RubyGems - flipper - Versions diffs - 0.26.0 → 1.1.0 - Mend

flipper 0.26.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

checksums.yaml +4 -4
data/.github/FUNDING.yml +1 -0
data/.github/workflows/ci.yml +19 -13
data/.github/workflows/examples.yml +32 -15
data/Changelog.md +294 -154
data/Gemfile +15 -10
data/README.md +13 -11
data/benchmark/enabled_ips.rb +10 -0
data/benchmark/enabled_multiple_actors_ips.rb +20 -0
data/benchmark/enabled_profile.rb +20 -0
data/benchmark/instrumentation_ips.rb +21 -0
data/benchmark/typecast_ips.rb +27 -0
data/docs/images/flipper_cloud.png +0 -0
data/examples/api/basic.ru +3 -4
data/examples/api/custom_memoized.ru +3 -4
data/examples/api/memoized.ru +3 -4
data/examples/cloud/app.ru +12 -0
data/examples/cloud/backoff_policy.rb +13 -0
data/examples/cloud/basic.rb +22 -0
data/examples/cloud/cloud_setup.rb +20 -0
data/examples/cloud/forked.rb +36 -0
data/examples/cloud/import.rb +17 -0
data/examples/cloud/threaded.rb +33 -0
data/examples/dsl.rb +1 -15
data/examples/enabled_for_actor.rb +4 -2
data/examples/expressions.rb +213 -0
data/examples/mirroring.rb +59 -0
data/examples/strict.rb +18 -0
data/flipper-cloud.gemspec +19 -0
data/flipper.gemspec +3 -5
data/lib/flipper/actor.rb +6 -3
data/lib/flipper/adapter.rb +33 -7
data/lib/flipper/adapter_builder.rb +44 -0
data/lib/flipper/adapters/dual_write.rb +1 -3
data/lib/flipper/adapters/failover.rb +0 -4
data/lib/flipper/adapters/failsafe.rb +0 -4
data/lib/flipper/adapters/http/client.rb +26 -7
data/lib/flipper/adapters/http/error.rb +1 -1
data/lib/flipper/adapters/http.rb +29 -16
data/lib/flipper/adapters/instrumented.rb +25 -6
data/lib/flipper/adapters/memoizable.rb +33 -21
data/lib/flipper/adapters/memory.rb +81 -46
data/lib/flipper/adapters/operation_logger.rb +16 -7
data/lib/flipper/adapters/poll/poller.rb +2 -125
data/lib/flipper/adapters/poll.rb +5 -3
data/lib/flipper/adapters/pstore.rb +17 -11
data/lib/flipper/adapters/read_only.rb +4 -4
data/lib/flipper/adapters/strict.rb +47 -0
data/lib/flipper/adapters/sync/feature_synchronizer.rb +10 -1
data/lib/flipper/adapters/sync.rb +0 -4
data/lib/flipper/cloud/configuration.rb +258 -0
data/lib/flipper/cloud/dsl.rb +27 -0
data/lib/flipper/cloud/message_verifier.rb +95 -0
data/lib/flipper/cloud/middleware.rb +63 -0
data/lib/flipper/cloud/routes.rb +14 -0
data/lib/flipper/cloud/telemetry/backoff_policy.rb +93 -0
data/lib/flipper/cloud/telemetry/instrumenter.rb +26 -0
data/lib/flipper/cloud/telemetry/metric.rb +39 -0
data/lib/flipper/cloud/telemetry/metric_storage.rb +30 -0
data/lib/flipper/cloud/telemetry/submitter.rb +98 -0
data/lib/flipper/cloud/telemetry.rb +183 -0
data/lib/flipper/cloud.rb +53 -0
data/lib/flipper/configuration.rb +25 -4
data/lib/flipper/dsl.rb +46 -45
data/lib/flipper/engine.rb +88 -0
data/lib/flipper/errors.rb +3 -3
data/lib/flipper/export.rb +26 -0
data/lib/flipper/exporter.rb +17 -0
data/lib/flipper/exporters/json/export.rb +32 -0
data/lib/flipper/exporters/json/v1.rb +33 -0
data/lib/flipper/expression/builder.rb +73 -0
data/lib/flipper/expression/constant.rb +25 -0
data/lib/flipper/expression.rb +71 -0
data/lib/flipper/expressions/all.rb +11 -0
data/lib/flipper/expressions/any.rb +9 -0
data/lib/flipper/expressions/boolean.rb +9 -0
data/lib/flipper/expressions/comparable.rb +13 -0
data/lib/flipper/expressions/duration.rb +28 -0
data/lib/flipper/expressions/equal.rb +9 -0
data/lib/flipper/expressions/greater_than.rb +9 -0
data/lib/flipper/expressions/greater_than_or_equal_to.rb +9 -0
data/lib/flipper/expressions/less_than.rb +9 -0
data/lib/flipper/expressions/less_than_or_equal_to.rb +9 -0
data/lib/flipper/expressions/not_equal.rb +9 -0
data/lib/flipper/expressions/now.rb +9 -0
data/lib/flipper/expressions/number.rb +9 -0
data/lib/flipper/expressions/percentage.rb +9 -0
data/lib/flipper/expressions/percentage_of_actors.rb +12 -0
data/lib/flipper/expressions/property.rb +9 -0
data/lib/flipper/expressions/random.rb +9 -0
data/lib/flipper/expressions/string.rb +9 -0
data/lib/flipper/expressions/time.rb +9 -0
data/lib/flipper/feature.rb +87 -26
data/lib/flipper/feature_check_context.rb +10 -6
data/lib/flipper/gate.rb +13 -11
data/lib/flipper/gate_values.rb +5 -18
data/lib/flipper/gates/actor.rb +10 -17
data/lib/flipper/gates/boolean.rb +1 -1
data/lib/flipper/gates/expression.rb +75 -0
data/lib/flipper/gates/group.rb +5 -7
data/lib/flipper/gates/percentage_of_actors.rb +10 -13
data/lib/flipper/gates/percentage_of_time.rb +1 -2
data/lib/flipper/identifier.rb +2 -2
data/lib/flipper/instrumentation/log_subscriber.rb +24 -5
data/lib/flipper/instrumentation/statsd_subscriber.rb +2 -4
data/lib/flipper/instrumentation/subscriber.rb +8 -1
data/lib/flipper/metadata.rb +5 -1
data/lib/flipper/middleware/memoizer.rb +30 -14
data/lib/flipper/poller.rb +117 -0
data/lib/flipper/serializers/gzip.rb +24 -0
data/lib/flipper/serializers/json.rb +19 -0
data/lib/flipper/spec/shared_adapter_specs.rb +95 -54
data/lib/flipper/test/shared_adapter_test.rb +91 -48
data/lib/flipper/typecast.rb +56 -15
data/lib/flipper/types/actor.rb +13 -13
data/lib/flipper/types/group.rb +4 -4
data/lib/flipper/types/percentage.rb +1 -1
data/lib/flipper/version.rb +1 -1
data/lib/flipper.rb +47 -10
data/spec/fixtures/flipper_pstore_1679087600.json +46 -0
data/spec/flipper/adapter_builder_spec.rb +73 -0
data/spec/flipper/adapter_spec.rb +30 -2
data/spec/flipper/adapters/dual_write_spec.rb +2 -2
data/spec/flipper/adapters/http_spec.rb +64 -8
data/spec/flipper/adapters/instrumented_spec.rb +29 -11
data/spec/flipper/adapters/memoizable_spec.rb +51 -31
data/spec/flipper/adapters/memory_spec.rb +14 -3
data/spec/flipper/adapters/operation_logger_spec.rb +31 -12
data/spec/flipper/adapters/read_only_spec.rb +32 -17
data/spec/flipper/adapters/strict_spec.rb +62 -0
data/spec/flipper/adapters/sync/feature_synchronizer_spec.rb +27 -0
data/spec/flipper/cloud/configuration_spec.rb +252 -0
data/spec/flipper/cloud/dsl_spec.rb +82 -0
data/spec/flipper/cloud/message_verifier_spec.rb +104 -0
data/spec/flipper/cloud/middleware_spec.rb +289 -0
data/spec/flipper/cloud/telemetry/backoff_policy_spec.rb +108 -0
data/spec/flipper/cloud/telemetry/metric_spec.rb +87 -0
data/spec/flipper/cloud/telemetry/metric_storage_spec.rb +58 -0
data/spec/flipper/cloud/telemetry/submitter_spec.rb +145 -0
data/spec/flipper/cloud/telemetry_spec.rb +156 -0
data/spec/flipper/cloud_spec.rb +180 -0
data/spec/flipper/configuration_spec.rb +17 -0
data/spec/flipper/dsl_spec.rb +54 -73
data/spec/flipper/engine_spec.rb +291 -0
data/spec/flipper/export_spec.rb +13 -0
data/spec/flipper/exporter_spec.rb +16 -0
data/spec/flipper/exporters/json/export_spec.rb +60 -0
data/spec/flipper/exporters/json/v1_spec.rb +33 -0
data/spec/flipper/expression/builder_spec.rb +248 -0
data/spec/flipper/expression_spec.rb +188 -0
data/spec/flipper/expressions/all_spec.rb +15 -0
data/spec/flipper/expressions/any_spec.rb +15 -0
data/spec/flipper/expressions/boolean_spec.rb +15 -0
data/spec/flipper/expressions/duration_spec.rb +43 -0
data/spec/flipper/expressions/equal_spec.rb +24 -0
data/spec/flipper/expressions/greater_than_or_equal_to_spec.rb +28 -0
data/spec/flipper/expressions/greater_than_spec.rb +28 -0
data/spec/flipper/expressions/less_than_or_equal_to_spec.rb +28 -0
data/spec/flipper/expressions/less_than_spec.rb +32 -0
data/spec/flipper/expressions/not_equal_spec.rb +15 -0
data/spec/flipper/expressions/now_spec.rb +11 -0
data/spec/flipper/expressions/number_spec.rb +21 -0
data/spec/flipper/expressions/percentage_of_actors_spec.rb +20 -0
data/spec/flipper/expressions/percentage_spec.rb +15 -0
data/spec/flipper/expressions/property_spec.rb +13 -0
data/spec/flipper/expressions/random_spec.rb +9 -0
data/spec/flipper/expressions/string_spec.rb +11 -0
data/spec/flipper/expressions/time_spec.rb +13 -0
data/spec/flipper/feature_check_context_spec.rb +17 -17
data/spec/flipper/feature_spec.rb +436 -33
data/spec/flipper/gate_values_spec.rb +2 -33
data/spec/flipper/gates/boolean_spec.rb +1 -1
data/spec/flipper/gates/expression_spec.rb +108 -0
data/spec/flipper/gates/group_spec.rb +2 -3
data/spec/flipper/gates/percentage_of_actors_spec.rb +61 -5
data/spec/flipper/gates/percentage_of_time_spec.rb +2 -2
data/spec/flipper/identifier_spec.rb +4 -5
data/spec/flipper/instrumentation/log_subscriber_spec.rb +15 -5
data/spec/flipper/instrumentation/statsd_subscriber_spec.rb +25 -1
data/spec/flipper/middleware/memoizer_spec.rb +67 -0
data/spec/flipper/poller_spec.rb +47 -0
data/spec/flipper/serializers/gzip_spec.rb +13 -0
data/spec/flipper/serializers/json_spec.rb +13 -0
data/spec/flipper/typecast_spec.rb +121 -6
data/spec/flipper/types/actor_spec.rb +63 -46
data/spec/flipper/types/group_spec.rb +2 -2
data/spec/flipper_integration_spec.rb +168 -58
data/spec/flipper_spec.rb +92 -28
data/spec/spec_helper.rb +6 -13
data/spec/support/actor_names.yml +1 -0
data/spec/support/climate_control.rb +7 -0
data/spec/support/fake_backoff_policy.rb +15 -0
data/spec/support/skippable.rb +18 -0
data/spec/support/spec_helpers.rb +11 -3
metadata +166 -13
data/.github/workflows/release.yml +0 -44
data/.tool-versions +0 -1
data/lib/flipper/railtie.rb +0 -47
data/spec/flipper/railtie_spec.rb +0 -109

data/lib/flipper/adapters/poll.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require 'flipper/adapters/sync/synchronizer'
+require 'flipper/poller'
 module Flipper
   module Adapters
@@ -6,13 +7,14 @@ module Flipper
       extend Forwardable
       include ::Flipper::Adapter
-      # Public: The name of the adapter.
-      attr_reader :name, :adapter, :poller
+      # Deprecated
+      Poller = ::Flipper::Poller
+      attr_reader :adapter, :poller
       def_delegators :synced_adapter, :features, :get, :get_multi, :get_all, :add, :remove, :clear, :enable, :disable
       def initialize(poller, adapter)
-        @name = :poll
         @adapter = adapter
         @poller = poller
         @last_synced_at = 0

data/lib/flipper/adapters/pstore.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+require 'json'
 require 'pstore'
 require 'set'
 require 'flipper'
@@ -9,19 +10,14 @@ module Flipper
     class PStore
       include ::Flipper::Adapter
-      FeaturesKey = :flipper_features
-      # Public: The name of the adapter.
-      attr_reader :name
       # Public: The path to where the file is stored.
       attr_reader :path
       # Public
       def initialize(path = 'flipper.pstore', thread_safe = true)
-        @name = :pstore
         @path = path
         @store = ::PStore.new(path, thread_safe)
+        @features_key = :flipper_features
       end
       # Public: The set of known features.
@@ -34,7 +30,7 @@ module Flipper
       # Public: Adds a feature to the set of known features.
       def add(feature)
         @store.transaction do
-          set_add FeaturesKey, feature.key
+          set_add @features_key, feature.key
         end
         true
       end
@@ -43,7 +39,7 @@ module Flipper
       # all the values for the feature.
       def remove(feature)
         @store.transaction do
-          set_delete FeaturesKey, feature.key
+          set_delete @features_key, feature.key
           clear_gates(feature)
         end
         true
@@ -88,6 +84,8 @@ module Flipper
             write key(feature, gate), thing.value.to_s
           when :set
             set_add key(feature, gate), thing.value.to_s
+          when :json
+            write key(feature, gate), Typecast.to_json(thing.value)
           else
             raise "#{gate} is not supported by this adapter yet"
           end
@@ -109,6 +107,10 @@ module Flipper
           @store.transaction do
             set_delete key(feature, gate), thing.value.to_s
           end
+        when :json
+          @store.transaction do
+            delete key(feature, gate)
+          end
         else
           raise "#{gate} is not supported by this adapter yet"
         end
@@ -135,7 +137,7 @@ module Flipper
       end
       def read_feature_keys
-        set_members FeaturesKey
+        set_members @features_key
       end
       def read_many_features(features)
@@ -150,12 +152,16 @@ module Flipper
         result = {}
         feature.gates.each do |gate|
+          key = key(feature, gate)
           result[gate.key] =
             case gate.data_type
             when :boolean, :integer
-              read key(feature, gate)
+              read key
             when :set
-              set_members key(feature, gate)
+              set_members key
+            when :json
+              value = read(key)
+              Typecast.from_json(value)
             else
               raise "#{gate} is not supported by this adapter yet"
             end

data/lib/flipper/adapters/read_only.rb CHANGED Viewed

@@ -12,19 +12,19 @@ module Flipper
         end
       end
-      # Internal: The name of the adapter.
-      attr_reader :name
       # Public
       def initialize(adapter)
         @adapter = adapter
-        @name = :read_only
       end
       def features
         @adapter.features
       end
+      def read_only?
+        true
+      end
       def get(feature)
         @adapter.get(feature)
       end

data/lib/flipper/adapters/strict.rb ADDED Viewed

@@ -0,0 +1,47 @@
+module Flipper
+  module Adapters
+    # An adapter that ensures a feature exists before checking it.
+    class Strict
+      extend Forwardable
+      include ::Flipper::Adapter
+      attr_reader :name, :adapter, :handler
+      class NotFound < ::Flipper::Error
+        def initialize(name)
+          super "Could not find feature #{name.inspect}. Call `Flipper.add(#{name.inspect})` to create it."
+        end
+      end
+      HANDLERS = {
+        raise: ->(feature) { raise NotFound.new(feature.key) },
+        warn: ->(feature) { warn NotFound.new(feature.key).message },
+        noop: ->(_) { },
+      }
+      def_delegators :@adapter, :features, :get_all, :add, :remove, :clear, :enable, :disable
+      def initialize(adapter, handler = nil, &block)
+        @name = :strict
+        @adapter = adapter
+        @handler = block || HANDLERS.fetch(handler)
+      end
+      def get(feature)
+        assert_feature_exists(feature)
+        @adapter.get(feature)
+      end
+      def get_multi(features)
+        features.each { |feature| assert_feature_exists(feature) }
+        @adapter.get_multi(features)
+      end
+      private
+      def assert_feature_exists(feature)
+        @handler.call(feature) unless @adapter.features.include?(feature.key)
+      end
+    end
+  end
+end

data/lib/flipper/adapters/sync/feature_synchronizer.rb CHANGED Viewed

@@ -9,6 +9,7 @@ module Flipper
       class FeatureSynchronizer
         extend Forwardable
+        def_delegator :@local_gate_values, :expression, :local_expression
         def_delegator :@local_gate_values, :boolean, :local_boolean
         def_delegator :@local_gate_values, :actors, :local_actors
         def_delegator :@local_gate_values, :groups, :local_groups
@@ -17,6 +18,7 @@ module Flipper
         def_delegator :@local_gate_values, :percentage_of_time,
                       :local_percentage_of_time
+        def_delegator :@remote_gate_values, :expression, :remote_expression
         def_delegator :@remote_gate_values, :boolean, :remote_boolean
         def_delegator :@remote_gate_values, :actors, :remote_actors
         def_delegator :@remote_gate_values, :groups, :remote_groups
@@ -40,8 +42,9 @@ module Flipper
             @feature.enable
           else
             @feature.disable if local_boolean_enabled?
-            sync_actors
             sync_groups
+            sync_actors
+            sync_expression
             sync_percentage_of_actors
             sync_percentage_of_time
           end
@@ -49,6 +52,12 @@ module Flipper
         private
+        def sync_expression
+          return if local_expression == remote_expression
+          @feature.enable_expression remote_expression
+        end
         def sync_actors
           remote_actors_added = remote_actors - local_actors
           remote_actors_added.each do |flipper_id|

data/lib/flipper/adapters/sync.rb CHANGED Viewed

@@ -8,9 +8,6 @@ module Flipper
     class Sync
       include ::Flipper::Adapter
-      # Public: The name of the adapter.
-      attr_reader :name
       # Public: The synchronizer that will keep the local and remote in sync.
       attr_reader :synchronizer
@@ -22,7 +19,6 @@ module Flipper
       # interval - The Float or Integer number of seconds between syncs from
       # remote to local. Default value is set in IntervalSynchronizer.
       def initialize(local, remote, options = {})
-        @name = :sync
         @local = local
         @remote = remote
         @synchronizer = options.fetch(:synchronizer) do

data/lib/flipper/cloud/configuration.rb ADDED Viewed

@@ -0,0 +1,258 @@
+require "logger"
+require "socket"
+require "flipper/adapters/http"
+require "flipper/adapters/poll"
+require "flipper/poller"
+require "flipper/adapters/memory"
+require "flipper/adapters/dual_write"
+require "flipper/adapters/sync/synchronizer"
+require "flipper/cloud/telemetry"
+require "flipper/cloud/telemetry/instrumenter"
+require "flipper/cloud/telemetry/submitter"
+module Flipper
+  module Cloud
+    class Configuration
+      # The set of valid ways that syncing can happpen.
+      VALID_SYNC_METHODS = Set[
+        :poll,
+        :webhook,
+      ].freeze
+      DEFAULT_URL = "https://www.flippercloud.io/adapter".freeze
+      # Public: The token corresponding to an environment on flippercloud.io.
+      attr_accessor :token
+      # Public: The url for http adapter. Really should only be customized for
+      #         development work if you are me and you are not me. Feel free to
+      #         forget you ever saw this.
+      attr_accessor :url
+      # Public: net/http read timeout for all http requests (default: 5).
+      attr_accessor :read_timeout
+      # Public: net/http open timeout for all http requests (default: 5).
+      attr_accessor :open_timeout
+      # Public: net/http write timeout for all http requests (default: 5).
+      attr_accessor :write_timeout
+      # Public: IO stream to send debug output too. Off by default.
+      #
+      #  # for example, this would send all http request information to STDOUT
+      #  configuration = Flipper::Cloud::Configuration.new
+      #  configuration.debug_output = STDOUT
+      attr_accessor :debug_output
+      # Public: Instrumenter to use for the Flipper instance returned by
+      #         Flipper::Cloud.new (default: Flipper::Instrumenters::Noop).
+      #
+      #  # for example, to use active support notifications you could do:
+      #  configuration = Flipper::Cloud::Configuration.new
+      #  configuration.instrumenter = ActiveSupport::Notifications
+      attr_accessor :instrumenter
+      # Public: Local adapter that all reads should go to in order to ensure
+      # latency is low and resiliency is high. This adapter is automatically
+      # kept in sync with cloud.
+      #
+      #  # for example, to use active record you could do:
+      #  configuration = Flipper::Cloud::Configuration.new
+      #  configuration.local_adapter = Flipper::Adapters::ActiveRecord.new
+      attr_accessor :local_adapter
+      # Public: The Integer or Float number of seconds between attempts to bring
+      # the local in sync with cloud (default: 10).
+      attr_accessor :sync_interval
+      # Public: The secret used to verify if syncs in the middleware should
+      # occur or not.
+      attr_accessor :sync_secret
+      # Public: The logger to use for debugging inner workings.
+      attr_accessor :logger
+      # Public: Should the logger log or not (default: true).
+      attr_accessor :logging_enabled
+      # Public: The telemetry instance to use for tracking feature usage.
+      attr_accessor :telemetry
+      # Public: Should telemetry be enabled or not (default: false).
+      attr_accessor :telemetry_enabled
+      def initialize(options = {})
+        setup_auth options
+        setup_log options
+        setup_http options
+        setup_sync options
+        setup_adapter options
+        setup_telemetry options
+      end
+      # Public: Read or customize the http adapter. Calling without a block will
+      # perform a read. Calling with a block yields the cloud adapter
+      # for customization.
+      #
+      #   # for example, to instrument the http calls, you can wrap the http
+      #   # adapter with the intsrumented adapter
+      #   configuration = Flipper::Cloud::Configuration.new
+      #   configuration.adapter do |adapter|
+      #     Flipper::Adapters::Instrumented.new(adapter)
+      #   end
+      #
+      def adapter(&block)
+        if block_given?
+          @adapter_block = block
+        else
+          @adapter_block.call app_adapter
+        end
+      end
+      # Public: Force a sync.
+      def sync
+        Flipper::Adapters::Sync::Synchronizer.new(local_adapter, http_adapter, {
+          instrumenter: instrumenter,
+        }).call
+      end
+      # Public: The method that will be used to synchronize local adapter with
+      # cloud. (default: :poll, will be :webhook if sync_secret is set).
+      def sync_method
+        sync_secret ? :webhook : :poll
+      end
+      # Internal: The http client used by the http adapter. Exposed so we can
+      # use the same client for posting telemetry.
+      def http_client
+        http_adapter.client
+      end
+      # Internal: Logs message if logging is enabled.
+      def log(message, level: :debug)
+        return unless logging_enabled
+        logger.send(level, "name=flipper_cloud #{message}")
+      end
+      private
+      def app_adapter
+        read_adapter = sync_method == :webhook ? local_adapter : poll_adapter
+        Flipper::Adapters::DualWrite.new(read_adapter, http_adapter)
+      end
+      def poller
+        Flipper::Poller.get(@url + @token, {
+          interval: sync_interval,
+          remote_adapter: http_adapter,
+          instrumenter: instrumenter,
+        }).tap(&:start)
+      end
+      def poll_adapter
+        Flipper::Adapters::Poll.new(poller, local_adapter)
+      end
+      def http_adapter
+        Flipper::Adapters::Http.new({
+          url: @url,
+          read_timeout: @read_timeout,
+          open_timeout: @open_timeout,
+          write_timeout: @write_timeout,
+          max_retries: 0, # we'll handle retries ourselves
+          debug_output: @debug_output,
+          headers: {
+            "Flipper-Cloud-Token" => @token,
+          },
+        })
+      end
+      def setup_auth(options)
+        set_option :token, options, required: true
+      end
+      def setup_log(options)
+        set_option :logging_enabled, options, default: true, typecast: :boolean
+        set_option :logger, options, from_env: false, default: -> {
+          if logging_enabled
+            Logger.new(STDOUT)
+          else
+            Logger.new("/dev/null")
+          end
+        }
+      end
+      def setup_http(options)
+        set_option :url, options, default: DEFAULT_URL
+        set_option :debug_output, options, from_env: false
+        set_option :read_timeout, options, default: 5, typecast: :float, minimum: 0.1
+        set_option :open_timeout, options, default: 2, typecast: :float, minimum: 0.1
+        set_option :write_timeout, options, default: 5, typecast: :float, minimum: 0.1
+      end
+      def setup_sync(options)
+        set_option :sync_interval, options, default: 10, typecast: :float, minimum: 10
+        set_option :sync_secret, options
+      end
+      def setup_adapter(options)
+        set_option :local_adapter, options, default: -> { Adapters::Memory.new }, from_env: false
+        @adapter_block = ->(adapter) { adapter }
+      end
+      def setup_telemetry(options)
+        # Needs to be after url and token assignments because they are used for
+        # uniqueness in Telemetry.instance_for.
+        set_option :telemetry, options, from_env: false, default: -> {
+          Telemetry.instance_for(self)
+        }
+        # This is alpha. Don't use this unless you are me. And you are not me.
+        set_option :telemetry_enabled, options, default: false, typecast: :boolean
+        instrumenter = options.fetch(:instrumenter, Instrumenters::Noop)
+        @instrumenter = if telemetry_enabled
+          Telemetry::Instrumenter.new(self, instrumenter)
+        else
+          instrumenter
+        end
+      end
+      # Internal: Super helper for defining an option that can be set via
+      # options hash or ENV with defaults, typecasting and minimums.
+      def set_option(name, options, default: nil, typecast: nil, minimum: nil, from_env: true, required: false)
+        env_var = "FLIPPER_CLOUD_#{name.to_s.upcase}"
+        value = options.fetch(name) {
+          default_value = default.respond_to?(:call) ? default.call : default
+          if from_env
+            ENV.fetch(env_var, default_value)
+          else
+            default_value
+          end
+        }
+        value = Flipper::Typecast.send("to_#{typecast}", value) if typecast
+        send("#{name}=", value)
+        enforce_minimum(name, minimum) if minimum
+        if required
+          option_value = send(name)
+          if option_value.nil? || option_value.empty?
+            message = "Flipper::Cloud #{name} is missing. Please "
+            message << "set #{env_var} or " if from_env
+            message << "provide #{name} (e.g. Flipper::Cloud.new(#{name}: value))."
+            raise ArgumentError, message
+          end
+        end
+      end
+      # Enforce minimum interval for tasks that run on a timer.
+      def enforce_minimum(name, minimum)
+        provided = send(name)
+        if provided && provided < minimum
+          warn "Flipper::Cloud##{name} must be at least #{minimum} seconds but was #{provided}. Using #{minimum} seconds."
+          send(:instance_variable_set, "@#{name}", minimum)
+        end
+      end
+    end
+  end
+end

data/lib/flipper/cloud/dsl.rb ADDED Viewed

@@ -0,0 +1,27 @@
+require 'forwardable'
+module Flipper
+  module Cloud
+    class DSL < SimpleDelegator
+      attr_reader :cloud_configuration
+      def initialize(cloud_configuration)
+        @cloud_configuration = cloud_configuration
+        super Flipper.new(@cloud_configuration.adapter, instrumenter: @cloud_configuration.instrumenter)
+      end
+      def sync
+        @cloud_configuration.sync
+      end
+      def sync_secret
+        @cloud_configuration.sync_secret
+      end
+      def inspect
+        inspect_id = ::Kernel::format "%x", (object_id * 2)
+        %(#<#{self.class}:0x#{inspect_id} @cloud_configuration=#{cloud_configuration.inspect}, flipper=#{__getobj__.inspect}>)
+      end
+    end
+  end
+end

data/lib/flipper/cloud/message_verifier.rb ADDED Viewed

@@ -0,0 +1,95 @@
+require "openssl"
+require "digest/sha2"
+module Flipper
+  module Cloud
+    class MessageVerifier
+      class InvalidSignature < StandardError; end
+      DEFAULT_VERSION = "v1"
+      def self.header(signature, timestamp, version = DEFAULT_VERSION)
+        raise ArgumentError, "timestamp should be an instance of Time" unless timestamp.is_a?(Time)
+        raise ArgumentError, "signature should be a string" unless signature.is_a?(String)
+        "t=#{timestamp.to_i},#{version}=#{signature}"
+      end
+      def initialize(secret:, version: DEFAULT_VERSION)
+        @secret = secret
+        @version = version || DEFAULT_VERSION
+        raise ArgumentError, "secret should be a string" unless @secret.is_a?(String)
+        raise ArgumentError, "version should be a string" unless @version.is_a?(String)
+      end
+      def generate(payload, timestamp)
+        raise ArgumentError, "timestamp should be an instance of Time" unless timestamp.is_a?(Time)
+        raise ArgumentError, "payload should be a string" unless payload.is_a?(String)
+        OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), @secret, "#{timestamp.to_i}.#{payload}")
+      end
+      def header(signature, timestamp)
+        self.class.header(signature, timestamp, @version)
+      end
+      # Public: Verifies the signature header for a given payload.
+      #
+      # Raises a InvalidSignature in the following cases:
+      # - the header does not match the expected format
+      # - no signatures found with the expected scheme
+      # - no signatures matching the expected signature
+      # - a tolerance is provided and the timestamp is not within the
+      #   tolerance
+      #
+      # Returns true otherwise.
+      def verify(payload, header, tolerance: nil)
+        begin
+          timestamp, signatures = get_timestamp_and_signatures(header)
+        rescue StandardError
+          raise InvalidSignature, "Unable to extract timestamp and signatures from header"
+        end
+        if signatures.empty?
+          raise InvalidSignature, "No signatures found with expected version #{@version}"
+        end
+        expected_sig = generate(payload, timestamp)
+        unless signatures.any? { |s| secure_compare(expected_sig, s) }
+          raise InvalidSignature, "No signatures found matching the expected signature for payload"
+        end
+        if tolerance && timestamp < Time.now - tolerance
+          raise InvalidSignature, "Timestamp outside the tolerance zone (#{Time.at(timestamp)})"
+        end
+        true
+      end
+      private
+      # Extracts the timestamp and the signature(s) with the desired version
+      # from the header
+      def get_timestamp_and_signatures(header)
+        list_items = header.split(/,\s*/).map { |i| i.split("=", 2) }
+        timestamp = Integer(list_items.select { |i| i[0] == "t" }[0][1])
+        signatures = list_items.select { |i| i[0] == @version }.map { |i| i[1] }
+        [Time.at(timestamp), signatures]
+      end
+      # Private
+      def fixed_length_secure_compare(a, b)
+        raise ArgumentError, "string length mismatch." unless a.bytesize == b.bytesize
+        l = a.unpack "C#{a.bytesize}"
+        res = 0
+        b.each_byte { |byte| res |= byte ^ l.shift }
+        res == 0
+      end
+      # Private
+      def secure_compare(a, b)
+        fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
+      end
+    end
+  end
+end

data/lib/flipper/cloud/middleware.rb ADDED Viewed

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+require "flipper/cloud/message_verifier"
+module Flipper
+  module Cloud
+    class Middleware
+      # Internal: The path to match for webhook requests.
+      WEBHOOK_PATH = %r{\A/webhooks\/?\Z}
+      # Internal: The root path to match for requests.
+      ROOT_PATH = %r{\A/\Z}
+      def initialize(app, options = {})
+        @app = app
+        @env_key = options.fetch(:env_key, 'flipper')
+      end
+      def call(env)
+        dup.call!(env)
+      end
+      def call!(env)
+        request = Rack::Request.new(env)
+        if request.post? && (request.path_info.match(ROOT_PATH) || request.path_info.match(WEBHOOK_PATH))
+          status = 200
+          headers = {
+            "content-type" => "application/json",
+          }
+          body = "{}"
+          payload = request.body.read
+          signature = request.env["HTTP_FLIPPER_CLOUD_SIGNATURE"]
+          flipper = env.fetch(@env_key)
+          begin
+            message_verifier = MessageVerifier.new(secret: flipper.sync_secret)
+            if message_verifier.verify(payload, signature)
+              begin
+                flipper.sync
+                body = JSON.generate({
+                  groups: Flipper.group_names.map { |name| {name: name}}
+                })
+              rescue Flipper::Adapters::Http::Error => error
+                status = error.response.code.to_i == 402 ? 402 : 500
+                headers["Flipper-Cloud-Response-Error-Class"] = error.class.name
+                headers["Flipper-Cloud-Response-Error-Message"] = error.message
+              rescue => error
+                status = 500
+                headers["Flipper-Cloud-Response-Error-Class"] = error.class.name
+                headers["Flipper-Cloud-Response-Error-Message"] = error.message
+              end
+            end
+          rescue MessageVerifier::InvalidSignature
+            status = 400
+          end
+          [status, headers, [body]]
+        else
+          @app.call(env)
+        end
+      end
+    end
+  end
+end