޙͷͷΓ͚Λ༰қʹͨ͠ΓɺϨϏϡʔ ͷෛ୲ܰݮͷͨΊϓϧϦΛׂ͢Δ • 4.1, 4.2྆ํͰಈ͘मਖ਼ઌʹग़ͯ͠͠·͏ • ઌʹΞοϓάϨʔυͰ͖Δgemઌʹ͓ͬͯ͘
cherry-pick failΓ5ͷ࣌ 1308 additions 1087 deletions 650 additions 477 deletions
Ϛʔδͨ͠ϓϧϦ
ඇޓͷҰ࣌త੍ • Rails 4.2ͷAuthenticity TokenͷมߋϩʔϧόοΫͰ͖ ͳ͍ͷͰɺRails 4.1ͷڍಈʹϞϯΩʔύονͰݻఆ • Masked Authenticity
Token ͰຖճϥϯμϜͳtokenΛ ฦ͢Α͏ʹͳΔͷͰɺޙํޓੑ͕ͳ͍ • Rails 4.2σϓϩΠޙམ͍͔ͪͭͯΒ͜ͷύονΛ֎ͨ͠
ඇޓͷҰ࣌త੍ ActiveSupport.on_load(:action_controller) do module ActionController module RequestForgeryProtectionExtension def form_authenticity_token session[:_csrf_token]
||= SecureRandom.base64(32) end end Base.prepend RequestForgeryProtectionExtension end end • Masked Authenticity TokenͷมߋΛ੍͢Δύον
ಈ࡞֬ೝ • ن͕େ͖͘ɺશͯͷӨڹൣғͷѲ͕ࠔͳͷͰɺ • ؔ෦ॺ͕ಈ࡞֬ೝͰ͖ΔظؒΛ2िؒఔઃ͚Δ • ຊ൪ʹ͍ۙڥͰΤϥʔ͕ग़Δ͔֬ೝ͢Δ • ৄࡉޙͷεϥΠυͰ
cookpad.com ͷϦϦʔε • લ͔ΒίʔυϑϦʔζ • ӨڹΛখ͘͢͞ΔͨΊɺޕલ7࣌ग़ࣾɾ8࣌σϓϩΠ • ͳΔ͘τϥϑΟοΫ͕͍࣌ؒଳʹσϓϩΠ͍ͨ͠ ͕ɺؔऀશһʹਂͷग़ࣾΛཁٻ͢Δ΄ͲͰͳ͍
ෳϒϥϯνӡ༻ • ಉ͡ϦϙδτϦʹ cookpad.com ΛؚΉ8ͭͷΞϓϦ͕ಉډ ͍ͯ͠Δ͕ɺҰʹશ෦ϦϦʔε͠ͳ͍ • 8ͭͷΞϓϦ: ཧը໘, όον,
API, ϫʔΧʔ, ... • 1ि͔͚ؒͯஈ֊తʹσϓϩΠ͢Δ • શͯRails 4.2ʹҠߦ͢Δ·ͰRails 4.1༻ͷrails41ϒϥϯν Λ࡞ΓmasterͷมߋΛόοΫϙʔτ͠ଓ͚Δ
σϓϩΠޙͷࢹ • ҎԼͷ2ͭΛࢹ͢Δ • Sentry: Τϥʔ • ࣗࣾϞχλϦϯάπʔϧ: ϨεϙϯελΠϜ
σϓϩΠޙͷࢹ ϨεϙϯελΠϜ Τϥʔ
ΞοϓάϨʔυϑϩʔͷ·ͱΊ • ςετΛ௨͠CIʹδϣϒΛ༻ҙ͢Δ • ϓϧϦͷׂඇޓͷ੍ʹΑΓมߋͷཻΛখ͘͢͞Δ • 2िؒಈ࡞֬ೝ • ෳͷΞϓϦΛ1ि͔͚ؒͯஈ֊తʹϦϦʔε͢Δ •
σϓϩΠޙɺϨεϙϯελΠϜͱΤϥʔΛࢹ
ϦϦʔεલͷ4ஈ֊ͷಈ࡞֬ೝ
1. ։ൃ༻ͷݕূڥͰͷ֬ೝ • ։ൃ༻ͷDBΛࢀর͢ΔݕূڥʹRails 4.2ͷϒϥϯνΛ σϓϩΠ • ΞοϓάϨʔυؔͳ͘ͱͱҙͷϒϥϯνΛҙ ͷαϒυϝΠϯʹσϓϩΠͰ͖ΔΑ͏ʹͳ͍ͬͯΔ •
ྫ: https://rails42.staging.ʙ/ • ͜ͷڥͰ֤෦ॺʹಈ࡞֬ೝΛґཔ
2. ຊ൪ڥͰͷखಈ֬ೝ • Rails 4.2༻ͷϒϥϯνΛσϓϩΠͨ͠ຊ൪ڥΛ༻ҙ • Webͷ߹ • ಛผͳΫοΩʔΛ࣋ͭ߹ͷΈͦͷڥʹϓϩΩγ͞Ε ΔΑ͏ʹͯ͠खಈͰಈ࡞֬ೝ
• ϞόΠϧΞϓϦ༻APIͷ߹ • ಛผͳϦΫΤετϔομʔΛ࣋ͭ߹ͷΈϓϩΩγ
2. ຊ൪ڥͰͷखಈ֬ೝ *OUFSOFU "QBDIF SBJMT SBJMT ௨ৗͷΫοΩʔ foocookie=1 • Webͷ߹
consoleͰదʹ $.cookie('foocookie', 1) CSPXTFS
2. ຊ൪ڥͰͷखಈ֬ೝ • ϞόΠϧΞϓϦ༻APIͷ߹ *OUFSOFU "QBDIF SBJMT SBJMT .PCJMF "QQ
NJUNQSPYZ ϦΫΤετϔομʹ X-Foo=1 Λ͚ͭΔ X-Foo=1 ී௨ͷϦΫΤετ
3. Kage • https://github.com/cookpad/kage • ͋ΔαʔόʔʹདྷͨϦΫΤετΛRails 4.2ΛσϓϩΠͨ͠ͷʹྲྀ ͠ɺDBͳͲͷॻ͖ࠐΈࢭ͢Δ • MySQLͳΒBLACKHOLEɺmemcached
ͳͲִ͢Δ • Τϥʔͷ༗ແύϑΥʔϚϯεΛ֬ೝ͢Δ • tail -f production.log • nginxͷϨεϙϯελΠϜunicornͷϦιʔε༻ྔ
3. Kage *OUFSOFU "QBDIF SBJMT ,BHF SBJMT ಉ͡ϦΫΤετ ϨεϙϯεࣺͯΔ Ϣʔβʔʹฦ͢
4. Production Test • CIޭޙࣗಈతʹσϓϩΠ͞ΕΔɺ΄΅ຊ൪ͷڥ • ΞοϓάϨʔυؔͳ͍ͭ͘Ͱ͜͜Ͱಈ࡞֬ೝΛ͔ͯ͠ ΒσϓϩΠ͢Δ
Cookpad͕ૺ۰ͨ͠Rails 4.2ͷόά
Encoding::UndefinedConversionError • ϚϧνόΠτจࣈྻ͔ͭ֯ͷ"%"ΛؚΉϑΝΠϧ໊ͷϑ ΝΠϧΛΞοϓϩʔυͨ͠ࡍʹग़ΔϨΞͳΤϥʔ • Rails 4.1 → 4.2 ΞοϓάϨʔυ࣌ʹ།Ұग़ͨΤϥʔ
• ຊՈʹ @eagletmt ͕ϓϧϦΛ͛ɺ4.2.4ʹऔΓࠐ·Εͨ • https://github.com/rails/rails/pull/21131
Encoding::UndefinedConversionError
undefined method `unpack' for nil:NilClass • Rails 4.2.4ͱRuby 2.0.0ͷΈ߹ΘͤͰͷΈൃੜ͢ΔΤϥʔ •
Ruby 2.0.0ͩͱ ERB::Util.url_encode ͷgsubͷϒϩο ΫͰ $& Λࢀর͢Δ͕ɺAS::SafeBuffer ͩͱಈ͔ͳ͍ • ຊՈʹ @k0kubun ͕ϓϧϦΛ͛ɺ4.2.5ʹऔΓࠐ·Εͨ • https://github.com/rails/rails/pull/21402
undefined method `unpack' for nil:NilClass
·ͱΊ • ҰʹσϓϩΠ͞ΕΔมߋΛখ͘͢͞Δ • ͳΔ͘ଟ͘ͷखͰɺͳΔ͘ຊ൪ʹ͍ۙڥͰಈ࡞֬ೝ • ΫοΫύουͰૺ۰ͨ͠Rails 4.2ͷόάຊՈͰमਖ਼ࡁ