Automation + Ruby on Rails + gems == a better application
We love continuous integration builds here at Culture Foundry (we even use it for projects that don’t have tests). It works well with rails applications, because rails encourages a testing mentality and is well suited for automated deployments. Here are three commands you should run on every CI build for a rails projects.
bundle exec standardrb app config test
This will run the standardrb gem (which I love) on the code portion of your application. While standardrb is customizable, I think that it provides a sane set of standards. Using this removes any nitpicking over formatting (which is not useful for code reviews) and also makes diffs cleaner. The above command will stop the build if any formatting issues are found, but you can use a git hook to run a fix command which has, in my experience, resolved 99% of the formatting issues. More here.
bundle exec rake test:system
You should run all your tests in CI, but I wanted to highlight running system tests. These are harder to set up and more tedious to write, but can test the behavior of your system end to end. For crucial functionality (logging in, adding something to a cart, etc) having a system test in place will make sure you won’t release with a severe bug. Because it is so difficult to set up and can take time to run, CI is the perfect place to run this. Set it up once and then you can write the tests and have them run in CI. (Yes, it’s better to be able to run them locally as well, but you may not do that very often because of setup and speed.) More here.
bundle audit check --update
You are concerned about security, are you not? This command will check the ruby advisory database, an open source repository of rails and ruby gem security vulnerabilities. This database isn’t perfect (and there are competitors), but it’s far more consistent than subscribing your developers to email lists. If this command sees any gems with a security advisory in use in your application, the build fails. (If you are building a javascript front end to your rails framework, you want to run npm audit as well as well.) This is one command that would benefit from being run nightly. More here.
The rich ecosystem of gems to handle common situations is one of the strengths of the ruby on rails community. Take advantage of this and and the automation of continuous integration and use the commands to make your apps better.