Feature flags#
Some Lagoon features can be controlled by setting feature flags. This is designed to assist users and administrators in rolling out new platform features in a controlled manner.
Environment variables#
The following can be set as API env vars to toggle feature flags.
| Environment Variable Name | Active scope | Version introduced | Version removed | Default Value | Description |
|---|---|---|---|---|---|
LAGOON_FEATURE_FLAG_ROOTLESS_WORKLOAD |
global |
2.2.0 | - | disabled |
Set to enabled to set a non-root pod security context on the pods in this environment or project.This flag will eventually be deprecated, at which point non-root workloads will be enforced. |
LAGOON_FEATURE_FLAG_ISOLATION_NETWORK_POLICY |
global |
2.2.0 | - | disabled |
Set to enabled to add a default namespace isolation network policy to each environment on deployment.This flag will eventually be deprecated, at which point the namespace isolation network policy will be enforced. NOTE: enabling and then disabling this feature will not remove any existing network policy from previous deployments. Those must be removed manually. |
Cluster-level controls#
Feature flags may also be controlled at the cluster level. There is support for this in the lagoon-build-deploy chart.
For each feature flag there are two flavours of values which can be set: default and force.
defaultcontrols the default policy for environments deployed to the cluster, but can be overridden at the organization, project, or environment level by the environment variables documented above.forcealso controls the policy for environments deployed to the cluster, but cannot be overridden by the environment variables documented above.