Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PI-1940 Add feature-flags project in dev/preprod/prod #3403

Merged
merged 4 commits into from
Feb 29, 2024
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,3 +85,8 @@ updates:
directory: "/projects/redrive-dead-letter-queues/container"
schedule:
interval: "monthly" # to reduce frequency of AWS CLI updates

- package-ecosystem: "docker"
directory: "/projects/feature-flags/container"
schedule:
interval: "daily"
1 change: 1 addition & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@ jobs:
project:
- person-search-index-from-delius
- redrive-dead-letter-queues
- feature-flags
steps:
- uses: actions/checkout@v4

Expand Down
1 change: 1 addition & 0 deletions .github/workflows/check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ jobs:
VALIDATE_XML: true
VALIDATE_YAML: true
LINTER_RULES_PATH: /
FILTER_REGEX_EXCLUDE: .*projects/feature-flags/deploy/templates/grafana-dashboards.yml # yamlint doesn't like the Helm templating
GITHUB_ACTIONS_CONFIG_FILE: .github/actionlint.yml
GITHUB_ACTIONS_COMMAND_ARGS: -ignore=SC.+:info:.+
GITHUB_TOKEN: ${{ github.token }}
1 change: 1 addition & 0 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ on:
- '["dps-and-delius"]'
- '["effective-proposal-framework-and-delius"]'
- '["external-api-and-delius"]'
- '["feature-flags"]'
- '["hdc-licences-and-delius"]'
- '["hmpps-auth-and-delius"]'
- '["make-recall-decisions-and-delius"]'
Expand Down
16 changes: 1 addition & 15 deletions .github/workflows/tools.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: Tools
# Deploy shared tools - currently just flipt and auth0
# Deploy shared tools - currently just the dummy ingress-test service

on:
push:
Expand All @@ -16,7 +16,6 @@ jobs:
fail-fast: false
matrix:
project:
- feature-flags
- ingress-test
steps:
- uses: actions/checkout@v4
Expand Down Expand Up @@ -49,16 +48,3 @@ jobs:
env:
PROJECT: ${{ matrix.project }}
GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_EXTERNAL_REPOS_TOKEN }}

deploy-auth:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm install -g auth0-deploy-cli
- name: Import Auth0 configuration
working-directory: tools/feature-flags/deploy/auth0
env:
AUTH0_CLIENT_ID: ${{ secrets.FLIPT_AUTH0_CLIENT_ID }}
AUTH0_CLIENT_SECRET: ${{ secrets.FLIPT_AUTH0_CLIENT_SECRET }}
run: a0deploy import --input_file tenant.yaml --config_file config.json
20 changes: 9 additions & 11 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -199,20 +199,18 @@ For more information on how this is implemented, see [PI-340](https://dsdmoj.atl

# Feature flags

This project uses feature flags to control the availability of certain features.
Feature flags allow you to easily turn on or off parts of a service in production.
This helps us to decouple "releases" from "deployments".
This project uses [Flipt](https://www.flipt.io/) to control the availability of certain features.
Feature flags allow us to turn on or off parts of a service in production, decoupling "releases" from "deployments".

Feature flags are managed in the [Flipt dashboard](https://feature-flags.probation-integration.service.justice.gov.uk).
You'll need to be in an appropriate GitHub team to access it.
The list of allowed teams is defined here: [code.js](tools/feature-flags/deploy/auth0/actions/Check%20GitHub%20teams/code.js).
Feature flags are managed in the [Flipt dashboard](https://feature-flags.hmpps.service.justice.gov.uk).
You'll need to be in the `ministryofjustice` organisation to access it.

To add a feature flag to your code:

1. Create a new flag in the dashboard
2. Add the FLIPT_URL and FLIPT_TOKEN to your values-prod.yml file.
Example: [values-prod.yml](https://github.com/ministryofjustice/hmpps-probation-integration-services/blob/bd9a93c86112cd8a3717c9cc8631644d27cf34a7/projects/risk-assessment-scores-to-delius/deploy/values-prod.yml#L7-L11).
3. Update your code to inject the `FeatureFlags` service, and call `enabled("<key>")`. Example:
1. Create a new boolean flag in
the [dev](https://feature-flags-dev.hmpps.service.justice.gov.uk), [preprod](https://feature-flags-preprod.hmpps.service.justice.gov.uk),
and [prod](https://feature-flags.hmpps.service.justice.gov.uk) dashboards.
2. Update your code to inject the `FeatureFlags` service, and call `enabled("<key>")`. Example:

```kotlin
@Service
Expand All @@ -227,7 +225,7 @@ class MyService(private val featureFlags: FeatureFlags) {
}
```

For more information about Flipt, check out the [Flipt documentation](https://www.flipt.io/docs).
For more information about Flipt, check out the [documentation](https://www.flipt.io/docs).

# Deployment
Once the code is built and tested, GitHub Actions deploys the updated images for each service
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,4 @@ generic-service:

env:
SENTRY_ENVIRONMENT: prod
INTEGRATIONS_ORDS_URL: https://bridge-oasys.az.justice.gov.uk/eor/oasys
FLIPT_URL: http://feature-flags.hmpps-probation-integration.svc.cluster.local

namespace_secrets:
flipt-client:
FLIPT_TOKEN: TOKEN
INTEGRATIONS_ORDS_URL: https://bridge-oasys.az.justice.gov.uk/eor/oasys
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,3 @@ generic-service:
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_HMPPS-AUTH_TOKEN-URI: http://hmpps-auth.hmpps-auth-prod.svc.cluster.local/auth/oauth/token
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI: http://hmpps-auth.hmpps-auth-prod.svc.cluster.local/auth/.well-known/jwks.json
SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: https://sign-in.hmpps.service.justice.gov.uk/auth/issuer

FLIPT_URL: http://feature-flags.hmpps-probation-integration.svc.cluster.local

namespace_secrets:
flipt-client:
FLIPT_TOKEN: TOKEN
1 change: 1 addition & 0 deletions projects/feature-flags/.trivyignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

4 changes: 4 additions & 0 deletions projects/feature-flags/container/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
FROM ghcr.io/flipt-io/flipt:v1.38.0

# Run any pending migrations on startup
CMD ["sh", "-c", "./flipt migrate && ./flipt"]
Loading