Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade application to Rails 6.0 #919

Merged
merged 23 commits into from
Jul 23, 2020
Merged

Upgrade application to Rails 6.0 #919

merged 23 commits into from
Jul 23, 2020

Conversation

pixeltrix
Copy link
Contributor

No description provided.

@pixeltrix pixeltrix force-pushed the upgrade-to-rails-6 branch from baea7f2 to fa5339f Compare July 13, 2020 19:33
@pixeltrix pixeltrix marked this pull request as ready for review July 13, 2020 19:34
@pixeltrix pixeltrix force-pushed the upgrade-to-rails-6 branch from 57806ef to 77afe53 Compare July 16, 2020 07:12
pixeltrix added 23 commits July 23, 2020 11:13
@pixeltrix
Upgrade mongo gem to fix edition_edit_spec.rb
e2ef916 
Three specs were failing with the following error:

Mongo::Error::OperationFailure:
  uuid must be a 16-byte binary field with UUID (4) subtype (207)
@pixeltrix
Remove constraints from dependencies
a66b6b5 
Use the Gemfile.lock to manage the versions instead which should make
it easier to upgrade as it allows bundler a wider set of versions to
resolve the dependencies.

Keep the rails constraint so that the current version can be identified.
@pixeltrix
Switch to using Chrome headless for jasmine specs
9b7e54c 
PhantomJS doesn't work with /etc/ssl/openssl.cnf on Debian Buster.
@pixeltrix
Remove rack-cache config
13b4916 
Rails 4.0 and later disable rack-cache by default.
@pixeltrix
Move constants into an initializer
0e77797 
This helps when upgrading the standard Rails config files.
@pixeltrix
Remove form_with config option
d9c38aa 
The application doesn't use form_with so there's no need to change it.
@pixeltrix
Remove unused railtie require statements
c59db4c
@pixeltrix
Tidy up after earlier updates
6e568ec 
Run the rake app:update command to update all the config files.
@pixeltrix
Ensure that config.eager_load is set
edd7d8b 
Rails detects when config.eager_load is nil and displays a warning and
when Sidekiq.server? isn't true it returns nil which is a valid falsey
value in Ruby but unfortunately not what we need.
@pixeltrix
Fix rack status predicate warnings
ec32e85 
The response methods `success?` and `missing?` are deprecated.
@pixeltrix
Move lib files to app/lib
2b59f51 
In Rails 4.0 the lib directory was remove from the auto/eager load paths
because it resulted in a lot of junk being eager loaded in production
without the developer often being aware of this. The recommend pattern
now is to add an app/lib directory for non-specific application code.
@pixeltrix
Update bundle to Rails 6.0.3.2
f5252a2
@pixeltrix
Fix asset pipeline with libsass
32231b7 
Using a sass css compressor causes a scss file to be processed twice
(once to build, once to compress) which breaks the usage of "unquote"
to use CSS that has same function names as SCSS such as max.
@pixeltrix
Update configuration for Rails 6.0
545c31c
@pixeltrix
Add default GOV.UK Content Security Policy header
91889bb
@pixeltrix
Add development hosts to config.hosts
2689aa4 
Rails 6.0 adds a host authentication middleware that limits access by
default to 0.0.0.0/0, ::/0 and localhost. This commit adds the dev.gov.uk
hosts for the application to that list. There's no need to add the hosts
in production since the middleware is primarily to prevent DNS rebinding
attacks against a Rails application running locally.
@pixeltrix
Remove new framework defaults initializer
8b0745e 
Once the app is configured to load the latest defaults there is no
need for the new defaults initializer as it only serves as a guide
whilst upgrading the application.
@pixeltrix
Fix unsafe content warning
c706d1e 
Use a block to render content in the govspeak publishing component
that isn't marked as HTML safe.
@pixeltrix
Upgrade selenium-webdriver to fix Ruby 2.7 warnings
90661c1
@pixeltrix
Allow webdrivers gem to download new chromedriver version
bd74aa5
@pixeltrix
Pin rails to specific version and make it stand out
1da2ccc 
See alphagov/service-manual-frontend@27390cd for reasoning.
@pixeltrix
Remove the use of secrets.yml
2b61fd2 
The Rails secrets feature has been deprecated and will be removed in
an upcoming release. Rails 6.0 will generate a secret_key_base file
in the tmp directory in development and test environments and use the
SECRET_KEY_BASE environment variable in production.
@pixeltrix
Update remaining minor dependencies
2bd66cf 
Inline with the suggestion in alphagov/govuk-rfcs#126 update the
remaining minor dependencies when doing a framework upgrade.
@pixeltrix pixeltrix force-pushed the upgrade-to-rails-6 branch from b8e4de3 to 2bd66cf Compare July 23, 2020 10:20
@pixeltrix pixeltrix merged commit 0d77291 into master Jul 23, 2020
@pixeltrix pixeltrix deleted the upgrade-to-rails-6 branch July 23, 2020 10:42
kevindew added a commit that referenced this pull request Jan 24, 2023
@kevindew
Comment out GovukContentSecurityPolicy
fb617aa 
GOV.UK hadn't intended for this app to have the GOV.UK Content Security
Policy yet, with us first planning to roll out this to frontend app. It
looks like this was added as part of an outsourced Rails update [1],
where the dev couldn't have known about our nuanced context.

As this is an app that doesn't receive a lot of developer attention I'm
disabling this as I don't want breaking changes to the CSP [2] to end up
in this app.

[1]: #919
[2]: alphagov/govuk_app_config#279
kevindew added a commit that referenced this pull request Jan 24, 2023
@kevindew
Comment out GovukContentSecurityPolicy
44732ab 
GOV.UK hadn't intended for this app to have the GOV.UK Content Security
Policy yet, with us first planning to roll out this to frontend app. It
looks like this was added as part of an outsourced Rails update [1],
where the dev couldn't have known about our nuanced context.

As this is an app that doesn't receive a lot of developer attention I'm
disabling this as I don't want breaking changes to the CSP [2] to end up
in this app.

[1]: #919
[2]: alphagov/govuk_app_config#279
kevindew added a commit that referenced this pull request Jan 25, 2023
@kevindew
Comment out GovukContentSecurityPolicy
ea5dc73 
GOV.UK hadn't intended for this app to have the GOV.UK Content Security
Policy yet, with us first planning to roll out this to frontend app. It
looks like this was added as part of an outsourced Rails update [1],
where the dev couldn't have known about our nuanced context.

As this is an app that doesn't receive a lot of developer attention I'm
disabling this as I don't want breaking changes to the CSP [2] to end up
in this app.

[1]: #919
[2]: alphagov/govuk_app_config#279
@kevindew kevindew mentioned this pull request Jan 25, 2023
Merged
kevindew added a commit that referenced this pull request Jan 25, 2023
@kevindew
Comment out GovukContentSecurityPolicy
d2042bd 
GOV.UK hadn't intended for this app to have the GOV.UK Content Security
Policy yet, with us first planning to roll out this to frontend app. It
looks like this was added as part of an outsourced Rails update [1],
where the dev couldn't have known about our nuanced context.

As this is an app that doesn't receive a lot of developer attention I'm
disabling this as I don't want breaking changes to the CSP [2] to end up
in this app.

[1]: #919
[2]: alphagov/govuk_app_config#279
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thomasleese thomasleese thomasleese approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pixeltrix @thomasleese