VOD Security Tracking is an internal Rails application used to track systems and resources involving sensitive data, document exceptions/incidents, and generate reporting for operational and security review.
- Ruby
3.4.9 - Rails
7.2.3.1 - MySQL (
mysql2) - RSpec for test coverage
- Hotwire + Stimulus
- ActiveAdmin for administrative interfaces
- esbuild + Tailwind for frontend assets
- DSA exceptions
- IT security incidents
- Legacy OS records
- Sensitive data systems
- Reporting and CSV exports
- Auditing/version history via
audited
- Ruby
3.4.9(asdf recommended) - Bundler
- MySQL (local instance)
- Node.js + Yarn
git clone git@github.com:lsa-mis/VOD_Security_Tracking.git
cd VOD_Security_Tracking
bundle install
yarn installconfig/database.yml expects:
- MySQL user:
root - password from env var:
LOCAL_MYSQL_DATABASE_PASSWORD
Example:
export LOCAL_MYSQL_DATABASE_PASSWORD='your-local-password'bin/rails db:prepareyarn build
yarn build:cssbin/rails serverOpen http://localhost:3000.
If you want Rails + JS + CSS watchers in one session:
bin/devProcfile.dev starts:
- Rails server
yarn build --watchyarn build:css --watch
Run the full suite:
bundle exec rspecRun a single file:
bundle exec rspec spec/requests/reports_spec.rbDeployment is configured with Capistrano (config/deploy.rb).
- Production stage:
config/deploy/production.rb - Uses asdf shims for Ruby/Bundler on deploy hosts
- Runs asset build/precompile during deploy
- Restarts Puma after deploy
Coordinate with the maintainers before changing deploy settings, linked files, or credentials handling.
- Production credentials are stored via Rails encrypted credentials.
- Never commit secrets, keys, or credential files.
- LDAP/Duo/SendGrid/Google Cloud integration settings are environment or credential driven.
- Create a feature branch from
master - Make focused changes
- Run tests (
bundle exec rspec) - Open a pull request with:
- summary
- risk/impact notes
- test plan
Project group: security-track-devs@umich.edu