search

onflow / flow-go

A fast, secure, and developer-friendly blockchain built to support the next generation of games, apps, and the digital assets that power them.
GNU Affero General Public License v3.0
533 stars 179 forks source link

HCU with feature-flag toggle #6568

Open j1010001 opened 1 month ago

j1010001 commented 1 month ago

Why

We propose to modify the HCU process for deploying small fixes (mainly security fixes) which provides 2 benefits:

Solution

We will create new build with new functionality behind a feature flag, using HCU version beacon. This feature flag can be toggled by the existing HCU Tx. This way the new version can be rolled-out with no change in node SW behaviour and the behaviour changes only after the nodes on the new version receive the version beacon event. If a node operator does not upgrade to new version before the new version beacon is set via Tx, their node will stop as is the case with the existing HCU process.

After the node SW is switched to new version and feature flag is enabled via the version beacon Tx, the feature flag an be removed from the code.

### Tasks
- [ ] Expose the version beacon semver from FVM to Cadence runtime
- [ ] After the new process is tested, write ops guide on how to use the new mechanism for future releases
bluesign commented 3 weeks ago

this seems pretty bad to apply to security fixes tbh.