Ruby on Rails training for your team

Do you want to sharpen your fundamental understanding of the Rails web stack or review your codebase together? We are happy to provide tips on the basics:

• Achieving good software design through proven principles such as DRY (Don't Repeat Yourself) and the Law of Demeter
• Identifying and isolating components in Ruby, JavaScript, and CSS
• Writing comprehensible user stories
• Applying agile methods in daily practice
• Creating effective and reliable estimates
• Collaborating in larger teams
• Recognizing the pros and cons of monoliths versus microservices

Reproducing regressions and bug reports locally is often challenging. We are here to help you avoid being in the dark in such cases.

• Logging in Rails applications: Mastering the search for the needle in the haystack (production.log)
• Logging with Popular SaaS services: NewRelic, AppSignal, Skylight, Sentry & others
• Exception notification: Proactively receive notifications about errors
• Learning to assess reproducible errors: Using browser dev tools, useful IDE functions, and tricks like Ruby#method

We take the topic of automated tests for our applications very seriously. You can learn how to achieve pragmatic, good test coverage or improve an existing suite here.

• What is the best way to test a particular function? System/integration and model tests, or view and request specs?
• Which frameworks are suitable? What are the differences between Minitest and RSpec?
• Reproducible testing of API/web requests with Webmock and VCR
• Test-focused further development with our “test-led development” approach
• Coverage measurement with tools such as SimpleCov and Cobertura
• Stabilize “Flaky” tests to 100%. What is Capybara Lockstep and how to use it?
• Accelerate test runtimes with parallel execution locally and in CI
• Automatic cross-browser tests for selected versions of Chrome, Firefox, Safari etc.

The best tests only help if they are run regularly. We are happy to show you how to concretely implement an automated workflow with the steps "build, test & deploy."

Build pipeline

• Understanding basic concepts like bundling, fingerprinting, pre- and post-processing
• Configuring JavaScript transpilation with Babel and esbuild or webpack
• Correctly referencing assets like fonts, icons, and images in views, styles, and JS

Continuous integration (CI)

• Utilizing GitHub
• Utilizing GitLab
• Parallelizing jobs to keep test run times low
• Creating dependency graphs
• Keeping libraries up-to-date by integrating with Dependabot or Renovate Bot

Continuous deployment (CD)

• Classic SSH deployment with Capistrano
• Automated deployment with GitHub Actions or GitLab CD
• Exploring important deployment concepts: database backup & migration, installing new dependencies, rollback strategies

• The most important Git commands on the command line to master daily tasks:
  git fetch, pull, push, switch/checkout, add, diff, status, show, commit, merge
• Merge Konflikte visuell auflösen mit 3-way merges
• Efficiently solving advanced use cases:
  git reset, rebase, cherry-pick, reflog, remote, stash, apply, add -p, bisect
• Repetition mit bash aliasen und Funktionen vermeiden

When developing a Rails application, we face the dilemma of where to store all the data.

• PostgreSQL, Redis, Memcache: Pros and cons
• Securing assets in file systems and object storage: Such as S3, MinIO, and others
• Handling multiple parallel databases in Rails
• How to: Write good database migrations

To protect an application, its users, and data from attacks, a lot of know-how and regular software maintenance is required. Possible topics in this module include:

• Recognizing common attack vectors: SQL Injection, XSS, ReDOS, timing attacks
• OWASP & Rails: What scenarios does the framework protect us from and what should we pay attention to during development?
• Securely implementing authentication (SAML, Devise, Homebrew) and authorization (Consul, Cancancan)
• Understanding vulnerabilities and protection mechanisms of browser mechanisms: Same-site cookies, CORS, CSRF, session replay
• Dealing with CVEs in used gems and JS libraries: How to identify and patch vulnerabilities promptly
• Handling CVEs in system libraries: (Excursion to DevOps training) through CVE mailing lists and readiness

Elaborate designs often lead to headaches during implementation. However, there are strategies to make the implementation efficient and maintainable.

• Modern CSS Basics: Implementing corporate designs (CD) with global CSS variables, understanding grid in detail
• Defining clear module boundaries: Cutting components using the BEM methodology
• Effectively collaborating with UI/UX teams
• Implementing responsive design
• Integration with popular technologies: htmx, Hotwire, and Unpoly
• Implementing dynamic components with or without SPAs: How to use "React on Rails" or "Angular on Rails"?

Amazon.com discovered in a well-known A/B study back in 2006 that even a 100-millisecond slower load time significantly reduced their profits. Not every Rails application is a webshop, but good performance is always desirable for similar reasons.

• The Basics: How is the load time for visitors actually composed? When is performance optimization worthwhile?
• Which pages should be optimized? Valuable tools like query_diet, bullet, and will_paginate help ensure optimizations have the greatest impact.
• How to fix slow SQL queries and inefficient n+1 constructs?
• How and for what purpose should I use SaaS services like AppSignal, NewRelic, Skylight, etc.?
• Understanding the interplay of HTTP headers: Cache-Control, Expires, ETag, and Last-Modified
• How does caching work: At the load balancer, CDN, or as fragment cache? Which mechanism is suitable for my infrastructure architecture? How do I apply them? How to avoid cache-busting – and what exactly is it?
• How to scale a Ruby on Rails application: Handling load peaks with over a hundred requests per second

Even with a good understanding of Rails fundamentals, implementing complex requirements often remains challenging. In our 15 years of RoR development, we have gained experience with topics that are not encountered daily. In training, we can specifically discuss such topics relevant to your applications. Examples include:

• Handling time zones on the client and server
• Managing multilingualism: Various levels of I18n integration
• Making Rails applications multi-tenant capable
• Authentication with SAML: Registering the application as an Identity Provider (IDP) or Service Provider (SP)
• Dealing with legacy systems: Pros and cons of code rewrites, catching up with tests & security, migrating large data sets
• Sending emails reliably: Spam detection, bounces, SMTP relays, delivery rates, and transactional email providers

Does your team face specific, urgent challenges? We have specialized in Ruby on Rails since 2009 and also offer short-term and shorter consultations for Ruby on Rails.