Skip to content

Support Create/Read/Destroy operations in Feature Flag API

Shinya Maeda requested to merge introduce-feature-flag-api into master

What does this MR do?

This MR introduces the following endpoints:

GET    /api/:version/projects/:id/feature_flags(.:format)                - Get all feature flags of a project
POST   /api/:version/projects/:id/feature_flags(.:format)                - Create a new feature flag
GET    /api/:version/projects/:id/feature_flags/:name(.:format)          - Get a feature flag of a project
DELETE /api/:version/projects/:id/feature_flags/:name(.:format)          - Delete a feature flag

This MR also cleans up multiple technical debts:

  • Finder preloads the relations (scope) by default. This is for preventing from accidental N+1.
  • Have permission check on Services. This ensures that we always check the executor's permission level. This is especially important in the next MR !18368 (merged).
  • Fixed bunch of false-positive specs.

Feature flag




  • Schema check in ee/spec/requests/api/feature_flags_spec.rb


Does this MR meet the acceptance criteria?


Performance and Testing


If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • [-] Label as security and @ mention @gitlab-com/gl-security/appsec
  • [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Shinya Maeda

Merge request reports