►
From YouTube: Feature Flags Office Hours 5th Nov 2020
Description
Feature Flags Office Hours 5th Nov 2020
Discussion about Protected Strategies - https://gitlab.com/gitlab-org/gitlab/-/issues/230614
and a demo of A/B testing POC
A
A
A
C
A
A
A
Okay,
so
again,
let's
start
from
the
basic.
The
idea
is
what
what
are
we
trying
to
solve?
And
the
basic
use
case
that
we're
trying
to
solve
is
that
we
want
developers
to
have
full
control
of
future
flags
during
development
and
and
any
testing
staging
slash,
dev
environment.
They
can
do
whatever
they
want,
but
once
we
hit
production,
we're
not
we
don't
want.
The
developers
is
not
the
right
word,
but
people
without
the
right
permissions
to
turn
on
flags
in
a
projected
environment.
A
So
the
way
that
we
have
protected
environments
today
in
gitlab
is
that
you
have
the
option
to
to
specify
specific
users
that
can
deploy
to
these
environments,
and
I
want
to
use
that
same
permission
model
in
order
to
allow
people
to
toggle
feature
flags
on
and
off,
in
production,
protected
environments.
Sorry,
I
may
interchange
production
and
protected
environments,
but
I'm
I
mean
the
same
thing:
okay,
so
the
idea
here
that
we
started
talking
and
then
there
was
a
lot
of
spanning
of
and
spinning
off
of
ideas.
A
C
My
main
question
here
would
be:
would
there
be
a
difference
in
feasibility
engineering-wise
going
for
feature
flag
as
a
level
of
protection
from
the
get-go
or
going
for
the
protected
strategy?
Because
from
a
ux
perspective
speaking,
I
think
it
makes
a
lot
more
sense
to
go
for
the
feature
flag
level
rather
than
the
protected
strategy
level.
A
Before
any
engineer,
answers
that
what
I
would
like
to
just
mention
the
ideal
user
experience
would
be
that
if
I
have
permissions
for
my
environments,
if
I
toggle
them,
that
would
only
take
effect
to
the
environments
that
I
that
I
can.
This
will
make
the
observability
really
really
confusing,
because
what
does
it?
What
is
it
was
it?
What
does
it
mean
if
a
feature
flag
is
on
for
a
specific
environment?
Yes
or
no,
it's
going
to
be
a
little
bit
more
complicated
in
terms
of
display,
but
the
best
user
experience
would
be.
A
If
I
have
permissions,
let
me
do
whatever
I
want
and
then,
if
I
don't
have
permissions
just
don't,
let
me
touch
those
specific
environments
that
that
would
be
the
ideal
experience.
But,
as
you
mentioned
immediately,
I
think
the
easiest
way
to
start
and
the
more
the
most
iterative
is
just
to
say
for
this
first
iteration.
D
D
C
So,
just
to
go
into
that,
I'm,
like
I
hear
easier
and
simpler
and
no
locking
out,
I
think,
locking
out
is-
is
super
valid.
On
the
other
hand,
how
do
you
look
at
the
concern
that
this
enables
people
with
less
permissions,
so
people
who
have
no
permission
for
certain
protected
environments
to
still
be
able
to
control
the
feature
flag?
Essentially,
because
that
is
the
main
thing
we're
omitting
here.
D
As
long
as
the
people
doesn't
create
a
strategy
which
includes
protected
environment,
it
doesn't
affect
the
protected
environment,
so
should
be
fine.
So
the
point
is
that
we
should
also
you
know,
create
delete,
update.
These
three
actions
should
be
prohibited
according
to
the
protected
environment,.
C
Sorry
shana,
I
I'm
trying
to
follow
you,
but,
like
your
answer
to
my
question,
was
not
clear
to
me
and
I'm
finding
it
hard
to
follow
up
after
you're
coming
after
could
you
could
you
go
into
detail
on
on
my
question
on
how,
like
my
concern,
raised
around
a
future
flex,
still
being
able
to
con
to
be
controlled
by
people
with
not
enough
permissions
for
the
protected
environments
included
into
the
environment?
Scope
for
that
like
configured
for
that
feature,
flag.
D
D
So
basically,
the
the
action
required
is
the
separate
strategy
power
environment
like
currently
multiple
environments,
can
belong
to
that.
The
same
strategy
right,
but
this
model
wouldn't
really
work
with
this
feature.
So
it's
more
like
a
define,
different
strategy.
They
create,
even
if
it's
duplicate,
just
create
a
two
strategy
and
then
attach
the
you
know:
unprotected
environments
and
the
unprotected
environments.
C
So
you
mean
like,
if
there's
an
existing
strategy
that
involves
a
protected
environment-
and
you
know
a
certain
strategy
is
involved,
say:
user,
ids
or
something
like
that.
Then,
if
the
user
doesn't
have
enough
permissions
to
edit
that,
then
they
will
create
or
duplicate
that
strategy
within
the
same
feature
flag
and
then
apply
it
to
like
the
environment.
They
care
about.
D
Yeah
so,
for
example,
like
an
operator
who
has
a
permission,
everything
created
a
strategy
with
review,
app,
slash,
asterisk
and
then
production
environment
which
is
protected
and
then
developers
came
after
and
they
realized
that
they
don't
have
permission
to
change
the
review
app.
Then
probably,
they
need
to
ask
the
operator
to
first
remove
the
environment
asterisk
from
the
protected
strategy
and
then
create
a
new
entry,
create
the
duplicate
strategy
and
then
assign
review
review
environments.
C
I
I
have
one
remaining
question,
because
I
think
what
you're
saying
makes
sense
to
to
how
I'm
thinking
I
wasn't
thinking
about.
You
know
having
the
exact
same
strategy
twice
on
a
single
feature
flag,
which
apparently
can
be
done.
So
that
is
something
I
was
unaware
of,
though,
with
different
environment
scope
there.
Still.
The
main
question
still
stays
is
that
if
this
is
the
case,
so
a
future
flag
includes
a
strategy
for
unprotected
environment
and
a
strategy
for
a
protected
environment.
D
A
A
B
Originally,
as
part
of
the
redesign
we
were
going
to
have
toggles
on
both
where
the
global
toggle
would
be
like
a
kill,
switch
and
shut
off
the
whole
flag,
and
then
each
strategy
would
have
its
own
toggle
as
well,
and
it
got
d
scoped
at
some
point,
and
I
don't
think
we
ever
came
back
around
to
rescheduling
that.
So
if
that
makes
this
easier,
perhaps
that's
something
we
should
consider.
C
B
C
A
The
top
menu
needs
to
turn
into
a
kill
switch
now
each
one
of
this
is
another
iteration
and
the,
and
then
we
need
to
figure
out
on
the
feature
flag
list
view
how
we're
going
to
present
this,
because
now,
potentially
you
don't
have
an
on
or
off
it's
on
or
off
per
strategy.
So
we
would
at
the
moment
it
kind
of
displays
the
strategy
in
this
badge-like
view,
but
now
we
would
probably
need
to
add
the
information
for
each
one
if
it's
on
or
off,
in
addition
to
what
it
displays
today,.
B
A
C
C
We
can
still
surface
it
eventually
somewhere
on
the
amulets
page.
If
we
don't
make
it
to
complicate
it,
and
I
don't
know
what
the
usage
of
feature
like
strategies
per
feature
flag
is
going
to
be.
You
know
if
there's
going
to
be
future
flags
with
20
different
strategies
applied
to
one
of
them.
I
think
that's
going
to
make
things
more
difficult,
but
it's
two
or
three.
B
B
A
I
think
if
we
go
to
the
protected
route,
there's
it's
inevitable,
I
think
also,
regardless
to
whatever
category
we're
working
on
now
we're
talking.
Specifically,
you
need
to
be
as
granular
as
possible
and
let
the
users
select
everything
as
granular
as
possible
so
for
environment
strategy
for,
like,
I
think,
the
smaller,
the
better.
C
D
D
D
Then
first
thing
is
clean
up
thing
and
then
so
we
are
seeing
two
windows
here,
the
right
one.
It's
a
bit
confusing
that
we
are
seeing
to
get
love
here.
It's
same
application
technically,
but
just
pretend
as
the
right
this
project.
My
awesome,
ruby
app
is
a
project
on
gitlab.com
and
then
left.
One
is
a
customized
application,
client's
application.
This
is
not
gitlab.
This
is
also
my
osrb
app
okay
and
then
so
our
ux
engineer
one
day
saw
that
this
application
and
then.
D
D
D
Currently,
the
success
color
is
fixed,
but
we're
going
to
change
to
success
and
warning
color
success
is
a
green
color,
which
is
this
and
the
warning
is
orange.
Color
you're
gonna
see
it
later,
and
this
is
done
and
I'm
gonna
use
this
experiment.
Experiment,
button,
color,
feature
block
and
the
next.
What
we
want
to
know
is
that,
let's
say
this
user
currently
and
login
as
cathy
and
then
cathy
collected
this
new
project
button
and
then
this
project,
new
project
creation
form,
is
shown.
This
is
a
like
a
you
know.
Goal
like
ux
engineer.
D
D
D
D
D
So
here's
a
variety
of
definition:
there
are
two
variants,
one
is
success.
As
I
said,
success
is
a
green
color.
The
warning
the
second
one
is
warning:
warning
is
the
orange
color
and
each
variant
has
a
weight.
Success
is
30
percent
of
users.
The
warning
70
percent
users
gonna
see
it,
and
then
you
cannot
see
the
variant
setup,
but
it's
already
injected
internally
and
at
the
next.
Let's
check
that
the
variant
is
working
here.
I'm
logging
in
as
cassie.
D
D
D
Everybody
is
seeing
this
new
project.
This
is
this
green
button,
because
john
and
the
kathy
is
belong
to
this
weight
70
because
their
user
id
is
much
later
and
whereas
root
id
is
very
re.
So
it's
he's
included
in
the
weight
circuit,
so
he's
saying
sergi
and
the
roots
thought
that
rainbow
dan
I
hit
that.
So
he
didn't
click.
D
And
actually
like,
I
acted
as
three
users:
three
different
users.
Everything
is
recorded,
everything
the
like
which
user
so,
which
bottom
color,
and
also
which
user
landed
on
the
new
project
creation
form
everything
is
recorded
and
sent
to
the
server
side,
this
project
on
github.com
and
then
we're
going
to
see
it
from
there
from
now.
D
Is
it
going
to
visit
a
b
testing
page
currently,
nothing
see
because
no
experiment
is
defined,
so
we're
going
to
define
experiments.
Here's
our
experiment
definition
at
first
name.
This
is
our
experiment.
Name,
project
creation,
bottom
color,
whatever
name
is
fine,
and
here
is
a
base.
Event
basement
means
that
the
like
the
weird
branch
happening,
which
is
this
bottom
like
where
kathy
saw
orange
burden
root,
saw
green
button
thing
is
a
that's
a
called
a
base
event
and
then
next
conversion
event.
D
D
And
now
we
are
seeing
that
the
result
of
the
experiment
at
first
we
see
a
project
explainer
title
and
what's
interesting,
that
there
are
two
valiants
happening.
One
is
success
right,
which
is
green
bottom
color
and
the
other
one
is
warning
orange
bottom
color
and
success.
Unique
visitors
is
shown
as
one
because
only
root
visited
there.
D
The
roots
saw
that
green
button
and
the
convergence
he
didn't
land
on
the
new
project
creation
form
so
coma
join
zelo,
whereas
warning
variant,
the
orange
botan
there
there
were
two
unique
visitors,
cassiano
john
saw
it
and
then
actually
landed
on
the
you
know,
creation
form.
So
a
combined
change
is
two,
which
means
that
you
know
warning
body
and
the
one
in
color
is
more
effective
on
this
experiment,
and
it
is
the
conversion
rate
or
changes
thing.
D
A
Really
cool
shania!
Thank
you.
Thank
you
for
putting
this
together,
so
how
everything
you
did
right
now
you
did
through
through
the
unleash
code,
which
we
already
have
supported.
So
how
far
are
we
to
just
present
this
specific
demo
that
you
showed
so
adding
this
a
b
testing
a
new
category
in
the
left
pane
like
how
difficult
would
that
be.
D
D
We
need
to
add
a
one
api
new
api
to
the
unleash
off
show
so
unleash
our
shell
already
has
a
matrix
api
endpoints,
but
this
is
not,
if
sufficient,
to
achieve
this
av
experiment
thing,
but
we
need
a
more
granular
advanced
thing,
which
is
called
event
api,
so
yeah,
that's
that's
the
most
challenging
part.
Maybe.