Hi,
we are currently getting things ready for RC2 and there has been a proposal to move to Rails 5.1.5.
Current plan is to prebuild 5.1.5 into staging in Copr, run some tests and see how it goes. Then we decide whether to update or not.
Relevant PRs:
https://github.com/theforeman/foreman/pull/5254
https://github.com/theforeman/foreman/pull/5256
OT here, but didn’t want to create a dedicated thread (perhaps we should have an active thread per release?) – I’d like to have a few smart-proxy bugfixes get into 1.17RC2. Please let me know when you want to do the tagging, I can cherry-pick the fixes myself or point to the commits.
I think that’s what this thread is about. I’m preparing the installer. Various PRs are open to do new releases and I’ll do the Puppetfile changes when they’re out.
I think we should not rebase on newer SCL given where we are already. Maybe I’m missing some obvious benefit, but I have these concerns
update_attribute will now trigger callbacks, we use this on several places in Foreman (and I guess also plugins) - https://github.com/rails/rails/blob/v5.1.5/activerecord/CHANGELOG.md
We should build the new SCL and start using it in nightly though. If we all also start using Rails 5.1.5 in our dev setups, we will start testing the change as part of our day to day work.
I hope I represent @tbrisker’s opinion correctly if I say he agrees with me (he’s on PTO), here’s the original IRC discussion https://botbot.me/freenode/theforeman-dev/2018-02-26/?msg=97238450&page=2
My biggest worry is that if there is a security issue and we need to update to 5.1.6, then we might hit a lot more issues after the release.
Given rails included it in a patch release I’d expect it to be safe, but I’ll also admit I’m not that experienced with rails and their update record.
I am also against changing anything in RC other than our software or security updates.
Rails 5.1.5 is not a security update at all, there are couple of rather irrelevant changes in our context as far as I can tell. http://weblog.rubyonrails.org/2018/2/14/Rails-5-1-5-has-been-released/
I don’t know what is our update strategy for our Rails SCL, but this is not worth updating if we are not hitting any of these issues.
Given that we should have RC every 2 weeks and has it has been 14 days already since RC1 was officially announced, I would like to have repos tagged on Tuesday and start the builds.
Meanwhile we’ll test 5.1.5 in develop branch and fix potential problems related to the update. I don’t think all rails z-streams are always safe in terms of backwards compatibility. Also security fixes are not that frequent to assume the next release will contain it.
It appears the consensus is to stay with 5.1.4 for 1.17. We’ll need to modify some repositories.
Thanks for understanding, if there is a Rails update without actually any security bug fix and we don’t need any of fixes published, I vote for staying on the old version as long as we can to save some work and avoid possible regressions.
Hello all,
While testing Katello 3.6.0 RC2 I hit:
[E] ActiveRecord::RecordNotFound: Couldn't find Domain with 'id'=1 [WHERE (1=0)]
This seems to be an error solved by [0]. Is this an issue that could possibly moved to 1.17?
Thanks!
The other big question, probably for @Ondrej_Prazak can this fix get into Foreman RC2? I know this is a big ask but this breaks client registration which is core functionality for Katello.
I merged it into 1.17-stable branch, thanks!