feat: flagd-provider ssl, socket, deadline, env support (#134)

Signed-off-by: Todd Baert <[email protected]>

Signed-off-by: Todd Baert <[email protected]>

Author: toddbaert

checkstyle.xml

@@ -34,7 +34,7 @@
         <property name="optional" value="true"/>
     </module>
 
-    <!-- Checks for whitespace                               -->
+    <!-- Checks for whitespace -->
     <!-- See http://checkstyle.org/config_whitespace.html -->
     <module name="FileTabCharacter">
         <property name="eachLine" value="true"/>
@@ -46,7 +46,23 @@
         <property name="ignorePattern" value="^package.*|^import.*|a href|href|http://|https://|ftp://"/>
     </module>
 
+    <module name="SuppressWarningsFilter" />
+
     <module name="TreeWalker">
+        <!-- needed for SuppressWarningsFilter -->
+        <module name="SuppressWarningsHolder" />
+        
+        <module name="SuppressWarnings">
+            <property name="id" value="checkstyle:suppresswarnings"/>
+        </module>
+
+        <!-- https://checkstyle.org/config_filters.html#SuppressionXpathFilter -->
+        <module name="SuppressionXpathFilter">
+            <property name="file" value="${org.checkstyle.google.suppressionxpathfilter.config}"
+                        default="checkstyle-xpath-suppressions.xml" />
+            <property name="optional" value="true"/>
+        </module>
+    
         <module name="OuterTypeFilename"/>
         <module name="IllegalTokenText">
             <property name="tokens" value="STRING_LITERAL, CHAR_LITERAL"/>
@@ -223,7 +239,7 @@
             <property name="arrayInitIndent" value="4"/>
         </module>
         <module name="AbbreviationAsWordInName">
-            <property name="ignoreFinal" value="false"/>
+            <property name="ignoreFinal" value="true"/>
             <property name="allowedAbbreviations" value="API" />
             <property name="allowedAbbreviationLength" value="1"/>
             <property name="tokens"
@@ -312,11 +328,5 @@
         <module name="CommentsIndentation">
             <property name="tokens" value="SINGLE_LINE_COMMENT, BLOCK_COMMENT_BEGIN"/>
         </module>
-        <!-- https://checkstyle.org/config_filters.html#SuppressionXpathFilter -->
-        <module name="SuppressionXpathFilter">
-            <property name="file" value="${org.checkstyle.google.suppressionxpathfilter.config}"
-                      default="checkstyle-xpath-suppressions.xml" />
-            <property name="optional" value="true"/>
-        </module>
     </module>
 </module>

pom.xml

@@ -114,12 +114,34 @@
             <version>${junit.jupiter.version}</version>
             <scope>test</scope>
         </dependency>
+
         <dependency>
             <groupId>org.junit.platform</groupId>
             <artifactId>junit-platform-suite</artifactId>
             <version>1.8.1</version>
             <scope>test</scope>
         </dependency>
+
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-inline</artifactId>
+            <version>3.12.4</version>
+            <scope>test</scope>
+          </dependency>
+
+          <dependency>
+            <groupId>uk.org.webcompere</groupId>
+            <artifactId>system-stubs-core</artifactId>
+            <version>2.0.1</version>
+            <scope>test</scope>
+          </dependency>
+
+          <dependency>
+            <groupId>uk.org.webcompere</groupId>
+            <artifactId>system-stubs-jupiter</artifactId>
+            <version>2.0.1</version>
+            <scope>test</scope>
+          </dependency>
         <!-- end test -->
     </dependencies>
 

providers/flagd/README.md

@@ -23,3 +23,33 @@ The `FlagdProvider` communicates with flagd via the gRPC protocol. Instantiate a
 FlagdProvider provider = new FlagdProvider(Protocol.HTTP, "localhost", 8013);
 OpenFeatureAPI.getInstance().setProvider(provider);
 ```
+
+Options can be defined in the constructor or as environment variables, with constructor options having the highest precedence.
+
+| Option name | Environment variable name | Type    | Default   |
+| ----------- | ------------------------- | ------- | --------- |
+| host        | FLAGD_HOST                | string  | localhost |
+| port        | FLAGD_PORT                | number  | 8013      |
+| tls         | FLAGD_TLS                 | boolean | false     |
+| socketPath  | FLAGD_SOCKET_PATH         | string  | -         |
+| certPath    | FLAGD_SERVER_CERT_PATH    | string  | -         |
+
+### Unix socket support
+
+Unix socket communication with flag is facilitated via usage of the linux-native `epoll` library on `linux-x86_64` only (ARM support is pending relase of `netty-transport-native-epoll` v5). Unix sockets are not supported on other platforms or architectures.
+
+### Reconnection
+
+Reconnection is supported by the underlying GRPCBlockingStub. If connection to flagd is lost, it will reconnect automatically.
+
+### Deadline (gRPC call timeout)
+
+The deadline for an individual flag evaluation can be configured by calling `setDeadline(< deadline in millis >)`.
+If the gRPC call is not completed within this deadline, the gRPC call is terminated with the error `DEADLINE_EXCEEDED` and the evaluation will default.
+The default deadline is 500ms, though evaluations typically take on the order of 10ms.
+
+### TLS
+
+Though not required in deployments where flagd runs on the same host as the workload, TLS is available.
+
+:warning: Note that there's a [vulnerability](https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-1042268) in [netty](https://github.com/netty/netty), a transitive dependency of the underlying gRPC libraries used in the flagd-provider that fails to correctly validate certificates. This will be addressed in netty v5.

providers/flagd/pom.xml

@@ -29,20 +29,31 @@
 
 		<dependency>
 			<groupId>io.grpc</groupId>
-			<artifactId>grpc-netty-shaded</artifactId>
-			<version>1.48.1</version>
-			<scope>runtime</scope>
+			<artifactId>grpc-netty</artifactId>
+			<version>1.51.0</version>
 		</dependency>
+
+		<dependency>
+			<!-- we only support unix sockets on linux, via epoll native lib -->
+			<groupId>io.netty</groupId>
+			<artifactId>netty-transport-native-epoll</artifactId>
+			<version>4.1.85.Final</version>
+			<!-- TODO: with 5+ (still alpha), arm is support and we should package multiple versions -->
+			<classifier>linux-x86_64</classifier>
+		</dependency>
+
 		<dependency>
 			<groupId>io.grpc</groupId>
 			<artifactId>grpc-protobuf</artifactId>
 			<version>1.48.2</version>
 		</dependency>
+
 		<dependency>
 			<groupId>io.grpc</groupId>
 			<artifactId>grpc-stub</artifactId>
 			<version>1.48.1</version>
 		</dependency>
+
 		<dependency>
 			<!-- necessary for Java 9+ -->
 			<groupId>org.apache.tomcat</groupId>