-
Notifications
You must be signed in to change notification settings - Fork 466
ci(GHA): Collect feature flag code references using flagsmith/ci #6590
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
b16c67a
We're [almost] GA now!!!
emyller cf0dbdc
DROPME: Run new workflow from PR
emyller 43db6aa
Improve CI workflow naming
emyller ad95118
Update tool usage
emyller 513cb90
Update code references on every PR merge
emyller 2bae9de
Make permissions explicit
emyller 936f4a8
Merge remote-tracking branch 'github/main' into ci/use-flagsmith-ci
emyller 247d1ef
Soft code
emyller a55d9be
:rocket:
emyller 5b90578
Add docs
emyller d2bf26b
Merge remote-tracking branch 'github/main' into ci/use-flagsmith-ci
emyller f064648
Add missing screenshot caption
emyller 198df6f
Revert "DROPME: Run new workflow from PR"
emyller File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| name: Code references | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| collect-code-references: | ||
| name: Collect | ||
| uses: Flagsmith/ci/.github/workflows/collect-code-references.yml@v1.0.0 | ||
| permissions: | ||
| contents: read # For scanning feature flag code references | ||
| with: | ||
| flagsmith_project_id: ${{ fromJSON(vars.FLAGSMITH_PROJECT_ID) }} | ||
| flagsmith_admin_api_url: https://api.flagsmith.com | ||
| secrets: | ||
| flagsmith_admin_api_key: ${{ secrets.FLAGSMITH_CODE_REFERENCES_API_KEY }} | ||
This file was deleted.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,137 @@ | ||
| --- | ||
| title: Code References | ||
| sidebar_label: Code References | ||
| sidebar_position: 30 | ||
| --- | ||
|
|
||
| Integrate with Code References to track feature flag usage in your codebase, and unlock new functionality in Flagsmith: | ||
|
|
||
| - Identify the impact of each feature across multiple repositories | ||
| - Navigate through the business logic in the code from a feature's perspective | ||
| - Coordinate cleanup work around stale feature flags easier | ||
|
|
||
|  | ||
|
|
||
| <p style={{textAlign: 'center', fontSize: '0.9em', color: 'gray', marginTop: '-1.5rem'}}>Code Reference counts displayed in Features list</p> | ||
|
|
||
| :::info | ||
|
|
||
| We currently only offer integrating with GitHub. Support to other VCS platforms is coming soon. | ||
|
|
||
| ::: | ||
|
|
||
| --- | ||
|
|
||
| ## Integrate with GitHub | ||
|
|
||
| ### Simple configuration | ||
|
|
||
| For most cases, our [reusable workflow](https://github.com/Flagsmith/ci/blob/main/.github/workflows/collect-code-references.yml) is enough. | ||
|
|
||
| Add a new GitHub Actions workflow to **each repository** to integrate with Code References: | ||
|
|
||
| ```yaml | ||
| # .github/workflows/flagsmith-code-references.yml | ||
| name: Flagsmith Code references | ||
| on: | ||
| push: | ||
| branches: | ||
| - main # Update references on every update to the default branch | ||
| jobs: | ||
| collect-code-references: | ||
| name: Collect | ||
| uses: Flagsmith/ci/.github/workflows/collect-code-references.yml@v1.0.0 | ||
| permissions: | ||
| contents: read # For scanning feature flag code references | ||
| with: | ||
| flagsmith_project_id: ${{ fromJSON(vars.FLAGSMITH_PROJECT_ID) }} | ||
| flagsmith_admin_api_url: https://api.flagsmith.com # Or your Flagsmith instance URL | ||
| secrets: | ||
| flagsmith_admin_api_key: ${{ secrets.FLAGSMITH_CODE_REFERENCES_API_KEY }} | ||
| ``` | ||
|
|
||
| This workflow needs the following added to [_Settings > Secrets and variables > Actions_](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions) in GitHub: | ||
|
|
||
| - `FLAGSMITH_PROJECT_ID` (variable): obtain from the Flagsmith dashboard URL, e.g. `/project/<id>/...` | ||
| - `FLAGSMITH_CODE_REFERENCES_API_KEY` (secret): obtain from _Organisation Settings > API Keys_ in Flagsmith | ||
|
|
||
| ### Advanced configuration | ||
|
|
||
| If you need a customised workflow, integrating with individual actions is also possible. They can be useful to certain use cases, for example: | ||
|
|
||
| - Customising cloning source code for reference scanning | ||
| - Combining multiple repositories into a single workflow (umbrella repositories) | ||
| - Any other customisation of the integration steps | ||
|
|
||
| ```yaml | ||
| name: Flagsmith Code References | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| jobs: | ||
| collect-code-references: | ||
| name: Collect code references | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read # For scanning feature flag code references | ||
| env: | ||
| FLAGSMITH_ADMIN_API_URL: https://api.flagsmith.com # Or your Flagsmith instance URL | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Fetch feature names | ||
| id: fetch-feature-names | ||
| uses: Flagsmith/ci/.github/actions/fetch-feature-names@v1.0.0 | ||
| with: | ||
| flagsmith_project_id: ${{ vars.FLAGSMITH_PROJECT_ID }} | ||
| flagsmith_admin_api_url: ${{ env.FLAGSMITH_ADMIN_API_URL }} | ||
| flagsmith_admin_api_key: ${{ secrets.FLAGSMITH_CODE_REFERENCES_API_KEY }} | ||
|
|
||
| - name: Scan code references | ||
| id: scan-code-references | ||
| uses: Flagsmith/ci/.github/actions/scan-code-references@v1.0.0 | ||
| with: | ||
| feature_names: ${{ steps.fetch-feature-names.outputs.feature_names }} | ||
|
|
||
| - name: Upload code references | ||
| uses: Flagsmith/ci/.github/actions/upload-code-references@v1.0.0 | ||
| with: | ||
| code_references: ${{ steps.scan-code-references.outputs.code_references }} | ||
| flagsmith_project_id: ${{ vars.FLAGSMITH_PROJECT_ID }} | ||
| flagsmith_admin_api_url: ${{ env.FLAGSMITH_ADMIN_API_URL }} | ||
| flagsmith_admin_api_key: ${{ secrets.FLAGSMITH_CODE_REFERENCES_API_KEY }} | ||
| repository_url: ${{ github.server_url }}/${{ github.repository }} | ||
| revision: ${{ github.sha }} | ||
| ``` | ||
|
|
||
| This workflow needs the following added to [_Settings > Secrets and variables > Actions_](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions) in GitHub: | ||
|
|
||
| - `FLAGSMITH_PROJECT_ID` (variable): obtain from the Flagsmith dashboard URL, e.g. `/project/<id>/...` | ||
| - `FLAGSMITH_CODE_REFERENCES_API_KEY` (secret): obtain from _Organisation Settings > API Keys_ in Flagsmith | ||
|
|
||
emyller marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| --- | ||
|
|
||
| ## How it works | ||
|
|
||
| Code References rely on CI scripts isolated to three steps: | ||
|
|
||
| 1. Fetch feature names from Flagsmith (communicates with Flagsmith API) | ||
| 2. Scan code references for the project's features (**does not** communicate with Flagsmith API) | ||
| 3. Upload code references to Flagsmith (communicates with Flagsmith API) | ||
|
|
||
| :::important | ||
|
|
||
| Integrating with Code References **does not** expose your source code to Flagsmith. Our API only collects file paths, and line numbers, of code locations likely containing a feature flag evaluation. Code scanning is performed locally on the CI runner. | ||
|
|
||
| ::: | ||
|
|
||
| Feature details will expand on the _Code References_ tab, and list locations of each code reference: | ||
|
|
||
|  | ||
|
|
||
| ## Related | ||
|
|
||
| - [Admin API Authentication](/integrating-with-flagsmith/flagsmith-api-overview/admin-api/authentication): Generate API keys for Code References | ||
| - [Flag Lifecycle](/best-practices/flag-lifecycle): Learn when to remove short-lived flags from your code | ||
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.