1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-28 00:06:53 +01:00
Commit Graph

2352 Commits

Author SHA1 Message Date
Jaanus Sellin
8ea034cc2f
feat: add status fields for feature lifecycle table (#7014) 2024-05-09 09:39:01 +03:00
Ivar Conradi Østhus
64c10f9eff
poc: many strategies pagination (#7011)
This fixes the case when a customer have thousands of strategies causing
the react UI to crash. We still consider it incorrect to use that amount
of strategies and this is more a workaround to help the customer out of
a crashing state.

We put it behind a flag called `manyStrategiesPagination` and plan to
only enable it for the customer in trouble.
2024-05-08 14:20:51 +02:00
Jaanus Sellin
cd49ae2a26
feat: add project id to prometheus and feature flag (#7008)
Now we are also sending project id to prometheus, also querying from
database. This sets us up for grafana dashboard.
Also put the metrics behind flag, just incase it causes cpu/memory
issues.
2024-05-08 15:19:23 +03:00
Thomas Heartman
95ac2e6b8d
feat: generate project ids if they're missing (#7003)
This PR updates the project service to automatically create a project id
if it is not provided. The feature is behind a flag. If an ID is
provided, it will still attempt to use that ID instead.
2024-05-08 12:45:11 +02:00
Jaanus Sellin
02440dfed2
feat: duration in stage, add feature lifecycle prometheus metrics (#6973)
Introduce a new concept. Duration in stage.
Also add it into prometheus metric.
2024-05-08 11:33:51 +03:00
Thomas Heartman
861ae6aa93
chore: add automatic ID generation algorithm (#7001)
This PR adds a function to automatically generate a project ID on
creation. Using this when the id is missing will be handled in following
PRs.

The function uses the existing `slug` package to create a slug, and then
takes the 12 characters of a uuidv4 string to generate an ID.

The included tests check that the 12 character hash is added and that
the resulting string is url friendly (by checking that
`encodeURIComponent` doesn't change it).

We could also test a lot of edge cases (such as dealing with double
spaces, trimming the string, etc), but I think that's better handled by
the library itself (but you can check out what I removed in
2d9bcb6390
for an idea).

The function doesn't really need to be in the service; it could be moved to a util. But for proximity, I'll create it here first.
2024-05-08 07:26:35 +00:00
Egor Stronhin
8ae8cbbdb4
feat: Allow to use CA certificate file path for DB (#6985)
Regarding ticket #6892:

I would like to enable the use of a CA certificate without requiring
other certificates. This would be useful for AWS Helm, as AWS only
provides a single PEM file for DB connections.
2024-05-07 14:43:19 +02:00
Mateusz Kwasniewski
8ae78236d2
chore: remove project overview refactor flag (#6897) 2024-05-07 13:58:56 +02:00
Mateusz Kwasniewski
d1803b2e62
feat: increase possible number range for yes/no metrics (#6995) 2024-05-07 13:54:56 +02:00
Jaanus Sellin
206d0190ff
feat: create initial stages for features (#6983)
We are getting questions from engineers, why I do not see lifecycle. The
same will happen with our customers. Now customers will see lifecycle
component unified across features.
2024-05-07 11:38:51 +03:00
Jaanus Sellin
77d5156eba
feat: start exposing environment metrics from feature endpoint (#6986)
We want to start showing same donut that we do show in project page.
This is setting it up for UI.
2024-05-07 09:32:46 +03:00
Mateusz Kwasniewski
8d04772256
fix: duplicate column name in search query (#6989) 2024-05-06 19:26:23 +02:00
Jaanus Sellin
2c05f1a0ce
feat: search order by final (#6976)
Final rank has always been ordering correctly by default. But after 5.12
I see some issues that sometimes it is not ordered. Just to be extra
sure, I am for ordering it.
2024-05-03 13:30:12 +03:00
Jaanus Sellin
5c61667282
feat: add completed event as webhook event (#6968)
Now feature completed event can be used with webhook.
2024-05-02 14:48:33 +03:00
Christopher Kolstad
7754ac69df
task: added migration for scim_external_id (#6966) 2024-04-30 10:24:17 +02:00
andreas-unleash
979220d80d
chore: scheduled change request cache kill switch (#6957)
Removes the `inMemoryScheduledChangeRequests` flag and adds
`killScheduledChangeRequestCache`

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-04-30 09:33:42 +03:00
Jaanus Sellin
2ba250fa41
feat: do not insert into database stages that already exist (#6964)
Previously when we had thousands of metrics coming in, we were trying to
write them all to database and running into on conflict
2024-04-30 09:07:20 +03:00
Thomas Heartman
a66b3c65c1
chore: add flag for the new project creation form layout (#6959)
Add a flag to enable/disable the new UI for project creation.
This flag is separate from the impl on the back end so that we can
enable one without the other (but uses flag dependencies in Unleash, so
that we can never enable the new UI without the new back end).

I have not set the flag to `true` in server startup because the form
doesn't work yet, so it's a manual step for now.
2024-04-29 13:52:56 +02:00
Thomas Heartman
491cd588da
chore: remove workaround (#6942)
This PR removes the workaround introduced in
https://github.com/Unleash/unleash/pull/6931. After
https://github.com/ivarconr/unleash-enterprise/pull/1268 has been
merged, this should be safe to apply.

Notably, this PR: 
- tightens up the type for the enable change request function, so we can
use that to inform the code
- skips trying to do anything with an empty array

The last point is less important than it might seem because both the env
validation and the current implementation of the callback is essentially
a no-op when there are no envs. However, that's hard to enforce. If we
just exit out early, then at least we know nothing happens.

Optionally, we could do something like this instead, but I'm not sure
it's better or worse. Happy to take input.
```ts
            const crEnvs = newProject.changeRequestEnvironments ?? []
            await this.validateEnvironmentsExist(crEnvs.map((env) => env.name));
            const changeRequestEnvironments =
                await enableChangeRequestsForSpecifiedEnvironments(crEnvs,);

            data.changeRequestEnvironments = changeRequestEnvironments;
```
2024-04-29 13:47:47 +02:00
Tymoteusz Czech
b6865a5a9d
feat: Project owners UI (#6949)
---------

Co-authored-by: Thomas Heartman <thomas@getunleash.io>
2024-04-29 11:51:44 +02:00
gitar-bot[bot]
010c4ee57b
[Gitar] Cleaning up stale feature flag: applicationOverviewNewQuery with value true (#6956)
---------

Co-authored-by: Gitar Bot <noreply@gitar.co>
Co-authored-by: sjaanus <sellinjaanus@gmail.com>
2024-04-29 11:02:08 +03:00
Mateusz Kwasniewski
49e84d3a91
feat: Check production enabled live stage (#6952) 2024-04-26 13:38:25 +02:00
Mateusz Kwasniewski
1739f8e11d
feat: pre-live is non production not just dev (#6946) 2024-04-26 12:43:10 +02:00
Tymoteusz Czech
66ec9a2f2f
feat: project owners in project service (#6935)
Schema and integrating into service and controller for project owners

---------

Co-authored-by: Thomas Heartman <thomas@getunleash.io>
2024-04-26 12:07:11 +02:00
Jaanus Sellin
78b9299ff1
feat: feature lifecycle complete and uncomplete (#6927)
Creating a way to complete and uncomplete feature.
2024-04-26 11:38:42 +03:00
Mateusz Kwasniewski
31ab38e162
fix: ignore metrics for non-existent features (#6945) 2024-04-26 10:30:12 +02:00
Mateusz Kwasniewski
8ed15165d2
feat: revived feature goes to initial lifecycle stage (#6944) 2024-04-26 09:50:13 +02:00
Thomas Heartman
3fb53737c6
feat: include CR envs enabled on creation in event and update validation (#6931)
This PR improves the handling of change request enables on project
creation in two ways:

1. We now verify that the envs you try to enable CRs for exist before
passing them on to the enterprise functionality.
2. We include data about environments and change request environments in
the project created events.
2024-04-26 07:21:29 +02:00
Christopher Kolstad
cb40f35aeb
fix: don't apply bearer token middleware to root (#6939)
Conflicts with scim which assumes Bearer <token>, and is located under
/scim, with no /api prefix
2024-04-25 16:56:51 +02:00
Gastón Fournier
2400ffc67e
feat: remove bearer token middleware flag (#6934)
## About the changes
Removes the bearer token middleware flag for GA
2024-04-25 14:01:06 +00:00
Jaanus Sellin
68e7a3164e
fix: flag trends should support bigint for yes and no evaluations (#6930)
Recently we see some pods failing with inserting yes, no values that
were over int. Increasing type to bigint.
2024-04-25 14:02:04 +03:00
Tymoteusz Czech
34c1da58cc
feat: map project owners to projects list (#6928)
- Combining list of projects with owners
- Additional tests and checks
2024-04-25 11:26:39 +02:00
Mateusz Kwasniewski
44521c1c74
chore: remove variant dependencies flag (#6896) 2024-04-25 11:07:16 +02:00
Christopher Kolstad
af54e272d2
fix: added a check to avoid double counting (#6925)
Due to how we handle redirects of embedded proxy, we ended up counting
the same request twice. This PR adds a boolean to res.locals which we
then check if set to avoid double counting.
2024-04-25 10:08:23 +02:00
Mateusz Kwasniewski
574eb284b9
fix: client metrics structure lifecycle (#6924) 2024-04-25 09:27:20 +02:00
Tymoteusz Czech
477da7d514
Project owners read model - db read (#6916)
Implementation of the logic for fetching project owners.

Co-authored-by: Thomas Heartman <thomas@getunleash.io>
2024-04-25 09:23:11 +02:00
Mateusz Kwasniewski
f5061bc3ff
feat: return lifecycle state in feature overview (#6920) 2024-04-24 14:27:26 +02:00
Jaanus Sellin
e0ec5ed4b0
fix: now metrics in search will be aggregated across applications (#6915) 2024-04-24 12:10:39 +03:00
Jaanus Sellin
d578deab7f
chore: remove new frontend api feature flag (#6906)
The flag has been 100% for a bit now, we need to prepare for GA.
2024-04-24 09:15:57 +03:00
Gastón Fournier
8ec9a0f62d
chore: remove log (#6911)
This log is also not needed because we have the API status code 401 that
shows the same data
2024-04-23 12:48:34 +00:00
Gastón Fournier
61a689ccc7
chore: remove unnecessary logs (#6909) 2024-04-23 12:27:38 +00:00
Gastón Fournier
3e4ed38e2b
chore: remove logs for secret and change invalid token query logic (#6907)
## About the changes
What's going on is the following:
1. When a token is not found in the token's cache we try to find it in
the db
2. To prevent a denial of service attack using invalid tokens, we cache
the invalid tokens so we don't hit the db.
3. The issue is that we stored this token in the cache regardless we
found it or not. And if the token was valid the first time we'd add a
timestamp to avoid querying this token again the next time.
4. The next iteration the token should be in the cache:
54383a6578/src/lib/services/api-token-service.ts (L162)
but for some reason it is not and therefore we have to make a query. But
this is where the query prevention mechanism kicks in because it finds
the token in the cache and kicks us out. This PR fixes this by only
storing in the cache for misses if not found:
54383a6578/src/lib/services/api-token-service.ts (L164-L165)

The token was added to the cache because we were not checking if it had
expired. Now we added a check and we also have a log for expired tokens.
Some improvement opportunities:
- I don't think we display that a token has expired in the UI which
probably led to this issue
- When a token expired we don't display a specific error message or
error response saying that which is not very helpful for users
2024-04-23 11:44:59 +00:00
Gastón Fournier
dec107a597
chore: add a bunch of logs to validate api token validation behavior (#6905)
This change is meant to test something in sandbox. It will be reverted
after the investigation.
2024-04-23 11:14:54 +02:00
00Chaotic
13aa58e0e9
feat: allow admin login using demo auth (#6808)
This PR introduces a configuration option (`authentication.demoAllowAdminLogin`) that allows you to log in as admin when using demo authentication. To do this, use the username `admin`. 

## About the changes
The `admin` user currently cannot be accessed in `demo` authentication
mode, as the auth mode requires only an email to log in, and the admin
user is not created with an email. This change allows for logging in as
the admin user only if an `AUTH_DEMO_ALLOW_ADMIN_LOGIN` is set to `true`
(or the corresponding `authDemoAllowAdminLogin` config is enabled).

<!-- Does it close an issue? Multiple? -->
Closes #6398 

### Important files

[demo-authentication.ts](https://github.com/Unleash/unleash/compare/main...00Chaotic:unleash:feat/allow_admin_login_using_demo_auth?expand=1#diff-c166f00f0a8ca4425236b3bcba40a8a3bd07a98d067495a0a092eec26866c9f1R25)


## Discussion points
Can continue discussion of [this
comment](https://github.com/Unleash/unleash/pull/6447#issuecomment-2042405647)
in this PR.

---------

Co-authored-by: Thomas Heartman <thomasheartman+github@gmail.com>
2024-04-23 08:39:33 +02:00
Thomas Heartman
9ba6be6000
feat: add environments to project created payload (#6901)
This commit adds an `environments` property to the project created
payload. The list contains only the projects that the project has
enabled.

The point of adding it is that it gives you a better overview over
what you have created.
2024-04-22 14:37:45 +02:00
Thomas Heartman
b8380a0b5b
chore: add the projectListNewCards flag (#6898)
This PR adds the `projectListNewCards` flag to the constant defined in
`experimental.ts`. This should allow the API to pass that value to the
front end.
2024-04-22 10:50:21 +00:00
Gastón Fournier
ef91a5a8da
feat: crud time queries (#6895)
## About the changes
Add time metrics to relevant queries:
- get
- getAll
- bulkInsert
- count
- exists
- get

Ignored because might not be that relevant:
- insert
- delete
- deleteAll
- update
2024-04-22 09:31:37 +02:00
Gastón Fournier
126b78896e
feat: make edge use token's cache (#6893)
## About the changes
This PR removes the feature flag `queryMissingTokens` that was fully
rolled out.
It introduces a new way of checking edgeValidTokens controlled by the
flag `checkEdgeValidTokensFromCache` that relies in the cached data but
hits the DB if needed.

The assumption is that most of the times edge will find tokens in the
cache, except for a few cases in which a new token is queried. From all
tokens we expect at most one to hit the DB and in this case querying a
single token should be better than querying all the tokens.
2024-04-19 15:40:15 +02:00
Christopher Kolstad
ff6297d338
feat: Make Database SSL Configurable through files (#6892)
This makes it configurable either through a single JSON file with all
three certificates as separate keys or via separate files per
ca/cert/key key.

fixes #6718
2024-04-19 14:38:33 +02:00
Gastón Fournier
e6764a43c0
chore: Remove unused type (#6887)
This type was added to try to consolidate events now we're moving in a
different direction and this type is not used.
2024-04-18 16:52:14 +02:00
Christopher Kolstad
cf2bd28ff6
feat: use audit info in events (#6872)
I've tried to use/add the audit info to all events I could see/find.
This makes this PR necessarily huge, because we do store quite a few
events. 

I realise it might not be complete yet, but tests
run green, and I think we now have a pattern to follow for other events.
2024-04-18 16:32:35 +02:00
Thomas Heartman
bf4c29b621
chore: add enterprise extension point to enable change requests on project creation (#6881)
This PR adds an optional function parameter to the `createProject`
function that is intended to enable change requests for the newly
created project.

The assumption is that all the logic within will be decided in the
enterprise impl. The only thing we want to verify here is that it is
called after the project has been created.
2024-04-18 13:49:08 +02:00
Thomas Heartman
bda5eda224
chore: select enabled environments on project creation (#6869)
This PR adds functionality to the `createProject` function to choose
which environments should be enabled when you create a new project. The
new `environments` property is optional and omitting it will make it
work exactly as it does today.

The current implementation is fairly strict. We have some potential
ideas to make it easier to work with, but we haven't agreed on any yet.
Making it this strict means that we can always relax the rules later.

The rules are (codified in tests):
- If `environments` is not provided, all non-deprecated environments are
enabled
- If `environments` is provided, only the environments listed are
enabled, regardless of whether they're deprecated or not
- If `environments` is provided and is an empty array, the service
throws an error. The API should dilsallow that via the schema anyway,
but this catches it in case it sneaks in some other way.
- If `environments` is provided and contains one or more environments
that don't exist, the service throws an error. While we could ignore
them, that would lead to more complexity because we'd have to also check
that the at least one of the environments is valid. It also leads to
silent ignoring of errors, which may or may not be good for the user
experience.

The API endpoint for this sits in enterprise, so no customer-facing
changes are part of this.
2024-04-18 13:48:40 +02:00
Tymoteusz Czech
fd4bcfffa5
Feat: new projects list (#6873)
New card view for list of projects.

Co-authored-by: Thomas Heartman <thomas@getunleash.io>
2024-04-18 11:20:01 +02:00
Christopher Kolstad
633cae6f0d
feat: added IAuditUser to request with middleware (#6857)
Adds a middleware which adds our needed audit info as a separate object
to the request.
2024-04-18 10:13:40 +02:00
Jaanus Sellin
06f2f06f38
feat: optimize applications overview query (#6883)
We encountered an issue with a customer because this query was returning
3 million rows. The problem arose from each instance reporting
approximately 100 features, with a total of 30,000 instances. The query
was joining these, thus multiplying the data. This approach was fine for
a reasonable number of instances, but in this extreme case, it did not
perform well.

This PR modifies the logic; instead of performing outright joins, we are
now grouping features by environment into an array, resulting in just
one row returned per instance.

I tested locally with the same dataset. Previously, loading this large
instance took about 21 seconds; now it has reduced to 2 seconds.
Although this is still significant, the dataset is extensive.
2024-04-18 09:02:33 +03:00
Thomas Heartman
ef23cc0cc1
chore: add flag for improved project creation (#6870)
This PR adds the flag for the improved project creation flag to Unleash.
2024-04-16 14:57:52 +02:00
Jaanus Sellin
023e1594e9
feat: validate that id is number or we throw our our source code (#6860)
Previously, we were not validating that the ID was a number, which
sometimes resulted in returning our database queries (source code) to
the frontend. Now, we have validation middleware.
2024-04-16 15:48:57 +03:00
Jaanus Sellin
f45593176c
feat: start extracting project from session object (#6856)
Previously, we were extracting the project from the token, but now we
will retrieve it from the session, which contains the full list of
projects.

This change also resolves an issue we encountered when the token was a
multi-project token, formatted as []:dev:token. Previously, it was
unable to display the exact list of projects. Now, it will show the
exact project names.
2024-04-16 15:47:45 +03:00
gitar-bot[bot]
8dbd680326
[Gitar] Cleaning up stale feature flag: stripClientHeadersOn304 with value true (#6868)
<details>
  <summary>Feature Flag Cleanup</summary>

  | Stale Flag |  Value  |
  | ---------- | ------- |
  |   stripClientHeadersOn304   | true |

  </details>

  <details>
  <summary>Trigger</summary>

  https://github.com/Unleash/unleash/issues/6559#issuecomment-2058848984

  </details>

  <details>
  <summary>Bot Commands</summary>

`@gitar-bot cleanup stale_flag=value` will cleanup a stale feature flag.
Replace `stale_flag` with the name of the stale feature flag and `value`
with either `true` or `false`.

  </details>

---------

Co-authored-by: Gitar Bot <noreply@gitar.co>
2024-04-16 13:42:31 +02:00
Nuno Góis
31bf7825c0
chore: SCIM guard for groups (#6845)
https://linear.app/unleash/issue/2-2111/api-should-not-allow-manual-management-of-scim-managed-groups-in

Introduces a SCIM guard for SCIM groups. SCIM groups should be managed
exclusively by the SCIM client, not Unleash.

We decided to be restrictive for now, completely covering all of the
write methods, but may fine-tune some of this at a later stage.

Will eventually be followed up by a UI-centric PR.
2024-04-12 10:01:57 +01:00
Nuno Góis
f4ef06f69b
chore: SCIM guard for users (#6836)
https://linear.app/unleash/issue/2-2093/api-should-not-allow-manual-management-of-scim-managed-users-in

Introduces a SCIM guard for SCIM users. SCIM users should be managed
exclusively by the SCIM client, not Unleash.

We decided to be restrictive for now, completely covering all of the
write methods, but may fine-tune some of this at a later stage.

Will eventually be followed up by a UI-centric PR.
2024-04-12 08:23:35 +01:00
David Leek
88b5bfcb29
chore(ui): add a separate feature flag for traffic visibility UI (#6832)
## About the changes

Adds a separate feature flag for the traffic data usage UI
2024-04-11 10:37:53 +02:00
Thomas Heartman
1a05bdad2e
chore: add flag for project list filter updates (#6825)
This PR adds the flag for the project list filter feature we're working
on at the moment.
2024-04-10 14:40:50 +02:00
Gastón Fournier
e6ec78fdac
chore: job-service handle exceptions (#6818)
## About the changes
This allows failed functions to record that they've failed when wrapped
with a job.
2024-04-10 14:34:16 +02:00
David Leek
02b3805ca6
Feat/configure scheduled created by migration (#6821)
## About the changes

- Removes the feature flag for the created_by migrations.
- Adds a configuration option in IServerOption for
`ENABLE_SCHEDULED_CREATED_BY_MIGRATION` that defaults to `false`
- the new configuration option when set on startup enables scheduling of
the two created_by migration services (features+events)
- Removes the dependency on flag provider in EventStore as it's no
longer needed
- Adds a brief description of the new configuration option in
`configuring-unleash.md`
- Sets the events created_by migration interval to 15 minutes, up from
2.

---------

Co-authored-by: Gastón Fournier <gaston@getunleash.io>
2024-04-10 14:12:58 +02:00
Gastón Fournier
f3cd1be9df
chore: remove response time metrics fix (#6779)
## About the changes
The feature `responseTimeMetricsFix` has been enabled for a while. Since
it's released in 5.11 this prepares the removal for the next major
version.


![image](https://github.com/Unleash/unleash/assets/455064/cc49ba3f-f775-45b2-998c-ef7a02c537b4)
2024-04-10 12:34:05 +02:00
Gastón Fournier
0a2d40fb8b
feat: allow schedulers to run in a single node (#6794)
## About the changes
This PR provides a service that allows a scheduled function to run in a
single instance. It's currently not in use but tests show how to wrap a
function to make it single-instance:

65b7080e05/src/lib/features/scheduler/job-service.test.ts (L26-L32)

The key `'test'` is used to identify the group and most likely should
have the same name as the scheduled job.

---------

Co-authored-by: Christopher Kolstad <chriswk@getunleash.io>
2024-04-10 11:47:22 +02:00
Thomas Heartman
cfd9e4894a
chore: Establish a baseline for the number of envs disabled per project (#6807)
This PR adds a counter in Prometheus for counting the number of
"environment disabled" events we get per project. The purpose of this is
to establish a baseline for one of the "project management UI" project's
key results.

## On gauges vs counters

This PR uses a counter. Using a gauge would give you the total number of
envs disabled, not the number of disable events. The difference is
subtle, but important.

For projects that were created before the new feature, the gauge might
be appropriate. Because each disabled env would require at least one
disabled event, we can get a floor of how many events were triggered for
each project.

However, for projects created after we introduce the planned change,
we're not interested in the total envs anymore, because you can disable
a hundred envs on creation with a single action. In this case, a gauge
showing 100 disabled envs would be misleading, because it didn't take
100 events to disable them.

So the interesting metric here is how many times did you specifically
disable an environment in project settings, hence the counter.

## Assumptions and future plans

To make this easier on ourselves, we make the follow assumption: people
primarily disable envs **when creating a project**.

This means that there might be a few lagging indicators granting some
projects a smaller number of events than expected, but we may be able to
filter those out.

Further, if we had a metric for each project and its creation date, we
could correlate that with the metrics to answer the question "how many
envs do people disable in the first week? Two weeks? A month?". Or
worded differently: after creating a project, how long does it take for
people to configure environments?

Similarly, if we gather that data, it will also make filtering out the
number of events for projects created **after** the new changes have
been released much easier.

The good news: Because the project creation metric with dates is a
static aggregate, it can be applied at any time, even retroactively, to
see the effects.
2024-04-10 08:49:15 +02:00
andreas-unleash
5a5d909137
fix: environment_type_trends table data (#6796)
Creates a migration to fix the environment_type_trends table data.


---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
Co-authored-by: sjaanus <sellinjaanus@gmail.com>
2024-04-09 12:37:05 +03:00
Mateusz Kwasniewski
7cb9910b05
feat: handle invalid metrics (#6795) 2024-04-08 12:09:20 +02:00
Mateusz Kwasniewski
9dc9fb3586
feat: Feature lifecycle sql store (#6790) 2024-04-08 08:54:41 +02:00
Thomas Heartman
c59d28ad6c
feat: playground api returns removed context values under a new warnings property (#6784)
This PR expands upon #6773 by returning the list of removed properties
in the API response. To achieve this, I added a new top-level `warnings`
key to the API response and added an `invalidContextProperties` property
under it. This is a list with the keys that were removed.

## Discussion points

**Should we return the type of each removed key's value?** We could
expand upon this by also returning the type that was considered invalid
for the property, e.g. `invalidProp: 'object'`. This would give us more
information that we could display to the user. However, I'm not sure
it's useful? We already return the input as-is, so you can always
cross-check. And the only type we allow for non-`properties` top-level
properties is `string`. Does it give any useful info? I think if we want
to display this in the UI, we might be better off cross-referencing with
the input?

**Can properties be invalid for any other reason?** As far as I can
tell, that's the only reason properties can be invalid for the context.
OpenAPI will prevent you from using a type other than string for the
context fields we have defined and does not let you add non-string
properties to the `properties` object. So all we have to deal with are
top-level properties. And as long as they are strings, then they should
be valid.

**Should we instead infer the diff when creating the model?** In this
first approach, I've amended the `clean-context` function to also return
the list of context fields it has removed. The downside to this approach
is that we need to thread it through a few more hoops. Another approach
would be to compare the input context with the context used to evaluate
one of the features when we create the view model and derive the missing
keys from that. This would probably work in 98 percent of cases.
However, if your result contains no flags, then we can't calculate the
diff. But maybe that's alright? It would likely be fewer lines of code
(but might require additional testing), although picking an environment
from feels hacky.
2024-04-08 08:47:22 +02:00
Mateusz Kwasniewski
e868c3291f
feat: feature lifecycle metrics from event bus (#6789) 2024-04-05 15:34:08 +02:00
Mateusz Kwasniewski
28a3a064b9
feat: Feature lifecycle controller (#6788) 2024-04-05 13:57:27 +02:00
Mateusz Kwasniewski
efda70ac5d
feat: feature lifecycle usage behind a flag (#6786) 2024-04-05 13:42:03 +02:00
Mateusz Kwasniewski
e2fabcafd4
feat: initial design for feature lifecycle service (#6777) 2024-04-05 11:47:30 +02:00
Thomas Heartman
ac6c05def1
fix: handle objects in top-level context in playground (#6773)
Don't include invalid context properties in the contexts that we
evaluate.

This PR removes any non-`properties` fields that have a non-string
value.

This prevents the front end from crashing when trying to render an
object.

Expect follow-up PRs to include more warnings/diagnostics we can show to
the end user to inform them of what fields have been removed and why.
2024-04-05 08:56:57 +02:00
andreas-unleash
e9f9cd1147
chore: add default implementation to fake methods (#6776)
Mock implements function in fake project store

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-04-04 16:02:55 +03:00
Mateusz Kwasniewski
0422e5b5b0
feat: private projects in application overview (#6775) 2024-04-04 14:56:21 +02:00
Gastón Fournier
d7ab8863f0
chore: cache query misses to protect against DDoS (#6771)
## About the changes
This PR establishes a simple yet effective mechanism to avoid DDoS
against our DB while also protecting against memory leaks.

This will enable us to release the flag `queryMissingTokens` to make our
token validation consistent across different nodes

---------

Co-authored-by: Nuno Góis <github@nunogois.com>
2024-04-03 15:43:11 +02:00
andreas-unleash
d466f608c2
chore: convert newContextFieldUI to kill switch (#6752)
Converts `newContextFieldUI` release flag to
`disableShowContextFieldSelectionValues` kill switch.

The kill switch controls whether we show the value selection above the
search filed when > 100 values

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-04-03 15:02:05 +02:00
Mateusz Kwasniewski
501acd080a
chore: project overview refactor feedback behind a flag (#6772) 2024-04-03 13:55:12 +02:00
Nuno Góis
86d86f58b0
chore: fix bearer token middleware signal endpoint logic (#6767)
This should make it so that the `signal-endpoint` route match is
slightly less strict.
2024-04-03 11:29:09 +01:00
Jaanus Sellin
a664a449ef
chore: remove strategy form feedback (#6769) 2024-04-03 12:16:58 +02:00
Gastón Fournier
0a0f5a73ab
chore: stop using deprecated method (#6764)
`storeUserEvent` from event-service was deprecated. We stop using it and
remove the method completely
2024-04-03 09:55:09 +02:00
Gastón Fournier
e845459034
chore: Better randomness (#6755)
## About the changes
This change is irrelevant as it doesn't pose a security risk, but
there's no reason for us not to use a different type of random
generation for the `sessionId`

**Note:** the magic number 18 was picked because that's the length of
the string we get from `String(Math.random())`

Closes https://github.com/Unleash/unleash/security/code-scanning/68 and
https://github.com/Unleash/unleash/security/code-scanning/69
2024-04-02 16:21:33 +02:00
Gastón Fournier
783c83173f
chore: when some promise fails others might hang and leave open conns (#6636)
This was identified during some tests where we noticed jest did not
complete properly (notice how after linking unleash-server to this
commit it didn't have that issue):

![image](https://github.com/Unleash/unleash/assets/455064/306e57b8-6473-459a-8104-7223d1de40c3)
2024-04-02 11:25:38 +02:00
Nuno Góis
a30ddd81c5
chore: bearer token middleware (#6624)
Adds a bearer token middleware that adds support for tokens prefixed
with "Bearer" scheme. Prefixing with "Bearer" is optional and the old
way of authenticating still works, so we now support both ways.

Also, added as part of our OpenAPI spec which now displays authorization
as follows:

![image](https://github.com/Unleash/unleash/assets/455064/77b17342-2315-4c08-bf34-4655e12a1cc3)

Related to #4630. Doesn't fully close the issue as we're still using
some invalid characters for the RFC, in particular `*` and `[]`

For safety reasons this is behind a feature flag

---------

Co-authored-by: Gastón Fournier <gaston@getunleash.io>
2024-04-02 10:21:38 +01:00
Jaanus Sellin
8942cda901
refactor: fix return type for getFeatureOverviewData (#6750)
Brought up by https://github.com/Unleash/unleash/issues/6738
2024-04-02 10:36:30 +03:00
Gastón Fournier
fc43391184
chore: adapted IUser to our DB schema (#6627)
## About the changes
Our schema allows us to have null username or email. With this change at
least we'll get a compiler warning when using either of these properties

![Screenshot from 2024-03-20
12-20-45](https://github.com/Unleash/unleash/assets/455064/7e1b7846-43a4-4532-be39-5a7bbc14e9fc)
2024-04-02 09:22:26 +02:00
andreas-unleash
c868b5a868
Feat: context field search and filter improvements (#6732)
Adds highlighting to search values 
Search also looks in `description`

behind a flag - it could possibly degrade performance when too many
items. Tested with 200 and it's ok but anything above might degrade:
Adds a Select/Unselect all button
Shows the selected values above the search 

Closes #
[1-2232](https://linear.app/unleash/issue/1-2232/context-field-ui-filter-and-search)



https://github.com/Unleash/unleash/assets/104830839/ba2fe56f-c5db-4ce7-bc3c-1e7988682984

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-03-29 15:44:34 +02:00
Mateusz Kwasniewski
11f4155d5a
fix: revert archived column for backwards migration compatibility (#6737) 2024-03-29 13:00:33 +01:00
Mateusz Kwasniewski
42355b0c89
feat: List possible parent variants (#6733) 2024-03-28 16:53:30 +01:00
Mateusz Kwasniewski
664ceaea09
feat: disabled feature dependency (#6731) 2024-03-28 16:02:25 +01:00
Jaanus Sellin
d3847fd8ee
feat: collect prometheus data about archived features (#6728) 2024-03-28 13:40:30 +02:00
gitar-bot[bot]
4932ae0539
[Gitar] Cleaning up stale feature flag: increaseUnleashWidth with value true (#6724)
Co-authored-by: Gitar Bot <noreply@gitar.co>
Co-authored-by: sjaanus <sellinjaanus@gmail.com>
2024-03-28 11:04:00 +02:00
gitar-bot[bot]
ca6946df86
chore: [Gitar] Cleaning up stale feature flag: sdkReporting with value true (#6717)
Co-authored-by: Gitar Bot <noreply@gitar.co>
Co-authored-by: sjaanus <sellinjaanus@gmail.com>
2024-03-28 09:19:11 +02:00
Jaanus Sellin
ab82543f54
Revert "fix: prevent non-string properties from being passed as context values" (#6702)
Reverts Unleash/unleash#6676
2024-03-26 16:18:35 +02:00
Mateusz Kwasniewski
6762703db9
chore: remove extended usage metrics ui flag (#6701) 2024-03-26 15:14:39 +01:00
Christopher Kolstad
8e08df5c19
feat: add index on group name (#6696)
As the title says, adds an index on the group name. Scim (in particular
Azure) uses group names to find correct group to sync.
2024-03-26 14:48:05 +01:00
Ivar Conradi Østhus
a6643e4721
Revert "fix: Add metrics for old proxy forward (#6695)"
This reverts commit d065905e73.
2024-03-26 14:13:18 +01:00
Ivar Conradi Østhus
d065905e73
fix: Add metrics for old proxy forward (#6695)
This change adds a new prometheus counter to all us to capture when we
automatically forward traffic from old /proxy paths to the /api/frontend
path.


![image](https://github.com/Unleash/unleash/assets/158948/639a4ade-4758-41e6-b87b-a497f00313fa)
2024-03-26 12:25:15 +01:00
Tymoteusz Czech
d3eac6caf8
feat(integrations): ability to add stringified event (#6642)
You might want to include entire event, but as a different field.
2024-03-26 09:25:16 +01:00
Jaanus Sellin
283a8f4d8b
feat: dependant flag on feature search (#6684) 2024-03-25 15:45:18 +02:00
Mateusz Kwasniewski
d4f52cdb54
refactor: remove change requests from project insights api (#6685) 2024-03-25 14:44:32 +01:00
Thomas Heartman
9ecd81ebb4
fix: prevent non-string properties from being passed as context values (#6676)
This change fixes the OpenAPI schema to disallow non-string properties
on the top level of the context (except, of course, the `properties`
object).

This means that we'll no longer be seeing issues with rendering
invalid contexts, because we don't accept them in the first place.

This solution comes with some tradeoffs discussed in the [PR](https://github.com/Unleash/unleash/pull/6676). Following on from that, this solution isn't optimal, but it's a good stop gap. A better solution (proposed in the PR discussion) has been added as an idea for future projects.

The bulk of the discussion around the solution is included here for reference:

@kwasniew:
Was it possible to pass non string properties with our UI before?
Is there a chance that something will break after this change?

@thomasheartman:
Good question and good looking out 😄 

You **could** pass non-string, top-level properties into the API before. In other words, this would be allowed:

```js
{ 
  appName: "my-app",
  nested: { object: "accepted" }
}
```

But notably, non-string values under `properties` would **not** be accepted:

```js
{ 
  appName: "my-app",
  properties: {
    nested: { object: "not accepted" }
  }
}
```

**However**, the values would not contribute to the evaluation of any constraints (because their type is invalid), so they would effectively be ignored. 

Now, however, you'll instead get a 400 saying that the "nested" value must be a string.

I would consider this a bug fix because:
- if you sent a nested object before, it was most likely an oversight
- if you sent the nested object on purpose, expecting it to work, you would be perplexed as to why it didn't work, as the API accepted it happily

Furthermore, the UI will also tell you that the property must be a string now if you try to do it from the UI.

On the other hand, this does mean that while you could send absolute garbage in before and we would just ignore it, we don't do that anymore. This does go against how we allow you to send anything for pretty much all other objects in our API.

However, the SDK context is special. Arbitrary keys aren't ignored, they're actually part of the context itself and as such should have a valid value.

So if anything breaks, I think it breaks in a way that tells you why something wasn't working before. However, I'd love to hear your take on it and we can re-evaluate whether this is the right fix, if you think it isn't.

@kwasniew:
Coming from the https://en.wikipedia.org/wiki/Robustness_principle mindset I'm thinking if ignoring the fields that are incorrect wouldn't be a better option. So we'd accept incorrect value and drop it instead of:
* failing with client error (as this PR) or
* saving incorrect value (as previous code we had)

@thomasheartman:
Yeah, I considered that too. In fact, that was my initial idea (for the reason you stated). However, there's a couple tradeoffs here (as always):

1. If we just ignore those values, the end user doesn't know what's happened unless they go and dig through the responses. And even then, they don't necessarily know why the value is gone.
2. As mentioned, for the context, arbitrary keys can't be ignored, because we use them to build the context. In other words, they're actually invalid input.

Now, I agree that you should be liberal in what you accept and try to handle things gracefully, but that means you need to have a sensible default to fall back to. Or, to quote the Wikipedia article (selectively; with added emphasis):

> programs that receive messages should accept non-conformant input **as long as the meaning is clear**. 

In this case, the meaning isn't clear when you send extra context values that aren't strings. 
For instance, what's the meaning here:

```js
{ 
  appName: "my-app",
  nested: { object: "accepted", more: { further: "nesting" } }
}
```

If you were trying to use the `nested` value as an object, then that won't work. Ideally, you should be alerted.

Should we "unwind" the object and add all string keys as context values? That doesn't sound very feasible **or** necessarily like the right thing.

Did you just intend to use the `appName` and for the `nested` object to be ignored?

And it's because of this caveat that I'm not convinced just ignoring the keys are the right thing to do. Because if you do, the user never knows they were ignored or why.

----

**However**, I'd be in favor of ignoring they keys if we could **also** give the users warnings at the same time. (Something like what we do in the CR api, right? Success with warnings?) 

If we can tell the user that "we ignored the `a`, `b`, and `c` keys in the context you sent because they are invalid values. Here is the result of the evaluation without taking those keys into account: [...]", then I think that's the ideal solution.

But of course, the tradeoff is that that increases the complexity of the API and the complexity of the task. It also requires UI adjustments etc. This means that it's not a simple fix anymore, but more of a mini-project.

But, in the spirit of the playground, I think it would be a worthwhile thing to do because it helps people learn and understand how Unleash works.
2024-03-25 11:58:23 +01:00
Simon Hornby
2747dcaba9
chore: add scim id migration for groups (#6682) 2024-03-25 11:39:11 +02:00
Christopher Kolstad
79fcfc26b8
fix: use defaults when creating gradualRollout strategies (#6623)
Via the API you can currently create gradualRollout strategies without
any parameters set, when visiting the UI afterwards, you can edit this,
because the UI reads the parameter list from the database and sees that
some parameters are required, and refuses to accept the data. This PR
adds defaults for gradualRollout strategies created from the API, making
sure gradual rollout strategies always have `rollout`, `groupId` and
`stickiness` set.
2024-03-25 10:38:41 +01:00
Jaanus Sellin
a2a9a84974
feat: search includes feature last seen data last hour (#6677) 2024-03-25 10:32:19 +02:00
David Leek
e0994b088a
feat: traffic visibility UI and store (#6659)
Provides store method for retrieving traffic usage data based on
period parameter, and UI + ui hook with the new chart for displaying
traffic usage data spread out over selectable month.

![Skjermbilde 2024-03-21 kl 12 40
38](https://github.com/Unleash/unleash/assets/707867/539c6c98-b6f6-488a-97fb-baf4fccec687)

In this PR we copied and adapted a plugin written by DX for highlighting
a column in the chart:


![image](https://github.com/Unleash/unleash/assets/707867/70532b22-44ed-44c0-a9b4-75f65ed6a63d)

There are some minor improvements planned which will come in a separate
PR, reversing the order in legend and tooltip so the colors go from
light to dark, and adding a month -sum below the legend

## Discussion points

- Should any of this be extracted as a separate reusable component?

---------

Co-authored-by: Nuno Góis <github@nunogois.com>
2024-03-22 11:54:33 +01:00
Mateusz Kwasniewski
86f229a69d
test: project insights service test (#6661) 2024-03-22 09:48:29 +01:00
Jaanus Sellin
2f7580e6b1
feat: project members not hardcoded (#6658) 2024-03-21 14:33:23 +02:00
Mateusz Kwasniewski
3241d14a05
test: project insights read model test (#6657) 2024-03-21 12:09:13 +01:00
Mateusz Kwasniewski
85454bf488
refactor: reduce project insights coupling (#6655) 2024-03-21 11:37:25 +01:00
Jaanus Sellin
c41ec49615
feat: remove active/inactive members (#6654)
![image](https://github.com/Unleash/unleash/assets/964450/769ef8bb-834d-4917-898f-b2ba17a9062b)
2024-03-21 11:27:37 +02:00
Mateusz Kwasniewski
8080a1d907
feat: read change requests for insights (#6651) 2024-03-21 09:08:19 +01:00
andreas-unleash
84707e2bf3
chore: create new flag to hide insights ui (#6638)
Creates a new flag to control the executive dashboard ui

Closes #
[1-2208](https://linear.app/unleash/issue/1-2208/create-separate-ui-flag-decoupled-from-the-backend-flag)

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-03-20 17:21:46 +02:00
Mateusz Kwasniewski
87b9f4f713
refactor: Project insights subdomain (#6634) 2024-03-20 15:06:11 +01:00
Mateusz Kwasniewski
6dc6e36084
feat: expose stats, health and flag types insights (#6630) 2024-03-20 13:34:48 +01:00
Mateusz Kwasniewski
03a84e2d42
feat: project insights resource with hardcoded data (#6610) 2024-03-19 20:23:29 +01:00
Gastón Fournier
085adaaa51
fix: authorization header typo (#6609)
## About the changes
There seems to be a typo in the authorization header. We're keeping the
old typo as preferred just in case, but if not present we'll default to
the authorization header (not authorisation).

Not sure about the impact of this bug, as all registrations might be
using default project.
2024-03-19 16:08:39 +01:00
Fredrik Strand Oseberg
911b918817
fix: set log level to error for db migrate (#6601)
This PR sets the log level of db-migrate to error, because it interferes
with the indexing of our logs in Loki when the logs are not in JSON
format.
2024-03-19 14:45:27 +01:00
Christopher Kolstad
b4bf84d5b0
chore: Upgrade to typescript 5.4.2 (#6605)
The changes to arbitraries here is to make typescript agree with our
schema types. Seems like somewhere between 4.8.4 and 5.4.2, typescript
got stricter.
2024-03-19 10:46:08 +00:00
Gastón Fournier
26e696a090
chore: log error properly (#6596)
## About the changes
We see some logs with: `Failed to store events: Error: The query is
empty` which suggests we're not sending events to batchStore. This will
help us confirm that and will give us better insights
2024-03-18 17:11:36 +01:00
Christopher Kolstad
53354224fc
chore: Bump biome and configure husky (#6589)
Upgrades biome to 1.6.1, and updates husky pre-commit hook.

Most changes here are making type imports explicit.
2024-03-18 13:58:05 +01:00
Fredrik Strand Oseberg
3621c7282d
feat: setup ff (#6532)
Setup feature flag for the new refactoring of the project overview page

---------

Co-authored-by: sjaanus <sellinjaanus@gmail.com>
2024-03-18 13:38:59 +02:00
Nuno Góis
a86b8d36b3
chore: redesign action configurations (#6588)
https://linear.app/unleash/issue/2-2050/redesign-action-definitions-oss

Depends on a PR on Enterprise that will provide a new endpoint with
action configurations.

We should also clean up the now unnecessary constants and hook.
2024-03-18 11:09:49 +00:00
Mateusz Kwasniewski
f45dbc647e
refactor: make outdated sdk finding simpler (#6587) 2024-03-15 15:38:57 +01:00
Mateusz Kwasniewski
06e2c6e514
fix: outdated sdk version handles non semver versions (#6586) 2024-03-15 14:58:53 +01:00
Christopher Kolstad
d5bc3585aa
feat: Added shutdown hook option (#6585)
An entrypoint for enterprise to register a hook which will be called
before the database and scheduler services are torn down. That way
enterprise can also perform graceful shutdown.
2024-03-15 13:05:35 +00:00
Mateusz Kwasniewski
2716f72ea6
feat: separate new frontend api path for perf measurements (#6583) 2024-03-15 13:31:08 +02:00
gitar-bot[bot]
3d4aa4abcb
[Remix] Cleaning up stale feature flag: proPlanAutoCharge with value true (#6581) 2024-03-15 11:53:30 +02:00
Nuno Góis
de34497478
chore: drop action definition required (#6567)
https://linear.app/unleash/issue/2-2046/implement-dynamic-action-parameters

Follow up to https://github.com/Unleash/unleash/pull/6554

Cleans up the `required` property in action definitions after adapting
to using the `parameters` property instead.
2024-03-14 16:32:14 +00:00
Nuno Góis
7a3d2d6d87
chore: dynamic action parameters (#6554)
https://linear.app/unleash/issue/2-2046/implement-dynamic-action-parameters

Implements dynamic action parameters.

Also improves the action dropdown to better prepare for future actions.

<img width="771" alt="image"
src="https://github.com/Unleash/unleash/assets/14320932/ec3fcaf2-40c8-4dc8-8834-7a0d54671fd2">
2024-03-14 15:25:23 +00:00
Mateusz Kwasniewski
98c1c101ee
fix: handle sdk versions with nulls (#6558) 2024-03-14 15:47:34 +01:00
Mateusz Kwasniewski
dc1d5ce4f2
chore: update outdated sdks list (#6556) 2024-03-14 15:30:23 +01:00
Gastón Fournier
7c69500cd0
chore: mark resource limits config type fields mandatory (#6550)
## About the changes
All fields should be defined in the configuration to either a
user-provided value or a sensible default
2024-03-14 13:59:20 +01:00
Mateusz Kwasniewski
2b2089f7b5
feat: clickable banner modal links (#6552) 2024-03-14 13:19:27 +01:00
Simon Hornby
a2c4b8c320
refactor: allow user events to take in only what they need (#6545) 2024-03-14 12:14:33 +02:00
Jaanus Sellin
ba53bd7bf9
refactor: optimize applications overview (#6548)
There was no need to join the entire metrics table, as it is a huge
table. We only needed all combinations of app_name, environment, and
feature_name. The new query retrieves all this data, which will then be
joined into the main query.
2024-03-14 12:11:15 +02:00
Mateusz Kwasniewski
c6fd558da4
feat: show outdated sdks banner (#6541) 2024-03-14 10:15:33 +01:00
Jaanus Sellin
8c87e27b8a
feat: enable frontend cache for everyone (#6546) 2024-03-14 10:55:49 +02:00
Nuno Góis
bc6a96cf6b
chore: suggest nested properties in action filters (#6533)
https://linear.app/unleash/issue/2-2029/support-filtering-on-nested-properties

Suggests nested properties in action filters. Also sorts them
alphabetically.

Follow up to https://github.com/Unleash/unleash/pull/6531

<img width="381" alt="image"
src="https://github.com/Unleash/unleash/assets/14320932/4e2c900d-335b-4360-8be4-186f3887e42b">
2024-03-13 16:07:01 +00:00
Mateusz Kwasniewski
9438400e77
feat: outdated sdks api (#6539) 2024-03-13 15:56:22 +01:00
Jaanus Sellin
3c22a302c7
fix: fix frontend api timings (#6536)
Just a typo
2024-03-13 15:10:48 +02:00
Jaanus Sellin
c4412d8276
fix: measure frontend times only when flag enabled (#6535)
Moving to controller level to measure only for flag. Other option would
have been to check flag also at service.
2024-03-13 14:28:59 +02:00
Nuno Góis
422af36d2d
chore: flatten payload util (#6531)
https://linear.app/unleash/issue/2-2029/support-filtering-on-nested-properties

This will allow us to support and suggest payload subproperties in the
action filters.
2024-03-13 11:10:44 +00:00
Jaanus Sellin
570af43615
feat: share context between both frontend apis (#6529)
We are sharing contexts because we want both clients to use same session
ID.
2024-03-13 11:17:40 +02:00
Jaanus Sellin
259fde09db
feat: add possibility to see differences for frontend API (#6528) 2024-03-13 09:41:48 +02:00
Gastón Fournier
16507a971b
chore: re-add max listeners (#6522)
## About the changes
Some tests are reporting this error:

`MaxListenersExceededWarning: Possible EventEmitter memory leak
detected. 11 UPDATE_REVISION listeners added to
[ConfigurationRevisionService]. Use emitter.setMaxListeners() to
increase limit`

I thought it's because of this change
https://github.com/Unleash/unleash/pull/6400#discussion_r1511494201 but
it was not.

I've managed to get a trace of the issue following this
https://stackoverflow.com/q/62897235/239613 and now we can identify
`ConfigurationRevisionService` as one explanation. The reason is that
it's a singleton that should be cleaned up after tests.

E.g.:
https://github.com/Unleash/unleash/actions/runs/8248332132/job/22558419656?pr=6517#step:8:15
2024-03-12 16:34:55 +01:00
Mateusz Kwasniewski
6278cdb6c7
feat: better logging for old and new frontend api differences (#6524) 2024-03-12 16:22:16 +01:00
Fredrik Strand Oseberg
bfbd18eb97
fix: allow deletion of segments referencing strategies in archived f… (#6406)
Subset of #6392, allowing you to delete segments that are referenced in
strategies on archived features.
2024-03-12 15:03:53 +01:00
Jaanus Sellin
a08bada1de
feat: do not return disabled features to FE api (#6520) 2024-03-12 14:41:25 +02:00
Christopher Kolstad
ca329da4b4
fix: scim id was not unique (#6450)
This PR drops the previous PRs scim_id idx and replaces it with an
actual UNIQUE index
2024-03-12 13:36:21 +01:00
Jaanus Sellin
2a57acca41
feat: start monitoring total time to update cache (#6517) 2024-03-12 14:27:04 +02:00
Mateusz Kwasniewski
1d526e707b
test: compare frontend api implementations (#6515) 2024-03-12 12:22:27 +01:00
Jaanus Sellin
b7915171ff
feat: start tracking operation duration (#6514) 2024-03-12 12:30:30 +02:00
Christopher Kolstad
55da9b8133
fix: admin token requests does not automatically have id (#6501)
To check that users do indeed have permissions to update the roles from
project-service, we've been depending on req.user.id.
We had one error on Friday March 8th, where we managed to send
undefined/null to a method that requires a number. This PR assumes that
if we have an API token, and we have admin permissions and userId is not
set we're a legacy admin token.

It uses the util method for extractUserId(req: IAuthRequest | IApiRequest), so if we've passed through the apiTokenMiddleware first, we'll have userId -42, if we haven't, we'll get -1337.
2024-03-12 10:39:37 +01:00
Mateusz Kwasniewski
bc83a4d66e
refactor: rename proxy to frontend api in openapi schemas (#6511) 2024-03-12 10:15:24 +01:00
Mateusz Kwasniewski
1f374ea20e
refactor: rename proxy to frontend api (#6502) 2024-03-11 17:30:46 +01:00
Gastón Fournier
977b0e4e28
chore: rename parametric types to make them clearer (#6500)
## About the changes
Just renaming to bring more clarity based on
https://github.com/Unleash/unleash/pull/6436#discussion_r1517334796
2024-03-11 15:41:34 +01:00
Mateusz Kwasniewski
160eec18a0
feat: compare old and new proxy results (#6497) 2024-03-11 14:00:18 +01:00
Jaanus Sellin
a544a8a4ad
feat: count frontend api requests (#6495)
Now frontend API requests will be counted separately under
getAllByfrontend. We are already tracking new FE db calls, so we can
build grafana dashboard.
2024-03-11 14:54:14 +02:00
Jaanus Sellin
184e0e5190
feat: add returnGlobalFrontendApiCache flag (#6494) 2024-03-11 14:27:17 +02:00
Mateusz Kwasniewski
eae373f386
fix: Configuration revision service singleton (#6493) 2024-03-11 13:22:52 +01:00
Mateusz Kwasniewski
c841e72244
fix: revert composition root (#6492) 2024-03-11 13:09:13 +01:00
Jaanus Sellin
0cf7b324a5
feat: frontend api clean up not needed columns (#6489)
1. Clean up not used fields
2. Fix a bug where segment was not attached
2024-03-11 13:41:41 +02:00
Jaanus Sellin
2997faecf6
refactor: remove client from frontend api (#6490)
There was extra call getClient().getAll() not needed and complicating
readability.
2024-03-11 13:30:32 +02:00
Mateusz Kwasniewski
17ea8b3734
feat: compare feture definitions not evaluations (#6486) 2024-03-11 12:05:17 +01:00
Mateusz Kwasniewski
48fa39c9fc
feat: Compositon root for proxy service (#6488) 2024-03-11 11:22:04 +01:00
Mateusz Kwasniewski
2a3959082c
refactor: proxy/frontend api in feature oriented architecture (#6487) 2024-03-11 09:28:40 +01:00
Nuno Góis
7d827442ee
fix: add actions validation (#6481)
https://linear.app/unleash/issue/2-2022/improve-actions-validation

Improves our current actions form validation. 

Empty actions are now ignored on the payload and we get errors in
actions where any of the required fields are empty.

Also refactored our current actions into a constant map that can be
shared across frontend and backend.
2024-03-11 08:18:36 +00:00
Gastón Fournier
da41d3dbcf
chore: automate openapi schema list (#6463)
## About the changes
This PR automates the generation of exported open api schemas on
pre-commit, removing some manual steps and also standardizing the
process. The schema list definition now looks way simpler:

b6f3877296/src/lib/openapi/index.ts (L37-L49)

Also added
2817e66b29/src/lib/openapi/spec/index.ts (L1-L4)
for devs
2024-03-08 14:58:22 +01:00
Jaanus Sellin
381af7835b
feat: sort frontend api features by name (#6479) 2024-03-08 15:34:33 +02:00
Jaanus Sellin
2e6d91846b
feat: make frontend api complexity O(n) instead of O(n2) (#6477) 2024-03-08 14:00:38 +01:00
David Leek
6f2bd546a6
fix: await trafficDataUsageStore.deleteAll where its being used (#6478)
## About the changes

trafficDataUsageStore.deleteAll() wasn't being awaited in tests, leading
to flaky tests. This PR ensures it's being awaited
2024-03-08 13:34:46 +01:00
Mateusz Kwasniewski
8f105f9d30
feat: Compare old results with new frontend api (#6476) 2024-03-08 13:03:41 +01:00
Gastón Fournier
1949d0134f
fix: mapper function should be partial (#6475)
Small fix to make mapper function partial as it should be
2024-03-08 11:20:41 +01:00
Gastón Fournier
82f4093c04
feat: adapted CRUD store from enterprise into OSS (#6474)
## About the changes
This ports the CRUD store into OSS which is an abstraction to reduce the
amount of boilerplate code we have to write in stores.

By extending CRUDStore, the store becomes simply the type definition:
```typescript
 type ActionModel = { 
     actionSetId: number; 
     action: string; 
     executionParams: Record<string, unknown>; 
     createdByUserId: number; 
     sortOrder: number; 
 }; 
  
 export class ActionStore extends CRUDStore< 
     ActionModel & { id: number; createdAt: Date }, 
     ActionModel 
 > { 
}
```

And eventually specific mappings between those types can be provided (if
the mapping is more complex than camelCase -> snake_case):
```typescript
 toRow: ({ project, name, actor, match, createdByUserId }) => ({ 
     created_by_user_id: createdByUserId, 
     project, 
     name, 
     actor_id: actor, 
     source: match.source, 
     source_id: match.sourceId, 
     payload: match.payload, 
 }), 
 fromRow: ({ 
     id, 
     created_at, 
     created_by_user_id, 
     project, 
     name, 
     actor_id, 
     source, 
     source_id, 
     payload, 
 }) => ({ 
     id, 
     createdAt: created_at, 
     createdByUserId: created_by_user_id, 
     project, 
     name, 
     actor: actor_id, 
     match: { 
         source, 
         sourceId: source_id, 
         payload, 
     }, 
 }), 
```
Stores can also be extended to include additional functionality in case
you need to join with another table or do an aggregation, but it
significantly reduces the amount of boilerplate code needed to create a
basic store
2024-03-08 10:39:29 +01:00
Mateusz Kwasniewski
8f2631e418
feat: stabilize global frontend api cache (#6466) 2024-03-08 08:41:22 +01:00
Jaanus Sellin
7b402ad6b3
feat: create global repository for frontend repositories (#6460)
Co-authored-by: kwasniew <kwasniewski.mateusz@gmail.com>
2024-03-07 16:48:52 +02:00
Gastón Fournier
5b87ca6b75
chore: consider execution limits per minute and actions limit per (#6462)
## About the changes
Define a schema that works both for the frontend and the backend to
define soft limits in the resource usage.
2024-03-07 13:02:49 +01:00
Ivar Conradi Østhus
9cb116af39
fix: only release migration lock if acquired (#6454)
We should not try to release the migration lock if where unable to
acquire it. By trying to close it when we have not successfully
connected to the database we end up hanging for a while before the
process is eventually killed.

I did not add a better error-message, as Unleash now gives a better
error stack and crashes immediate if you start without a database
password. We should still consider if you need to specify db credentials
or not. Technically it is possible to have a postgres without a password
(but it is likely not common).



Closes: #6408
2024-03-07 11:58:05 +01:00
Gastón Fournier
2cd80d31f8
chore: remove compiler warnings from create-config (#6459)
## About the changes
Some changes to fix compiler errors in create-config
2024-03-07 11:44:59 +01:00
Gastón Fournier
feb6825023
chore: add a generic error for limit's exeeded (#6452)
## About the changes
We don't have a meaningful error for limits established by the
application. This could be a good starting point.

The error code is 400 cause I couldn't find anything better. 

The name of the error was picked from UnleashApiErrorTypes:
2d8e9f87ff/src/lib/error/unleash-error.ts (L4-L34)
2024-03-06 19:17:31 +01:00
Ivar Conradi Østhus
2185742b1d
fix: clone feature toggle should not copy createdAt (#6442)
This is a small fix to avoid that cloning a feature toggle also clones
the "createdAt" field, which does not make sense.

fixes: #6426
2024-03-06 09:03:50 +01:00
Jaanus Sellin
ae38b81af1
chore: remove archived column from features table (#6431)
This column has not been used for 1.5 years and was replace by
**archived_at** column and people still get confused of why this is not
working as name suggests. Removing this column to remove technical debt.
2024-03-05 22:28:47 +02:00
andreas-unleash
1915b77b9b
Feat: add metrics summary columns to flag trends (#6440)
Adds the metrics summary trend columns to flag_trends table.
These will be populated with the rest of the weekly aggregations

Closes
[1-2139](https://linear.app/unleash/issue/1-2139/add-the-summary-columns-to-flag-trends-table)

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-03-05 16:49:17 +02:00
Gastón Fournier
e8e1d6e9f0
fix: path metric labels (#6400)
## About the changes
Some of our metrics are not labeled correctly, one example is
`<base-path>/api/frontend/client/metrics` is labeled as
`/client/metrics`. We can see that in internal-backstage/prometheus:

![image](https://github.com/Unleash/unleash/assets/455064/0d8f1f40-8b5b-49d4-8a88-70b523e9be09)

This issue affects all endpoints that fail to validate the request body.
Also, endpoints that are rejected by the authorization-middleware or the
api-token-middleware are reported as `(hidden)`.

To gain more insights on our api usage but being protective of metrics
cardinality we're prefixing `(hidden)` with some well known base urls:
https://github.com/Unleash/unleash/pull/6400/files#diff-1ed998ca46ffc97c9c0d5d400bfd982dbffdb3004b78a230a8a38e7644eee9b6R17-R33

## How to reproduce:
Make an invalid call to metrics (e.g. stop set to null), then check
/internal-backstage/prometheus and find the 400 error. Expected to be at
`path="/api/client/metrics"` but will have `path=""`:
```shell
curl -H"Authorization: *:development.unleash-insecure-client-api-token" -H'Content-type: application/json' localhost:4242/api/client/metrics -d '{
  "appName": "bash-test",
  "instanceId": "application-name-dacb1234",
  "environment": "development",
  "bucket": {
    "start": "2023-07-27T11:23:44Z",
    "stop": null,
    "toggles": {
      "myCoolToggle": {
        "yes": 25,
        "no": 42,
        "variants": {
          "blue": 6,
          "green": 15,
          "red": 46
        }
      },
      "myOtherToggle": {
        "yes": 0,
        "no": 100
      }
    }
  }
}'
```
2024-03-05 15:25:06 +01:00
Christopher Kolstad
a44c3a3fa7
task: added scim id to user (#6439)
SCIM synchronizations requires a stable id no matter how many changes
are made to username and email (our other unique fields). In addition,
exposing internal incremented database ids to an external service (our
current id field) feels insecure. Our plan is to create either a uuidv7
or ulid when scim operations are performed against the user, so the
external scim provisioner has a stable globally unique id to use to
refer to the users they're modifying.
2024-03-05 14:48:19 +01:00
Mateusz Kwasniewski
5d00157b7c
refactor: segment in feature oriented architecture (#6434) 2024-03-05 14:45:41 +01:00
andreas-unleash
dc7a715386
Fix: add created at to environment type trends (#6437)
Add created_at to environment_type_trends table for easy sorting

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-03-05 15:10:13 +02:00
Mateusz Kwasniewski
454f44dec5
refactor: Switch client feature toggles to segment read model (#6425) 2024-03-05 11:15:22 +01:00
andreas-unleash
62361847f5
Feat: add enviroment type trends table (#6432)
Creates the environment_type_trends table to store aggregated metrics

Closes: #
[1-2124](https://linear.app/unleash/issue/1-2124/create-the-table-to-store-weekly-aggregation)

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-03-05 10:51:32 +02:00
Mateusz Kwasniewski
095b6eca84
refactor: playground uses segment read model (#6424) 2024-03-05 08:34:26 +01:00
Jaanus Sellin
ce8e15347c
refactor: segment-store getAll refactor, move mappers out of main method. (#6423)
For `getAll` method, kept only sql queries and moved mappers into
separate functions.
No change in logic, just refactoring.
2024-03-04 16:54:55 +02:00
Mateusz Kwasniewski
f3df7269cb
refactor: segment read model used in proxy-repository (#6421) 2024-03-04 15:48:30 +01:00
Mateusz Kwasniewski
14796aedc1
refactor: segment read model used in export-import (#6418) 2024-03-04 13:25:16 +01:00
Nuno Góis
68729333e0
chore: rename incoming webhooks to signals (#6415)
https://linear.app/unleash/issue/2-1994/ui-feature-rename-adapt-the-signals-ui
https://linear.app/unleash/issue/2-1996/rename-feature-in-the-code-base

Implements the feature rename to Signals by adapting the code base and
UI.
2024-03-04 12:08:05 +00:00
Nuno Góis
b3e31c09a1
chore: rename incoming webhooks to signals (DB) (#6413)
https://linear.app/unleash/issue/2-1997/rename-feature-in-the-db

Renames the **incoming webhooks** feature to **signals** in the DB.

Also adds a `description` column to `action_sets`, so we can match the
new designs.
2024-03-04 10:28:19 +00:00
Jaanus Sellin
a4a604aebb
feat: application environment level warnings (#6407)
![image](https://github.com/Unleash/unleash/assets/964450/5e93dfd6-e1c0-48dd-a3c6-587889096510)
2024-03-01 14:09:55 +02:00
Mateusz Kwasniewski
677beb190a
feat: outdated SDKs UI (#6391) 2024-02-29 15:48:44 +01:00
Jaanus Sellin
b4a8b0f780
feat: application environment ordered and timeago min time (#6374) 2024-02-29 14:11:56 +02:00
Mateusz Kwasniewski
1acb4bbb36
feat: outdated sdk detection (#6381) 2024-02-29 11:30:56 +01:00
Mateusz Kwasniewski
68095916e8
fix: relax trends tables constraints (#6386) 2024-02-29 10:56:14 +01:00
Mateusz Kwasniewski
5a80d5e026
fix: project client metrics trends remove invalid insert (#6385) 2024-02-29 09:52:58 +01:00
Christopher Kolstad
0887999dd0
fix: setRolesForUser and setRolesForGroup role check (#6380)
In order to stop privilege escalation via
`/api/admin/projects/:project/users/:userId/roles` and
`/api/admin/projects/:project/groups/:groupId/roles` this PR adds the
same check we added to setAccess methods to the methods updating access
for these two methods.

Also adds tests that verify that we throw an exception if you try to
assign roles you do not have.

Thank you @nunogois for spotting this during testing.
2024-02-29 09:38:32 +01:00
Jaanus Sellin
df93827002
feat: remove applications from project list that do not exist (#6377) 2024-02-28 16:26:53 +02:00
Christopher Kolstad
c9e7bec690
task: upgrade edge banner now toggleable by flag (#6363)
So, since our assumption about client instances ended up being wrong (or, less than stable).
This PR moves the EdgeUpgradeBanner to be displayed if the featureflag
displayEdgeBanner is enabled. That way, if customers comes back and says
they have upgraded but still get the banner, we can remove them from the
segment.
2024-02-28 14:06:46 +01:00
Jaanus Sellin
7af7b32bd5
feat: application overview ux improvements (#6371)
1. Added navigation from environments to instances
2. Last seen is now shown as TimeAgo
3. Added icons for total environments and features
4. Fixed schema


![image](https://github.com/Unleash/unleash/assets/964450/4d0a51a9-7141-4854-ada9-72676e42239c)
2024-02-28 12:39:33 +02:00
andreas-unleash
74c760bf4c
chore: remove changeRequestConflictHandling flag (#6364)
What it says on the tin

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-02-28 10:16:35 +02:00
Mateusz Kwasniewski
b82a650dab
feat: connected instances support query param for env (#6362) 2024-02-28 08:57:34 +01:00
Gastón Fournier
70499dc1d4
feat: allow api token middleware to fetch from db (#6344)
## About the changes
When edge is configured to automatically generate tokens, it requires
the token to be present in all unleash instances.
It's behind a flag which enables us to turn it on on a case by case
scenario.

The risk of this implementation is that we'd be adding load to the
database in the middleware that evaluates tokens (which are present in
mostly all our API calls. We only query when the token is missing but
because the /client and /frontend endpoints which will be the affected
ones are high throughput, we want to be extra careful to avoid DDoSing
ourselves

## Alternatives:
One alternative would be that we merge the two endpoints into one.
Currently, Edge does the following:
If the token is not valid, it tries to create a token using a service
account token and /api/admin/create-token endpoint. Then it uses the
token generated (which is returned from the prior endpoint) to query
/api/frontend. What if we could call /api/frontend with the same service
account we use to create the token? It may sound risky but if the same
application holding the service account token with permission to create
a token, can call /api/frontend via the generated token, shouldn't it be
able to call the endpoint directly?

The purpose of the token is authentication and authorization. With the
two tokens we are authenticating the same app with 2 different
authorization scopes, but because it's the same app we are
authenticating, can't we just use one token and assume that the app has
both scopes?

If the service account already has permissions to create a token and
then use that token for further actions, allowing it to directly call
/api/frontend does not necessarily introduce new security risks. The
only risk is allowing the app to generate new tokens. Which leads to the
third alternative: should we just remove this option from edge?
2024-02-27 16:08:44 +01:00
andreas-unleash
9101c39eb7
chore: remove scheduledConfigurationChanges flag (#6360)
What is says on the box

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-02-27 14:57:34 +02:00
Simon Hornby
43b013ff2f
chore: add a flag for scim (#6361) 2024-02-27 14:33:57 +02:00
Mateusz Kwasniewski
c049374a25
chore: remove new strategy configuration flag (#6335) 2024-02-27 11:23:49 +01:00
David Leek
f351ad821b
chore: set proxy-repo interval to 45mins instead of 20secs (#6340)
Since we're polling for updates to max revision id every second, and
listening for update events for revision id in the proxy repository then
running a refresh interval of 20secs in the proxy repo refresh seems
excessive.

This PR changes the frequency of the refresh to once per 45mins.
2024-02-26 14:32:56 +01:00
Mateusz Kwasniewski
91c08593a6
feat: app env instances api (#6339) 2024-02-26 14:27:44 +01:00
Jaanus Sellin
3b7b816b44
feat: application missing strategies (#6334)
Now also showing missing strategies, that SDK sends, but do not exist in
Unleash.
2024-02-26 12:59:50 +02:00
Jaanus Sellin
89d113f1ff
feat: application missing features backend (#6330)
This PR adds a property issues to application schema, and also adds all
the missing features that have been reported by SDK, but do not exist in
Unleash.
2024-02-26 12:26:01 +02:00
Jaanus Sellin
1633722877
feat: updating last seen now will create instance if does not exist (#6328) 2024-02-26 10:08:28 +02:00
Jaanus Sellin
822851814a
feat: application overview issues schema (#6329) 2024-02-23 13:01:49 +02:00
andreas-unleash
7a08a121f0
feat: create the project-metrics-summary-trends table (#6313)
Adds a migration to create and fill the `project_metrics_summary_trends`

This table is to be used in enterprise to update the metrics data daily
per project (after the aggregation of the hourly data)

Driving force for this was doing performance testing on the executive
dashboard.
This will allow to remove the expensive query to aggregate the data on
demand and will drop the total response time from 2.5sec to 125ms
(measurements done with 100 Projects, 10000 features and over 1M rows in
`client_metrics_env_daily`

Closes #
[1-2080](https://linear.app/unleash/issue/1-2080/create-the-project-metrics-summary-trends-table)

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-02-22 17:21:08 +02:00
Jaanus Sellin
fb63f21d8a
feat: project applications paging backend (#6312) 2024-02-22 15:35:16 +02:00
David Leek
adb6f61015
chore: proxy repository load features metrics (#6314)
## About the changes

- Adds createHistogram
- Adds histogram metrics for proxy-repositorys loading features
2024-02-22 14:29:21 +01:00
David Leek
3bfafcf87e
chore: remove redundant check for project names in db (#6311)
Skips the fetching project names from db part in the proxy-repository
that was done when the token had ALL_PROJECTS
2024-02-22 13:44:47 +01:00
Mateusz Kwasniewski
81ab77cf7c
feat: schema for paginated applications (#6309) 2024-02-22 12:18:23 +01:00
Jaanus Sellin
3c4457af00
feat: application overview backend (#6303) 2024-02-22 08:20:57 +02:00
Nuno Góis
6246459926
chore: db drop action_states (#6300)
Follow up to: https://github.com/Unleash/unleash/pull/6298

We no longer need this table, since it was superseded by `action_events`
and is no longer used.
I believe it's safe to drop this table right away since the feature is
not being used yet.
2024-02-21 17:32:08 +00:00
Nuno Góis
4a4d5388d9
chore: action_set_events db table migration (#6298)
https://linear.app/unleash/issue/2-1962/implement-new-action-events-logic

Adds a new `action_set_events` table for the new action events logic.

Even though observable events are technically immutable, we're storing
the observable event along with the action set event. This allows us to
avoid 1 join while allowing us to persist action set event information
after deleting observable events, if we wish to do so at a later stage.
2024-02-21 14:02:19 +00:00
Jaanus Sellin
7baed29c07
feat: application overview schema (#6295) 2024-02-21 12:59:55 +02:00
David Leek
869e33138b
chore: adds killswitch to scheduled per sec caches (#6291)
## About the changes

Adds killswitches to update revision id and publish unpublished events
2024-02-21 10:12:23 +01:00
Mateusz Kwasniewski
e5c07f00cb
feat: rate limit password reset attempts (#6257) 2024-02-21 08:49:54 +01:00
Nuno Góis
17c0d7137f
chore: add action state db indexes (#6283)
Adds some relevant indexes to `action_states`, useful for our new
"action events" query.
2024-02-20 15:45:33 +00:00
Christopher Kolstad
7350c91a1e
fix: display all roles if we can't get project roles 2024-02-20 16:23:25 +01:00
Christopher Kolstad
e9d9db17fe
feat: Adding Project access requires same role (#6270)
In order to prevent users from being able to assign roles/permissions
they don't have, this PR adds a check that the user performing the
action either is Admin, Project owner or has the same role they are
trying to grant/add.

This addAccess method is only used from Enterprise, so there will be a
separate PR there, updating how we return the roles list for a user, so
that our frontend can only present the roles a user is actually allowed
to grant.

This adds the validation to the backend to ensure that even if the
frontend thinks we're allowed to add any role to any user here, the
backend can be smart enough to stop it.

We should still update frontend as well, so that it doesn't look like we
can add roles we won't be allowed to.
2024-02-20 15:56:53 +01:00
Gastón Fournier
9c156ac31f
chore: avoid printing out warnings from known frontend proxies (#6271)
## About the changes
Our frontend API creates new instances of unleash-client-proxy. Because
this is by-design, we don't want to log a warning that was designed to
warn users about potential misconfiguration of Unleash Proxy.

As an extra, I'm renaming ProxyController to FrontendAPIController to
better reflect the intent of this controller.
2024-02-20 11:27:21 +01:00
Jaanus Sellin
03929e3031
feat: project applications UI (#6260)
![image](https://github.com/Unleash/unleash/assets/964450/a1129857-820c-4e93-ac59-ef5f4743d774)
2024-02-19 09:50:53 +02:00
Nuno Góis
5f781b4c8f
refactor: better prom metric helper types (#6261)
Improves typing in our Prometheus metric helpers.
2024-02-16 15:11:29 +00:00
Tymoteusz Czech
b02f8005f1
migration: flag-trends - add users column (#6254)
Add `users` column to per-project trends.
2024-02-16 15:42:47 +01:00
Gastón Fournier
7a48fb57a6
feat: permission matrix (PoC) (#6223)
## About the changes
This is a rough initial version as a PoC for a permission matrix. 

This is only available after enabling the flag `userAccessUIEnabled`
that is set to true by default in local development.

The access was added to the users' admin page but could be embedded in
different contexts (e.g. when assigning a role to a user):

![image](https://github.com/Unleash/unleash/assets/455064/3f541f46-99bb-409b-a0fe-13f5d3f9572a)


This is how the matrix looks like

![screencapture-localhost-3000-admin-users-3-access-2024-02-13-12_15_44](https://github.com/Unleash/unleash/assets/455064/183deeb6-a0dc-470f-924c-f435c6196407)

---------

Co-authored-by: Nuno Góis <github@nunogois.com>
2024-02-16 14:31:33 +01:00
Ivar Conradi Østhus
4a81f0932f
fix: Allow AuthType None to use valid API tokens (#6247)
Fixes ##5799 and #5785

When you do not provide a token we should resolve to the "default"
environment to maintain backward compatibility. If you actually provide
a token we should prefer that and even block the request if it is not
valid.

An interesting fact is that "default" environment is not available on a
fresh installation of Unleash. This means that you need to provide a
token to actually get access to toggle configurations.


---------

Co-authored-by: Thomas Heartman <thomas@getunleash.io>
2024-02-16 08:24:56 +00:00
Mateusz Kwasniewski
f0d5c8e3d1
fix: include first day of range in the extended metrics (#6245) 2024-02-16 08:36:25 +01:00
Nuno Góis
e4649e6421
chore: add call incoming webhook rate limit metric (#6252)
Follow up to https://github.com/Unleash/unleash/pull/6248 - Add this
rate limit to metrics.


![image](https://github.com/Unleash/unleash/assets/14320932/6b458f5d-2e13-4ac4-8331-7950e7784585)
2024-02-15 17:05:52 +00:00
David Leek
cb53df6176
chore: emit PROXY_REPOSITORY_CREATED event when creating new repo (#6251)
## About the changes

- Emits a new event on the eventBus when Proxy-service creates a new
repository for a frontend token
- Adds a prometheus metrics counter for created proxy-repositories


![image](https://github.com/Unleash/unleash/assets/707867/85a84fa7-4f03-4dc1-b0ba-3ffd2477045b)
2024-02-15 14:58:48 +01:00
Nuno Góis
ef8d2edcc0
chore: rate limit calling inc webhooks (#6248)
https://linear.app/unleash/issue/2-1942/rate-limit-incoming-webhooks-call-endpoint

Adds a configurable rate limit to calling incoming webhooks. We're
setting a 1RPS limit for now, but I'm open to suggestions.
2024-02-15 10:25:32 +00:00
Jaanus Sellin
8dc27204d1
feat: add gen:api:clean for clean orval schemas (#6244)
Created a build script that generates orval schemas with automatic
cleanup. Also generating new ones.

1. yarn gen:api **(generates schemas)**
2. rm -rf src/openapi/apis **(remove apis)**
3.  sed -i '1q' src/openapi/index.ts **(remove all rows except first)**
2024-02-15 11:45:35 +02:00
Mateusz Kwasniewski
2999f8df2d
fix: remove jitter from time sensitive scheduled jobs (#6240) 2024-02-14 15:10:44 +01:00
Jaanus Sellin
3d77825493
feat: project applications server side paging and sorting and filtering (#6236)
Uses exactly same pattern as search-store. Nothing too crazy here.
Most code is in tests.
2024-02-14 13:03:44 +02:00
Thomas Heartman
7eb9a01bda
chore: extract and export type used by CR emails (#6234)
This change takes the (now rather involved) type used to send CR
schedule suspension emails and extracts it into a proper exported type.

This will allow us to import it in enterprise as well instead of
redefining it.
2024-02-14 10:38:13 +09:00
Thomas Heartman
e366e48b4c
feat: support environment variant updates in email service (#6183)
This change updates the email service's `sendScheduleSuspendedEmail`
method to support environment variants being changed.
2024-02-14 10:11:39 +09:00
Jaanus Sellin
eb5d7a3788
feat: sdk reporting flag and e2e test (#6216)
1. Add flag
2. Add e2e test with more complete example
3. Some bug fixes
2024-02-13 14:13:21 +02:00
Nicolae Socaciu
12d2a1ba63
fix-css-update-for-CR-email-template (#6186)
Fix: removing a css line that was blocking some style
Improvement: clean up some unnecessary comments 

Before the fix:

![image](https://github.com/Unleash/unleash/assets/103567375/7a94c20d-ea7c-40cd-b207-128ab5674e97)


after:

![image](https://github.com/Unleash/unleash/assets/103567375/11ebb46e-c724-4b38-91f6-f2f3e4aff9e6)
2024-02-13 10:16:25 +09:00
Jaanus Sellin
5a75093cbc
feat: project applications e2e PoC (#6189)
1. Adding store layer
2. Updating schemas
3. Refactoring project files that I touched into feature oriented
architecture

Next steps E2E tests.
2024-02-12 16:00:59 +02:00
David Leek
ccd2fee4ee
feat: implement a store for stat_traffic_data (#6190)
## About the changes

Implements a new store for collected traffic data usage that connects to
the new table `stat_traffic_data` primary key'd on [day, trafficGroup,
status_code_series].

Day being a date
Traffic group being which endpoint is being counted for, ie /api/admin,
/api/frontend etc
Status code series grouping 2xx status responses and 304 into their
respective 200 / 300 series.

No service here, this is for pro/enterprise
2024-02-12 08:39:51 +01:00
Fredrik Strand Oseberg
260ef70309
Feat/UI error observability (#6169)
This PR adds an endpoint to Unleash that accepts an error message and
option error stack and logs it as an error. This allows us to leverage
errors in logs observability to catch UI errors consistently.

Considered a test, but this endpoint only accepts and logs input, so I'm
not sure how useful it would be.
2024-02-09 13:07:44 +01:00
Jaanus Sellin
4972b9686c
feat: project applications controller/service layer (#6184)
Just adding controller/service layer, connecting with schema.
Next PR will implement store and e2e tests.
2024-02-09 13:18:26 +02:00
David Leek
1b1bde8aec
chore: add migration for traffic data collection (#6171)
## About the changes

Adds migration for creating table `stat_traffic_usage`.
This table primary-keys on day, traffic_group, and status_code_series.
Adds individual indexes for day, traffic_group, and status_code_series.

Traffic group is the grouping for API endpoints for which traffic is
counted.
status_code_series is 200/202 etc = 200, 304 etc = 300
2024-02-09 09:58:58 +01:00
Nuno Góis
4c1dfbefa7
chore: clean up customRootRolesKillSwitch (#6173)
https://linear.app/unleash/issue/2-1308/remove-customrootroleskillswitch-flag

Cleans up the `customRootRolesKillSwitch` flag.
2024-02-09 08:41:40 +00:00
Gastón Fournier
fa3352786a
chore: reimplementation of app stats (#6155)
## About the changes
App stats is mainly used to cap the number of applications reported to
Unleash based on the last 7 days information:
cc2ccb1134/src/lib/middleware/response-time-metrics.ts (L24-L28)

Instead of getting all stats, just calculate appCount statistics

Use scheduler service instead of setInterval
2024-02-08 17:15:42 +01:00
Jaanus Sellin
4a4196c66a
feat: preliminary project applications schema (#6152)
Currently keeping flat structure and separate out into multiple
requests(schemas) if needed.
In future, we will also add dates.
2024-02-08 16:16:55 +02:00
David Leek
bb2f88980c
chore: add feature flag for request counting inside Unleash (#6164)
## About the changes

Adds the feature flag for use in request traffic counting
2024-02-08 14:46:54 +01:00
Jaanus Sellin
ecc200bf8a
feat: add index on events for faster revision id (#6170)
On all pods and instances, we run the same revision update query every
second. It is relatively fast when the application has started. This is
the single most ran query in unleash.
Benchmarks:

1. Running pod with existing revisionID:
  - old 5.5ms
  - new 0.028ms

2. New pod without existing revisionID
 - old 9.329ms
 - new 0.033ms



This query is getting optimized


7e66a79f9f/src/lib/features/events/event-store.ts (L161)
2024-02-08 14:11:58 +02:00
Jaanus Sellin
bc7d4b8edb
feat: add partial index on client_applications annouced FALSE (#6166)
We have customers with tens or hundreds of thousands of applications,
and we have a scheduler running that sets application fields to
`announced` as true. However, every time it runs, it queries the entire
table, which is slow and causes database connection acquisition issues.
To make it faster, we added a partial index to the table.
2024-02-08 10:57:10 +02:00
Thomas Heartman
c43d7c0653
chore: update schedule emails to handle suspensions and segment updates (#6145)
This PR updates the change request email sending method to handle the
recent changes we have made. That means that the email now:
- says that change requests have been suspended instead of saying that
application will fail.
- handles cases where segments or strategies have been updated causing
potential conflicts.

I have updated the email templates and made some adjustments to the
email sending method. To make the transition from one to the other
easier, I have kept the original method as an interim solution until
enterprise has switched over.
2024-02-08 17:30:42 +09:00
andreas-unleash
59a736f56b
chore: add inMemoryScheduledChangeRequests flag (#6151)
What it says on the box

Closes #
[1-2030](https://linear.app/unleash/issue/1-2030/create-inmemoryscheduledchangerequests-flag)

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-02-07 16:35:14 +02:00
Jaanus Sellin
b9a8280177
fix: now archived features are not marked as stale anymore (#6149) 2024-02-07 12:53:25 +02:00
Mateusz Kwasniewski
7e9958d8b6
feat: sdk with double start prevention (#6146) 2024-02-07 10:01:05 +01:00
Gastón Fournier
c69f41e4ce
fix: error logging properly (#6144) 2024-02-06 16:39:57 +01:00
Jaanus Sellin
b45f7be680
fix: default featureSearchFeedback to false (#6137)
We need to turn it false, because if it is true, it will not get any
variants.

This solution is hacky, but good for now.
2024-02-06 15:10:27 +00:00
Mateusz Kwasniewski
cc060b7a4c
fix: proxy repository error handling (#6142) 2024-02-06 15:44:25 +01:00
Gastón Fournier
067d130a8b
chore: memoizee active tokens (#6135)
## About the changes
getAllActive from api-tokens store is the second most frequent query

![image](https://github.com/Unleash/unleash/assets/455064/63c5ae76-bb62-41b2-95b4-82aca59a7c16)

To prevent starving our db connections, we can cache this data that
rarely changes and clear the cache when we see changes. Because we will
only clear changes in the node receiving the change we're only caching
the data for 1 minute.

This should give us some room to test if this solution will work

---------

Co-authored-by: Nuno Góis <github@nunogois.com>
2024-02-06 15:14:08 +01:00
Mateusz Kwasniewski
6d94036683
fix: disable double start (#6141) 2024-02-06 13:39:57 +01:00
Christopher Kolstad
3bea6bbd20
fix: filter out service and system users from inactive users list (#6134) 2024-02-05 16:41:51 +01:00
Christopher Kolstad
1da59abb2d
fix: inactive users query was too wide (#6133)
Knex wasn't formatting the query like I expected. This changes the query
to use more AND, less ORs
2024-02-05 14:31:04 +00:00
Christopher Kolstad
ea38877b0c
feat: List and delete inactive users
Adds a new Inactive Users list component to admin/users for easier cleanup of users that are counted as inactive: No sign of activity (logins or api token usage) in the last 180 days.

---------

Co-authored-by: David Leek <david@getunleash.io>
2024-02-05 14:07:38 +01:00
Ivar Conradi Østhus
897500dd54
fix: version-service should not use process.nextTick (#6124)
In the beginning we used process.nextTick() as a trick to load some data
initally in the constructor of a service.

This is a bad pattern and we should generally avoid any async operations
in the constructor. Today we have two alternatives:

1. Defer loading until data is needed (wrap it in async)
2. Use the schdule-service.
2024-02-05 11:24:37 +01:00
Ivar Conradi Østhus
354b88383c
fix: schduler-service graceful shutdown (#6125)
When a stop signal is sent to Unleash the scheduler-service should
cancel any scheduled jobs. This also applies to the job scheduled for
initial execution with jitter.


We observed that initial jobs was executed after the database
connections are terminated. This appears after v5.9.0 of Unleash.

```
Error: aborted
    at Object.queryBuilder (/unleash/node_modules/knex/lib/knex-builder/make-knex.js:112:26)
    at createQueryBuilder (/unleash/node_modules/knex/lib/knex-builder/make-knex.js:320:26)
    at EventStore.knex [as db] (/unleash/node_modules/knex/lib/knex-builder/make-knex.js:101:12)
    at EventStore.setUnannouncedToAnnounced (/unleash/node_modules/unleash-server/dist/lib/features/events/event-store.js:286:33)
    at EventStore.publishUnannouncedEvents (/unleash/node_modules/unleash-server/dist/lib/features/events/event-store.js:293:35)
    at EventAnnouncer.publishUnannouncedEvents (/unleash/node_modules/unleash-server/dist/lib/services/event-announcer-service.js:9:32)
    at runScheduledFunctionWithEvent (/unleash/node_modules/unleash-server/dist/lib/features/scheduler/scheduler-service.js:30:23)
    at Timeout.<anonymous> (/unleash/node_modules/unleash-server/dist/lib/features/scheduler/scheduler-service.js:50:27)
    at runNextTicks (node:internal/process/task_queues:60:5)
    at process.processTimers (node:internal/timers:509:9)
```
2024-02-05 11:04:13 +01:00
Gastón Fournier
1d18187f7d
chore: split metrics by request type (#6119)
## About the changes
Queries on client-feature-toggle store have many purposes depending on
the requestType, making the query more complex or not depending on the
use case. Also, each use case has different frequencies (i.e. playground
is expected to be used rarely).

The name for the store metrics was wrong, copy&pasted from:

7b04db0547/src/lib/features/feature-toggle/feature-toggle-store.ts (L107)

Which was also present in feature-tag metrics:

7b04db0547/src/lib/db/feature-tag-store.ts (L37)

With this, we'll have more granularity to understand the execution time
and frequency of each
2024-02-05 09:01:42 +01:00
Ivar Conradi Østhus
77b7cb03e9
fix: maintenance mode should assume disable if db call fails. (#6120)
Usually maintenance mode is disabled. If the call throws, which we see a
lot of when a unleash instance is in terminating state, we should return
a default value.

By having it throw inside of the memoizee function, the response is not
cached, and it will trigger new calls until it return a cachable result.
2024-02-03 09:17:11 +01:00
Ivar Conradi Østhus
c76c8f135a
Fix/check maintenance flag once per minute (#6118)
## About the changes
Every schedule job will now check if maintenance is enabled. This ends
up querying the settings table in the db at least once per second per
running unleash instance. This small fix caches this query for 60
seconds to reduce the load somewhat.

We should reconsider this solution for the long term, but this will be a
great improvement on the short term.


**Logs after this fix running locally.** 
We can observe that we resolve settings from the DB once per minute. 

![image](https://github.com/Unleash/unleash/assets/158948/c313cf38-8d86-4b86-a0ba-4f4df60d50d6)


Also we should consider giving a warning in section where you enable
maintenance mode that it can take up to a minute to propagate.
2024-02-03 07:30:22 +01:00
Jaanus Sellin
0cf8396ec2
feat: add posted feedback table (#6113)
The page can only be navigated if you know direct url `/feedback`


![image](https://github.com/Unleash/unleash/assets/964450/6018a6c0-9fee-4fb2-9b68-2d3e87674441)
2024-02-02 15:39:29 +02:00
Nuno Góis
db0a0d7097
refactor: PATs (#6101)
https://linear.app/unleash/issue/SR-379/refactor-pats

This PR refactors PATs.

- Adds a new `createPatSchema`, which better aligns with
https://docs.getunleash.io/contributing/ADRs/overarching/separation-request-response-schemas
- Drops the model type and class in favor of using the schema types
directly, which is more consistent with the rest of the codebase and
easier to maintain
 - Misc scouting, improvement and fixes

This breaks Enterprise temporarily, but it's faster to move forward this
way.
2024-02-01 14:28:46 +00:00
Jaanus Sellin
bb02ffd8c4
feat: A/B test search feedback variants (#6085)
Search was not getting any feedback. We introduced 3 different variants
to compare conversion rate.


![image](https://github.com/Unleash/unleash/assets/964450/9c4fbcd6-c6d9-4570-9a08-9321087f609a)

![image](https://github.com/Unleash/unleash/assets/964450/6d643d48-1dcb-4a67-9951-7f0c6865f31d)

![image](https://github.com/Unleash/unleash/assets/964450/423dbd54-5dd1-409c-9cd5-295edb9453d9)
2024-01-31 14:32:23 +02:00
David Leek
fcb8bf6918
chore: scheduled created-by migrations metrics (#6089)
## About the changes

the created_by_user_id data migration from resolving events.created_by
(for both events and features) now emits events on how many rows were
updated.

Adds listeners for these events that records these metrics with
prometheus


![image](https://github.com/Unleash/unleash/assets/707867/3bb02645-0919-4a9a-83fe-a07383ac0be1)
2024-01-31 12:30:42 +01:00
Mateusz Kwasniewski
f298d7d511
feat: scheduler overrun protection (#6082) 2024-01-31 09:41:36 +01:00
Thomas Heartman
73322f12f7
chore: remove detectSegmentUsageInChangeRequests flag (#6080)
What it says on the tin. Removes all uses of the
detectSegmentUsageInChangeRequests flag.
2024-01-31 17:24:35 +09:00
Jaanus Sellin
d7eb950f3a
chore: remove featureSearchAPI flag (#6081) 2024-01-31 10:01:31 +02:00
Jaanus Sellin
c6a2303026
chore: remove featureSearchFrontend flag (#6066) 2024-01-31 09:22:26 +02:00
Mateusz Kwasniewski
ccc41dca4e
feat: scheduler init jitter (#6071) 2024-01-30 15:49:35 +01:00
Mateusz Kwasniewski
55b2bb4813
feat: expose project time to production for project flag trends (#6068) 2024-01-30 13:28:20 +01:00
Mateusz Kwasniewski
82e84ec14d
feat: migration for health and time_to_production in flag trends (#6067) 2024-01-30 13:28:10 +01:00
Ivar Conradi Østhus
38df2e1831
fix: add instanceName to license display (#6065)
## About the changes
- Shows the instanceName from the license
- add new feature flag `enableLicenseChecker` used to enforce a valid
license.
2024-01-30 11:05:27 +01:00
Nicolae Socaciu
3ff19f3eb6
improve:schedule-execution-failed-email (#6051)
Improving the email template design


![image](https://github.com/Unleash/unleash/assets/103567375/0c62c1de-6d13-42b8-9898-4567be6ff2aa)

- @andreas-unleash i need you to fix the button for the change request
in case it's not correct like this

- also removing some leftover style from the "scheduled change conflict"
email

---------

Co-authored-by: andreas-unleash <andreas@getunleash.ai>
2024-01-30 11:13:15 +02:00
Fredrik Strand Oseberg
7d6d4064a8
feat: connect dashboard static widgets to data (#6062)
This PR connects the static widgets to actual data
2024-01-30 10:07:16 +01:00
Jaanus Sellin
832884b4f5
fix: admin token should be passed forward from controllers (#5960)
We were sending `user.id` to the service, but if an admin token is used,
there is no `user.id.` Instead, there is
`user.internalAdminTokenUserId`. so we need to use the special method
`extractUserIdFromUser`.

This PR adds this implementation, and now the service correctly
retrieves the appropriate ID for admins.

Related to: https://github.com/Unleash/unleash/pull/5924
2024-01-30 11:03:15 +02:00
David Leek
9d2c65c9c0
chore: events created by userid migration (#6027)
## About the changes

Schedules a best-effort task setting the value of
events.created_by_user_id based on what is found in the created_by
column and if it's capable of resolving that to a userid/a system id.
The process is executed in the events-store, it takes a chunk of events
that haven't been processed yet, attempts to join users and api_tokens
tables on created_by = username/email, loops through and tries to figure
out an id to set. Then updates the record.

---------

Co-authored-by: Gastón Fournier <gaston@getunleash.io>
2024-01-30 08:22:53 +01:00
David Leek
c08ac86c5f
chore: filter on token username and user id in SQL instead (#6061)
## About the changes

Change the sorting of features to migrate created_by_user_id for, and
filter out unresolvable feature/users

Query tested manually in enterprise
2024-01-29 15:14:44 +01:00
David Leek
bbebd293e5
chore: add a migration that removes incorrectly set sysuserid (#6032)
## About the changes

Resets created_by_user_id on events incorrectly marked as -1337 when an actual user has been set in created_by column, to clean up after a bug
2024-01-29 09:16:18 +01:00
David Leek
e652af49af
chore: default the data migration flag for createdbyuserid to false (#6048)
## About the changes

Sets data migration of features and events created_by_user_id to
disabled by default

Map to promise and await all in created by user id migration for features
2024-01-29 08:07:33 +01:00
andreas-unleash
4a2d1b0364
fix: return 400 when enabling env of archived toggle (#6049)
Creates a new ArchivedFeatureError.
Throw this error when trying to toggle a feature environment for an
archived feature.

Closes
https://github.com/orgs/Unleash/projects/8/views/1?pane=issue&itemId=51242922

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-01-26 16:02:17 +02:00
Mateusz Kwasniewski
a1fa5a4212
feat: flag trends db migration (#6044) 2024-01-26 14:37:15 +01:00
Mateusz Kwasniewski
9b281ca508
feat: stale flags count per project (#6043) 2024-01-26 12:04:43 +01:00
Christopher Kolstad
32dd377c3e
fix: Use knex whereLike instead of whereRaw to fix escaping (#6041)
This escape with `??` double escaped the LIKE query causing no results.
This updates to using whereLike, which does the correct escaping for
string query.
2024-01-26 10:44:53 +01:00
David Leek
c7f13aec0b
chore: implement created_by_user_id in features (#5994)
## About the changes

Adds a scheduled task that every 5 seconds updates 500 entries in the
features table setting `created_by_user_id`.
It does this by looking at the related event, checks created_by and
joins users table for match on username or email, and joins api_tokens
table on username matches. Then picks either a users id if set, or uses
-42 (admin token user)
2024-01-25 13:09:30 +01:00
Mateusz Kwasniewski
8ab4aa3d0e
feat: user trends migration (#6030) 2024-01-25 12:56:29 +01:00
David Leek
0045fcbcdf
chore: replace systemUser -1 with new -1337 system user (#5999)
## About the changes
This PR replaces the old systemUser -1 in user-service.ts with the new
SYSTEM_USER -1337 and adds a migration to move events created_by = -1 to
-1337


## Discussion points
Does it make sense to do both of these things? Or should we skip the
migration? How would this behave in a large system with hundreds of
thousands of events, should this be split up?
2024-01-25 11:19:39 +01:00
andreas-unleash
8f3275ee40
chore: change users image_url column to text (#6031)
Change the image_url column to text

Closes #
https://github.com/orgs/Unleash/projects/8/views/1?pane=issue&itemId=51021534

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-01-25 11:40:18 +02:00
andreas-unleash
89bea0d532
fix: clone variants (featureEnv and strategy) when cloning an env (#6026)
Fixes 2 bugs
- Strategy variants
- Feature env variants 
not being cloned when cloning an environment

Closes #
[SR-350](https://linear.app/unleash/issue/SR-350/cloning-environment-does-not-clone-variants-or-strategy-variants)

Manual test verifies the fix
<img width="1659" alt="Screenshot 2024-01-24 at 16 48 28"
src="https://github.com/Unleash/unleash/assets/104830839/ba9fc9b8-e792-47bb-b6e8-660350384ea8">
<img width="1408" alt="Screenshot 2024-01-24 at 16 48 10"
src="https://github.com/Unleash/unleash/assets/104830839/1e2d5287-35d0-42d2-9ab2-8caa313bd5a8">

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-01-25 10:53:43 +02:00
Mateusz Kwasniewski
41351a694e
refactor: Instance stats service composition root (#6029) 2024-01-25 09:11:26 +01:00
Christopher Kolstad
17d826ddf4
task: Add banner encouraging edge upgrade (#6018)
Only triggers if there is any rows in client instances that have

    sdk_version: unleash-edge with version < 17.0.0

The function that checks this memoizes the check for 10 minutes to avoid
scanning the client instances table too often.
2024-01-24 14:22:48 +00:00
Christopher Kolstad
3acdfc2cf4
task: Make /edge/metrics toggleable by toggle (#6003)
Previously we used a killswitch and returned 404 if the feature was
enabled. This flips that to a default disabled toggle, that has to be
turned on to handle old Edge (pre 17.0.0) posting bulk metrics
2024-01-24 14:09:03 +01:00
Nuno Góis
331033408c
fix: flag resolver get variant (#6020)
https://linear.app/unleash/issue/2-1880/fix-flag-resolver-getvariant-behavior

Fixes the flag resolver `getVariant` behavior when there's a variant
object set in `experimental` - The flag resolver should call the
external resolver `getVariant` when not overridden to be true, even if
set as variant object in `experimental`.

Related: https://github.com/Unleash/unleash/pull/3808
2024-01-24 11:53:04 +00:00
Gastón Fournier
cee2500a4d
feat(2-1879): add enabled to action sets (#6023)
## About the changes
Adds enabled to action sets table
2024-01-24 12:52:04 +01:00
Tymoteusz Czech
68eb3dec07
fix: upgrade unleash-client to v5.3.0 (#5800) 2024-01-24 09:12:07 +01:00
Gastón Fournier
9f550331ce
chore: validate all tables have primary keys (#6005)
## About the changes
This is a helpful reminder to have primary keys in all our tables.

Related to [#4303](https://github.com/Unleash/unleash/issues/4303)
2024-01-23 16:38:16 +01:00
Gastón Fournier
82ac5a47ad
chore: This helps output the migrations being applied (#6004)
## About the changes
This outputs to console.log but should be indexable:

![image](https://github.com/Unleash/unleash/assets/455064/cb696936-7060-447d-b22d-ff62b4dbcbc3)
2024-01-23 16:01:36 +01:00
andreas-unleash
cc5a4cbe33
fix: add unleash to default email sender string (#6002)
Adds "Unleash" to the "noreply@getunleash.io" for default email sender

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-01-23 14:32:40 +02:00
Gastón Fournier
db93ab57f0
chore: remove flagResolver option (#6001)
## About the changes
This option is not referenced in the code

I believe its original intent was to be able to override flagResolver,
but it's currently not being used:

a46f54f48a/src/lib/create-config.ts (L490-L491)

Instead, we're using `experimental`, `flags`, and `externalResolver`


a46f54f48a/src/lib/create-config.ts (L64-L73)


f63581c03a/src/lib/util/flag-resolver.ts (L12-L20)
2024-01-23 13:16:32 +01:00
Gastón Fournier
f63581c03a
fix: enabled lock check (#5997)
We should use the enhanced flagResolver
Tested locally:
```
9:44:13 AM - Starting compilation in watch mode...
[dev:backend] 
[dev:backend] 
[dev:backend] 9:44:26 AM - Found 0 errors. Watching for file changes.
[dev:backend] [2024-01-23T09:44:27.498] [INFO] server-impl.js - DB migration: start
[dev:backend] [2024-01-23T09:44:27.499] [INFO] server-impl.js - Running migration with lock
[dev:backend] [2024-01-23T09:44:29.884] [INFO] server-impl.js - DB migration: end
```
2024-01-23 10:46:48 +01:00
Gastón Fournier
0b1d565dad
chore: add logs (#5996)
Validate we're not using locks
2024-01-23 10:24:58 +01:00
Fredrik Strand Oseberg
60d2176efa
feat: add option to use variants with feedback (#5986)
This PR will allow us to use a feature flag with variants to control
whether or not we should show the comments field of the feedback form.
This will allow us to see whether we can increase feedback collection if
we reduce the load on the customer.
2024-01-22 13:14:27 +01:00
Gastón Fournier
c5afa8ff11
fix: unauthorized disable feature (#5982)
## About the changes
This was spotted while testing automated actions. Steps to reproduce:

1. Add an editor user
2. Get a PAT for the editor user
3. As Admin create a feature in a project where the editor user is not a
member and enable the feature
4. Try using the editor's PAT to modify the feature
5. As the editor create a project (you'd be made owner) and try the same
request but just change the project name for the new project just
created (don't change anything else)

**Expected behavior**: you can't disable the feature
**Actual behavior**: the feature is disabled

This does not happen when trying to turn on a flag because during the
turn-on process we do validate if the feature belongs to project when we
call updateStrategy:
c18a7c0dc2/src/lib/features/feature-toggle/feature-toggle-service.ts (L1751-L1764)
2024-01-22 12:50:14 +01:00
Gastón Fournier
8ba5cdced1
feat: add action states (#5983)
## About the changes
Add action states table without an index yet
2024-01-22 11:49:35 +01:00
Nuno Góis
5253482f61
refactor: add typesafe wrappers for prom client metrics (#5969)
https://linear.app/unleash/issue/2-1856/add-typesafe-wrappers-over-prom-clients-metrics

As discussed on the latest knowledge sharing session, this adds typesafe
wrappers over prom client's metrics, requiring us to specify all the
configured labels for each metric.

This uses a functional approach and only exposes the methods that are
currently relevant to us, while also exposing the underlying instance of
the metric for an easy access if needed.

Since we often chain `labels` with `inc` in counters, this adds a
convenience `increment` method for counters which does both in a single
call.
2024-01-19 14:51:29 +00:00
Nicolae Socaciu
7b30ab09d2
Fix email template scheduled change conflict (#5957)
Fixing the mobile template (this is before the fix)
- reducing padding around the content
- fixing line-height for the content
- fixing the footer links  

![image](https://github.com/Unleash/unleash/assets/103567375/dbe88f5a-a798-4fd4-ab42-543689605043)
2024-01-19 14:57:00 +02:00
Gastón Fournier
80bc4e05a2
chore: add types to pat middleware (#5951)
Add proper types
2024-01-18 14:36:42 +01:00
Nuno Góis
3dd188e77c
refactor: shared url_safe_basic constant (#5952)
Uses a new `URL_SAFE_BASIC` regex constant that checks for characters
that are commonly used in URL path sections: alphanumeric lowercase
characters, dashes and underscores.

This will allow us to re-use this constant in our server-side
validation.
2024-01-18 12:33:33 +00:00
Gastón Fournier
b91df61994
chore: re use extract user methods (#5947)
## About the changes
1. Re-use existing methods in extract-user.ts:
70f6a07f2c/src/lib/features/events/event-service.ts (L93-L101)
2. Move event-service and event-store to features/event
3. Add export default in previous paths for backward compatibility:
70f6a07f2c/src/lib/services/event-service.ts (L1-L4)
and
70f6a07f2c/src/lib/db/event-store.ts (L1-L4)
2024-01-18 13:15:21 +01:00
Jaanus Sellin
605125fbb5
feat: add primary keys to missing tables (#5943)
Follow up of https://github.com/Unleash/unleash/issues/4303

We are adding primary keys to all tables missing them, currently
**role_permission**, **api_token_project**, and **project_stats**.
By adding primary keys, the issue with migrations failing during
upgrades in replicated database setups will be resolved.
2024-01-18 13:52:51 +02:00
Tymoteusz Czech
4b02d6aa9c
Executive Dashboard page setup (#5949) 2024-01-18 12:32:25 +01:00
Mateusz Kwasniewski
d3215335c9
feat: metrics periods expressed in days (#5928) 2024-01-18 11:54:20 +01:00
Christopher Kolstad
86b5f108d0
fix: feature toggle update total needs 4 labels (#5946)
So, this was causing a lot of ERROR in our logs, due to the metric
having gotten an extra label the last month.

Two things for this fix.
1. add the missing label to the two calls that did not have it added
2. update the log line to include the error as another argument to the
logger, so we actually get a stacktrace from the error.
2024-01-18 11:00:56 +01:00
Christopher Kolstad
fa72ced1e5
feat: added more granular project permissions (#5932)
### What
Adds Read and Write permissions for project administration settings
(user access, change request settings, default strategy, other).

### Why
On request from two large customers that wanted our RBAC controls to be
more granulated to easier be able to limit the access they granted their
users.
2024-01-18 09:57:44 +01:00
Gastón Fournier
ceaaf3d0f3
feat: admin token calls get an admin token user (#5924)
## About the changes
Whenever we get a call from an admin token we want to associate it with
the [admin token
user](4d42093a07/src/lib/types/core.ts (L34-L41)).
This should give us the needed audit for this type of calls that
currently were lacking a user id (we only stored a string with the token
name in the event log).

We consciously decided not to use `id` as the property to prevent any
unforeseen side effects. The reason is that only `IUser` type has an id
and adding an id to `IApiUser` might lead to confusion.
2024-01-17 16:55:59 +01:00
Daniel Brooks
1392b10727
fix(import): making all imports relative and removing baseUrl (#5847)
Co-authored-by: Simon Hornby <liquidwicked64@gmail.com>
2024-01-17 15:33:03 +02:00
andreas-unleash
60813acb09
fix: make the conflcit email template button conditionally render (#5931)
Makes the schedule conflict email button conditional to having the link
present.

Closes #
[1-1950](https://linear.app/unleash/issue/1-1950/modify-the-template-to-make-the-new-button-conditional)

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
2024-01-17 13:26:07 +00:00
Jaanus Sellin
ee08bd8d42
chore(deps): update dependency @types/supertest to v6 (#5926)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-17 13:36:17 +02:00
Thomas Heartman
bbaf574841
chore: add flag to experimental.ts (#5925)
This change adds the new changeRequestConflictHandling flag to Unleash.
2024-01-17 09:55:58 +00:00
Christopher Kolstad
2b1111044f
feat: added killswitch for admin tokens (#5905)
Since we've now added PAT's we really do recommend switching to those,
or for enterprises, we recommend using service accounts.

Admin tokens have an obvious disadvantage in that they're not connected
to any user, so actions performed by them are harder to audit.

This PR adds a killswitch for turning it off, in preparation for
deprecating them and ultimately removing them in the future.
2024-01-17 10:27:36 +01:00
Mateusz Kwasniewski
16691d72d7
refactor: metrics in feature oriented architecture (#5919) 2024-01-17 09:14:31 +01:00
Gastón Fournier
04e55831e3
chore: add another system user for admin tokens (#5915)
## About the changes
This admin token user will help us differentiate actions performed by
the system from actions performed with an admin token.

Events created with an admin token should have the id of this user as
createdByUserId property and the username of the token used as the
createdBy property. i.e.
```json
{
  "id": 11,
  "type": "pat-created",
  "createdBy": "admin-token",
  "createdAt": "2024-01-16T13:16:27.887Z",
  "createdByUserId": -42,
  "data": {
    "description": "admin-pat",
    "expiresAt": "2024-02-15T13:16:25.586Z",
    "secret": "***",
    "userId": 1
  },
  "preData": null,
  "tags": [],
  "featureName": null,
  "project": null,
  "environment": null
}
```
2024-01-16 19:28:36 +01:00
Nicolae Socaciu
9f72030578
Updated scheduled-change-conflict (#5908)
Updating the UI of the email template

Closes #
[1-1940](https://linear.app/unleash/issue/1-1940/improve-scheduled-change-conflict-template)

Before

![image](https://github.com/Unleash/unleash/assets/103567375/bf6804dc-b4cc-4187-8a8f-c97dd9245faf)


After:

![image](https://github.com/Unleash/unleash/assets/103567375/de9eb257-d747-47c3-996d-e58a7a3aa84f)

---------

Signed-off-by: andreas-unleash <andreas@getunleash.ai>
Co-authored-by: andreas-unleash <andreas@getunleash.ai>
2024-01-16 16:12:25 +02:00
Mateusz Kwasniewski
f6c0624869
feat: prevent double daily metrics insert (#5906) 2024-01-16 13:52:56 +01:00
Mateusz Kwasniewski
af4c3a86d1
fix: should not import archived child and parent (#5912) 2024-01-16 13:42:25 +01:00
Gastón Fournier
9989688d36
chore: missing export (#5911)
## About the changes
Overlooked on https://github.com/Unleash/unleash/pull/5910
2024-01-16 13:35:57 +01:00
Gastón Fournier
2ddc56927e
chore: centralize events service creation (#5910)
## About the changes
EventsService is a dependency in most of our services. This creates
helper methods to create them easily and replace a few places where
we're creating them manually
2024-01-16 13:11:28 +01:00
Gastón Fournier
317e0e7ecd
feat: event types for actions (#5907)
Define event types for actions
2024-01-16 11:59:09 +01:00
Nuno Góis
aeb9c85f11
chore: delete unnecessary column permission_id (#5413)
Follows up on https://github.com/Unleash/unleash/pull/5409 and drops
this column, since it's no longer used.
See: https://github.com/Unleash/unleash/pull/5409#discussion_r1404112310

Should only be merged after ~~`5.7`~~ `5.8` has been released.
2024-01-16 10:56:22 +00:00