Practical Lessons from RubyNation 2013

Tirdad Chaharlengi, Senior Developer
#Devops | Posted

RubyNation 2013RubyNation

2013 was held this past weekend in Silver Spring, MD, and while it's a smaller and shorter conference than this year's RailsConf, there still was plenty of valuable information being presented throughout its two days. I'd like to share some of the more practical sessions here while they're still relatively fresh.

Magic Tricks of Testing (Sandi Metz)

View the Magic Tricks of Testing presentation of Speaker Deck

While unit tests stem from a good principle, poorly implementing them can gradually lead to slow, fragile and expensive tests that become more of a burden than anything else. Sandi's session presented a simple yet consistent methodology on what and how to test efficiently so as to maximize coverage ("test everything once") while avoiding redundancies that will just turn into overhead down the line.

Rails Application Security in Practice (Bryan Helmkamp)

View the Rails Application Security presentation on YouTube

Bryan's rapid-fire presentation covered a lot of typical web security vulnerabilities and ways to mitigate them within your Rails application. Some of the more Rails specific techniques were also discussed, namely the mass assignment vulnerability that was used to hack GitHub a while back, (using strong parameters to force white-listing on parameters solves this issue). For an efficient way to audit the overall security of your Rails app, you can't go wrong with an impressive gem mentioned in this session called Brakeman, which is also available as a Jenkins plugin.

You Might "Are Gonna Need It" - Avoiding the MonoRail (David Copeland)

And

Scaling Large Rails apps with Gems and Engines (Andy Pliszka)

View the "Avoiding the MonoRail" presentation

"Scaling" is one of those buzzwords that will always draw a good crowd, but what sets apart these two sessions from the countless sessions that push some caching strategy, is that the emphasis was put on making your code base scale gracefully. With the ease of building functionality on top of existing code in Rails, it's healthy to evaluate when it can be broken down into smaller reusable pieces packaged as gems, or by adopting a divide and conquer strategy towards various facets of your site and using engines. David's real life usage of this approach makes a compelling case for maintainable code that can be worked on by different teams.

If you are interested in learning more about Ruby, be sure to attend the next Ruby event, "LoneStarRuby" in Austin, Texas this July, 18th-20th.  Get the scoop on this year's RailsConf in RJ Pittman's blog post here.

 

 

Tirdad Chaharlengi

Senior Developer