Upgrade Ruby to 2.4.5

[jholton]

Description of change

See issue for description of changes.

Testing done

Specs

Testing planned

Manual testing, monitoring logs and Sentry in other environments

Acceptance Criteria (Definition of Done)

Unique to this PR

• Ruby version set to 2.4.6
• All specs pass
• All deprecations resolved
• update webmock gem
• update json-schema gem
• update sidekiq-scheduler gem, which updates the rufus-scheduler gem

Applies to all PRs

• Appropriate logging
• Swagger docs have been updated, if applicable
• Provide link to originating GitHub issue, or connected to it via ZenHub
• Does not contain any sensitive information (i.e. PII/credentials/internal URLs/etc., in logging, hardcoded, or in specs)
• Provide which alerts would indicate a problem with this functionality (if applicable)

[jholton]

In Ruby 2.3, OpenSSL would just truncate this key to 32 bytes.
In Ruby 2.4, OpenSSL no longer truncates, but now raises an error because it expects a 32 byte key.
Reference

[omgitsbillryan]

Assuming this change is backward compatible with instances running Ruby 2.3 (which I think it is?), might be wise to PR & merge on it's own, preemptively to this PR upgrading ruby, to reduce risk.

This will require updates to credstash as well (since the keys in there are too long as well), which again, is probably wise to do in advance of the ruby upgrade if we can.

[jholton]

Yes, it is backward compatible with Ruby 2.3.

• All my specs pass with the truncated keys
• I did manually:
  • Create a db object that uses the db_encryption_key in a Ruby 2.3/long key environment.
  • Then I switched branches to the Ruby 2.4/short key environment and verified that I could retrieve the previously saved data.

These specific changes are only used in local dev/testing, with the other environments values being held in credstash, as you mentioned.

I'll open a separate PR for these truncations, and perhaps a devops engineer can truncate the values for dev and/or staging for now for additional manual testing.

[jholton]

As mentioned in the issue, this will of course require coordinating some changes with devops. Namely,

• devops changes to Ruby 2.4.5 for deployed environments
• devops changes to db_encryption_key
• verify that sidekiq-scheduler continues to schedule jobs when expected (due to update of the library).

[jholton]

• Merging master created conflits in Gemfile.lock so, I reset it to what is current in master then re-applied my updates.
• updated .ruby-version file to specify 2.4.5
• updated Dockerfile to specify 2.4.5-slim-stretch
• updated docs/setup/native.md to specify Ruby version 2.4.5
• After rubocop changed =~ operators to .match?, had to use safe navigation operator with .match? when evaluating response_headers['content-type'] in middlewares because that value can be nil
• change Makefile commands to use rails instead of rake
• change syntax to set OpenSSL::PKey::RSA key to be compatible with OpenSSL 1.1

[jholton]

@kreek @annaswims @kfrz @lihanli re-requesting review. See comment above for changes since last review. Thanks.

[kreek]

LGTM 🚀

[kfrz]

Nicely done. 👍