The ADR proposes a different approach to solve the problems stated in
https://github.com/open-feature/flagd/pull/1634.
It's quite concise and simple at the point, assuming the reviewers
already have the context from the original discussions.
Will add more details after the initial feedback and inputs.
---------
Signed-off-by: Hugo Huang <lorqor@gmail.com>
<!-- Please use this template for your pull request. -->
<!-- Please use the sections that you need and delete other sections -->
## This PR
<!-- add the description of the PR here -->
- adds a toggle `disable-sync-metadata` for the Sync Service to disable
or enable the deprecated `getMetadata` request
### Related Issues
[#1688 [FEATURE] Temporary Context Enrichment
toggle](https://github.com/open-feature/flagd/issues/1688)
---------
Signed-off-by: Konvalinka <lea.konvalinka@dynatrace.com>
## This PR
- adds the support for the `eTag` request header and `304 Not Modified`
response.
### Related Issues
Fixes#1558
### Notes
This proposal includes some significant behavior changes; therefore, any
feedback, opinions, or objections are welcome and appreciated.
### How to test
```bash
make build
cd bin && ./flagd start --port 8013 --uri https://raw.githubusercontent.com/open-feature/flagd/main/samples/example_flags.flagd.json --debug
```
More specific test cases to be added when we all agree on proceeding
with the implementation of the change in this PR.
---------
Signed-off-by: Zhiwei Liang <zhiwei.liang27@pm.me>
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
Intent of this PR is to add the first draft of the multi-synch-sources
ADR, this is a docs-only change
---------
Signed-off-by: Dave Josephsen <dave.josephsen@gmail.com>
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
The goal of this decision document is to establish flag sets as a first
class concept in `flagd`, and support the dynamic
addition/update/removal of flag sets at runtime.
See document for all justifications and background.
@dominikhaska @tangenti @cupofcat
Alternative proposal here:
https://github.com/open-feature/flagd/pull/1644#discussion_r2149723952
---------
Signed-off-by: Alexandra Oberaigner <alexandra.oberaigner@dynatrace.com>
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Alexandra Oberaigner <alexandra.oberaigner@dynatrace.com>
Co-authored-by: Simon Schrottner <simon.schrottner@dynatrace.com>
This is proposal for support flags with duplicate keys, as a follow up
of the discussion on #1634 and #1644.
The selector semantics change proposed in #1644 will be addressed in a
separate ADR.
---------
Signed-off-by: Hugo Huang <lorqor@gmail.com>
Adds ADR for fractional.
_As written_ this is historical, however, we can modify this one in this
PR if you would like. I know @tangenti @dominikhaska @cupofcat are
interested in some changes here. Feel free to suggest them and if we
have a consensus we can turn the changes into roadmap items.
---------
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Another "retrospective" ADR, like the cucumber one.
This explains our JSONLogic choice, shared `$evaluators`, as well as the
the semantics of flagd's use of OpenFeature's [resolution
reasons](https://openfeature.dev/specification/types#resolution-reason).
---------
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
## This PR
- updates the code default ADR to use `FLAG_NOT_FOUND` errors codes
instead of an undefined value.
### Notes
This update will have nearly identical end results but will be easier to
implement and more consistent. Core to this change is switching from
using an empty value as the indicator to using the `FLAG_NOT_FOUND`
error code. While this may seem odd at first, it's in line with the
behavior a user sees when first releasing a disabled flag. This will
allow users to `create a new disabled flag` -> `enable the flag for a
subset of users without impacting others` -> `enable the flag for
everyone` -> `deprecate the flag`.
---------
Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
## This PR
- ADR to add support for explicitly deferring to the code default.
### Notes
This has been a challenge for users because enabling a feature for
targeting requires a default variant to be used, which may not match the
default used in code.
---------
Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
<!-- Please use this template for your pull request. -->
<!-- Please use the sections that you need and delete other sections -->
## This PR
<!-- add the description of the PR here -->
- adds server side deadline for sync and event streams configurable via
cmd argument `--stream-deadline`
### Related Issues
#1582
### Notes
<!-- any additional notes for this PR -->
### How to test
1. Run flagd with `--stream-deadline 3s` // 3s can be replaced with any
duration the deadline should have
2. Test Event Stream deadline: run `grpcurl -v --proto
schemas/protobuf/flagd/evaluation/v1/evaluation.proto -plaintext
localhost:8013 flagd.evaluation.v1.Service/EventStream` or similar
depending on your flagd settings to check if the deadline exceeded is
returned after the specified duration
3. Test Sync Service Stream deadline: run `grpcurl -v --proto
schemas/protobuf/flagd/sync/v1/sync.proto -plaintext localhost:8015
flagd.sync.v1.FlagSyncService/SyncFlags` or similar depending on your
flagd settings to check if the deadline exceeded is returned after the
specified duration
Signed-off-by: alexandra.oberaigner <alexandra.oberaigner@dynatrace.com>
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
<!-- Please use this template for your pull request. -->
<!-- Please use the sections that you need and delete other sections -->
Able to update context map using headers present in
- OFREP requests
- Connect Requests (via Flag Evaluator V2 service)
### Related Issues
Fixes#1583
### Notes
Context values passed via headers is high priority
If same context key is updated via
- Headers
- Request Body
- Static Config
_Context via Headers will be considered_
### Usage
```
flagd start --port 8013 --uri file:./samples/example_flags.flagd.json -H Header=contextKey
```
or
```
flagd start --port 8013 --uri file:./samples/example_flags.flagd.json --context-from-header Header=contextKey
```
---------
Signed-off-by: Rahul Baradol <rahul.baradol.14@gmail.com>
Adds an ADR based on the new template, explaining the reasoning behind
the use of cucumber/gherkin.
---------
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: André Silva <2493377+askpt@users.noreply.github.com>
## This PR
adds support for unix sockets in sync service
### Related Issues
<!-- add here the GitHub issue that this PR resolves if applicable -->
Fixes#1518
### How to test
start flagd with the new option `-e /tmp/socketpath` and try to connect
with an in-process provider to the same socket path & request a flag
---------
Signed-off-by: Alexandra Oberaigner <alexandra.oberaigner@dynatrace.com>
Signed-off-by: alexandraoberaigner <82218944+alexandraoberaigner@users.noreply.github.com>
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
Adds a bit of conceptual docs about metadata. We already have lots of
detail on how to configure it, how it's merged in the `definitions`
page, and how it's implemented in in-process providers.
---------
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
⚠️ This PR brings a breaking change to the
[flagd-core](https://pkg.go.dev/github.com/open-feature/flagd/core)
library: the `IStore` interface now returns an additional value
representing the flag set metadata. There are no breaking changes in
flagd's behavior.
Changes in flagd:
- returns flag set metadata as metadata for error flags (best effort)
- returns flag set metadata in OFREP and RPC calls
- moves metadata merging logic to evaluator (all flags inherent flag set
metadata, but can override, as as before but now reusable in flagd core)
- removes duplicated flag set metadata keys when the same flag set
metadata key exists in multiple sources
### To Test
- requires `curl`, `grpcurl`, and `jq`
#### RPC
```shell
grpcurl -import-path /...../schemas/protobuf/flagd/evaluation/v1 -proto evaluation.proto -plaintext localhost:8013 flagd.evaluation.v1.Service/ResolveAll | jq
```
### OFREP
```shell
curl --location 'http://localhost:8016/ofrep/v1/evaluate/flags' --header 'Content-Type: application/json' --data '{"context": {"color": "yellow"}}' | jq
```
### Sync
```shell
grpcurl -import-path /...../schemas/protobuf/flagd/sync/v1/ -proto sync.proto -plaintext localhost:8015 flagd.sync.v1.FlagSyncService/FetchAllFlags | jq -r .flagConfiguration | jq
```
---------
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
update of spec for https://github.com/open-feature/flagd/issues/1504
---------
Signed-off-by: Simon Schrottner <simon.schrottner@dynatrace.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
## This PR
Intent of this PR is to add the docs that were missing from #1449
### Notes
Happy holidays yall.
---------
Signed-off-by: Dave Josephsen <dave.josephsen@gmail.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
updating specification based on findings in
https://github.com/open-feature/flagd/issues/1472
---------
Signed-off-by: Simon Schrottner <simon.schrottner@dynatrace.com>
Co-authored-by: chrfwow <christian.lutnik@dynatrace.com>
- add the `--context-value` command line flag to pass arbitrary key
value pairs to the evaluation context
Signed-off-by: Aleksei Muratov <muratoff.alexey@gmail.com>
This PR contains significant enhancements to flagd provider specs. If
merged, I will be opening a bunch of issues to implement what's
described here based on recon I've been doing with the existing
implementations
Specifically:
- adds `retryGraceAttempts` param, which defines the amount of stream
retry attempts before provider moves from `STALE` to `ERROR` state
- adds `contextEnricher` param, which defines mapping function for
sync-metadata to evaluation context for in process providers (exists
already in Java provider)
- improves consistency between in-process and RPC stream reconnect
behavior
- simplifies provider doc and spec to remove duplication and improve
readability
---------
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Guido Breitenhuber <157148191+guidobrei@users.noreply.github.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
## This PR
Added custom gRPC resolver to support envoy proxy
- support gRPC custom resolver
### Related Issues
Fixes https://github.com/open-feature/go-sdk-contrib/issues/585
### Notes
- update `.github/workflow/build.yaml` to install `envoy`
[binary](https://www.envoyproxy.io/docs/envoy/latest/start/install#install-binaries)
part of e2e test.
- this is a pre-requisite for `flagd` go [provider
update](https://github.com/open-feature/go-sdk-contrib/issues/585)
### How to test
Unit test are already added for the custom resolver for integration test
you need a working envoy proxy support or any of the supported core
resolver mentioned
[here](https://grpc.io/docs/guides/custom-name-resolution/#overview)
```shell
bin % ./flagd start -x --uri envoy://localhost:9211/test.service
______ __ ________ _______ ______
/_____/\ /_/\ /_______/\ /______/\ /_____/\
\::::_\/_\:\ \ \::: _ \ \\::::__\/__\:::_ \ \
\:\/___/\\:\ \ \::(_) \ \\:\ /____/\\:\ \ \ \
\:::._\/ \:\ \____\:: __ \ \\:\\_ _\/ \:\ \ \ \
\:\ \ \:\/___/\\:.\ \ \ \\:\_\ \ \ \:\/.:| |
\_\/ \_____\/ \__\/\__\/ \_____\/ \____/_/
2024-10-14T20:19:51.411+0200 info cmd/start.go:120 flagd version: dev (f716423), built at: 2024-10-14T20:19:34Z {"component": "start"}
2024-10-14T20:19:51.412+0200 debug telemetry/builder.go:81 skipping trace provider setup as collector target is not set. Traces will use NoopTracerProvider provider and propagator will use no-Op TextMapPropagator
2024-10-14T20:19:51.412+0200 info flag-sync/sync_service.go:54 starting flag sync service on port 8015 {"component": "FlagSyncService"}
2024-10-14T20:19:51.412+0200 debug builder/syncbuilder.go:111 using grpc sync-provider for: envoy://localhost:9211/test.service {"component": "sync"}
2024-10-14T20:19:51.413+0200 info flag-evaluation/connect_service.go:247 metrics and probes listening at 8014 {"component": "service"}
2024-10-14T20:19:51.413+0200 info ofrep/ofrep_service.go:56 ofrep service listening at 8016 {"component": "OFREPService"}
2024-10-14T20:19:51.415+0200 info flag-evaluation/connect_service.go:227 Flag IResolver listening at [::]:8013 {"component": "service"}
2024-10-14T20:19:51.428+0200 debug grpc/grpc_sync.go:201 received full configuration payload {"component": "sync", "sync": "grpc"}
2024-10-14T20:19:55.057+0200 debug grpc/grpc_sync.go:201 received full configuration payload {"component": "sync", "sync": "grpc"}
```
---------
Signed-off-by: Pradeep <pradeepbbl@gmail.com>
Signed-off-by: Matthew Wilson <54033231+wilson-matthew@users.noreply.github.com>
Co-authored-by: Matthew Wilson <54033231+wilson-matthew@users.noreply.github.com>
## This PR
Fixes a typo in `docs/reference/openfeature-operator/overview.md`
Signed-off-by: Matthew Wilson <54033231+wilson-matthew@users.noreply.github.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
## This PR
The OpenTelemetry collectors in my production environment are configured
to use TLS for uploading metrics / traces so this PR aims to
- add the ability to use mTLS + self-signed certificates when exporting
to the opentelemetry collector
This is the 'quick and dirty' approach so wanted to make an initial PR
to make sure the high level implementation is the approach you're
looking for.
### Follow-up Tasks
- [ ] update the documentation when this approach is approved
### How to test
I am struggling to figure out how to test this with self signed
certificates to give a specific set of commands you can run because the
TLS connection is never successful (assuming this is because of my
commands)
```bash
openssl req -x509 -newkey rsa:4096 -keyout ca.key.pem -out ca.cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=localhost"
openssl req -x509 -newkey rsa:4096 -keyout client.key.pem -out client.cert.pem -CA ca.cert.pem -CAkey ca.key.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=localhost" -addext "subjectAltName = IP:127.0.0.1"
openssl req -x509 -newkey rsa:4096 -keyout server.key.pem -out server.cert.pem -CA ca.cert.pem -CAkey ca.key.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=localhost" -addext "subjectAltName = IP:127.0.0.1"
```
; however, when I pull certificates from my production environment to
test this works
---------
Signed-off-by: Kevin Schoonover <me@kschoon.me>
Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Todd Baert <todd.baert@dynatrace.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Implement fsnotify and `os.Stat` based watchers
fixes: #1344
<!-- Please use this template for your pull request. -->
<!-- Please use the sections that you need and delete other sections -->
## This PR
Intent of this PR is to begin a conversation about fixing #1344. The
approach taken is to replace the current use of `fsontify.Watcher` with
a local `Watcher` interface type that describes the `fsnotify.Watcher`
interface.
My original take was to use fsnotify.Watcher directly as an
implementation of local `Watcher`, but fsnotify's Watcher directly
exposes its Error and Event channels, making it impossible to describe
with an interface, so I had to create a small wrapper for
`fsnotify.Watcher` to satisfy the new Watcher interface (this is
fsnotify_watcher.go). From there, we implement the `Watcher` interface
again, this time using `os.Stat` and `fs.FileInfo` (this is
fileinfo_watcher.go).
Then we change the filepath sync code to use an interface to Watcher,
rather than fsnotify.Watcher directly. The new fileinfo watcher plugs
right in, and nothing really needs to change in the sync.
* I have not wired up configs, so the fileinfo watcher has a hard-coded
1-second polling interval, and there is no current means of selecting
between them.
* I've added a couple tests, to demonstrate how unit tests would work in
general (we use a configurable os-stat func in the fileinfo watcher,
which can be mocked for tests)
* I don't have a way of testing this on Windows. I'm vaguely aware
there's an upstream issue in package `fs` that may require some
work-around boilerplate to make this work on windows at the moment.
If yall are favorable to this approach, I'll finish wiring up configs,
and flesh out the tests. I didn't want to go much further without some
buy-in or feedback.
### Related Issues
Fixes#1344
### Notes
See bullet-points above
### How to test
go test -v ./...
---------
Signed-off-by: Dave Josephsen <dave.josephsen@gmail.com>
Signed-off-by: Kavindu Dodanduwa <kavindudodanduwa@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Kavindu Dodanduwa <Kavindu-Dodan@users.noreply.github.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
## This PR
Added a new config option `maxMsgSize` which will
allow users to override default message size 4Mb.
- allow override default max message size 4Mb
### Related Issues
Fixes#1357
### How to test
To test this feature you need a flag source with large number of flags >
4Mb, e.g. below we are running with max size of 5Mb+
```
./flagd start --port 8013 --sync-port 8017 --sources='[{"uri": "localhost:8015", "provider": "grpc", "tls": false, "providerID": "flagd-sidecar", "selector": "all-flags", "maxMsgSize": 5728474}]'
______ __ ________ _______ ______
/_____/\ /_/\ /_______/\ /______/\ /_____/\
\::::_\/_\:\ \ \::: _ \ \\::::__\/__\:::_ \ \
\:\/___/\\:\ \ \::(_) \ \\:\ /____/\\:\ \ \ \
\:::._\/ \:\ \____\:: __ \ \\:\\_ _\/ \:\ \ \ \
\:\ \ \:\/___/\\:.\ \ \ \\:\_\ \ \ \:\/.:| |
\_\/ \_____\/ \__\/\__\/ \_____\/ \____/_/
2024-07-11T11:31:57.024+0200 info cmd/start.go:107 flagd version: dev (da01e08), built at: 2024-07-11T11:14:44Z {"component": "start"}
2024-07-11T11:31:57.026+0200 info flag-sync/sync_service.go:54 starting flag sync service on port 8017 {"component": "FlagSyncService"}
2024-07-11T11:31:57.027+0200 info grpc/grpc_sync.go:70 setting max receive message size 5728474 bytes default 4MB {"component": "sync", "sync": "grpc"}
```
---------
Signed-off-by: Pradeep Mishra <pradeepbbl@gmail.com>
Signed-off-by: pradeepbbl <pradeepbbl@gmail.com>
Signed-off-by: Pradeep Mishra <pradeepbbl@users.noreply.github.com>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Todd Baert