Flagr is a feature flagging, A/B testing and dynamic configuration microservice

Introduction

Flagr is an open source Go service that delivers the right experience to the right entity and monitors the impact. It provides feature flags, experimentation (A/B testing), and dynamic configuration. It has clear swagger REST APIs for flags management and flag evaluation.

Documentation

Quick demo

Try it with Docker.

# Start the docker container
docker pull checkr/flagr
docker run -it -p 18000:18000 checkr/flagr

# Open the Flagr UI
open localhost:18000

Or try it on https://try-flagr.herokuapp.com, it may take a while for a cold start.

curl --request POST \
     --url https://try-flagr.herokuapp.com/api/v1/evaluation \
     --header 'content-type: application/json' \
     --data '{
       "entityID": "127",
       "entityType": "user",
       "entityContext": {
         "state": "NY"
       },
       "flagID": 1,
       "enableDebug": true
     }'

Flagr Evaluation Performance

Tested with vegeta. For more details, see benchmarks.

Requests      [total, rate]            56521, 2000.04
Duration      [total, attack, wait]    28.2603654s, 28.259999871s, 365.529µs
Latencies     [mean, 50, 95, 99, max]  371.632µs, 327.991µs, 614.918µs, 1.385568ms, 12.50012ms
Bytes In      [total, mean]            23250552, 411.36
Bytes Out     [total, mean]            8308587, 147.00
Success       [ratio]                  100.00%
Status Codes  [code:count]             200:56521
Error Set:

Flagr UI

Client Libraries

Language Clients
Go goflagr
Javascript jsflagr
Python pyflagr
Ruby rbflagr
Comments
  • Categorization of Flags

    Categorization of Flags

    Multiple products at my company would like to use the same instance of Flagr for their A/B Testing. Currently, there is no way to separate flags by category (such as tag, product, or project). This is currently only possible by namespacing the flags like project1_some_flag and project2_some_flag - which would be difficult to manage with hundreds of flags.

    Expected Behavior

    Ability to filter flags by a category (tag, product, or project, the name doesn't matter)

    Current Behavior

    • No ability to filter tags by description, making it difficult to namespace flags like project1_some_flag and project2_some_flag
    • No ability to filter flags by a category (tag, product, or project)

    Possible Solution

    Backend: Add another table: Categories (tag, product, or project, the name doesn't matter) and add a categoryId to all records so that they are filterable by category. UI: Make the flags index filterable and sortable by category.

    Context

    With a solution for this problem in place, multiple teams could use the same instance of Flagr because records could be categorized and filtered and sorted on those categories.

    Enova International might be willing to write this feature as a PR to this project given some guidance as to the preferred solution.

    Environment

    All

  • Added Google Cloud Pubsub support for data records

    Added Google Cloud Pubsub support for data records

    Description

    Adding Google Cloud Pubsub support for data records, currently just a minimal implementation

    Motivation and Context

    We are using Google Cloud Pubsub and needed something native for data records

    How Has This Been Tested?

    running make with all tasks, passed all tests and started flagr server

    Types of changes

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist:

    • [x] My code follows the code style of this project.
    • [x] My change requires a change to the documentation.
    • [x] I have updated the documentation accordingly.
    • [x] I have added tests to cover my changes.
    • [x] All new and existing tests passed.
  • WebPrefix does not update API_URL

    WebPrefix does not update API_URL

    When we add a WebPrefix by defining FLAGR_WEB_PREFIX, we are expecting the entire app to use the prefix. We found that the APIs are not using the prefix, resulting in calls to /api/v1 instead of /webprefix/api/v1.

    Expected Behavior

    If we set up flagr locally, calls to the APIs should include the prefix. For example:

    The following should return a 200 OK:

    curl -v http://localhost:18000/WEBPREFIX/api/v1/health

    The following should return a 404 NOT FOUND:

    curl -v http://localhost:18000/api/v1/health

    Instead, we get the opposite behavior, ie. works without prefix, but does not work with a prefix.

    Current Behavior

    See Expected Behavior above.

    Possible Solution

    May be able to fix this by ensuring that API_URL is set based on the provided WebPrefix (ie. FLAGR_WEB_PREFIX).

    Steps to Reproduce (for bugs)

    Run up an instance of flagr locally and set FLAGR_WEB_PREFIX to /flags. Run the curl commands as per expected behavior.

    Context

    We are trying to run flagr with other applications and this issue prevents it from working as we are proxying only a particular webprefix to flagr.

    Your Environment

    • Flagr version used: 1.0.14
    • Running on docker
  • Add unique label on flags

    Add unique label on flags

    Description

    For now we only have one way to find a Flag: the description.

    But description are not unique and very volatile and should not be used to find a precise Flag imo.

    ID aren't good enough too since they're linked to the database and they change accross Flagr instances (e.g staging/production). An unique label fixes all of these issues.

    I'm not good with the Vue frontend don't hesitate to push a commit on this PR to improve it.

    Types of changes

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist:

    • [x] My code follows the code style of this project.
    • [x] My change requires a change to the documentation.
    • [x] I have updated the documentation accordingly.
    • [x] I have added tests to cover my changes.
    • [x] All new and existing tests passed.
  • [feat] Support variant-less rollouts

    [feat] Support variant-less rollouts

    In contrasting open source feature systems flagr is certainly one of the more mature options. The one caveat I found was its quite complex for a generic boolean feature flag. The scenarios that I think could be simpler are:

    • global on/off: could respect the default on/off state.
    • % of entity_id on/off: could respect the segment rollout with no distribution plan

    You could achieve the latter if the API returned some kind of information saying "segment is on with rollout plan and no variant".

  • Notifier interface, generic webhooks and slack webhooks

    Notifier interface, generic webhooks and slack webhooks

    Description

    • Related to issue #214
    • Add a generic webhook to push updates to flags to a user specified endpoint
    • Add a slack specific webhook to push updates to a slack channel like this:
    Screenshot 2019-03-19 at 12 10 04 Screenshot 2019-03-19 at 12 10 44

    Motivation and Context

    We needed notifications around who was doing what with the flags we had active, when they were enabled / disabled etc

    How Has This Been Tested?

    Manually and with automated tests

    Types of changes

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist:

    • [x] My code follows the code style of this project.
    • [x] My change requires a change to the documentation.
    • [ ] I have updated the documentation accordingly.
    • [x] I have added tests to cover my changes.
    • [x] All new and existing tests passed.
  • OAuth Support

    OAuth Support

    Currently, Flagr supports basic JWT Authentication from Cookies and Auth Headers but does not provide a way to acquire the token. It would be helpful for Flagr to support the industry-standard OAuth protocol and tokens.

    OAuth defines a protocol for acquiring a signed JWT token via Query String and API, and includes an audience attribute to validate that the user is authorized to use the application in question (in this case Flagr). Flagr doesn't provide a way to acquire a JWT and can only validate the signature of the token without testing the token’s attributes

  • getting error when running make build

    getting error when running make build

    After getting latest code(doing dep ensure, make deps etc) and running make gen, make build throws following error:

    # github.com/checkr/flagr/swagger_gen/restapi
    swagger_gen/restapi/server.go:174:18: cannot use domainSocket (type *graceful.Server) as type *http.Server in argument to configureServer
    swagger_gen/restapi/server.go:206:18: cannot use httpServer (type *graceful.Server) as type *http.Server in argument to configureServer
    swagger_gen/restapi/server.go:292:18: cannot use httpsServer (type *graceful.Server) as type *http.Server in argument to configureServer
    make: *** [build] Error 2
    

    Expected Behavior

    Generated binary sucessfully

    Current Behavior

    Errors, can't compile

    Possible Solution

    Steps to Reproduce (for bugs)

    1. pull latest code
    2. do dep ensure
    3. do make deps
    4. do make gen
    5. do make build

    Context

    I am trying to add new query parameter for rest api but error prevents me from successfully compiling

    Your Environment

    • Version used (flagr version):
    • Server type and version:
    • Operating System and version (uname -a):
    • Link to your project:
  • Push http metrics with statsd

    Push http metrics with statsd

    Push metrics, such as response time, response count ..., to a statsd server.

    First part of #102

    Description

    Besides the default configuration, there is a negroni middleware to push http metrics to statsd.

    Motivation and Context

    Have control metrics of individual parts of the architecture, e.g.: response times, individual processes breakdown, project health in general.

    How Has This Been Tested?

    An statsd server started locally, checked if the metrics are sent. Deployed to production on my cluster...

    Types of changes

    • [x] New feature (non-breaking change which adds functionality)

    Checklist:

    • [x] My code follows the code style of this project.
    • [x] My change requires a change to the documentation.
    • [x] I have updated the documentation accordingly.
    • [x] All new and existing tests passed.
  • "fatal error" when calling Batch Eval with Tags at Volume

    We found an issue using the Tag Functionality for Batch Evaluations that only shows up when at high volumes. Related to #369

    Expected Behavior

    Calling postEvaluationBatch with valid flagTags should result in evaluations for every Flag with the provided Tags.

    Current Behavior

    At volume (we verified with 1 call every 10 milliseconds), we receive a fatal error: concurrent map writes error, resulting in Flagr crashing. We believe this is an issue of a race condition in the eval cache logic.

    Possible Solution

    We've identified an additional memory lock we can add to the GetByTags function in eval_cache.go that should resolve the problem. We are currently preparing some internal stress testing to validate that it resolves the issue.

    While working on this, we also discovered a similar issue with the rateLimitPerFlagConsoleLogging function in eval.go that we are updating as well.

  • [WIP] AuthZ in flagr

    [WIP] AuthZ in flagr

    Note: This is still a WIP, putting up the PR to solicit early feedback

    Description

    This PR is, when complete, meant to introduce AuthZ to flagr. It does not implement AuthN

    Motivation and Context

    Allows users to lock down flags from unauthorized users making changes. While changes within an organization are almost certainly well-intentioned, not everyone understands all the wide-reaching effects a change to a configuration can have. This allows flag owners to have more control over who can change it.

    I've introduced the concept of authorized users and groups. Non-authorized users will be able to view, but not change fields

    How Has This Been Tested?

    Types of changes

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist:

    • [ ] My code follows the code style of this project.
    • [ ] My change requires a change to the documentation.
    • [ ] I have updated the documentation accordingly.
    • [ ] I have added tests to cover my changes.
    • [ ] All new and existing tests passed.
  • Bump json5, @vue/cli-service, @vue/cli-plugin-eslint and @vue/cli-plugin-babel in /browser/flagr-ui

    Bump json5, @vue/cli-service, @vue/cli-plugin-eslint and @vue/cli-plugin-babel in /browser/flagr-ui

    Bumps json5 to 1.0.2 and updates ancestor dependencies json5, @vue/cli-service, @vue/cli-plugin-eslint and @vue/cli-plugin-babel. These dependencies need to be updated together.

    Updates json5 from 1.0.1 to 1.0.2

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Updates @vue/cli-service from 4.5.19 to 5.0.8

    Release notes

    Sourced from @​vue/cli-service's releases.

    v5.0.8

    :bug: Bug Fix

    v5.0.7

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    v5.0.6

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    v5.0.5

    :bug: Bug Fix

    • @vue/cli
      • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service
    • @vue/cli-plugin-e2e-cypress
      • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

    Committers: 3

    v5.0.4

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    v5.0.3

    ... (truncated)

    Changelog

    Sourced from @​vue/cli-service's changelog.

    5.0.7 (2022-07-05)

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    5.0.6 (2022-06-16)

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    5.0.5 (2022-06-16)

    :bug: Bug Fix

    • @vue/cli
      • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service

    Committers: 3

    5.0.4 (2022-03-22)

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    ... (truncated)

    Commits
    • b154dbd v5.0.8
    • 0260e4d fix: add devServer.server.type to useHttps judgement (#7222)
    • 4a0655f v5.0.7
    • beffe8a fix: allow disabling progress plugin via devServer.client.progress
    • 558dea2 fix: support devServer.server option, avoid deprecation warning
    • bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)
    • ef08a08 v5.0.6
    • fcf27e3 fixup! fix: compatibility with Vue 2.7
    • a648958 fix: compatibility with Vue 2.7
    • 98c66c9 v5.0.5
    • Additional commits viewable in compare view

    Updates @vue/cli-plugin-eslint from 4.5.19 to 5.0.8

    Release notes

    Sourced from @​vue/cli-plugin-eslint's releases.

    v5.0.8

    :bug: Bug Fix

    v5.0.7

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    v5.0.6

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    v5.0.5

    :bug: Bug Fix

    • @vue/cli
      • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service
    • @vue/cli-plugin-e2e-cypress
      • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

    Committers: 3

    v5.0.4

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    v5.0.3

    ... (truncated)

    Changelog

    Sourced from @​vue/cli-plugin-eslint's changelog.

    5.0.7 (2022-07-05)

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    5.0.6 (2022-06-16)

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    5.0.5 (2022-06-16)

    :bug: Bug Fix

    • @vue/cli
      • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service

    Committers: 3

    5.0.4 (2022-03-22)

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    ... (truncated)

    Commits

    Updates @vue/cli-plugin-babel from 4.5.19 to 5.0.8

    Release notes

    Sourced from @​vue/cli-plugin-babel's releases.

    v5.0.8

    :bug: Bug Fix

    v5.0.7

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    v5.0.6

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    v5.0.5

    :bug: Bug Fix

    • @vue/cli
      • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service
    • @vue/cli-plugin-e2e-cypress
      • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

    Committers: 3

    v5.0.4

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    v5.0.3

    ... (truncated)

    Changelog

    Sourced from @​vue/cli-plugin-babel's changelog.

    5.0.7 (2022-07-05)

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    5.0.6 (2022-06-16)

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    5.0.5 (2022-06-16)

    :bug: Bug Fix

    • @vue/cli
      • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service

    Committers: 3

    5.0.4 (2022-03-22)

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Flagr UI: unquoted string constraints with / as the first character do not get caught by parsing error

    Flagr UI: unquoted string constraints with / as the first character do not get caught by parsing error "tok=ILLEGAL"

    If a string constraint starting with the slash character (/) is entered without quotes, then string can be submitted to the API and the flagr service gets stuck in an infinite loop.

    Expected Behavior

    A string starting with a '/' should either error with the same parsing error or should automatically convert to a string and create the constraint successfully.

    Current Behavior

    The constraints API request is allowed to go through, however the response never completes and the flagr service gets stuck processing the request.

    Possible Solution

    Option 1: Expand the regex for the parsing error to catch strings that start with / but don't have a closing / (assuming it's attempting to identify regex patterns from other strings.

    Option 2: If the string is not a regex pattern, do not require quotes. Automatically convert strings.

    Steps to Reproduce (for bugs)

    1. Create a new constraint
    2. Add a property, operator, and set the value to /test (without quotes)
    3. Save the constraint.
    4. Notice the network request doesn't complete and the processor starts to heat up.

    Your Environment

    Version used (flagr version): v1.1.4 Server type and version: Docker ghcr.io/openflagr/flagr using Mysql8

  • Feature request: Add option for

    Feature request: Add option for "exactMatch" in batch evaluation

    The batch evaluation API returns the first match for an evaluationContext. If multiple segments could match, it would be nice to have an option to return all possible matches (more like an "exactMatch" for entity contexts).

    Example batch entities:

    {
      "exactMatch": true, // new functionality
      "entities": [
        {
          "entityContext": {
            "timestamp": 23456
          }
        },
        {
          "entityContext": {}
        }
      ],
     "enableDebug": false,
      "flagIDs": [
        1
      ]
    }
    

    Expected Behavior

    All matching segments should be returned.

          {
             "evalContext":{
                "entityContext":{
                   "timestamp":23456
                },
                "entityID":"randomly_generated_647515026",
                "flagID":1
             },
             "flagID":1,
             "flagKey":"xyz",
             "flagSnapshotID":75,
             "segmentID":3,
             "timestamp":"2022-12-04T07:28:45Z",
             "variantAttachment":{
                "test":"timestamp constraint",
             },
             "variantID":3,
             "variantKey":"timestamp_constraint"
          },
        {
          "evalContext": {
            "entityContext": {},
            "entityID": "randomly_generated_1162003090",
            "flagID": 1
          },
          "flagID": 1,
          "flagKey": "xyz",
          "flagSnapshotID": 75,
          "segmentID": 2,
          "timestamp": "2022-12-04T07:28:45Z",
          "variantAttachment": {
            "test": "no constraints",
            "endTimeMillis": null,
            "startTimeMillis": null,
            "type": "info"
          },
          "variantID": 2,
          "variantKey": "no_constraints"
        }
      ]
    }
    

    Current Behavior

    If the "no_constraints" segment is above the "timestamp_constraint" in the flagr UI then the "no_constraints" segment will be returned twice, once for matching the timestamp, once for matching no context.

        {
          "evalContext": {
            "entityContext": {
              "timestamp": 12345
            },
            "entityID": "randomly_generated_1162003090",
            "flagID": 1
          },
          "flagID": 1,
          "flagKey": "xyz",
          "flagSnapshotID": 75,
          "segmentID": 2,
          "timestamp": "2022-12-04T07:28:45Z",
          "variantAttachment": {
            "test": "no constraints",
            "endTimeMillis": null,
            "startTimeMillis": null,
            "type": "info"
          },
          "variantID": 2,
          "variantKey": "no_constraints"
        },
        {
          "evalContext": {
            "entityContext": {},
            "entityID": "randomly_generated_1162003090",
            "flagID": 1
          },
          "flagID": 1,
          "flagKey": "xyz",
          "flagSnapshotID": 75,
          "segmentID": 2,
          "timestamp": "2022-12-04T07:28:45Z",
          "variantAttachment": {
            "test": "no constraints",
            "endTimeMillis": null,
            "startTimeMillis": null,
            "type": "info"
          },
          "variantID": 2,
          "variantKey": "no_constraints"
        }
      ]
    }
    

    Workaround

    Move the segments with more strict constraints above segments with looser constraints.

    Steps to Reproduce (for bugs)

    The constraint name doesn't really matter, the "timestamp" property listed below is only an example based on a live test.

    1. Create a segment with no constraints
    2. Create a segment with a "timestamp" constraint with greater than and less than options
    3. Assign different distributions to each
    4. Perform a batchEvaluation, passing in a "timestamp" context and a blank context.

    Your Environment

    • Version used (flagr version): v1.1.4
    • Server type and version: Docker ghcr.io/openflagr/flagr using Mysql8
  • Bump decode-uri-component from 0.2.0 to 0.2.2 in /browser/flagr-ui

    Bump decode-uri-component from 0.2.0 to 0.2.2 in /browser/flagr-ui

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump loader-utils, @vue/cli-service, @vue/cli-plugin-eslint and @vue/cli-plugin-babel in /browser/flagr-ui

    Bump loader-utils, @vue/cli-service, @vue/cli-plugin-eslint and @vue/cli-plugin-babel in /browser/flagr-ui

    Bumps loader-utils to 1.4.2 and updates ancestor dependencies loader-utils, @vue/cli-service, @vue/cli-plugin-eslint and @vue/cli-plugin-babel. These dependencies need to be updated together.

    Updates loader-utils from 1.4.0 to 1.4.2

    Release notes

    Sourced from loader-utils's releases.

    v1.4.2

    1.4.2 (2022-11-11)

    Bug Fixes

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    Changelog

    Sourced from loader-utils's changelog.

    1.4.2 (2022-11-11)

    Bug Fixes

    1.4.1 (2022-11-07)

    Bug Fixes

    Commits

    Updates @vue/cli-service from 4.5.19 to 5.0.8

    Release notes

    Sourced from @​vue/cli-service's releases.

    v5.0.8

    :bug: Bug Fix

    v5.0.7

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    v5.0.6

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    v5.0.5

    :bug: Bug Fix

    • @vue/cli
      • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service
    • @vue/cli-plugin-e2e-cypress
      • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

    Committers: 3

    v5.0.4

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    v5.0.3

    ... (truncated)

    Changelog

    Sourced from @​vue/cli-service's changelog.

    5.0.7 (2022-07-05)

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    5.0.6 (2022-06-16)

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    5.0.5 (2022-06-16)

    :bug: Bug Fix

    • @vue/cli
      • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service

    Committers: 3

    5.0.4 (2022-03-22)

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    ... (truncated)

    Commits
    • b154dbd v5.0.8
    • 0260e4d fix: add devServer.server.type to useHttps judgement (#7222)
    • 4a0655f v5.0.7
    • beffe8a fix: allow disabling progress plugin via devServer.client.progress
    • 558dea2 fix: support devServer.server option, avoid deprecation warning
    • bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)
    • ef08a08 v5.0.6
    • fcf27e3 fixup! fix: compatibility with Vue 2.7
    • a648958 fix: compatibility with Vue 2.7
    • 98c66c9 v5.0.5
    • Additional commits viewable in compare view

    Updates @vue/cli-plugin-eslint from 4.5.19 to 5.0.8

    Release notes

    Sourced from @​vue/cli-plugin-eslint's releases.

    v5.0.8

    :bug: Bug Fix

    v5.0.7

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    v5.0.6

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    v5.0.5

    :bug: Bug Fix

    • @vue/cli
      • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service
    • @vue/cli-plugin-e2e-cypress
      • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

    Committers: 3

    v5.0.4

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    v5.0.3

    ... (truncated)

    Changelog

    Sourced from @​vue/cli-plugin-eslint's changelog.

    5.0.7 (2022-07-05)

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    5.0.6 (2022-06-16)

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    5.0.5 (2022-06-16)

    :bug: Bug Fix

    • @vue/cli
      • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service

    Committers: 3

    5.0.4 (2022-03-22)

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    ... (truncated)

    Commits

    Updates @vue/cli-plugin-babel from 4.5.19 to 5.0.8

    Release notes

    Sourced from @​vue/cli-plugin-babel's releases.

    v5.0.8

    :bug: Bug Fix

    v5.0.7

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    v5.0.6

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    v5.0.5

    :bug: Bug Fix

    • @vue/cli
      • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service
    • @vue/cli-plugin-e2e-cypress
      • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

    Committers: 3

    v5.0.4

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    v5.0.3

    ... (truncated)

    Changelog

    Sourced from @​vue/cli-plugin-babel's changelog.

    5.0.7 (2022-07-05)

    • @vue/cli-service
    • @vue/cli-ui
      • #7210 chore: upgrade to apollo-server-express 3.x

    Committers: 2

    5.0.6 (2022-06-16)

    Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

    In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

    5.0.5 (2022-06-16)

    :bug: Bug Fix

    • @vue/cli
      • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
    • @vue/cli-service

    Committers: 3

    5.0.4 (2022-03-22)

    :bug: Bug Fix

    • @vue/cli-service
    • @vue/cli-shared-utils, @vue/cli-ui
      • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

    Committers: 1

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Flagr post endpoints does not work well with concurrent requests

    Flagr post endpoints does not work well with concurrent requests

    Flagr does not work well when there are concurrent post requests. Our service needs to create multiple constraints at the same time and flagr's response time for each request increases for each request. See screenshot. Response time went from 1s to 5s for each of the post constraint request. Screen Shot 2022-10-17 at 12 19 57 PM

    We are using WebClient to make the requests.

    public Mono<Condition> createConstraint(
          final long flagId, final long segmentId, final Condition constraint) {
        return http.post()
            .uri(
                host,
                u ->
                    u.path("/api/v1/flags/{flagID}/segments/{segmentID}/constraints")
                        .build(flagId, segmentId))
            .bodyValue(constraint)
            .retrieve()
            .bodyToMono(Condition.class);
    

    Expected Behavior

    For concurrent requests, the total time take to create all the constraints should not be longer than creating one constraint.

    Current Behavior

    For concurrent requests, the total time take to create all the constraints takes longer as number of request increase.

    Possible Solution

    1. Batch create contraint/segment endpoints in flagr.
    2. Handle concurrent requests.
    3. Are there any suggestions to update how we make requests to alleviate this issue?

    Steps to Reproduce (for bugs)

    Context

    This is causing the constraints creation time to delay when there are a lot of constraints to create and eventually our server timeout.

    Your Environment

    • Version used (flagr version): 1.1.13
    • Server type and version:
    • Operating System and version (uname -a):
    • Link to your project:

    our docker file:

    ARG DOCKER_REPO
    
    FROM checkr/flagr as flagr
    FROM $DOCKER_REPO/alpine:3.12.1-master
    
    # checkr/flagr go image is built with CGO enabled (CGO_ENABLED=1) which produces a binary with some dynamic linking,
    # in this case to glibc. Since our base alpine image does not have glibc installed, we need to install it in our docker
    # image so that checkr/flagr can run as expected.
    USER 0
    RUN apk --no-cache add ca-certificates wget
    RUN wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
    RUN wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.28-r0/glibc-2.28-r0.apk
    RUN apk add glibc-2.28-r0.apk
    
    COPY . /opt/flagr
    WORKDIR /opt/flagr
    
    COPY --from=flagr --chown=narvar:narvar /go/src/github.com/checkr/flagr /go/src/github.com/checkr/flagr
    COPY --chown=narvar:narvar ./flagr-start.sh /opt/flagr/flagr-start.sh
    COPY --chown=narvar:narvar ./startup.sh /opt/flagr/startup.sh
    RUN chmod +x /opt/flagr/startup.sh
    RUN chmod +x /opt/flagr/flagr-start.sh
    
    ENV HOST=0.0.0.0
    ENV PORT=18000
    
    CMD ["sh", "-c","/opt/flagr/flagr-start.sh & /opt/flagr/startup.sh"]
    
    
A feature flag solution, with only a YAML file in the backend (S3, GitHub, HTTP, local file ...), no server to install, just add a file in a central system and refer to it. 🎛️
A feature flag solution, with only a YAML file in the backend (S3, GitHub, HTTP, local file ...), no server to install, just add a file in a central system and refer to it. 🎛️

??️ go-feature-flag A feature flag solution, with YAML file in the backend (S3, GitHub, HTTP, local file ...). No server to install, just add a file i

Dec 29, 2022
An open-source, on-prem feature flag solution
An open-source, on-prem feature flag solution

An open-source, on-prem feature flag solution Documentation | Features | Values | Examples | Enterprise Flipt is an open source, on-prem feature flag

Dec 24, 2022
Oogway is a simple web server with dynamic content generation and extendability in mind supporting a Git based workflow.

Oogway Oogway is a simple web server with dynamic content generation and extendability in mind supporting a Git based workflow. It's somewhere in betw

Nov 9, 2022
A basic debugging server used when testing deployments

debug-server A basic debugging server used when testing deployments Development Start Server make Build This builds a Docker image with the commit has

Nov 1, 2021
ready-to-use RTSP / RTMP server and proxy that allows to read, publish and proxy video and audio streams
ready-to-use RTSP / RTMP server and proxy that allows to read, publish and proxy video and audio streams

rtsp-simple-server is a simple, ready-to-use and zero-dependency RTSP / RTMP server and proxy, a software that allows users to publish, read and proxy live video and audio streams. RTSP is a specification that describes how to perform these operations with the help of a server, that is contacted by both publishers and readers and relays the publisher's streams to the readers.

Dec 31, 2022
Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support - S3, Google Cloud Storage, Azure Blob

SFTPGo Fully featured and highly configurable SFTP server with optional FTP/S and WebDAV support, written in Go. Several storage backends are supporte

Jan 9, 2023
⚡ A fast, lightweight, and secure chat protocol, client and server, written in Go.

⚡ A fast, lightweight, and secure chat protocol, client and server, written in Go.

Oct 27, 2022
RBTI Golang Server uses PostgreSQL and for its main database and uses Elasticsearch

RBTI Golang Server This server is used for my thesis project, it uses PostgreSQL and for its main database and uses Elasticsearch for faster query spe

Jan 17, 2022
✨ A lightweight HTTP server based on GO, will try to detect your OS and architecture and return as SHELL script. ✨
✨ A lightweight HTTP server based on GO, will try to detect your OS and architecture and return as SHELL script. ✨

✨ A lightweight HTTP server based on GO, will try to detect your OS and architecture and return as SHELL script. ✨

Dec 14, 2022
:tophat: Small self-contained pure-Go web server with Lua, Markdown, HTTP/2, QUIC, Redis and PostgreSQL support
:tophat: Small self-contained pure-Go web server with Lua, Markdown, HTTP/2, QUIC, Redis and PostgreSQL support

Web server with built-in support for QUIC, HTTP/2, Lua, Markdown, Pongo2, HyperApp, Amber, Sass(SCSS), GCSS, JSX, BoltDB (built-in, stores the databas

Jan 1, 2023
A registry for resilient mid-tier load balancing and failover.

Discovery Discovery is a based service that is production-ready and primarily used at Bilibili for locating services for the purpose of load balancing

Dec 28, 2022
Open platform to collect and prioritize product feedback
Open platform to collect and prioritize product feedback

Fider A platform to collect and organize customer feedback. Let your customers share, vote and discuss on suggestions they have to make your product e

Jan 1, 2023
High-performance PHP application server, load-balancer and process manager written in Golang
High-performance PHP application server, load-balancer and process manager written in Golang

[RR2-BETA] RoadRunner is an open-source (MIT licensed) high-performance PHP application server, load balancer, and process manager. It supports runnin

Jan 4, 2023
Simple webhook delivery system powered by Golang and PostgreSQL

postmand Simple webhook delivery system powered by Golang and PostgreSQL. Features Simple rest api with only three endpoints (webhooks/deliveries/deli

Dec 22, 2022
Opinionated boilerplate Golang HTTP server with CORS, OPA, Prometheus, rate-limiter for API and static website.
Opinionated boilerplate Golang HTTP server with CORS, OPA, Prometheus, rate-limiter for API and static website.

Teal.Finance/Server Opinionated boilerplate HTTP server with CORS, OPA, Prometheus, rate-limiter… for API and static website. Origin This library was

Nov 3, 2022
HTTP server receives events and publishes them to STAN
HTTP server receives events and publishes them to STAN

Publishes events to Nats Streaming(STAN) synchornously and asynchronously. Cache events's publish-state using Redis and Store events using MongoDB.

Dec 30, 2022
Formrecevr is a simple and lightweight from receiver backend primarily designed for (but not limited to) static websites.

Formrecevr Formrecevr (pronunced "Form receiver") is a simple and lightweight from receiver backend primarily designed for (but not limited to) static

Apr 17, 2022
Tiny Go webserver that prints os information and HTTP request to output

whoami Tiny Go webserver that prints os information and HTTP request to output Usage Paths /data?size=n[&unit=u]: creates a response with a size n. Th

Nov 2, 2021