flipt-io · markphelps · Feb 25, 2025 · Feb 25, 2025
@@ -10,24 +10,6 @@ This directory contains a Go module dedicated to building and testing Flipt usin
 
 All the commands in this directory can be invoked from the root of the Flipt repo using `dagger call`.
 
-```console
-USAGE
-  dagger call [options] [arguments] <function>
-
-EXAMPLES
-  dagger call test
-  dagger call build -o ./bin/myapp
-  dagger call lint stdout
-
-FUNCTIONS
-  base             Returns a container with all the assets compiled and ready for testing and distribution
-  base-container
-  build            Return container with Flipt binaries in a thinner alpine distribution
-  generate         Execute generate function with subcommand
-  source
-  test             Execute test specific by subcommand
-```
-
 This version of the command runs using the `dagger` cli (`brew install dagger/tap/dagger`).
 It comes with a nice TUI.
 
@@ -53,15 +35,12 @@ USAGE
   dagger call test [arguments] <function>
 
 FUNCTIONS
-  base-container
-  cli               Run all cli tests
-  flipt-container
+  base-container    -
+  flipt-container   -
   integration       Run all integration tests
-  load              Run all load tests
-  migration         Run all migration tests
-  source
+  source            -
   ui                Run all ui tests
-  uicontainer
+  uicontainer       -
   unit              Run all unit tests
 
 ARGUMENTS
@@ -70,11 +49,8 @@ ARGUMENTS
 Use "dagger call test [command] --help" for more information about a command.
 ```
 
-- `dagger call test --source=. cli`: Runs a suite of tests against `flipt` CLI commands
 - `dagger call test --source=. unit`: Runs the entire suite of unit style tests
 - `dagger call test --source=. ui`: Runs the entire suite of UI integration style tests (playwright against running Flipt)
-- `dagger call test --source=. migration`: Ensures backwards compatibility after running database migrations
-- `dagger call test --source=. load`: Run Flipt and measure performance running evaluations under load
 
 ### Integration Tests
 
@@ -91,7 +67,11 @@ ARGUMENTS
       --cases string    (default "*")
 ```
 
-By default, it runs all cases concurrently against the target dagger runtime.
+- `dagger call test --source=. integration`: Runs all cases concurrently against the target dagger runtime.
+
 However, cases can be constrained to the individual top-level suites via the `--cases` flag.
+
+- `dagger call test --source=. integration --cases="authn"`: Runs only the authn suite.
+
 This flag expects a space delimited list of the case names.
 The case names are maintained near the top of [integration.go](./testing/integration.go).
@@ -49,12 +49,12 @@ var (
 	AllCases = map[string]testCaseFn{
 		// "fs/git":   git,
 		// "fs/local": local,
-		// "authz":    authz,
+		//"authz":         authz,
 		"authn":         authn(),
 		"envs":          envsAPI(""),
 		"envs_with_dir": envsAPI("root"),
-		// "ofrep":         withAuthz(ofrepAPI),
-		// "snapshot":      withAuthz(snapshotAPI),
+		"ofrep":         withAuthz(ofrepAPI()),
+		"snapshot":      withAuthz(snapshotAPI()),
 	}
 )
 
@@ -288,6 +288,34 @@ func authn() testCaseFn {
 	}, testdataDir)
 }
 
+func snapshotAPI() testCaseFn {
+	return func(ctx context.Context, client *dagger.Client, base, flipt *dagger.Container, conf testConfig) func() error {
+		flipt = flipt.
+			WithEnvVariable("FLIPT_LOG_LEVEL", "DEBUG").
+			WithEnvVariable("FLIPT_ENVIRONMENTS_DEFAULT_STORAGE", "default").
+			WithEnvVariable("FLIPT_STORAGE_TYPE", "local").
+			WithEnvVariable("FLIPT_STORAGE_LOCAL_PATH", "/tmp/testdata").
+			WithDirectory("/tmp/testdata", base.Directory(testdataDir)).
+			WithEnvVariable("UNIQUE", uuid.New().String())
+
+		return suite(ctx, "snapshot", base, flipt.WithExec(nil), conf)
+	}
+}
+
+func ofrepAPI() testCaseFn {
+	return func(ctx context.Context, client *dagger.Client, base, flipt *dagger.Container, conf testConfig) func() error {
+		flipt = flipt.
+			WithEnvVariable("FLIPT_LOG_LEVEL", "DEBUG").
+			WithEnvVariable("FLIPT_ENVIRONMENTS_DEFAULT_STORAGE", "default").
+			WithEnvVariable("FLIPT_STORAGE_TYPE", "local").
+			WithEnvVariable("FLIPT_STORAGE_LOCAL_PATH", "/tmp/testdata").
+			WithDirectory("/tmp/testdata", base.Directory(testdataDir)).
+			WithEnvVariable("UNIQUE", uuid.New().String())
+
+		return suite(ctx, "ofrep", base, flipt.WithExec(nil), conf)
+	}
+}
+
 func withGitea(fn testCaseFn, dataDir string) testCaseFn {
 	return func(ctx context.Context, client *dagger.Client, base, flipt *dagger.Container, conf testConfig) func() error {
 		gitea := client.Container().

@@ -21,7 +21,6 @@ import (
 	authgithub "go.flipt.io/flipt/internal/server/authn/method/github"
 	authkubernetes "go.flipt.io/flipt/internal/server/authn/method/kubernetes"
 	authoidc "go.flipt.io/flipt/internal/server/authn/method/oidc"
-	authtoken "go.flipt.io/flipt/internal/server/authn/method/token"
 	authmiddlewaregrpc "go.flipt.io/flipt/internal/server/authn/middleware/grpc"
 	authmiddlewarehttp "go.flipt.io/flipt/internal/server/authn/middleware/http"
 	"go.flipt.io/flipt/internal/server/authn/public"
@@ -99,13 +98,6 @@ func authenticationGRPC(
 
 	var interceptors []grpc.UnaryServerInterceptor
 
-	// register auth method token service
-	if authCfg.Methods.Token.Enabled {
-		rpcauth.RegisterAuthenticationMethodTokenServiceServer(handlers, authtoken.NewServer(logger, store))
-
-		logger.Debug("authentication method \"token\" server registered")
-	}
-
 	// register auth method oidc service
 	if authCfg.Methods.OIDC.Enabled {
 		rpcauth.RegisterAuthenticationMethodOIDCServiceServer(handlers, authoidc.NewServer(logger, store, authCfg))
@@ -207,10 +199,6 @@ func authenticationGRPC(
 			interceptors = append(interceptors, selector.UnaryServerInterceptor(authmiddlewaregrpc.EmailMatchingInterceptor(logger, rgxs, authOpts...), authmiddlewaregrpc.ClientTokenInterceptorSelector()))
 		}
 
-		if authCfg.Methods.Token.Enabled {
-			interceptors = append(interceptors, selector.UnaryServerInterceptor(authmiddlewaregrpc.NamespaceMatchingInterceptor(logger, authOpts...), authmiddlewaregrpc.ClientTokenInterceptorSelector()))
-		}
-
 		// at this point, we have already registered all authentication methods that are enabled
 		// so atleast one authentication method should pass if authentication is required
 		interceptors = append(interceptors, authmiddlewaregrpc.AuthenticationRequiredInterceptor(logger, authOpts...))

@@ -29,9 +29,9 @@
 	serverenvironments "go.flipt.io/flipt/internal/server/environments"
 	"go.flipt.io/flipt/internal/server/evaluation"
 	evaluationdata "go.flipt.io/flipt/internal/server/evaluation/data"
+	"go.flipt.io/flipt/internal/server/evaluation/ofrep"
 	"go.flipt.io/flipt/internal/server/metadata"
 	middlewaregrpc "go.flipt.io/flipt/internal/server/middleware/grpc"
-	"go.flipt.io/flipt/internal/server/ofrep"
 	"go.flipt.io/flipt/internal/storage/environments"
 	"go.flipt.io/flipt/internal/tracing"
 	rpcflipt "go.flipt.io/flipt/rpc/flipt"
@@ -194,7 +194,7 @@
 		evalsrv     = evaluation.New(logger, environmentStore)
 		evaldatasrv = evaluationdata.New(logger, environmentStore)
 		fliptv1srv  = serverfliptv1.New(logger, environmentStore)
-		ofrepsrv    = ofrep.New(logger, evalsrv, nil)
+		ofrepsrv    = ofrep.New(logger, evalsrv, environmentStore)
 
 		// health service
 		healthsrv = health.NewServer()

@@ -24,9 +24,9 @@ import (
 	"go.flipt.io/flipt/internal/gateway"
 	"go.flipt.io/flipt/internal/info"
 	"go.flipt.io/flipt/internal/server/authn/method"
+	ofrep_middleware "go.flipt.io/flipt/internal/server/evaluation/ofrep"
 	grpc_middleware "go.flipt.io/flipt/internal/server/middleware/grpc"
 	http_middleware "go.flipt.io/flipt/internal/server/middleware/http"
-	ofrep_middleware "go.flipt.io/flipt/internal/server/ofrep"
 	"go.flipt.io/flipt/rpc/flipt"
 	"go.flipt.io/flipt/rpc/flipt/analytics"
 	"go.flipt.io/flipt/rpc/flipt/evaluation"