Brakeman VS Capistrano

Brakeman - “Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis”

My team and I released Bearer a couple of weeks ago, a newer open and free alternative to Brakeman to check your code for security and privacy risks. In addition to Ruby/Rails, we also cover your JS/TS code, which allows you to use a single solution for your whole Rails application.

Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications. It finds potential security issues in Rails applications by examining the Ruby code. Brakeman helps find and fix security holes before deploying your Rails app.

brakeman is another useful Ruby gem that is a static analysis security vulnerability scanner for Ruby on Rails applications.

You might find brakeman interesting: https://brakemanscanner.org

It’s assumed that you already have a Rails app and use Brakeman to keep your app secure and Rspec to run your test cases.

Another great lib for this is Brakeman, which can be installed in a very similar process and gives you even more detailed reports:

This is pretty easy to handle. In the case where a splatted array is the only argument to a method, we'll simply use the elements of the array as the argument list. (Check out the pull request here)

If you don't want to go down the NFS share route then Capistrano is a useful tool if you're willing to write a little bit of ruby. It comes with some built in goodies like rollbacks. It's an oldie (pre-dockerize everything), but still useful.

https://github.com/capistrano/capistrano

You can start by deploying from your machine to simultaneously get it deploying across all your servers, then I'd consider having a CI/CD pipeline take over and run Capistrano for you.

- Integrate automation deployment: [capistrano](https://github.com/capistrano/capistrano)

Integrate automation deployment: capistrano

The deployment process generally includes making the new version available, directing traffic from the old to the new version, and stopping the old versions. Capistrano has been doing this since 2006. However, what makes Kubernetes deployments better is the minimum number of pods required, and its rollout strategy minimizes or eliminates downtime. For example, a rolling update strategy can ensure new pods gradually replace old pods with configs like maxSurge and maxUnavailable. Because this is done in a declarative way, as a user or operator, you only need to ask Kubernetes to apply a given deployment and Kubernetes does the rest. Next up is the Kubernetes config map.

[1] https://github.com/capistrano/capistrano

Capistrano

What I had considered was writing a deployment script where upon successful build in a separate folder, it'd swap out the deployed folder, similar to how Capistrano works. It has a "current" folder and it'll build in a temporary folder and then replace the symlink to a newer build.

capistrano with plugins for deployment

deployer is a deployment tool written in PHP. It comes with "Zero Downtime Deployments" out of the box and can be extended by writing simple PHP code. (capistrano would be the equivalent in the Ruby world).

Capistrano, if you like Ruby.