This document describes how to configure Flipt’s storage backend mechanisms.
/var/opt/flipt/flipt.db
on
Linux and ~/Library/Application Support/flipt/flipt.db
on macOS.migrate
command that will run any pending
database migrations for you.
By default Flipt will run your application data migrations. You can run migrations on your analytical databases by specifying the --database=analytics
flag to the migrate command.
If Flipt is started and there are pending migrations, you will see the following
error in the console:
flipt migrate
to ensure that
no data is lost if an error occurs during migration.$HOME/flipt
is just used as an example, you can use any directory you would
like on the host.local
backend has been primarily developed to support a local
development experience, whereas, the git
, object
and oci
backends are
intended for production use.read-only
mode that prevents Flipt from writing to the backend. This is useful for production environments where you want to ensure that flag state is only managed via the configured backend.
read-only
mode by setting the
FLIPT_STORAGE_READ_ONLY
environment variable to true
, or setting
storage.read_only
to true
in your configuration.git
type backend is used to configure a target Git repository and Git reference to source feature flag state.
The configuration contains fields for addressing the repository, configuring the target reference as well as adding authentication credentials.
Once a target repository and reference are configured, Flipt will poll the source repository on a periodic cadence.
This cadence is also configurable and defaults to 30 seconds.
Flipt will follow the configured reference and keep up to date with new changes.
Flipt supports the following reference types:
static
(default): Flipt will use the reference provided in the configuration.semver
: Flipt will use the latest reference that matches the semver pattern (e.g. v1.0.*
).git
type backend supports both basic
, token
and ssh
based authentication schemes.
GitHub
basic
authentication should be used. GitHub expects you to supply a valid
username
and provide your PAT as the password
parameter.storage.git.authentication.ssh
configuration section:
insecure_ignore_host_key
is not encouraged for production use, and is
false
by default. Instead, you are advised to put the key fingerprint in the
known hosts file where you are running Flipt. For example, for GitHub you can
do ssh-keyscan github.com >> ~/.ssh/known_hosts
on the Flipt host.git
backend also supports configuring where the Git repository is cloned to.
By default, Flipt will clone the repository to an in-memory filesystem, but you can configure a local directory to clone the repository to which is useful for relieving memory pressure especially for large repositories.
git
and local
backend types, the same rules apply with regard to how Flipt will locate feature flag state in your target bucket.
See the section below on Flag State Configuration for how Flipt decides which files in a target are considered for serving flag state.
With the object storage backend, Flipt will respect a file at the root of the target with the name .flipt.yml
to serve as an index for locating flag state configuration in the bucket.
It will also use the same default strategy when the index isn’t supplied (e.g. file name features.yml
or *.features.yml
).
v1.31.0
, Flipt supports using any OCI compatible registry as a declarative backend source.
Flipt has its own custom OCI manifest format (we call them bundles
), which can be built and managed using the Flipt CLI.
1.1
) to work correctly.In this case, you can set the FLIPT_STORAGE_OCI_MANIFEST_VERSION
environment variable or storage.oci.manifest_version
configuration property to the desired version (e.g. 1.0
).See this issue for more information.1.40.0
, Flipt offers two authentication methods:
FLIPT_STORAGE_OCI_AUTHENTICATION_TYPE
environment variable or the storage.oci.authentication.type
configuration property to aws-ecr
.
Additionally, make sure your compute instance or container has a role with permissions to pull from ECR.**/features.yaml
**/features.yml
**/*.features.yaml
**/*.features.yml
features.yaml
, features.yml
, or with either extension .features.yaml
or .features.yml
is considered recursively from the root of your target.
If this naming convention doesn’t work for you, it can be overridden by creating a file named .flipt.yml
in the root of your target directory tree. This file will be used to instruct Flipt on how to index your directory tree and find flag state files:
include
and exclude
. These can contain specific paths or glob-matching patterns.
The indexing process first matches the include
section and then filters that are set by the exclude
section.
flipt export
on your existing Flipt instance, and then
add/commit the result to a directory, object storage, or Git repository to get started.
This can be used to migrate from a relational database-backed instance of Flipt to a filesystem-backed deployment with ease.