backend.md

Back-end

1. Technologies
   • Development OS
   • IDE
   • HTTP Server
   • Database Server
   • Cloud Hosting Platform
2. Preferred Gems
   • Authentication
   • Authorization
   • Active Record
   • Abstraction
   • Pagination
   • API
   • Email
   • Decorators
   • File Uploading
   • HTTP Clients
   • Searching
   • Scheduled/Recurrence Jobs
   • Environment Variables
   • Admin Panel
   • Logging
   • Debug
   • Data Visualization
   • Database Tools
   • Code Analysis and Metrics
   • Testing
   • Security
   • Production
   • Error Handling
   • Mobile Development
   • Other
3. Coding Conventions
4. .gitignore
5. Best Practices
   • Databases
   • Security
   • Code Analysis And Metrics
6. Load Balancing
7. Load Testing
8. Useful Links
9. Recommended Books

Technologies

• Ruby 2.7.x (latest stable)
• Ruby on Rails 5.x (latest stable)
• Ruby environment management: rvm

Development OS

We don’t use Windows as OS for development machines. We use latest macOS or Ubuntu/Debian (long-term support releases are preferred).

IDE

• RubyMine (not required)

HTTP Server

• Use latest stable nginx

Database Server

• Prefer latest stable PostgreSQL

Cloud Hosting Platform

• Prefer Amazon Web Services

Preferred Gems

Authentication

• api_authentication
• api_session_recovering

Authorization

• pundit - Minimal authorization through OO design and pure Ruby classes.
• rolify - Role management library with resource scoping.

Active Record

• AASM - State machines for Ruby classes.
• active_record_union - UNIONs in ActiveRecord! Adds proper union and union_all methods to ActiveRecord::Relation.
• PaperTrail - PaperTrail lets you track changes to your models' data. It's good for auditing or versioning.
• globalize - Rails I18n de-facto standard library for ActiveRecord model/data translation.

Abstraction

• interactor - Interactor provides a common interface for performing complex user interactions.
• wisper - A micro library providing objects with Publish-Subscribe capabilities.

Pagination

• Pagy - Pagy is the ultimate pagination gem that outperforms the others in each and every benchmark and comparison.
• Kaminari - A Scope & Engine based, clean, powerful, customizable and sophisticated paginator for modern web app frameworks and ORMs.

API

• rspec-rails-swagger - This gem helps you generate Swagger docs by using RSpec to document the paths.
• swagger-blocks - For generating API documentation in Swagger format.

Email

• letter_opener - Preview mail in the browser instead of sending.
• email_address - Provides a ruby language library for working with email addresses.

Caching

• Dalli - A high performance pure Ruby client for accessing memcached servers.

Decorators

• Draper - Draper adds an object-oriented layer of presentation logic to your Rails application.

File Uploading

• shrine - File Attachment toolkit for Ruby applications.
  • image_processing - High-level image processing helper methods with libvips and ImageMagick/GraphicsMagick.
  • shrine-url - Custom URL storage for Shrine.

HTTP Clients

• Faraday - HTTP client lib that provides a common interface over many adapters (such as Net::HTTP) and embraces the concept of Rack middleware when processing the request/response cycle.

Searching

• elasticsearch-rails
• searchkick - Intelligent search made easy with Rails and Elasticsearch.
• pg_search - pg_search builds ActiveRecord named scopes that take advantage of PostgreSQL's full text search.

Scheduled/Recurrence Jobs

• Whenever - whenever is a Ruby gem that provides a clear syntax for writing and deploying cron jobs.
• Sidekiq - Simple, efficient background processing for Ruby.
  • sidekiq-scheduler - Lightweight job scheduler extension for Sidekiq.
  • sidekiq-unique-jobs - Ensure uniqueness of your Sidekiq jobs.
  • sidekiq-batch - Simple Sidekiq Batch Job implementation.

Environment Variables

• dotenv - For setting shell environment variables.

Admin Panel

• ActiveAdmin - ActiveAdmin is a administration framework for Ruby on Rails applications.
  • active_skin - Flat skin for active admin.
  • activeadmin_addons - Extends ActiveAdmin to enable a set of great optional UX improving add-ons.

Logging

• Ahoy - Ahoy provides a solid foundation to track visits and events in Ruby, JavaScript, and native apps.
• Lograge - An attempt to tame Rails' default policy to log everything.

Debug

• pry-rails - Avoid repeating yourself, use pry-rails instead of copying the initializer to every rails project. This is a small gem which causes rails console to open pry. It therefore depends on pry.
• awesome_print - Awesome Print is a Ruby library that pretty prints Ruby objects in full color exposing their internal structure with proper indentation.

Data Visualization

• RailsRoady - UML diagram generation on models and controllers.

Database Tools

• lol_dba - Small package of rake tasks that scan your application models and displays a list of columns that probably should be indexed.

Code Analysis and Metrics

• RuboCop - Rubocop is a Ruby static code analyzer.
  • rubocop-performance - An extension of RuboCop focused on code performance checks.
• Reek - Code smell detector for Ruby.
• rails_best_practices - Code metric tool for Rails projects.
• Fasterer - Make your Rubies go faster with this command line tool highly inspired by fast-ruby and Sferik's talk at Baruco Conf.
• Rubycritic - A Ruby code quality reporter.

Testing

• rspec - Use latest versions.
• rspec_rails
• shoulda-matchers
• shoulda-callback-matchers
• rspec-its
• rspec-activemodel-mocks
• simplecov
• database_cleaner
• database_rewinder
• factory_bot_rails
• ffaker
• VCR - Record your test suite's HTTP interactions and replay them during future test runs for fast, deterministic, accurate tests.
• shrine-memory - Provides in-memory storage for Shrine.

Security

• brakeman - Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.
• bundler-audit - bundler-audit is a patch-level verification tool for Bundler which checks for vulnerable versions of gems and insecure gem sources.

Production

• Puma as a Ruby web server
• Capistrano - Remote multi-server automation tool.
• rack-timeout - Add timeouts to rack applications.
• Rack Attack - Rack middleware to blocking & throttling.
• newrelic_rpm - New Relic RPM Ruby Agent.

Error Handling

• exception_notification - For error/exception notifications from server.
• Raven Ruby - Raven is a Ruby client for Sentry.

Mobile Development

• rpush
• venice - Venice is a simple gem for verifying Apple In-App Purchase receipts, and retrieving the information associated with receipt data.

Other

• money-rails - Integration of RubyMoney - Money with Rails.
• eu_central_bank - This gem downloads the exchange rates from the European Central Bank. You can calculate exchange rates with it. It is compatible with the money gem.
• rails-settings-cached - Manage settings with Ruby on Rails.
• squasher
• health_check

Coding Conventions

• Ruby Style Guide
• Rails Style Guide

Best Practices

• RSpec Best Practices
• The Ultimate Guide to Ruby Timeouts
• Best practices for running Rails in production

.gitignore

Add the following lines to default Rails-generated .gitignore file:

.DS_Store
database.yml
secrets.yml
.idea
coverage/
.env.development.local
.env.test.local
.env.production.local

Best practices

Databases

• Use ActiveRecord ORM (scopes, enums, where with conditions, order etc) instead of raw SQL queries
• You may want to keep your schema up-to-date with Rails ERD

Security

• Avoid common security problems following Ruby on Rails Security Guide
• Never store production data (logins, passwords etc) in source code repository
• Keep config/database.yml and config/secrets.yml outside of the source code repository. Use shell environment variables instead. More info here

Load Testing

• We use Apache JMeter in strong collaboration with our QA Department.

Load Balancing

• Use AWS Elastic Load Balancing

Useful Links

• Ruby Weekly - subscribe to it!
• Green Ruby News
• This week in Rails
• Awesome Rails
• Awesome Ruby
• Ruby Toolbox
• The 12-factor app - a methodology for building SaaS apps

Recommended Books

• Practical Object-Oriented Design in Ruby (by Sandi Metz)
• Eloquent Ruby (by Russ Olsen)
• Ruby Under a Microscope (by Pat Shaughnessy)
• Metaprogramming Ruby (by Paolo Perrotta)