From e86d97777b47ca96ad1ccab8b2b64bc66bdf6dcb Mon Sep 17 00:00:00 2001 From: Mark Phelps <209477+markphelps@users.noreply.github.com> Date: Fri, 22 Dec 2023 10:01:23 -0500 Subject: [PATCH 1/3] feat: azure blob store docs --- configuration/storage.mdx | 82 ++++++++++++++++++++++++++++++++++----- 1 file changed, 72 insertions(+), 10 deletions(-) diff --git a/configuration/storage.mdx b/configuration/storage.mdx index af2d8dc..1a51b44 100644 --- a/configuration/storage.mdx +++ b/configuration/storage.mdx @@ -259,7 +259,7 @@ storage: `insecure_ignore_host_key` is not encouraged for production use, and is `false` by default. Instead, you are advised to put the key fingerprint in the - known hosts file where you are running Flipt. For example, for Github you can + known hosts file where you are running Flipt. For example, for GitHub you can do `ssh-keyscan github.com >> ~/.ssh/known_hosts` on the Flipt host. @@ -268,18 +268,28 @@ See our [GitOps Guide](/guides/get-going-with-gitops) for an example of how to s ### Object The object storage type supports using a hosted object storage service as the source of truth for Flipt state configuration. -Currently, Flipt supports the [S3 API](https://aws.amazon.com/s3/) as a backend. This means the AWS S3 and open-source alternatives such as [Minio](https://github.com/minio/minio) can be leveraged as Flipt backends. + +Currently, Flipt supports the following object store providers: + +- [AWS S3](https://aws.amazon.com/s3/) +- [Azure Blob Storage](https://azure.microsoft.com/en-us/services/storage/blobs/) + +Additional providers such as [Google Cloud Storage](https://cloud.google.com/storage) are planned for future releases. + +#### Contents The contents of a target object storage bucket must contain Flipt state configuration files. As with the `git` and `local` backend types, the same rules apply with regard to how Flipt will locate feature flag state in your target bucket. -Check out the section below on [Flag State Configuration](#flag-state-configuration) for how Flipt decides which files in a target are considered for serving flag state. +See the section below on [Flag State Configuration](#flag-state-configuration) for how Flipt decides which files in a target are considered for serving flag state. + With the object storage backend, Flipt will respect a file at the root of the target with the name `.flipt.yml` to serve as an index for locating flag state configuration in the bucket. + It will also use the same default strategy when the index isn't supplied (e.g. file name `features.yml` or `*.features.yml`). -#### S3 +#### Amazon S3 -The S3 backend can be configured to serve state from a single bucket from a target S3-compatible API. +The AWS S3 backend can be configured to serve state from a single bucket from a target S3-compatible API. This means that both AWS S3 and open-source alternatives such as [Minio](https://github.com/minio/minio) can be used. The following is an example of how to configure Flipt to leverage this backend type: @@ -292,9 +302,9 @@ The following is an example of how to configure Flipt to leverage this backend t FLIPT_STORAGE_OBJECT_S3_REGION="us-east-1" FLIPT_STORAGE_OBJECT_S3_BUCKET="flipt_feature_flags" FLIPT_STORAGE_OBJECT_S3_POLL_INTERVAL="1m" - # optional bucket prefix for locating flag state files + # optional: bucket prefix for locating flag state files FLIPT_STORAGE_OBJECT_S3_PREFIX="production" - # for non-AWS hosted S3 + # optional: for non-AWS hosted S3 FLIPT_STORAGE_OBJECT_S3_ENDPOINT=http://localhost:9009 ``` @@ -310,16 +320,20 @@ The following is an example of how to configure Flipt to leverage this backend t region: us-east-1 bucket: flipt_feature_flags poll_interval: "30s" - # optional bucket prefix for locating flag state files + # optional: bucket prefix for locating flag state files prefix: production - # for non-AWS hosted S3 + # optional: for non-AWS hosted S3 endpoint: http://localhost:9009 ``` -In addition to these Flipt configuration parameters, credentials will also be required for Flipt to authenticate with the target object-store. + + In addition to these Flipt configuration parameters, valid credentials will + also be required for Flipt to authenticate with the target object-store. + + These should be provided as environment variables to the Flipt server process: ```bash @@ -327,6 +341,54 @@ AWS_ACCESS_KEY_ID=... AWS_SECRET_ACCESS_KEY=... ``` +#### Azure Blob Storage + +The Azure Blob Storage backend can be configured to serve state from a single container from a target Azure Blob Storage account. + +The following is an example of how to configure Flipt to leverage this backend type: + + + + + ```bash + FLIPT_STORAGE_TYPE="object" + FLIPT_STORAGE_OBJECT_TYPE="azblob" + FLIPT_STORAGE_OBJECT_AZBLOB_CONTAINER="flipt-feature-flags" + FLIPT_STORAGE_OBJECT_AZBLOB_POLL_INTERVAL="1m" + # optional: for customizing Azure blob storage endpoint + FLIPT_STORAGE_OBJECT_AZBLOB_ENDPOINT=http://localhost:10000 + ``` + + + + + ```yaml + storage: + type: object + object: + type: azblob + azblob: + container: flipt-feature-flags + # optional: for customizing Azure blob storage endpoint + endpoint: https//devaccount.blob.core.windows.net + poll_interval: "30s" + ``` + + + + + + In addition to these Flipt configuration parameters, valid credentials will + also be required for Flipt to authenticate with the target object-store. + + +These should be provided as environment variables to the Flipt server process: + +```bash +AZURE_STORAGE_ACCOUNT=... +AZURE_STORAGE_KEY=... +``` + ### OCI Since `v1.31.0`, Flipt supports using any [OCI](https://opencontainers.org/) compatible registry as a declarative backend source. From 8e9e39e889b6d12e8ce82d5a7bf4cfa8bb3bc88f Mon Sep 17 00:00:00 2001 From: Mark Phelps <209477+markphelps@users.noreply.github.com> Date: Fri, 22 Dec 2023 20:15:40 -0500 Subject: [PATCH 2/3] chore: Update configuration/storage.mdx Co-authored-by: Roman Dmytrenko --- configuration/storage.mdx | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/configuration/storage.mdx b/configuration/storage.mdx index 1a51b44..cedfbf1 100644 --- a/configuration/storage.mdx +++ b/configuration/storage.mdx @@ -382,13 +382,20 @@ The following is an example of how to configure Flipt to leverage this backend t also be required for Flipt to authenticate with the target object-store. -These should be provided as environment variables to the Flipt server process: - -```bash -AZURE_STORAGE_ACCOUNT=... -AZURE_STORAGE_KEY=... -``` - + These should be provided as environment variables to the Flipt server process. There are 2 options supported for authentication: + + * Using [Azure credentials](https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication?tabs=bash#2-authenticate-with-azure) + ```bash + AZURE_CLIENT_ID=... #Application ID of an Azure service principal + AZURE_TENANT_ID=... #ID of the application's Microsoft Entra tenant + AZURE_CLIENT_SECRET=... #Password of the Azure service principal + ``` + * Using Azure Blob storage [account keys](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal) + + ```bash + AZURE_STORAGE_ACCOUNT=... # account name + AZURE_STORAGE_KEY=... # secret shared key + ``` ### OCI Since `v1.31.0`, Flipt supports using any [OCI](https://opencontainers.org/) compatible registry as a declarative backend source. From c686cd6f60bd68d96c79156a2ae18651f7c78a5f Mon Sep 17 00:00:00 2001 From: Mark Phelps <209477+markphelps@users.noreply.github.com> Date: Fri, 22 Dec 2023 20:30:26 -0500 Subject: [PATCH 3/3] chore: update formatting --- configuration/storage.mdx | 56 ++++++++++++++++++++++----------------- self-hosted/overview.mdx | 8 +++--- 2 files changed, 36 insertions(+), 28 deletions(-) diff --git a/configuration/storage.mdx b/configuration/storage.mdx index cedfbf1..c06d2a0 100644 --- a/configuration/storage.mdx +++ b/configuration/storage.mdx @@ -119,15 +119,24 @@ when the migration container exits, having no effect on your Flipt instance! The following backend types are designed to support declarative management of feature flag state via a well-known file format. In particular, they're designed to support GitOps practices with minimal external dependencies. -Currently, we classify `local`, `git`, `object` and `oci` as the four declarative backends. -The `local` backend has been primarily developed to support a local development experience, -whereas, the `git`, `object` and `oci` backends are intended for production use. +The current four declarative backend types include: + +- [Local](#local-2) +- [Git](#git) +- [Object](#object) +- [OCI](#oci) + + + The `local` backend has been primarily developed to support a local + development experience, whereas, the `git`, `object` and `oci` backends are + intended for production use. + ### Read Only Mode ![Read Only Mode](/images/configuration/readonly.png) -Once enabled, all filesystem backends put the Flipt API and UI into a `read-only` mode that prevents Flipt from writing to the backend. This is useful for production environments where you want to ensure that flag state is only managed via the configured backend. +Once enabled, all declarative backends put the Flipt API and UI into a `read-only` mode that prevents Flipt from writing to the backend. This is useful for production environments where you want to ensure that flag state is only managed via the configured backend. You can also put Flipt into `read-only` mode by setting the @@ -331,7 +340,7 @@ The following is an example of how to configure Flipt to leverage this backend t In addition to these Flipt configuration parameters, valid credentials will - also be required for Flipt to authenticate with the target object-store. + also be required for Flipt to authenticate with the target object store. These should be provided as environment variables to the Flipt server process: @@ -379,23 +388,26 @@ The following is an example of how to configure Flipt to leverage this backend t In addition to these Flipt configuration parameters, valid credentials will - also be required for Flipt to authenticate with the target object-store. + also be required for Flipt to authenticate with the target object store. - These should be provided as environment variables to the Flipt server process. There are 2 options supported for authentication: - - * Using [Azure credentials](https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication?tabs=bash#2-authenticate-with-azure) - ```bash - AZURE_CLIENT_ID=... #Application ID of an Azure service principal - AZURE_TENANT_ID=... #ID of the application's Microsoft Entra tenant - AZURE_CLIENT_SECRET=... #Password of the Azure service principal - ``` - * Using Azure Blob storage [account keys](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal) - - ```bash - AZURE_STORAGE_ACCOUNT=... # account name - AZURE_STORAGE_KEY=... # secret shared key - ``` +These should be provided as environment variables to the Flipt server process. There are 2 options supported for authentication: + +- Using [Azure Credentials](https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication?tabs=bash#2-authenticate-with-azure) + +```bash +AZURE_CLIENT_ID=... # application ID of an Azure service principal +AZURE_TENANT_ID=... # ID of the application's Microsoft Entra tenant +AZURE_CLIENT_SECRET=... # password of the Azure service principal +``` + +- Using Azure Blob [Storage Account Keys](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage?tabs=azure-portal) + +```bash +AZURE_STORAGE_ACCOUNT=... +AZURE_STORAGE_KEY=... +``` + ### OCI Since `v1.31.0`, Flipt supports using any [OCI](https://opencontainers.org/) compatible registry as a declarative backend source. @@ -468,8 +480,6 @@ The indexing process first matches the `include` section and then filters that a #### Defining Flag State - - Flipt flag state file format has been taken directly from Flipt's existing [import and export](/operations/import-export) flag state format. @@ -478,8 +488,6 @@ add/commit the result to a directory, object storage, or Git repository to get s This can be used to migrate from a relational database-backed instance of Flipt to a filesystem-backed deployment with ease. - - ```yaml features.yaml namespace: backend flags: diff --git a/self-hosted/overview.mdx b/self-hosted/overview.mdx index 91824a2..22e18ef 100644 --- a/self-hosted/overview.mdx +++ b/self-hosted/overview.mdx @@ -100,12 +100,12 @@ See the [Configuration](/configuration) section for more details. Flipt is built for the following architectures/os: -- **amd64** / **linux** -- **arm64** / **linux** -- **arm64** / **darwin** +- **x86-64** / **Linux** +- **ARM64** / **Linux** +- **ARM64** / **Darwin** You can find the binaries for each architecture in the [Latest Release](https://github.com/flipt-io/flipt/releases/latest) assets section on GitHub. -The [Docker image](https://hub.docker.com/r/flipt/flipt/tags) for Flipt is also multi-arch and supports both **amd64** and **arm64** architectures on **Linux**. +The [Docker image](https://hub.docker.com/r/flipt/flipt/tags) for Flipt is multi-arch and supports both **x86-64** and **ARM64** architectures on **Linux**. If you need a different architecture, please open an issue on the [GitHub repository](https://github.com/flipt-io/flipt/issues) and we will try to accommodate your request.