May 27, 2022

Introducing Global Governance Policies for Feature Flags To Deploy Faster and Safer

Table of Contents

Key takeaway

Harness integrates Open Policy Agent (OPA) to enable global governance for Feature Flags. This ensures consistent standards, reduces risk, and automates compliance, allowing developers to focus on coding while maintaining control and security across all deployments.

We’re excited to announce the launch of the first-ever feature flag governance policies for Harness Feature Flags powered by Harness Policy as Code. At Harness, we focus on building solutions that prioritize reducing risk and making software delivery best practices easier and safer to adopt—all without sacrificing the velocity that feature flags bring to Engineering organizations. 

Feature flags decouple deployment from release, giving developers a sense of control with kill switches, beta testing, experimentation, and progressive rollouts of new features. The one thing you might notice in that list of ways feature flags will help your team, though, is that a lot of it will happen in your production environment—and things that happen in production can be scary.

To that end, global governance policies are a big win for Engineering orgs that need to enforce standards at scale. They let them put guardrails in place across all releases to ensure standards are met, and they automate the process too, so developers simply get error messages the way they’re used to during the build and test phase.

The inclusion of global governance policies in Harness Feature Flags massively differentiates Harness from alternatives in the market. Harness is the only Feature Flag solution with the ability to enforce blanket governance across all feature releases, in addition to specific standards for individual or categories of releases. This global governance also extends to the rest of the SLDC on the Harness platform, so something like naming conventions (to pick an easy example) can be enforced the same across CI, CD, and Feature Flags. And for bonus points, this can all be set up once and automatically enforced without devs having to lift a finger. Instead, they’ll just have errors and warnings thrown the same as if it were from a compiler or testing suite.

In addition to providing fast time to initial value and making it simple to create repeatability and scale, this enhancement notably solves the inherent tradeoff between velocity and control - now, you can have both at once.

Harness Feature Flags

The Governance Requirement for Scale

If you’re a developer, you might recoil a bit when you hear the word governance. It sounds so heavy, and you might be thinking of restrictive corporate policies that stop you from being able to do things that would allow you to do your job better and faster. At the same time, you know that at some level, it’s unavoidable because you can’t scale a wild west of releases. Standards must be in place to ensure proper risk management.

To us, governance is the opposite; it should speed you up by creating guardrails that keep the entire team working in a cohesive and safe way. Governance is about establishing order across the system that empowers teams to move fast, build, and ship without worrying—and without scaring leadership.

Within feature flag management specifically, you want to know:

  • Who can control things and where
  • How to protect production in different scenarios
  • How to make sure flags are ready for use
  • How to keep your flags in order
  • How to make sure you protect yourself by following policy

That’s where governance policies help. They create order in the system that lets engineering teams and leadership answer these questions and establish guardrails around them. The key here is the guardrail. It’s not designed to slow you down. In fact, it’s meant to speed you up! Imagine as a dev not having to manually check flags or releases against internal policy—instead, being free to commit code, knowing it’ll automatically get run against policies and approvals. And for managers, not having devs worry about anything other than coding great applications. 

Enforcing Global Governance Across Feature Releases

We took the popular open source OPA (Open Policy Agent) project and built it into Harness Policy as Code, complete with an intuitive UI and turnkey set of policies out of the box. OPA itself is open source and highly vetted, and we’re excited to bring world class policy and governance management to the feature flag space for the first time.

We built this across the whole platform. So, how does this apply to Feature Flags specifically? The short of it is that developers can write their own Rego scripts in OPA or use our simple policy builder to create rules that will then be applied to feature flag projects. This is all managed through HPE.

How to Use Policy as Code With Feature Flags

What kinds of policies would you want to use with HPE and your feature flags? All the metadata in the feature flag system can be used to define policies, so your team has full control over what can happen, when, and how it can be used. Let’s take a look at some of the ones we’re providing out of the box.

OPA in Feature Flags

You can very simply start using these policies and instantly apply these global governance standards across all of your feature flags. Whether you use our out of the box options or write your own Rego scripts, any time a feature release pipeline is run, these policies will automatically be applied.

Global vs. Local Governance for Feature Release Management

If you’re familiar with Harness, you might be wondering how this differs from the governance standards you can already create within a Harness pipeline. Think of it simply as local vs global governance application—kind of like local vs. global variables in code. 

And even if you’re not familiar with Harness, well, the same idea applies of local vs. global governance: you can apply specific policies to a type of release, or enforce global standards across all releases, like naming conventions or verifying that a feature has been promoted through all testing environments.

Pipelines allow you to set specific standards within the scope of a specific release or type of release (see below for a simple example). Where HPE policies differ is that they apply global governance across all of your feature releases, in addition to whatever specific release standards you have in place. What that means is you have the option to create two layers of governance, completely custom to your needs.

Localized Governance Policy
Example of a localized governance policy enforced in a feature release pipeline.
Global Governance Policy
With Harness Feature Flags, a global governance policy can be applied to every feature release pipeline. 

Platform-Wide Governance With Policy as Code

Let’s reiterate here that while governance policies work if you only have Harness Feature Flags, they also work across the entire Harness platform. This means with Harness uniquely, you can govern CI, CD, Feature Flags, and any other Harness module all together.

This opens up possibilities like being able to say that you can’t change feature flags in production if there was a failed deployment in the last hour, enabling true control over the software delivery process end-to-end for the first time.

How To Get Started

If you’re already using Harness Feature Flags, you’ll notice a new sidebar option labeled Policies. To start using these global governance policies powered by HPE, just head over to the Feature Flags module in your Harness console, click on Policies, and start applying your own policies right away. Once you get it set up and run it against your first release, there’s no better feeling than seeing the green checkbox giving you the all clear.

OPA in Feature Flags

If you’re not using Harness Feature Flags yet, you can sign up for a free trial or request a demo to learn more. 

Conclusion: This Is Just the Beginning

We are on a journey with Harness Feature Flags of building key components for governance across the entire system and tying them together. Governance policies for Feature Flags are a huge step forward, for the first time ever allowing you to truly control your feature flag system and rest easy knowing it’s enforced 100% of the time. You can learn more about Harness and our governance capabilities on our platform governance page

If you haven’t signed up to use Harness yet but want to get started, you can easily sign up for free forever. Happy developing!

You might also like
No items found.
Feature Flags