Upgrade to Rails 7.2 (#465)

* Update to Rails 7.2

* run app:update

* restore

* update defaults

* beta

* beta

* app:update

* app:update

* enable defaults

* reconcile

* reconcile

* update puma

Dockerfile

@@ -1,39 +1,34 @@
-# syntax=docker/dockerfile:1
+# syntax = docker/dockerfile:1
+
+# This Dockerfile is designed for production, not development. Use with Kamal or build'n'run by hand:
+# docker build -t my-app .
+# docker run -d -p 80:80 -p 443:443 --name my-app -e RAILS_MASTER_KEY=<value from config/master.key> my-app
 
 # Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
 ARG RUBY_VERSION=3.3.1
-FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim as base
+FROM docker.io/library/ruby:$RUBY_VERSION-slim as base
 
+# Rails app lives here
 WORKDIR /rails
 
+# Install base packages
+RUN apt-get update -qq && \
+    apt-get install --no-install-recommends -y curl libjemalloc2 libvips postgresql-client && \
+    rm -rf /var/lib/apt/lists /var/cache/apt/archives
+
 # Set production environment
 ENV RAILS_ENV="production" \
     BUNDLE_DEPLOYMENT="1" \
-    BUNDLE_JOBS="4" \
+    BUNDLE_PATH="/usr/local/bundle" \
-    BUNDLE_WITHOUT="development:test" \
+    BUNDLE_WITHOUT="development"
-    BUNDLE_PATH="/usr/local/bundle"
-
 
 # Throw-away build stage to reduce size of final image
 FROM base as build
 
 # Install packages needed to build gems
-# NOTE: This example project intentionally does not require or install node.js
+RUN apt-get update -qq && \
-
+    apt-get install --no-install-recommends -y build-essential git libpq-dev pkg-config && \
-RUN --mount=type=cache,target=/var/cache/apt \
+    rm -rf /var/lib/apt/lists /var/cache/apt/archives
-  --mount=type=cache,target=/var/lib/apt,sharing=locked \
-  --mount=type=tmpfs,target=/var/log \
-  rm -f /etc/apt/apt.conf.d/docker-clean; \
-  echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \
-  apt-get update -qq \
-  && apt-get install -yq --no-install-recommends \
-    build-essential \
-    gnupg2 \
-    less \
-    git \
-    libpq-dev \
-    libvips \
-    pkg-config
 
 # Install application gems
 COPY Gemfile Gemfile.lock ./
@@ -51,36 +46,26 @@ RUN bundle exec bootsnap precompile app/ lib/
 RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
 
 
+
+
 # Final stage for app image
 FROM base
 
-# Install packages needed for deployment
-RUN --mount=type=cache,target=/var/cache/apt \
-  --mount=type=cache,target=/var/lib/apt,sharing=locked \
-  --mount=type=tmpfs,target=/var/log \
-  rm -f /etc/apt/apt.conf.d/docker-clean; \
-  echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \
-  apt-get update -qq \
-  && apt-get install -yq --no-install-recommends \
-  curl \
-  postgresql-client \
-  libvips
-
 # Copy built artifacts: gems, application
-COPY --from=build /usr/local/bundle /usr/local/bundle
+COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
 COPY --from=build /rails /rails
 
 # Run and own only the runtime files as a non-root user for security
-RUN useradd rails --create-home --shell /bin/bash && \
+RUN groupadd --system --gid 1000 rails && \
+    useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
     chown -R rails:rails db log storage tmp
-USER rails:rails
+USER 1000:1000
 
 # Entrypoint prepares the database.
 ENTRYPOINT ["/rails/bin/docker-entrypoint"]
 
 HEALTHCHECK --interval=15s --timeout=3s --start-period=0s --start-interval=5s --retries=3 \
   CMD curl -f http://localhost:3000/up || exit 1
-
 # Start the server by default, this can be overwritten at runtime
 EXPOSE 3000
-CMD ["bundle", "exec", "puma", "-C", "config/puma.rb"]
+CMD ["./bin/rails", "server"]

Gemfile

@@ -6,8 +6,8 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 ruby "3.3.1"
 
 # Bundle edge Rails instead:
-# gem "rails", github: "rails/rails", branch: "main"
+# gem "rails", github: "rails/rails", branch: "7-2-stable"
-gem "rails", "7.1.3.3"
+gem "rails", "~> 7.2.0.beta1"
 
 # The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
 gem "sprockets-rails"
@@ -49,13 +49,18 @@ gem "bootsnap", require: false
 gem "image_processing", "~> 1.2"
 
 group :development, :test do
-  gem "brakeman"
-  gem "bundler-audit"
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
-  gem "debug", platforms: %i[ mri windows ]
+  gem "debug", platforms: %i[ mri windows ], require: "debug/prelude"
+
+  # Static analysis for security vulnerabilities [https://brakemanscanner.org/]
+  gem "brakeman", require: false
+
+  # Omakase Ruby styling [https://github.com/rails/rubocop-rails-omakase/]
+  gem "rubocop-rails-omakase", require: false
+
+  gem "bundler-audit"
   gem "rspec-rails"
   gem "rubocop-rails"
-  gem "rubocop-rails-omakase", require: false
   gem "rubocop-rspec"
 end
 
@@ -65,9 +70,6 @@ group :development do
 
   # Add speed badges [https://github.com/MiniProfiler/rack-mini-profiler]
   gem "rack-mini-profiler"
-
-  # Speed up commands on slow machines / big apps [https://github.com/rails/spring]
-  # gem "spring"
 end
 
 group :test do

Gemfile.lock

@@ -1,35 +1,29 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.1.3.3)
+    actioncable (7.2.0.beta1)
-      actionpack (= 7.1.3.3)
+      actionpack (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
       zeitwerk (~> 2.6)
-    actionmailbox (7.1.3.3)
+    actionmailbox (7.2.0.beta1)
-      actionpack (= 7.1.3.3)
+      actionpack (= 7.2.0.beta1)
-      activejob (= 7.1.3.3)
+      activejob (= 7.2.0.beta1)
-      activerecord (= 7.1.3.3)
+      activerecord (= 7.2.0.beta1)
-      activestorage (= 7.1.3.3)
+      activestorage (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
-      mail (>= 2.7.1)
+      mail (>= 2.8.0)
-      net-imap
+    actionmailer (7.2.0.beta1)
-      net-pop
+      actionpack (= 7.2.0.beta1)
-      net-smtp
+      actionview (= 7.2.0.beta1)
-    actionmailer (7.1.3.3)
+      activejob (= 7.2.0.beta1)
-      actionpack (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
-      actionview (= 7.1.3.3)
+      mail (>= 2.8.0)
-      activejob (= 7.1.3.3)
-      activesupport (= 7.1.3.3)
-      mail (~> 2.5, >= 2.5.4)
-      net-imap
-      net-pop
-      net-smtp
       rails-dom-testing (~> 2.2)
-    actionpack (7.1.3.3)
+    actionpack (7.2.0.beta1)
-      actionview (= 7.1.3.3)
+      actionview (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       nokogiri (>= 1.8.5)
       racc
       rack (>= 2.2.4)
@@ -37,44 +31,44 @@ GEM
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    actiontext (7.1.3.3)
+      useragent (~> 0.16)
-      actionpack (= 7.1.3.3)
+    actiontext (7.2.0.beta1)
-      activerecord (= 7.1.3.3)
+      actionpack (= 7.2.0.beta1)
-      activestorage (= 7.1.3.3)
+      activerecord (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activestorage (= 7.2.0.beta1)
+      activesupport (= 7.2.0.beta1)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.1.3.3)
+    actionview (7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    activejob (7.1.3.3)
+    activejob (7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       globalid (>= 0.3.6)
-    activemodel (7.1.3.3)
+    activemodel (7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
-    activerecord (7.1.3.3)
+    activerecord (7.2.0.beta1)
-      activemodel (= 7.1.3.3)
+      activemodel (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       timeout (>= 0.4.0)
-    activestorage (7.1.3.3)
+    activestorage (7.2.0.beta1)
-      actionpack (= 7.1.3.3)
+      actionpack (= 7.2.0.beta1)
-      activejob (= 7.1.3.3)
+      activejob (= 7.2.0.beta1)
-      activerecord (= 7.1.3.3)
+      activerecord (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       marcel (~> 1.0)
-    activesupport (7.1.3.3)
+    activesupport (7.2.0.beta1)
       base64
       bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
-      mutex_m
+      tzinfo (~> 2.0, >= 2.0.5)
-      tzinfo (~> 2.0)
     addressable (2.8.6)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
@@ -98,7 +92,7 @@ GEM
       rack-test (>= 0.6.3)
       regexp_parser (>= 1.5, < 3.0)
       xpath (~> 3.2)
-    concurrent-ruby (1.2.3)
+    concurrent-ruby (1.3.1)
     connection_pool (2.4.1)
     crass (1.0.6)
     date (3.3.4)
@@ -143,7 +137,6 @@ GEM
     mini_mime (1.1.5)
     minitest (5.23.1)
     msgpack (1.7.2)
-    mutex_m (0.2.0)
     net-imap (0.4.11)
       date
       net-protocol
@@ -161,7 +154,7 @@ GEM
     nokogiri (1.16.5-x86_64-linux)
       racc (~> 1.4)
     parallel (1.24.0)
-    parser (3.3.1.0)
+    parser (3.3.2.0)
       ast (~> 2.4.1)
       racc
     pg (1.5.6)
@@ -181,20 +174,20 @@ GEM
     rackup (2.1.0)
       rack (>= 3)
       webrick (~> 1.8)
-    rails (7.1.3.3)
+    rails (7.2.0.beta1)
-      actioncable (= 7.1.3.3)
+      actioncable (= 7.2.0.beta1)
-      actionmailbox (= 7.1.3.3)
+      actionmailbox (= 7.2.0.beta1)
-      actionmailer (= 7.1.3.3)
+      actionmailer (= 7.2.0.beta1)
-      actionpack (= 7.1.3.3)
+      actionpack (= 7.2.0.beta1)
-      actiontext (= 7.1.3.3)
+      actiontext (= 7.2.0.beta1)
-      actionview (= 7.1.3.3)
+      actionview (= 7.2.0.beta1)
-      activejob (= 7.1.3.3)
+      activejob (= 7.2.0.beta1)
-      activemodel (= 7.1.3.3)
+      activemodel (= 7.2.0.beta1)
-      activerecord (= 7.1.3.3)
+      activerecord (= 7.2.0.beta1)
-      activestorage (= 7.1.3.3)
+      activestorage (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
       bundler (>= 1.15.0)
-      railties (= 7.1.3.3)
+      railties (= 7.2.0.beta1)
     rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
@@ -202,10 +195,10 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    railties (7.1.3.3)
+    railties (7.2.0.beta1)
-      actionpack (= 7.1.3.3)
+      actionpack (= 7.2.0.beta1)
-      activesupport (= 7.1.3.3)
+      activesupport (= 7.2.0.beta1)
-      irb
+      irb (~> 1.13)
       rackup (>= 1.0.0)
       rake (>= 12.2)
       thor (~> 1.0, >= 1.2.2)
@@ -219,7 +212,7 @@ GEM
     redis-client (0.22.2)
       connection_pool
     regexp_parser (2.9.2)
-    reline (0.5.7)
+    reline (0.5.8)
       io-console (~> 0.5)
     rexml (3.2.8)
       strscan (>= 3.0.9)
@@ -309,6 +302,7 @@ GEM
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
+    useragent (0.16.10)
     web-console (4.2.1)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
@@ -321,7 +315,7 @@ GEM
     websocket-extensions (0.1.5)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.6.14)
+    zeitwerk (2.6.15)
 
 PLATFORMS
   aarch64-linux
@@ -341,7 +335,7 @@ DEPENDENCIES
   pg (~> 1.5)
   puma (~> 6.4)
   rack-mini-profiler
-  rails (= 7.1.3.3)
+  rails (~> 7.2.0.beta1)
   redis (~> 5.2)
   rspec-rails
   rubocop-rails

README.md

@@ -85,7 +85,7 @@ docker run --rm --env SECRET_KEY_BASE=dummy rails-on-docker
 
 ### With legacy builder (no BuildKit)
 ```
-docker build --tag rails-on-docker --file production.Dockerfile .
+docker build --tag rails-on-docker .
 ```
 
 Test the image can be used and Rails starts up, use a fake key for testing purposes only:

bin/brakeman

@@ -1,27 +1,7 @@
 #!/usr/bin/env ruby
-# frozen_string_literal: true
-
-#
-# This file was generated by Bundler.
-#
-# The application 'brakeman' is installed as part of a gem, and
-# this file is here to facilitate running it.
-#
-
-ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
-
-bundle_binstub = File.expand_path("bundle", __dir__)
-
-if File.file?(bundle_binstub)
-  if File.read(bundle_binstub, 300).include?("This file was generated by Bundler")
-    load(bundle_binstub)
-  else
-    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
-Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
-  end
-end
-
 require "rubygems"
 require "bundler/setup"
 
+ARGV.unshift("--ensure-latest")
+
 load Gem.bin_path("brakeman", "brakeman")

bin/rubocop

@@ -1,27 +1,8 @@
 #!/usr/bin/env ruby
-# frozen_string_literal: true
-
-#
-# This file was generated by Bundler.
-#
-# The application 'rubocop' is installed as part of a gem, and
-# this file is here to facilitate running it.
-#
-
-ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
-
-bundle_binstub = File.expand_path("bundle", __dir__)
-
-if File.file?(bundle_binstub)
-  if File.read(bundle_binstub, 300).include?("This file was generated by Bundler")
-    load(bundle_binstub)
-  else
-    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
-Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
-  end
-end
-
 require "rubygems"
 require "bundler/setup"
 
+# explicit rubocop config increases performance slightly while avoiding config confusion.
+ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__))
+
 load Gem.bin_path("rubocop", "rubocop")

bin/setup

@@ -1,8 +1,8 @@
 #!/usr/bin/env ruby
 require "fileutils"
 
-# path to your application root.
 APP_ROOT = File.expand_path("..", __dir__)
+APP_NAME = "railsondocker"
 
 def system!(*args)
   system(*args, exception: true)
@@ -30,4 +30,8 @@ FileUtils.chdir APP_ROOT do
 
   puts "\n== Restarting application server =="
   system! "bin/rails restart"
+
+  # puts "\n== Configuring puma-dev =="
+  # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}"
+  # system "curl -Is https://#{APP_NAME}.test/up | head -n 1"
 end

config/application.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 require_relative "boot"
 
 require "rails"

config/boot.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
 
 require "bundler/setup" # Set up gems listed in the Gemfile.

config/database.yml

@@ -19,17 +19,18 @@ default: &default
   # https://guides.rubyonrails.org/configuring.html#database-pooling
   pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
 
+
 development:
   <<: *default
   database: railsondocker_development
 
-  # The specified database role being used to connect to postgres.
+  # The specified database role being used to connect to PostgreSQL.
-  # To create additional roles in postgres see `$ createuser --help`.
+  # To create additional roles in PostgreSQL see `$ createuser --help`.
-  # When left blank, postgres will use the default role. This is
+  # When left blank, PostgreSQL will use the default role. This is
   # the same name as the operating system user running Rails.
-  #username: railsondocker
+  #username: railsondocker72pg
 
-  # The password associated with the postgres role (username).
+  # The password associated with the PostgreSQL role (username).
   #password:
 
   # Connect on a TCP socket. Omitted by default since the client uses a

config/environment.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 # Load the Rails application.
 require_relative "application"
 

config/environments/development.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 require "active_support/core_ext/integer/time"
 
 Rails.application.configure do
@@ -19,7 +17,7 @@ Rails.application.configure do
   # Allow access when running in docker
   config.web_console.allowed_ips = [ "172.16.0.0/12", "192.168.0.0/16" ]
 
-  # Enable server timing
+  # Enable server timing.
   config.server_timing = true
 
   # Enable/disable caching. By default caching is disabled.
@@ -29,9 +27,7 @@ Rails.application.configure do
     config.action_controller.enable_fragment_cache_logging = true
 
     config.cache_store = :memory_store
-    config.public_file_server.headers = {
+    config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{2.days.to_i}" }
-      "Cache-Control" => "public, max-age=#{2.days.to_i}"
-    }
   else
     config.action_controller.perform_caching = false
 
@@ -46,6 +42,8 @@ Rails.application.configure do
 
   config.action_mailer.perform_caching = false
 
+  config.action_mailer.default_url_options = { host: "localhost", port: 3000 }
+
   # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 
@@ -71,11 +69,14 @@ Rails.application.configure do
   # config.i18n.raise_on_missing_translations = true
 
   # Annotate rendered view with file names.
-  # config.action_view.annotate_rendered_view_with_filenames = true
+  config.action_view.annotate_rendered_view_with_filenames = true
 
   # Uncomment if you wish to allow Action Cable access from any origin.
   # config.action_cable.disable_request_forgery_protection = true
 
-  # Raise error when a before_action's only/except options reference missing actions
+  # Raise error when a before_action's only/except options reference missing actions.
   config.action_controller.raise_on_missing_callback_actions = true
+
+  # Apply autocorrection by RuboCop to files generated by `bin/rails generate`.
+  # config.generators.apply_rubocop_autocorrect_after_generate!
 end

config/environments/production.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 require "active_support/core_ext/integer/time"
 
 Rails.application.configure do
@@ -15,20 +13,20 @@ Rails.application.configure do
   config.eager_load = true
 
   # Full error reports are disabled and caching is turned on.
-  config.consider_all_requests_local       = false
+  config.consider_all_requests_local = false
   config.action_controller.perform_caching = true
 
   # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment
   # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files).
   # config.require_master_key = true
 
-  # Enable static file serving from the `/public` folder (turn off if using NGINX/Apache for it).
+  # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead.
-  config.public_file_server.enabled = true
+  # config.public_file_server.enabled = false
 
   # Compress CSS using a preprocessor.
   # config.assets.css_compressor = :sass
 
-  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  # Do not fall back to assets pipeline if a precompiled asset is missed.
   config.assets.compile = false
 
   # Enable serving of images, stylesheets, and JavaScripts from an asset server.
@@ -51,7 +49,9 @@ Rails.application.configure do
   # config.assume_ssl = true
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  config.force_ssl = false
+  config.force_ssl = true
+  # Skip http-to-https redirect for the default health check endpoint.
+  # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
 
   # Log to STDOUT by default
   config.logger = ActiveSupport::Logger.new(STDOUT)
@@ -61,7 +61,7 @@ Rails.application.configure do
   # Prepend all log lines with the following tags.
   config.log_tags = [ :request_id ]
 
-  # Info include generic and useful information about system operation, but avoids logging too much
+  # "info" includes generic and useful information about system operation, but avoids logging too much
   # information to avoid inadvertent exposure of personally identifiable information (PII). If you
   # want to log everything, set the level to "debug".
   config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info")
@@ -70,7 +70,7 @@ Rails.application.configure do
   # config.cache_store = :mem_cache_store
 
   # Use a real queuing backend for Active Job (and separate queues per environment).
-  # config.active_job.queue_adapter     = :resque
+  # config.active_job.queue_adapter = :resque
   # config.active_job.queue_name_prefix = "railsondocker_production"
 
   config.action_mailer.perform_caching = false

config/environments/test.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 require "active_support/core_ext/integer/time"
 
 # The test environment is used exclusively to run your application's
@@ -20,17 +18,14 @@ Rails.application.configure do
   config.eager_load = ENV["CI"].present?
 
   # Configure public file server for tests with Cache-Control for performance.
-  config.public_file_server.enabled = true
+  config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" }
-  config.public_file_server.headers = {
-    "Cache-Control" => "public, max-age=#{1.hour.to_i}"
-  }
 
   # Show full error reports and disable caching.
-  config.consider_all_requests_local       = true
+  config.consider_all_requests_local = true
   config.action_controller.perform_caching = false
   config.cache_store = :null_store
 
-  # Raise exceptions instead of rendering exception templates.
+  # Render exception templates for rescuable exceptions and raise for other exceptions.
   config.action_dispatch.show_exceptions = :rescuable
 
   # Disable request forgery protection in test environment.
@@ -46,6 +41,10 @@ Rails.application.configure do
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
+  # Unlike controllers, the mailer instance doesn't have any context about the
+  # incoming request so you'll need to provide the :host parameter yourself.
+  config.action_mailer.default_url_options = { host: "www.example.com" }
+
   # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
 
@@ -61,6 +60,6 @@ Rails.application.configure do
   # Annotate rendered view with file names.
   # config.action_view.annotate_rendered_view_with_filenames = true
 
-  # Raise error when a before_action's only/except options reference missing actions
+  # Raise error when a before_action's only/except options reference missing actions.
   config.action_controller.raise_on_missing_callback_actions = true
 end

config/initializers/assets.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 # Be sure to restart your server when you modify this file.
 
 # Version of your assets, change this if you want to expire all your assets.

config/initializers/content_security_policy.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 # Be sure to restart your server when you modify this file.
 
 # Define an application-wide content security policy.

config/initializers/filter_parameter_logging.rb

@@ -1,10 +1,8 @@
-# frozen_string_literal: true
-
 # Be sure to restart your server when you modify this file.
 
 # Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file.
 # Use this to limit dissemination of sensitive information.
 # See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors.
 Rails.application.config.filter_parameters += [
-  :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+  :passw, :email, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
 ]

config/initializers/inflections.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 # Be sure to restart your server when you modify this file.
 
 # Add new inflection rules using the following format. Inflections

config/initializers/new_framework_defaults_7_2.rb

@@ -0,0 +1,70 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file eases your Rails 7.2 framework defaults upgrade.
+#
+# Uncomment each configuration one by one to switch to the new default.
+# Once your application is ready to run with all new defaults, you can remove
+# this file and set the `config.load_defaults` to `7.2`.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
+
+###
+# Controls whether Active Job's `#perform_later` and similar methods automatically defer
+# the job queuing to after the current Active Record transaction is committed.
+#
+# Example:
+#   Topic.transaction do
+#     topic = Topic.create(...)
+#     NewTopicNotificationJob.perform_later(topic)
+#   end
+#
+# In this example, if the configuration is set to `:never`, the job will
+# be enqueued immediately, even though the `Topic` hasn't been committed yet.
+# Because of this, if the job is picked up almost immediately, or if the
+# transaction doesn't succeed for some reason, the job will fail to find this
+# topic in the database.
+#
+# If `enqueue_after_transaction_commit` is set to `:default`, the queue adapter
+# will define the behaviour.
+#
+# Note: Active Job backends can disable this feature. This is generally done by
+# backends that use the same database as Active Record as a queue, hence they
+# don't need this feature.
+#++
+Rails.application.config.active_job.enqueue_after_transaction_commit = :default
+
+###
+# Adds image/webp to the list of content types Active Storage considers as an image
+# Prevents automatic conversion to a fallback PNG, and assumes clients support WebP, as they support gif, jpeg, and png.
+# This is possible due to broad browser support for WebP, but older browsers and email clients may still not support
+# WebP. Requires imagemagick/libvips built with WebP support.
+#++
+Rails.application.config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif image/webp]
+
+###
+# Enable validation of migration timestamps. When set, an ActiveRecord::InvalidMigrationTimestampError
+# will be raised if the timestamp prefix for a migration is more than a day ahead of the timestamp
+# associated with the current time. This is done to prevent forward-dating of migration files, which can
+# impact migration generation and other migration commands.
+#
+# Applications with existing timestamped migrations that do not adhere to the
+# expected format can disable validation by setting this config to `false`.
+#++
+Rails.application.config.active_record.validate_migration_timestamps = true
+
+###
+# Controls whether the PostgresqlAdapter should decode dates automatically with manual queries.
+#
+# Example:
+#   ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.select_value("select '2024-01-01'::date") #=> Date
+#
+# This query used to return a `String`.
+#++
+Rails.application.config.active_record.postgresql_adapter_decode_dates = true
+
+###
+# Enables YJIT as of Ruby 3.3, to bring sizeable performance improvements. If you are
+# deploying to a memory constrained environment you may want to set this to `false`.
+#++
+Rails.application.config.yjit = true

config/initializers/permissions_policy.rb

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 # Be sure to restart your server when you modify this file.
 
 # Define an application-wide HTTP permissions policy. For further

config/puma.rb

@@ -1,37 +1,54 @@
-# frozen_string_literal: true
-
 # This configuration file will be evaluated by Puma. The top-level methods that
 # are invoked here are part of Puma's configuration DSL. For more information
 # about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html.
 
-# Puma can serve each request in a thread from an internal thread pool.
+# Puma starts a configurable number of processes (workers) and each process
-# The `threads` method setting takes two numbers: a minimum and maximum.
+# serves each request in a thread from an internal thread pool.
-# Any libraries that use thread pools should be configured to match
+#
-# the maximum value specified for Puma. Default is set to 5 threads for minimum
+# The ideal number of threads per worker depends both on how much time the
-# and maximum; this matches the default thread size of Active Record.
+# application spends waiting for IO operations and on how much you wish to
-max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+# to prioritize throughput over latency.
-min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+#
-threads min_threads_count, max_threads_count
+# As a rule of thumb, increasing the number of threads will increase how much
-
+# traffic a given process can handle (throughput), but due to CRuby's
-# Specifies that the worker count should equal the number of processors in production.
+# Global VM Lock (GVL) it has diminishing returns and will degrade the
-if ENV["RAILS_ENV"] == "production"
+# response time (latency) of the application.
-  require "concurrent-ruby"
+#
-  worker_count = Integer(ENV.fetch("WEB_CONCURRENCY") { Concurrent.physical_processor_count })
+# The default is set to 3 threads as it's deemed a decent compromise between
-  workers worker_count if worker_count > 1
+# throughput and latency for the average Rails application.
-end
+#
-
+# Any libraries that use a connection pool or another resource pool should
-# Specifies the `worker_timeout` threshold that Puma will use to wait before
+# be configured to provide at least as many connections as the number of
-# terminating a worker in development environments.
+# threads. This includes Active Record's `pool` parameter in `database.yml`.
-worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
+threads_count = ENV.fetch("RAILS_MAX_THREADS", 3)
-
+threads threads_count, threads_count
-# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
-port ENV.fetch("PORT") { 3000 }
 
 # Specifies the `environment` that Puma will run in.
-environment ENV.fetch("RAILS_ENV") { "development" }
+rails_env = ENV.fetch("RAILS_ENV", "development")
+environment rails_env
 
-# Specifies the `pidfile` that Puma will use.
+case rails_env
-pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+when "production"
+  # If you are running more than 1 thread per process, the workers count
+  # should be equal to the number of processors (CPU cores) in production.
+  #
+  # Automatically detect the number of available processors in production.
+  require "concurrent-ruby"
+  workers_count = Integer(ENV.fetch("WEB_CONCURRENCY") { Concurrent.available_processor_count })
+  workers workers_count if workers_count > 1
+
+  preload_app!
+when "development"
+  # Specifies a very generous `worker_timeout` so that the worker
+  # isn't killed by Puma when suspended by a debugger.
+  worker_timeout 3600
+end
+
+# Specifies the `port` that Puma will listen on to receive requests; default is 3000.
+port ENV.fetch("PORT", 3000)
 
 # Allow puma to be restarted by `bin/rails restart` command.
 plugin :tmp_restart
+
+# Only use a pidfile when requested
+pidfile ENV["PIDFILE"] if ENV["PIDFILE"]

development.Dockerfile

@@ -1,8 +1,8 @@
-# syntax=docker/dockerfile:1
+# syntax = docker/dockerfile:1
 
 # Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile
 ARG RUBY_VERSION=3.3.1
-FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim as base
+FROM docker.io/library/ruby:$RUBY_VERSION-slim as base
 
 # OS Level Dependencies
 RUN --mount=type=cache,target=/var/cache/apt \
@@ -19,7 +19,9 @@ RUN --mount=type=cache,target=/var/cache/apt \
     libpq-dev \
     postgresql-client \
     libvips \
-    curl
+    curl \
+    libjemalloc2 \
+    pkg-config
 
 ENV LANG=C.UTF-8 \
   BUNDLE_JOBS=4 \
@@ -33,4 +35,4 @@ ENTRYPOINT ["./bin/docker-entrypoint-development"]
 
 EXPOSE 3000
 
-CMD ["bundle", "exec", "rails", "s", "-b", "0.0.0.0"]
+CMD ["./bin/rails", "server"]