Per-environment Instance ID for GitLab Feature Flag (or graceful token rotation)
In GitLab Feature Flag, Instance ID for clients are generated per project. Since clients on each environment uses the same instance id, it's hard to rotate the token as it breaks all of the instances immediately.
- There are two environments,
- Setup a feature flag client to each environment, which uses the same Instance Id
- Create a feature flag called
productionenvironment scopes. It works fine for now.
- It turned out that the Instance ID
ABC123on stanging server is compromised. The operators rotates a token, and reconfigure stanging environment with the new token.
productionenvironment can no longer fetch feature flags. It's out of control.
- The operators reconfigure the production environment with the new token as well. Now it's recovered.
- Introduce a per-environment instance ID, Or
- Allow to have multiple tokens in order to rotate tokens with zero-downtime.