Nicholai/united-tattoo
1
1
Fork 0
Code Issues 24 Pull Requests Actions 2 Packages Projects Releases Wiki Activity
united-tattoo/docs/prd/epic-feature-flags-controlled-rollbacks.md

134 lines
7.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Feature Flags Framework for Controlled Rollbacks — Brownfield Enhancement
Version: 1.0
Date: 2025-09-18
Owner: Product Manager (John)
Related Docs:
- docs/prd/rollback-strategy.md
- docs/brownfield-architecture.md
- docs/brownfield-architecture-booking.md
- docs/brownfield-architecture-public.md
- docs/brownfield-architecture-tech.md
---
Epic Title
Feature Flags Framework for Controlled Rollbacks — Brownfield Enhancement
Epic Goal
Implement a centralized, minimal feature flag framework and wire it to key surfaces (Admin, Booking, Public) to enable safe, fast rollbacks and controlled exposure per the rollback strategy.
Epic Description
Existing System Context
- Current relevant functionality:
- Next.js 14 App Router running on Cloudflare Pages/Workers via OpenNext.
- Admin (/admin), Booking (/book), and Public (/ and /artists) surfaces with route handlers under /app/api.
- No project-wide feature flags; rollbacks require full deployment revert.
- Technology stack:
- Next.js 14, OpenNext Cloudflare adapter, Cloudflare D1/R2, NextAuth (JWT), Tailwind + shadcn/ui, Zod validations.
- Integration points:
- Cloudflare env vars via wrangler.toml ([env.preview.vars]/[env.production.vars]).
- UI components/pages under app/, route handlers under app/api/.
- lib/env.ts for env validation; rollback procedures documented in docs/prd/rollback-strategy.md.
Enhancement Details
- Whats being added/changed:
- Introduce a simple, typed flags module (lib/flags.ts) that reads boolean switches from environment variables.
- Add first-class flags for Admin, Booking, and Public UX controls as defined in rollback-strategy.md.
- Gate critical UI flows and API endpoints behind these flags with graceful fallbacks (e.g., disable Booking submit with friendly messaging).
- How it integrates:
- Flags read from env (wrangler vars); server-side checks in route handlers and server components, client-side checks for UI affordances.
- No architectural changes; minimal localized conditionals and guard rails.
- Success criteria:
- Toggling a flag disables the associated feature safely without redeploy.
- Disabled states present appropriate UX and non-2xx responses for APIs (e.g., 503 with JSON message) where appropriate.
- No impact on unaffected features; default flag values replicate current behavior.
Stories
1. Feature Flags Library & Configuration
- Implement lib/flags.ts with typed boolean flags:
- ADMIN_ENABLED, ARTISTS_MODULE_ENABLED, UPLOADS_ADMIN_ENABLED
- BOOKING_ENABLED, PUBLIC_APPOINTMENT_REQUESTS_ENABLED, REFERENCE_UPLOADS_PUBLIC_ENABLED, DEPOSITS_ENABLED
- PUBLIC_DB_ARTISTS_ENABLED, ADVANCED_NAV_SCROLL_ANIMATIONS_ENABLED
- STRICT_CI_GATES_ENABLED, ISR_CACHE_R2_ENABLED
- Read values from process.env (wrangler vars) with safe defaults that preserve current behavior.
- Document expected vars and defaults in README and docs/prd/rollback-strategy.md linkage.
- Optional: Update lib/env.ts to include non-breaking optional validation for key flags (boolean parsing).
2. Wire Flags to Critical Surfaces (Admin/Booking/Public)
- Admin:
- Gate /admin shell with ADMIN_ENABLED; show friendly “Temporarily unavailable” if disabled.
- Gate admin uploads endpoints with UPLOADS_ADMIN_ENABLED; return 503 JSON on POST/DELETE when disabled.
- Booking:
- Gate BookingForm submit path with BOOKING_ENABLED; disabled state shows user message and redirects to /contact.
- If/when public booking endpoint exists, gate with PUBLIC_APPOINTMENT_REQUESTS_ENABLED.
- Public:
- Gate advanced scroll/parallax with ADVANCED_NAV_SCROLL_ANIMATIONS_ENABLED; ensure no JS errors when off.
- Add smoke tests/checklist notes to verify disabled vs enabled behavior.
3. Operational Guidance & Verification
- Add a “Feature Flags Operations” section to docs/prd/rollback-strategy.md or a short ops note with:
- How to toggle flags (wrangler vars / dashboard).
- Expected UX/API behavior per flag.
- Post-toggle smoke steps.
- Ensure flags are listed in wrangler.toml example vars for preview/production (documentation only; no secrets committed).
Compatibility Requirements
- [x] Existing APIs remain unchanged unless disabled via flags (return 503 with structured message when gated).
- [x] No DB schema changes introduced.
- [x] UI changes follow existing patterns and provide accessible fallback messages.
- [x] Performance impact minimal (light conditional checks, no heavy client logic).
- [x] Default state preserves current behavior if flags are unset.
Risk Mitigation
- Primary Risk: Misconfiguration of env vars causing unintended disablement.
- Mitigation: Safe defaults that preserve current behavior; add console.warn on server when a critical flag is undefined (non-fatal).
- Rollback Plan: Set flags to disable problematic surfaces immediately; revert local changes by removing guards if needed (code rollback not required in normal operation).
Definition of Done
- [ ] lib/flags.ts implemented with typed flags and safe defaults.
- [ ] Admin, Booking, Public surfaces gated with appropriate UX/API responses.
- [ ] Documentation updated (flags list, how to toggle, expected behaviors).
- [ ] Smoke verification steps executed for both enabled and disabled states.
- [ ] No regressions observed in unaffected areas.
Validation Checklist
Scope Validation
- [x] Epic can be completed in 13 stories maximum.
- [x] No architectural documentation required beyond existing brownfield references.
- [x] Enhancement follows existing patterns (env-based configuration, conditional rendering).
- [x] Integration complexity is manageable.
Risk Assessment
- [x] Risk to existing system is low (additive, defensive controls).
- [x] Rollback plan is feasible (toggle flags via env).
- [x] Testing approach covers existing functionality (smoke on disabled/enabled).
- [x] Team has sufficient knowledge of integration points.
Completeness Check
- [x] Epic goal is clear and achievable.
- [x] Stories are properly scoped (library, wiring, ops).
- [x] Success criteria are measurable (toggle effects, UX/API responses).
- [x] Dependencies identified (wrangler vars, docs updates).
Handoff to Story Manager
Please develop detailed user stories for this brownfield epic. Key considerations:
- This is an enhancement to an existing system running Next.js 14 App Router on Cloudflare Pages/Workers with D1/R2 and OpenNext.
- Integration points:
- Env vars from wrangler.toml ([env.preview.vars]/[env.production.vars]).
- Admin pages under /app/admin, Booking under /app/book, related route handlers under /app/api.
- Documented rollback procedures in docs/prd/rollback-strategy.md.
- Existing patterns to follow:
- Zod validations for route handlers, shadcn/ui for UX, middleware RBAC, minimal conditional checks.
- Critical compatibility requirements:
- Defaults preserve current behavior.
- Disabled states provide clear user messaging and appropriate HTTP statuses for APIs (503).
- No DB schema changes; no secrets in repo.
- Each story must include verification that existing functionality remains intact with flags both enabled and disabled.
Epic should maintain system integrity while enabling safe, immediate disablement of high-risk surfaces without a redeploy.
Reference in New Issue View Git Blame Copy Permalink