Add Posthog integration to backend #682
Conversation
jkachel
added
Needs Review
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 9430286 | Triggered | Generic Password | 50ea8f0 | docker-compose.yml | View secret |
| 9430286 | Triggered | Generic Password | b85583f | docker-compose.yml | View secret |
| 9430286 | Triggered | Generic Password | 81a6361 | docker-compose.yml | View secret |
| 9430286 | Triggered | Generic Password | 72c4253 | docker-compose.yml | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
for more information, see https://pre-commit.ci
- Update the docker-compose to make the external Postgres port configurable in the .env - Update the .env.example - Fixed a bug in get_all_feature_flags - Exposed the feature flag list view, made it work
…ble cache This should mean the cache is preferred for PostHog feature flags. This doesn't include code to update the cache just yet.
for more information, see https://pre-commit.ci
well that was dumb
main/features.py
Outdated
| bool: True if the feature flag is enabled | ||
| """ # noqa: D401 | ||
| return settings.FEATURES.get(name, default or settings.MITOPEN_FEATURES_DEFAULT) | ||
| bool: True if the feature flag is enablede |
| @@ -78,7 +78,7 @@ drf-nested-routers = "^0.93.5" | |||
| django-scim2 = "^0.19.1" | |||
| django-oauth-toolkit = "^2.3.0" | |||
| youtube-transcript-api = "^0.6.2" | |||
| ruff = "0.3.4" | |||
There was a problem hiding this comment.
was removing ruff 0.3.4 intentional?
There was a problem hiding this comment.
think this was a rebase error... I put it back but looking at it I'm not sure why it's here and in dev dependencies (with a different version?) but that's sort of out of scope for this PR.
There was a problem hiding this comment.
I believe it's in there for IDE support. pre-commit is the source of truth for linting/formatting, but IDEs (to my knowledge) can't run pre-commit's ruff.
It's sometimes a bit out of date with pre-commit's, but they both get updated (pre-commit by its autoupdate, dev deps by renovate) and if they're slightly out of sync, it's not a big deal.
shanbady
added
Waiting on author
and removed
Needs Review
What are the relevant tickets?
Partially closes #589
Description (What does it do?)
Adds support for querying feature flags via Posthog, with fallback to the standard local environment. Posthog support is toggleable and queries to Posthog are cached locally in the database in case their API becomes unavailable.
To configure:
.envfile settings:POSTHOG_PROJECT_API_KEY- the API key for the project the app should look atPOSTHOG_HOST- should behttps://app.posthog.comgenerally but can be changed if neededPOSTHOG_ENABLED- boolean./manage.py createcachetableto create the table for the durable cacheHow can this be tested?
Automated tests should pass.
The code exposes an internal meta API at
/_/featuresthat provides read operations on feature flags. Listing feature flags will additionally load the cache for the default case. (Posthog identifies users via a ID for the instance and an ID for the user; the default is to use the app's hostname for the instance ID, and the environment and user ID or None for the user ID, so this is what you'll get here.) The features API is intended as a sanity-check so user-specific flag settings aren't there (but we could add that).