Automatic Security Updates (even with patches)

Jun 15, 2019

Albert Albala

Applying security updates, indeed any update, is cringe-inducing. We apply security updates manually, check if some previous developer hacked whatever module we're updating (or core), we have to remember to look inside a /patches directory; then, when we're done update, we somehow have to confirm that nothing is broken, without any guidance of what we need to check -- so we click around our site aimlessly before determining that an update works.

In this talk we will look at a Docker-based approach to managing site assets for local development which guarantees your site is always up-to-date, and fails in case a new version of a module (or core) has an unmet dependency or a patch which no longer applies.

We will look at the idea of build step which generates code for remote hosting only when needed; we will look at how to write end-to-end tests which guarantee that your critical site functionality never breaks, and how to keep everything under continuous integration.

Finally we will look at how Drupalgeddon-type events can be managed in such a workflow.

To get the most out of this talk, you are encouraged to fork the Dcycle Drupal 8 Starterkit, and open a free Circle CI account.

Albert Albala
Developer, Montreal, @@alberto56
Albert Albala specializes in quality control automation for web projects using open source code. Hi is a board member of Terre des jeunes and Bioénergie Haïti, two non-profits whose goal is local empowerment through sustainable development, large-scale access to environmetal technologies, and reduction of greenhouse gases through methane gas management. He is an active member of the open-source Drupal community since 2006. He writes about web best practices and Drupal on his blog, Dcycle.…

Hi! I'm Karim Boudjema, the developer and site-builder of this site. I'm currently working as a freelance Drupal developer.

I was wondering how could I giving back to the Drupal community all what it gave to me during the last 10 years, that's how the idea of this site came to me ... (read more)

Hi! I’m Santiago Rico, the web designer and themer of this site.

When Karim proposed me to design and theme this site for the Drupal community, I accepted immediately because the community is the main reason why I love Drupal so much.