Feature flags and config as data — CI/CD Automation — Practical Guide (Apr 5, 2026)
Feature flags and config as data — CI/CD Automation
Level: Intermediate
April 5, 2026
The modern software development lifecycle increasingly relies on continuous integration and continuous delivery (CI/CD) to ship value safely and rapidly. Two practices have become pivotal to achieving agile deployment and operational control: feature flags and treating configuration as data.
This article provides practical guidance on integrating feature flags and configuration management within CI/CD pipelines, emphasising recent stable practices available around 2026. It targets intermediate engineers comfortable with CI/CD concepts, source control, and deployment automation.
Prerequisites
- Familiarity with CI/CD platforms such as GitHub Actions (v3+), GitLab CI (v15+), or Jenkins (LTS releases circa 2026).
- Understanding of your application’s runtime configuration mechanism (e.g. environment variables, config files, distributed config stores like HashiCorp Consul, or cloud-specific solutions like AWS AppConfig).
- Access to or knowledge about a feature flag management solution. These can range from open source (e.g. Unleash, Flagsmith) to commercial SaaS (e.g. LaunchDarkly, Split.io).
- Version control with branching strategy such as Gitflow, trunk-based development, or feature branching.
Optional but recommended:
- Basic scripting experience (shell, Python, or Groovy) to customize pipeline logic.
- Understanding of infrastructure as code (IaC) if your config management integrates with IaC tools.
Hands-on steps
1. Define the scope: When and where to use feature flags versus static config
Feature flags should control feature availability dynamically at runtime, especially for:
- Gradual rollouts (canary releases, A/B tests).
- Operational toggling (disabling features in emergencies without new deployment).
- Testing in production by enabling features selectively.
On the other hand, configuration as data refers to settings that define environment behaviour but rarely change mid-run, such as database connection strings, API endpoints, or feature parameters that require comprehensive validation before deployment.
When to choose flags: Requires fast switches without deployments or user segmentation.
When to choose config: Stable, environment/environmental setup values that should trigger deployments when changed.
2. Model feature flags and configuration as versioned data
Keep your flags and config in your source control system as code or structured files (YAML, JSON, TOML). This practice is called Config as Data and ensures auditability and reproducibility.
Example feature flag config stored in feature-flags.yml:
features:
- name: new-user-dashboard
enabled: false
rollout_percentage: 0
- name: advanced-search
enabled: true
rollout_percentage: 100
Example application config stored in app-config.json:
{
"database": {
"host": "db-prod.example.com",
"port": 5432,
"max_connections": 100
},
"logging": {
"level": "info"
}
}
3. Integrate config and flags with your CI/CD pipeline
The CI/CD workflow should contain stages for:
- Linting and validation: Automated checks for schema correctness and flag semantics.
- Environment-specific overrides: Inject environment nuances without manual overrides by using staged config overlays.
- Deployment phases: Apply config changes and enable flag states in a controlled manner.
- Monitoring and rollback: Ensure that pipeline supports easy rollback if flags or config cause issues.
Example GitHub Actions step validating and deploying flags (simplified):
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Validate feature flags schema
run: |
yamllint feature-flags.yml
./scripts/validate-flags.py feature-flags.yml
- name: Deploy feature flags to Management API
env:
FLAG_API_TOKEN: ${{ secrets.FLAG_API_TOKEN }}
run: |
./scripts/deploy-flags.sh feature-flags.yml
4. Automate feature flag toggling post-deployment
Leverage your feature flag SDK or API to enable/disable flags automatically based on deployment success or runtime metrics. This closes the loop for canary releases or gradual rollouts.
5. Secure environment-sensitive data
Never hard code secrets or sensitive configuration in your flag files or general config files. Use secret management integrated with your CI/CD provider (e.g. GitHub Secrets, GitLab Vault integration) and runtime secret injection.
Common pitfalls
- Flag debt: Flags left in code after their purpose is served, cluttering code and configs. Always create a removal plan.
- Config drift: Diverging config between environments without proper gating, causing ‘works in staging but not in production’ issues.
- Overcomplicated flag logic: Flags used for multiple unrelated behaviours complicate code paths.
- Manual config override: Changing config outside version control or CI pipeline reduces auditability.
- Lack of validation: Deploying broken YAML/JSON or invalid flag configurations that break the service startup.
Validation
Effective validation occurs at multiple points:
- Schema validation: Use JSON schema or YAML schema validators to ensure structure correctness.
- Semantic checks: Custom scripts to check logical correctness (e.g., rollout percentage within 0–100).
- Integration tests: Run automated tests that verify feature flag behaviour within deployment steps.
- Runtime monitoring: Monitor feature flag toggling effects, rollback if error rates spike.
Checklist / TL;DR
- Use feature flags for dynamic feature control; config as data for stable deployment settings.
- Version all flags and config in source control as structured files, ideally human-readable formats like YAML or JSON.
- Embed automatic validation and linting in your CI/CD pipeline before deployment.
- Integrate environment-specific overlays during pipeline execution rather than manual edits.
- Automate flag toggling post-deployment through your flag management API or SDK.
- Use secret management tools to handle sensitive configuration outside of public config files.
- Plan and enforce removal of feature flags to prevent technical debt.
- Monitor runtime impact of flag changes and enable swift rollback via automated pipelines.
References
- GitHub Actions Documentation — workflow automation and secrets
- GitLab CI/CD docs — pipeline configuration and secret management
- LaunchDarkly Feature Flags Concepts — industry-leading feature flag best practices
- HashiCorp on configuration as data — principles and tooling
- Open Source article: Feature flags: The who, what and why — practical engineering insights
- JSON Schema Specification — schema validation for config files