Continuous Deployment is Secure: How to Patch 3rd Party Apps Uber-Fast

Posted by Michael Chletsos on January 2, 2013 20:42:00 PM

Today, a high risk Security Bulletin was posted for Ruby on Rails.  Assembla was able to process this request and patch within 3 hours from the posted bulletin.  We did this working solely within our normal, everyday process.  This is the power that a good Continuous Deployment process brings to the table. 

ruby rails patchBeing able to patch 3rd party applications is rather important these days.  As we rely more on them, we become more vulnerable.  High profile security bulletins are common, we love Hacker News, but its not a secret, and the number one posting today is about the Ruby on Rails vulnerability.  This means that everyone else knows about it as well - so the clock starts ticking.  How important is your data?  Ignoring a problem like this can be the end of your business, whereas getting a fix out quickly will make your customers feel better and safer knowing that you have them covered and possibly give you a competive edge as everyone else is running around patching and fixing issues.

In walks Continuous Deployment (for more information, see definitions) to help you streamline your process.  At Assembla, we were able to patch our codebase, test it via our CI server, do quick QA analysis and then push right out to production with no bottlenecks.  It took longer to get notified than to start the process, the conversation went like this:

[12:59:49 PM] Lead Dev:!topic/rubyonrails-security/DCNTNp_qjFM
Did we patch?
this is on top of HN
[1:00:27 PM] Me: no
I will create a ticket and get it looked at
[1:00:39 PM] Lead Dev: lets patch now
[1:00:44 PM] Me: OK

Time went on as he pushed the patch to our Origin and our CI process kicked off, we had some failed specs, that was dealt with, then we got ready for deploy:

[2:05:18 PM] Me: and we are going to deploy

So approximately 1 hour after the bulletin was realized, we had deployed the patch out to production.  That is nice work, we even had spec failures that alerted us of potential issues, but did not stop the process.  Deploy takes about 10 minutes and is completely automated, after you press the button.  That's it, no big deal to update a major component quickly.

Check out how we accomplish this with:

A Better Git Workflow

A Better Integration Strategy

A Good CI strategy

And lots of Automation.

Learn how you can Achieve Continuous Delivery

Does your deploy process compare with this speed? If not, maybe you want to check out how Assembla can help with your Continuous Delivery process

Get started today with a 14–day FREE trial.

No obligations, no credit card required.

Get Started Now

About the author

Michael Chletsos

Get updates about development, productivity, and teamwork