This add-on is operated by Terrible Labs
Capture and analyze validation errors from your Rails app.
Guardrail
Last updated December 06, 2023
This article is a work in progress, or documents a feature that is not yet released to all users. This article is unlisted. Only those with the link can access it.
The Guardrail add-on is currently in beta.
Table of Contents
Guardrail captures validation errors from your Ruby on Rails application to help you identify and fix user experience issues.
Deploying to Heroku
To use Guardrail on Heroku, install the guardrail add-on:
$ heroku addons:create guardrail
Rails setup
Rails 3+
Add the following line to your app’s Gemfile:
gem 'guardrail_notifier'
Install the gem:
$ bundle install
Rails 2.3.x
Install the gem:
$ gem install guardrail_notifier
Add the following line to config/environment.rb:
config.gem 'guardrail_notifier'
The gem will detect ENV['GUARDRAIL_API_KEY']
in your Heroku environment, so no
further configuration is needed. However, there are some advanced options you
may want to configure.
Advanced usage
Filtering params
GuardrailNotifier records the parameters submitted in actions that cause
validation errors. Because your app may handle sensitive data, like passwords,
credit card numbers, and nuclear launch codes, GuardrailNotifier respects the
built-in Rails parameter filtering that you define with config.filter_parameters
(or filter_parameter_logging
in Rails 2.3). For example, in Rails 3’s application.rb:
config.filter_parameters << [:password, :secret]
Per Rails convention, any params that match ‘password’ or ‘secret’ will show up as “[FILTERED]” in the data submitted to Guardrail.
Tracking custom actions
GuardrailNotifier assumes your app is RESTful, so it only monitors the create and update actions by default. If you’re creating or updating records in non-RESTful actions, you can use an after_filter to make sure any validation failures in those actions are caught as well:
after_filter :log_validation_failures_to_guardrail, :only => [:create, :update, :my_custom_action]
Running in other environments
GuardrailNotifier is only enabled in the production environment by default. If you want to enable it in additional environments, such as staging, you’ll need to add the following to config/initializers/guardrail_notifier.rb:
GuardrailNotifier.configure do |config|
config.monitored_environments << 'staging'
end
SSL
GuardrailNotifier submits errors with SSL by default, but you can disable it easily in an initializer:
GuardrailNotifier.configure do |config|
config.secure = false
end