Skip to content

mlafeldt/launchdarkly-dynamo-store

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

DynamoDB Store for LaunchDarkly's Go SDK

CircleCI GoDoc

Note: LaunchDarkly has implemented its own DynamoDB store based on the one I started here.


This project provides the building blocks that, taken together, allow you to create a serverless flag storage pipeline for LaunchDarkly as described in this presentation.

By caching feature flag data in DynamoDB, LaunchDarkly clients don't need to call out to the LaunchDarkly API every time they're created. This is useful for environments like AWS Lambda where workloads can be sensitive to cold starts.

To that end, the following building blocks are provided:

Architecture

The Serverless Service

The service is based on the Serverless Framework. In addition to the serverless command-line tool, you can use the accompanied Makefile for convenience.

Here's how to deploy and operate the service in AWS:

# Set AWS credentials and region
$ export AWS_ACCESS_KEY_ID=...
$ export AWS_SECRET_ACCESS_KEY=...
$ export AWS_REGION=...

# Write your LaunchDarkly SDK key to the AWS Parameter Store. The service uses
# this key to talk to the LaunchDarkly API, but really any client might use it.
$ aws ssm put-parameter --name /launchdarkly/staging/sdkkey --value $SDK_KEY --type SecureString --overwrite

# Deploy a service that handles feature flags for the staging environment
$ make deploy ENV=staging
$ make staging  # shortcut

# Invoke the service manually
$ serverless invoke --function store --stage staging

# Print the webhook URL (see "LaunchDarkly Webhook Configuration" below)
$ make url ENV=staging

# Show service logs
$ make logs-store ENV=staging

# Remove the service and its resources from AWS
$ make destroy ENV=staging

To set up a service for caching production flags, replace all occurrences of staging with production.

Also note that staging is the default environment, which means you may omit ENV=staging.

LaunchDarkly Webhook Configuration

We want LaunchDarkly to invoke our serverless service every time a feature flag (or segment) is modified. This ensures that the data cached in DynamoDB stays up-to-date.

To achieve this, we need to set up a webhook in LaunchDarkly (listed under Integrations). The webhook configuration is straightforward: paste the output of make url into the URL field and use the following JSON document as the Policy:

[
  {
    "resources": [
      "proj/*:env/staging:flag/*"
    ],
    "actions": [
      "*"
    ],
    "effect": "allow"
  },
  {
    "resources": [
      "proj/*:env/staging:segment/*"
    ],
    "actions": [
      "*"
    ],
    "effect": "allow"
  }
]

(For production, replace staging accordingly.)

Optional: Webhook Signature Verification

LaunchDarkly can also sign webhook payloads so you can verify that requests are generated by LaunchDarkly and not some rogue third party.

To enable webhook signature verification, configure a Secret in the LaunchDarkly UI. Then write that same secret to the Parameter Store and redeploy the serverless service for it to validate all future webhook requests:

$ aws ssm put-parameter --name /launchdarkly/staging/webhooksecret --value $SECRET --type SecureString --overwrite
$ make staging

(For production, replace staging accordingly.)

Author

This project is being developed by Mathias Lafeldt.

Releases

No releases published

Packages

No packages published