All notable changes to the LaunchDarkly Relay will be documented in this file. This project adheres to Semantic Versioning.
- The prebuilt Linux Docker image contained version 1.1.1c of
openssl, which had several known security vulnerabilities. The image now contains version 1.1.1g ofopenssl, and also uses the more current 3.12.0 version of the Alpine Linux distribution rather than 3.10.2. - Fixed instabilities in the CI build.
- The configuration section of
README.mdmistakenly referred toMinTlsVersionandMIN_TLS_VERSIONasMinTlsLevelandMIN_TLS_LEVEL. This release simply fixes the documentation error; the behavior of Relay Proxy has not changed.
- There is a new configuration option for specifying the lowest allowable TLS version, when using the Relay Proxy as a secure server. This is
MinTlsVersionin the[Main]section of the configuration file, or the variableMIN_TLS_VERSIONif using environment variables. For instance, setting this option to1.2means that all requests from clients must use TLS 1.2 or higher.
- There is a
clientSideAvailabilityproperty which will be sent by LaunchDarkly services in the future as an alternate way of indicating whether a flag is enabled for use by client-side/mobile JavaScript SDKs. Previous versions of the Relay Proxy did not support this property, so the more detailed availability features being added to the LaunchDarkly dashboard would not work for applications that connected through a Relay Proxy. This version adds that support.
- Updated the README to have updated usage guidance and to fix outdated links.
- When proxying events, events that were received from JavaScript browser clients via the special image-loading endpoint (used if the browser does not support CORS) could be lost.
- When Prometheus metrics are enabled, the
/metricsendpoint that Relay provides for the Prometheus agent to query was being added globally usinghttp.Handle; that meant that if an application used Relay as a library, and usedhttp.ListenAndServewith the default handler, it would have a/metricsendpoint on its own port. This has been fixed so the endpoint is only defined on the Prometheus exporter's port. - Stream reconnections now use a backoff delay with jitter, instead of a fixed delay.
- Relay now sets the header
X-Accel-Buffering: noon all streaming responses. If you are using Nginx as a proxy in front of Relay, this tells Nginx to pass streaming data through without buffering; if you are not using Nginx, it has no effect. (#90)
- When using a persistent data store such as Redis, if the database was unavailable when Relay initially started and made its first stream connection, a bug caused Relay to give up on retrying and remain in a failed state. This has been fixed so that it will retry the stream connection once it detects that the database is available again (or, if using infinite caching mode, it will leave the same stream connection open and write the already-cached data to the database).
- When Prometheus metrics were enabled, Relay was exposing
/debug/pprof/endpoints from Go'snet/http/pprofon the port used by the Prometheus exporter (prior to v5.6.0, these were also exposed on the main port). These were not part of the Prometheus integration and have been removed, and Relay no longer usesnet/http/pprof. - CI builds now verify that Relay builds correctly in all supported Go versions (1.8 through 1.14).
- When forwarding events, Relay is now able to forward diagnostic data that is sent by newer versions of the SDKs. This has no effect on its behavior with older SDKs.
- Updated to Go SDK 4.14.2 to fix a bug that could cause spurious "feature store query returned unexpected type" errors to be logged.
- For connections from JavaScript browser SDK versions 2.16.1 and above, Relay now supports CORS requests that include new request headers sent by those SDK versions.
- When forwarding events, Relay now specifies a uniquely identifiable request header when sending events to LaunchDarkly to ensure that events are only processed once, even if Relay sends them two times due to a failed initial attempt.
- When running Relay as a systemd service, the
ld-relay.servicefile incorrectly specified the process start-up type asforking. Relay does not fork; the correct type issimple.
- Relay's logging format was extremely inconsistent: depending on whether a message was related to a specific environment or not, the fields would be in different order and the timestamp was not always at the beginning of the line. This has been normalized so the timestamp (with microseconds) is always first, followed by a tag that is either
[env: name-of-environment]or[main], then a level such asINFO:, and then the message. (#85) - The proxy URL parameter was not working in the case of a regular HTTP/HTTPS proxy, as opposed to an NTLM proxy. The standard Go environment variable
HTTPS_PROXYdid work. Both are now usable.
- When forwarding events from the PHP SDK, Relay was not preserving additional information related to experimentation features (supported in PHP SDK 3.6.0 and above). As a result, some flag rules might be included in experimentation data in the LaunchDarkly UI when those rules were not selected to be included. Events from other SDKs were not affected.
- Added ability to specify DynamoDB endpoint URL for a local instance (
urlproperty indynamodbconfig section, orDYNAMODB_URLenvironment variable). (#82)
- Fixed a regression that broke the Prometheus exporter in the 5.8.2 release.
- Updated to a newer version of the OpenCensus Prometheus exporter. (Thanks, mightyguava)
- When using a persistent feature store (Redis, etc.), if multiple clients request flags at the same time when the flag data is not in the cache, Relay will coalesce these requests so only a single database query is done.
- The
READMEincorrectly referred to an environment variable asDYNAMODB_ENABLEDwhen it is reallyUSE_DYNAMODB. (Thanks, estraph!) - Updated the Alpine base image in the Docker build because some packages in the old image had vulnerabilities. This was previously thought to have been completed in Relay 5.7.0, however, the initial attempt at this version bump was incomplete.
- It is now possible to specify an infinite cache TTL for persistent feature stores by setting the cache TTL to a negative number, in which case the persistent store will never be read unless Relay restarts. See "Persistent storage" in
README.md.
- When using a persistent store with an infinite cache TTL (see above), if Relay receives a feature flag update from LaunchDarkly and is unable to write it to the persistent store because of a database outage, it will still update the data in the in-memory cache so it will be available to the application. This is different from the existing behavior when there is a finite cache TTL: in that case, if the database update fails, the in-memory cache will not be updated because the update would be lost as soon as the cache expires.
- When using a persistent store, if there is a database error (indicating that the database may be unavailable, or at least that the most recent update did not get persisted), Relay will continue to monitor the database availability. Once it returns to normal, if the cache TTL is finite, Relay will restart the LaunchDarkly connection to ensure that it receives and persists a full set of flag data; if the cache TTL is infinite, it will assume the cache is up to date and will simply write it to the database. See "Persistent storage" in
README.md.
- The
exitAlwaysconfiguration property (orEXIT_ALWAYS) variable causes the Relay Proxy to quit as soon as it has initialized all environments. This can be used for testing (just to make sure everything is working), or to perform a single poll of flags and put them into Redis or another database. - The endpoints used by the PHP SDK (when it is not in LDD mode) were not previously supported. They are now. There is a new
ttlMinutesproperty to configure caching behavior for PHP, similar to the TTL property on the LaunchDarkly dashboard. (#68) - The
logLevelconfiguration properties (orLOG_LEVELandLD_LOG_LEVEL_EnvName) allow you to request more or less verbose logging. - If debug-level logging is enabled, the Relay Proxy will log every incoming HTTP request. (#51)
- Log messages related to a specific environment are now prefixed with
[env: EnvironmentName](whereEnvironmentNameis the name you specified for that environment in your configuration) rather than[LaunchDarkly Relay (SdkKey ending with xxxxx)](wherexxxxxwas the last 5 characters of the SDK key).
- Updated Alpine base image in Docker build because some packages in the old image had vulnerabilities. (Thanks, e96wic!)
- Fixed a CI build problem for Go 1.8.
- Enabling TLS for Redis as a separate option was not working; it would only work if you specified a
rediss://secure URL. Both methods now work. (#71)
- You can now specify a proxy server URL in the configuration file, or in a Docker environment variable.
- Also, Relay now respects the standard Go environment variables
HTTP_PROXYandHTTPS_PROXY. - You may specify additional CA certificates for outgoing HTTPS connections.
- Relay now supports proxy servers that use NTLM authentication.
- You may specify a Redis password, or turn on TLS for Redis, without modifying the Redis URL.
- See
README.mdfor details on configuring all of the above features.
- Extracted
Configstructs so that they could be configured programmatically when Relay is used as a library. (Thanks, mightyguava!)
- The endpoints used by the client-side JavaScript SDKs were incorrectly returning all flags, rather than only the flags with the "client-side" property (as the regular LaunchDarkly service does). (#63)
- Added documentation for the
REDIS_URLenvironment variable to the README.
- Replaced import paths for
gopkg.in/launchdarkly/go-client.v4withgopkg.in/launchdarkly/go-server-sdk.v4. The newer import path reflects the new repository URL for the LaunchDarkly Server-side SDK for Go.
- When proxying events, the Relay now preserves information about what kind of platform they came from: server-side, mobile, or browser. Previously, it delivered all events to LaunchDarkly as if they were server-side events, which could cause your usage statistics to be wrong. (#53)
- The
docker-entrypoint.shscript, which is meant to run with anysh-compatible shell, contained somebashsyntax that does not work in every shell. - If the configuration is invalid because more than one database is selected (e.g., Redis + DynamoDB), the Relay will report an error. Previously, it picked one of the databases and ignored the others.
- Clarified documentation about persistent feature stores, and boolean environment variables.
- The relay now supports additional database integrations: Consul and DynamoDB. As with the existing Redis integration, these can be used to store feature flags that will be read from the same database by a LaunchDarkly SDK client (as described here), or simply as a persistence mechanism for the relay itself. See
README.MDfor configuration details. - It is now possible to specify a Redis URL in
$REDIS_URL, rather than just$REDIS_HOSTand$REDIS_PORT, when running the Relay in Docker. (Thanks, lukasmrtvy!)
- When deployed in a Docker container, the relay no longer runs as the root user; instead, it creates a user called
ldr-user. Also, the configuration file is now in/ldrinstead of in/etc. (Thanks, sdif!)
- Fixed a bug that would cause the relay to hang after the LaunchDarkly client finished initializing, if you had previously queried any relay endpoint before the client finished initializing (e.g. if there was a delay due to network problems and you checked the status resource during that delay).
- Return flag evaluation reasons for mobile and client-side endpoints when
withReasons=truequery param is set. - Added support for metric collection configuration in docker entrypoint script. Thanks @matthalbersma for the suggestion.
- Fix internal relay metrics event field.
- Use latest go client (4.3.0).
- Preserves the "client-side-enabled" property of feature flags so that the new SDK method AllFlagsState() - which has an option for selecting only client-side flags - will work correctly when using the relay.
- Ensure that server-side eval endpoints don't panic (work around gorilla mux bug)
- Strip trailing slash that was breaking default urls for polling and streaming.
- If set X-LaunchDarkly-User-Agent will be used instead of the User-Agent header for metrics.
- Documentation improvements.
- The Relay now supports the streaming endpoint used by current mobile SDKs. It does not fully proxy the stream, but will send an event causing mobile SDKs to re-request their flags when flags have changed.
- Route metrics are now tagged correctly with the route name.
- Datadog exporter now works with 32-bit builds.
- The Relay now supports exporting metrics and traces to Datadog, Prometheus, and Stackdriver. See the README for configuration instructions.
- Packages intended for internal relay use are now marked as internal and no longer accessible exsternally.
- The package is now released using goreleaser.
- The Redis server location-- and logical database-- can now optionally be specified as a URL (
urlproperty in[redis]section) rather than a hostname and port. - The relay now sends usage metrics back to LaunchDarkly at 1-minute intervals.
- The /sdk/goals/ endpoint now supports caching and repeats any headers it received to the client.