flipper 0.24.1 → 1.3.0

data/lib/flipper/cloud/configuration.rb

@@ -0,0 +1,263 @@
+require "logger"
+require "socket"
+require "flipper/adapters/http"
+require "flipper/adapters/poll"
+require "flipper/poller"
+require "flipper/adapters/memory"
+require "flipper/adapters/dual_write"
+require "flipper/adapters/sync/synchronizer"
+require "flipper/cloud/telemetry"
+require "flipper/cloud/telemetry/instrumenter"
+require "flipper/cloud/telemetry/submitter"
+
+module Flipper
+  module Cloud
+    class Configuration
+      # The set of valid ways that syncing can happpen.
+      VALID_SYNC_METHODS = Set[
+        :poll,
+        :webhook,
+      ].freeze
+
+      DEFAULT_URL = "https://www.flippercloud.io/adapter".freeze
+
+      # Public: The token corresponding to an environment on flippercloud.io.
+      attr_accessor :token
+
+      # Public: The url for http adapter. Really should only be customized for
+      #         development work if you are me and you are not me. Feel free to
+      #         forget you ever saw this.
+      attr_accessor :url
+
+      # Public: net/http read timeout for all http requests (default: 5).
+      attr_accessor :read_timeout
+
+      # Public: net/http open timeout for all http requests (default: 5).
+      attr_accessor :open_timeout
+
+      # Public: net/http write timeout for all http requests (default: 5).
+      attr_accessor :write_timeout
+
+      # Public: IO stream to send debug output too. Off by default.
+      #
+      #  # for example, this would send all http request information to STDOUT
+      #  configuration = Flipper::Cloud::Configuration.new
+      #  configuration.debug_output = STDOUT
+      attr_accessor :debug_output
+
+      # Public: Instrumenter to use for the Flipper instance returned by
+      #         Flipper::Cloud.new (default: Flipper::Instrumenters::Noop).
+      #
+      #  # for example, to use active support notifications you could do:
+      #  configuration = Flipper::Cloud::Configuration.new
+      #  configuration.instrumenter = ActiveSupport::Notifications
+      attr_accessor :instrumenter
+
+      # Public: Local adapter that all reads should go to in order to ensure
+      # latency is low and resiliency is high. This adapter is automatically
+      # kept in sync with cloud.
+      #
+      #  # for example, to use active record you could do:
+      #  configuration = Flipper::Cloud::Configuration.new
+      #  configuration.local_adapter = Flipper::Adapters::ActiveRecord.new
+      attr_accessor :local_adapter
+
+      # Public: The Integer or Float number of seconds between attempts to bring
+      # the local in sync with cloud (default: 10).
+      attr_accessor :sync_interval
+
+      # Public: The secret used to verify if syncs in the middleware should
+      # occur or not.
+      attr_accessor :sync_secret
+
+      # Public: The logger to use for debugging inner workings.
+      attr_accessor :logger
+
+      # Public: Should the logger log or not (default: true).
+      attr_accessor :logging_enabled
+
+      # Public: The telemetry instance to use for tracking feature usage.
+      attr_accessor :telemetry
+
+      # Public: Should telemetry be enabled or not (default: false).
+      attr_accessor :telemetry_enabled
+
+      def initialize(options = {})
+        setup_auth options
+        setup_log options
+        setup_http options
+        setup_sync options
+        setup_adapter options
+        setup_telemetry options
+      end
+
+      # Public: Read or customize the http adapter. Calling without a block will
+      # perform a read. Calling with a block yields the cloud adapter
+      # for customization.
+      #
+      #   # for example, to instrument the http calls, you can wrap the http
+      #   # adapter with the intsrumented adapter
+      #   configuration = Flipper::Cloud::Configuration.new
+      #   configuration.adapter do |adapter|
+      #     Flipper::Adapters::Instrumented.new(adapter)
+      #   end
+      #
+      def adapter(&block)
+        if block_given?
+          @adapter_block = block
+        else
+          @adapter_block.call app_adapter
+        end
+      end
+
+      # Public: Force a sync.
+      def sync
+        Flipper::Adapters::Sync::Synchronizer.new(local_adapter, http_adapter, {
+          instrumenter: instrumenter,
+        }).call
+      end
+
+      # Public: The method that will be used to synchronize local adapter with
+      # cloud. (default: :poll, will be :webhook if sync_secret is set).
+      def sync_method
+        sync_secret ? :webhook : :poll
+      end
+
+      # Internal: The http client used by the http adapter. Exposed so we can
+      # use the same client for posting telemetry.
+      def http_client
+        http_adapter.client
+      end
+
+      # Internal: Logs message if logging is enabled.
+      def log(message, level: :debug)
+        return unless logging_enabled
+        logger.send(level, "name=flipper_cloud #{message}")
+      end
+
+      private
+
+      def app_adapter
+        read_adapter = sync_method == :webhook ? local_adapter : poll_adapter
+        Flipper::Adapters::DualWrite.new(read_adapter, http_adapter)
+      end
+
+      def poller
+        Flipper::Poller.get(@url + @token, {
+          interval: sync_interval,
+          remote_adapter: http_adapter,
+          instrumenter: instrumenter,
+        }).tap(&:start)
+      end
+
+      def poll_adapter
+        Flipper::Adapters::Poll.new(poller, local_adapter)
+      end
+
+      def http_adapter
+        Flipper::Adapters::Http.new({
+          url: @url,
+          read_timeout: @read_timeout,
+          open_timeout: @open_timeout,
+          write_timeout: @write_timeout,
+          max_retries: 0, # we'll handle retries ourselves
+          debug_output: @debug_output,
+          headers: {
+            "flipper-cloud-token" => @token,
+            "accept-encoding" => "gzip",
+          },
+        })
+      end
+
+      def setup_auth(options)
+        set_option :token, options, required: true
+      end
+
+      def setup_log(options)
+        set_option :logging_enabled, options, default: false, typecast: :boolean
+        set_option :logger, options, from_env: false, default: -> {
+          if logging_enabled
+            Logger.new(STDOUT)
+          else
+            Logger.new("/dev/null")
+          end
+        }
+      end
+
+      def setup_http(options)
+        set_option :url, options, default: DEFAULT_URL
+        set_option :debug_output, options, from_env: false
+
+        if @debug_output.nil? && Flipper::Typecast.to_boolean(ENV["FLIPPER_CLOUD_DEBUG_OUTPUT_STDOUT"])
+          @debug_output = STDOUT
+        end
+
+        set_option :read_timeout, options, default: 5, typecast: :float, minimum: 0.1
+        set_option :open_timeout, options, default: 2, typecast: :float, minimum: 0.1
+        set_option :write_timeout, options, default: 5, typecast: :float, minimum: 0.1
+      end
+
+      def setup_sync(options)
+        set_option :sync_interval, options, default: 10, typecast: :float, minimum: 10
+        set_option :sync_secret, options
+      end
+
+      def setup_adapter(options)
+        set_option :local_adapter, options, default: -> { Adapters::Memory.new }, from_env: false
+        @adapter_block = ->(adapter) { adapter }
+      end
+
+      def setup_telemetry(options)
+        # Needs to be after url and token assignments because they are used for
+        # uniqueness in Telemetry.instance_for.
+        set_option :telemetry, options, from_env: false, default: -> {
+          Telemetry.instance_for(self)
+        }
+
+        set_option :telemetry_enabled, options, default: true, typecast: :boolean
+        instrumenter = options.fetch(:instrumenter, Instrumenters::Noop)
+        @instrumenter = if telemetry_enabled
+          Telemetry::Instrumenter.new(self, instrumenter)
+        else
+          instrumenter
+        end
+      end
+
+      # Internal: Super helper for defining an option that can be set via
+      # options hash or ENV with defaults, typecasting and minimums.
+      def set_option(name, options, default: nil, typecast: nil, minimum: nil, from_env: true, required: false)
+        env_var = "FLIPPER_CLOUD_#{name.to_s.upcase}"
+        value = options.fetch(name) {
+          default_value = default.respond_to?(:call) ? default.call : default
+          if from_env
+            ENV.fetch(env_var, default_value)
+          else
+            default_value
+          end
+        }
+        value = Flipper::Typecast.send("to_#{typecast}", value) if typecast
+        send("#{name}=", value)
+        enforce_minimum(name, minimum) if minimum
+
+        if required
+          option_value = send(name)
+          if option_value.nil? || option_value.empty?
+            message = "Flipper::Cloud #{name} is missing. Please "
+            message << "set #{env_var} or " if from_env
+            message << "provide #{name} (e.g. Flipper::Cloud.new(#{name}: value))."
+            raise ArgumentError, message
+          end
+        end
+      end
+
+      # Enforce minimum interval for tasks that run on a timer.
+      def enforce_minimum(name, minimum)
+        provided = send(name)
+        if provided && provided < minimum
+          warn "Flipper::Cloud##{name} must be at least #{minimum} seconds but was #{provided}. Using #{minimum} seconds."
+          send(:instance_variable_set, "@#{name}", minimum)
+        end
+      end
+    end
+  end
+end

data/lib/flipper/cloud/dsl.rb

@@ -0,0 +1,27 @@
+require 'forwardable'
+
+module Flipper
+  module Cloud
+    class DSL < SimpleDelegator
+      attr_reader :cloud_configuration
+
+      def initialize(cloud_configuration)
+        @cloud_configuration = cloud_configuration
+        super Flipper.new(@cloud_configuration.adapter, instrumenter: @cloud_configuration.instrumenter)
+      end
+
+      def sync
+        @cloud_configuration.sync
+      end
+
+      def sync_secret
+        @cloud_configuration.sync_secret
+      end
+
+      def inspect
+        inspect_id = ::Kernel::format "%x", (object_id * 2)
+        %(#<#{self.class}:0x#{inspect_id} @cloud_configuration=#{cloud_configuration.inspect}, flipper=#{__getobj__.inspect}>)
+      end
+    end
+  end
+end

data/lib/flipper/cloud/message_verifier.rb

@@ -0,0 +1,95 @@
+require "openssl"
+require "digest/sha2"
+
+module Flipper
+  module Cloud
+    class MessageVerifier
+      class InvalidSignature < StandardError; end
+
+      DEFAULT_VERSION = "v1"
+
+      def self.header(signature, timestamp, version = DEFAULT_VERSION)
+        raise ArgumentError, "timestamp should be an instance of Time" unless timestamp.is_a?(Time)
+        raise ArgumentError, "signature should be a string" unless signature.is_a?(String)
+        "t=#{timestamp.to_i},#{version}=#{signature}"
+      end
+
+      def initialize(secret:, version: DEFAULT_VERSION)
+        @secret = secret
+        @version = version || DEFAULT_VERSION
+
+        raise ArgumentError, "secret should be a string" unless @secret.is_a?(String)
+        raise ArgumentError, "version should be a string" unless @version.is_a?(String)
+      end
+
+      def generate(payload, timestamp)
+        raise ArgumentError, "timestamp should be an instance of Time" unless timestamp.is_a?(Time)
+        raise ArgumentError, "payload should be a string" unless payload.is_a?(String)
+
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), @secret, "#{timestamp.to_i}.#{payload}")
+      end
+
+      def header(signature, timestamp)
+        self.class.header(signature, timestamp, @version)
+      end
+
+      # Public: Verifies the signature header for a given payload.
+      #
+      # Raises a InvalidSignature in the following cases:
+      # - the header does not match the expected format
+      # - no signatures found with the expected scheme
+      # - no signatures matching the expected signature
+      # - a tolerance is provided and the timestamp is not within the
+      #   tolerance
+      #
+      # Returns true otherwise.
+      def verify(payload, header, tolerance: nil)
+        begin
+          timestamp, signatures = get_timestamp_and_signatures(header)
+        rescue StandardError
+          raise InvalidSignature, "Unable to extract timestamp and signatures from header"
+        end
+
+        if signatures.empty?
+          raise InvalidSignature, "No signatures found with expected version #{@version}"
+        end
+
+        expected_sig = generate(payload, timestamp)
+        unless signatures.any? { |s| secure_compare(expected_sig, s) }
+          raise InvalidSignature, "No signatures found matching the expected signature for payload"
+        end
+
+        if tolerance && timestamp < Time.now - tolerance
+          raise InvalidSignature, "Timestamp outside the tolerance zone (#{Time.at(timestamp)})"
+        end
+
+        true
+      end
+
+      private
+
+      # Extracts the timestamp and the signature(s) with the desired version
+      # from the header
+      def get_timestamp_and_signatures(header)
+        list_items = header.split(/,\s*/).map { |i| i.split("=", 2) }
+        timestamp = Integer(list_items.select { |i| i[0] == "t" }[0][1])
+        signatures = list_items.select { |i| i[0] == @version }.map { |i| i[1] }
+        [Time.at(timestamp), signatures]
+      end
+
+      # Private
+      def fixed_length_secure_compare(a, b)
+        raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize
+        l = a.unpack "C#{a.bytesize}"
+        res = 0
+        b.each_byte { |byte| res |= byte ^ l.shift }
+        res == 0
+      end
+
+      # Private
+      def secure_compare(a, b)
+        fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
+      end
+    end
+  end
+end

data/lib/flipper/cloud/middleware.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require "flipper/cloud/message_verifier"
+
+module Flipper
+  module Cloud
+    class Middleware
+      # Internal: The path to match for webhook requests.
+      WEBHOOK_PATH = %r{\A/webhooks\/?\Z}
+      # Internal: The root path to match for requests.
+      ROOT_PATH = %r{\A/\Z}
+
+      def initialize(app, options = {})
+        @app = app
+        @env_key = options.fetch(:env_key, 'flipper')
+      end
+
+      def call(env)
+        dup.call!(env)
+      end
+
+      def call!(env)
+        request = Rack::Request.new(env)
+        if request.post? && (request.path_info.match(ROOT_PATH) || request.path_info.match(WEBHOOK_PATH))
+          status = 200
+          headers = {
+            Rack::CONTENT_TYPE => "application/json",
+          }
+          body = "{}"
+          payload = request.body.read
+          signature = request.env["HTTP_FLIPPER_CLOUD_SIGNATURE"]
+          flipper = env.fetch(@env_key)
+
+          begin
+            message_verifier = MessageVerifier.new(secret: flipper.sync_secret)
+            if message_verifier.verify(payload, signature)
+              begin
+                flipper.sync
+                body = JSON.generate({
+                  groups: Flipper.group_names.map { |name| {name: name}}
+                })
+              rescue Flipper::Adapters::Http::Error => error
+                status = error.response.code.to_i == 402 ? 402 : 500
+                headers["flipper-cloud-response-error-class"] = error.class.name
+                headers["flipper-cloud-response-error-message"] = error.message
+              rescue => error
+                status = 500
+                headers["flipper-cloud-response-error-class"] = error.class.name
+                headers["flipper-cloud-response-error-message"] = error.message
+              end
+            end
+          rescue MessageVerifier::InvalidSignature
+            status = 400
+          end
+
+          [status, headers, [body]]
+        else
+          @app.call(env)
+        end
+      end
+    end
+  end
+end

data/lib/flipper/cloud/routes.rb

@@ -0,0 +1,14 @@
+# Default routes loaded by Flipper::Cloud::Engine
+Rails.application.routes.draw do
+  if ENV["FLIPPER_CLOUD_TOKEN"] && ENV["FLIPPER_CLOUD_SYNC_SECRET"]
+    require 'flipper/cloud'
+    config = Rails.application.config.flipper
+
+    cloud_app = Flipper::Cloud.app(nil,
+      env_key: config.env_key,
+      memoizer_options: { preload: config.preload }
+    )
+
+    mount cloud_app, at: config.cloud_path
+  end
+end

data/lib/flipper/cloud/telemetry/backoff_policy.rb

@@ -0,0 +1,93 @@
+module Flipper
+  module Cloud
+    class Telemetry
+      class BackoffPolicy
+        # Private: The default minimum timeout between intervals in milliseconds.
+        MIN_TIMEOUT_MS = 1_000
+
+        # Private: The default maximum timeout between intervals in milliseconds.
+        MAX_TIMEOUT_MS = 30_000
+
+        # Private: The value to multiply the current interval with for each
+        # retry attempt.
+        MULTIPLIER = 1.5
+
+        # Private: The randomization factor to use to create a range around the
+        # retry interval.
+        RANDOMIZATION_FACTOR = 0.5
+
+        # Private
+        attr_reader :min_timeout_ms, :max_timeout_ms, :multiplier, :randomization_factor
+
+        # Private
+        attr_reader :attempts
+
+        # Public: Create new instance of backoff policy.
+        #
+        # options - The Hash of options.
+        #   :min_timeout_ms - The minimum backoff timeout.
+        #   :max_timeout_ms - The maximum backoff timeout.
+        #   :multiplier - The value to multiply the current interval with for each
+        #                 retry attempt.
+        #   :randomization_factor - The randomization factor to use to create a range
+        #                           around the retry interval.
+        def initialize(options = {})
+          @min_timeout_ms = options.fetch(:min_timeout_ms) {
+            ENV.fetch("FLIPPER_BACKOFF_MIN_TIMEOUT_MS", MIN_TIMEOUT_MS).to_i
+          }
+          @max_timeout_ms = options.fetch(:max_timeout_ms) {
+            ENV.fetch("FLIPPER_BACKOFF_MAX_TIMEOUT_MS", MAX_TIMEOUT_MS).to_i
+          }
+          @multiplier = options.fetch(:multiplier) {
+            ENV.fetch("FLIPPER_BACKOFF_MULTIPLIER", MULTIPLIER).to_f
+          }
+          @randomization_factor = options.fetch(:randomization_factor) {
+            ENV.fetch("FLIPPER_BACKOFF_RANDOMIZATION_FACTOR", RANDOMIZATION_FACTOR).to_f
+          }
+
+          unless @min_timeout_ms >= 0
+            raise ArgumentError, ":min_timeout_ms must be >= 0 but was #{@min_timeout_ms.inspect}"
+          end
+
+          unless @max_timeout_ms >= 0
+            raise ArgumentError, ":max_timeout_ms must be >= 0 but was #{@max_timeout_ms.inspect}"
+          end
+
+          unless @min_timeout_ms <= max_timeout_ms
+            raise ArgumentError, ":min_timeout_ms (#{@min_timeout_ms.inspect}) must be <= :max_timeout_ms (#{@max_timeout_ms.inspect})"
+          end
+
+          @attempts = 0
+        end
+
+        # Public: Returns the next backoff interval in milliseconds.
+        def next_interval
+          interval = @min_timeout_ms * (@multiplier**@attempts)
+          interval = add_jitter(interval, @randomization_factor)
+
+          @attempts += 1
+
+          [interval, @max_timeout_ms].min
+        end
+
+        def reset
+          @attempts = 0
+        end
+
+        private
+
+        def add_jitter(base, randomization_factor)
+          random_number = rand
+          max_deviation = base * randomization_factor
+          deviation = random_number * max_deviation
+
+          if random_number < 0.5
+            base - deviation
+          else
+            base + deviation
+          end
+        end
+      end
+    end
+  end
+end

data/lib/flipper/cloud/telemetry/instrumenter.rb

@@ -0,0 +1,22 @@
+require "delegate"
+
+module Flipper
+  module Cloud
+    class Telemetry
+      class Instrumenter
+        attr_reader :instrumenter
+
+        def initialize(cloud_configuration, instrumenter)
+          @instrumenter = instrumenter
+          @cloud_configuration = cloud_configuration
+        end
+
+        def instrument(name, payload = {}, &block)
+          return_value = instrumenter.instrument(name, payload, &block)
+          @cloud_configuration.telemetry.record(name, payload)
+          return_value
+        end
+      end
+    end
+  end
+end

data/lib/flipper/cloud/telemetry/metric.rb

@@ -0,0 +1,39 @@
+module Flipper
+  module Cloud
+    class Telemetry
+      class Metric
+        attr_reader :key, :time, :result
+
+        def initialize(key, result, time = Time.now)
+          @key = key
+          @result = result
+          @time = time.to_i / 60 * 60
+        end
+
+        def as_json(options = {})
+          data = {
+            "key" => key.to_s,
+            "time" => time,
+            "result" => result,
+          }
+
+          if options[:with]
+            data.merge!(options[:with])
+          end
+
+          data
+        end
+
+        def eql?(other)
+          self.class.eql?(other.class) &&
+            @key == other.key && @time == other.time && @result == other.result
+        end
+        alias :== :eql?
+
+        def hash
+          [self.class, @key, @time, @result].hash
+        end
+      end
+    end
+  end
+end

data/lib/flipper/cloud/telemetry/metric_storage.rb

@@ -0,0 +1,30 @@
+require 'concurrent/map'
+require 'concurrent/atomic/atomic_fixnum'
+
+module Flipper
+  module Cloud
+    class Telemetry
+      class MetricStorage
+        def initialize
+          @storage = Concurrent::Map.new { |h, k| h[k] = Concurrent::AtomicFixnum.new(0) }
+        end
+
+        def increment(metric)
+          @storage[metric].increment
+        end
+
+        def drain
+          metrics = {}
+          @storage.keys.each do |metric|
+            metrics[metric] = @storage.delete(metric).value
+          end
+          metrics.freeze
+        end
+
+        def empty?
+          @storage.empty?
+        end
+      end
+    end
+  end
+end