projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch '16265-security-updates' into dependabot/bundler/apps/workbench/loofah...
[arvados.git] / services / api / config / application.rb
diff --git a/services/api/config/application.rb b/services/api/config/application.rb
index 24fd61871d26e4c16416d254b3d7e7441e17bb68..b6174a0d8989f36e2e851431b18fe1627a33dbb8 100644 (file)
--- a/services/api/config/application.rb
+++ b/services/api/config/application.rb
@@ -4,7 +4,19 @@
 
 require File.expand_path('../boot', __FILE__)
 
-require 'rails/all'
+require "rails"
+# Pick only the frameworks we need:
+require "active_model/railtie"
+require "active_job/railtie"
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "action_view/railtie"
+# Skip ActionCable (new in Rails 5.0) as it adds '/cable' routes that we're not using
+# require "action_cable/engine"
+require "sprockets/railtie"
+require "rails/test_unit/railtie"
+
 require 'digest'
 
 module Kernel
@@ -28,11 +40,17 @@ if defined?(Bundler)
   end
 end
 
+if ENV["ARVADOS_RAILS_LOG_TO_STDOUT"]
+  Rails.logger = ActiveSupport::TaggedLogging.new(Logger.new(STDOUT))
+end
+
 module Server
   class Application < Rails::Application
     # The following is to avoid SafeYAML's warning message
     SafeYAML::OPTIONS[:default_mode] = :safe
 
+    require_relative "arvados_config.rb"
+
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
@@ -58,12 +76,15 @@ module Server
     # Load entire application at startup.
     config.eager_load = true
 
-    config.active_record.raise_in_transactional_callbacks = true
-
     config.active_support.test_order = :sorted
 
     config.action_dispatch.perform_deep_munge = false
 
+    # force_ssl's redirect-to-https feature doesn't work when the
+    # client supplies a port number, and prevents arvados-controller
+    # from connecting to Rails internally via plain http.
+    config.ssl_options = {redirect: false}
+
     I18n.enforce_available_locales = false
 
     # Before using the filesystem backend for Rails.cache, check