[FFL-1720] Evaluation Logging: Aggregation Engine & Test Utilities

[typotter]

🥞 Evaluation Logging Stacked Pull Requests 🥞

🔲 Integration & Configuration (PR #3147)
🔲 Storage & Network Infrastructure (PR #3146)
👉 Aggregation Engine & Test Utilities (this PR)
☑️ FlagEvaluation Schema (PR #3166)
☑️ Event Schema & Data Models (PR #3144)
☑️ Evaluations Subfeature (PR #3159)
⎿ feature/flags-evaluations-logging (feature branch)

Datadog Internal
🎟️ Ticket: FFL-1720 - Implement Evaluation Logging for Android SDK

What does this PR do?

Implements the core evaluations aggregation engine that groups feature flag evaluations by key characteristics and manages periodic flushing from memory to persistent storage (via StorageBackedFeature/EvaluationsFeature).

The EvaluationEventProcessor manages concurrent access and mutation of AggregationStats instances in memory. Each Stats object is given an AggregationKey - a composite key made of the set of identifiers across the evaluation (targetingKey, variationKey, etc.) and SDK context (rum View ID). This ensures proper evaluation counting under the "same" circumstances.

The processor also manages the periodic and size-based triggers for flushing the in-memory aggregations to persistent storage.

Motivation

We need to implement Evaluation Logging to provide comprehensive visibility into all feature flag evaluations, including defaults, errors, and successful matches. This goes beyond exposure logging by capturing aggregated metrics about evaluation frequency, error rates, and runtime default usage across all flags.

Description

This PR adds the core business logic for evaluation logging:

Implementation:

• AggregationKey: Defines how evaluations are grouped (by flag, variant, allocation, targeting key, and error code)
• AggregationStats: Tracks count, first/last timestamps, and last error message for each aggregation
• EvaluationEventsProcessor: Orchestrates aggregation, manages flush triggers (time-based, size-based, shutdown)
• EvaluationEventWriter: Interface for persisting evaluation events (implementation in PR [FFL-1720] Evaluation Logging: Storage & Network Infrastructure #3146)

Additional Notes

Review checklist (to be filled by reviewers)

• Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
• Make sure you discussed the feature or bugfix with the maintaining team in an Issue
• Make sure each commit and the PR mention the Issue number (cf the CONTRIBUTING doc)

[typotter]

• [FFL-1720] Evaluation Logging: Integration #3147
• [FFL-1720] Evaluation Logging: Storage & Network Infrastructure #3146
• [FFL-1720] Evaluation Logging: Aggregation Engine & Test Utilities #3145 👈 (View in Graphite)
• [FFL-1720] Evaluation Logging: Event Schema & Data Models #3144
• feature/flags-evaluations-logging

This stack of pull requests is managed by Graphite. Learn more about stacking.

[dd-oleksii]

minor: this piece is confusing. These fields are volatile, so torn read is not possible. Otherwise, this class is not designed to handle concurrent calls to recordEvaluation and toEvaluationEvent as that may leave some events uncounted.

[typotter]

perhaps this is being overly defensive. Because of the CAS of the map of aggregation stats for flushing, _no other thread should be calling toEvaluationEvent or recordEvaluation on this AggregationStats instance.

Without this synchronized, recordEvaluation could change the computed values while we're getting them for constructing the FlagEvaluation

[typotter]

With the synchronized CAS snapshotting the aggregationMap for flushing, this method should be protected from another thread calling recordEvaluation which could change the values as they're being grabbed for the FlagEvaluation constructor
Is this too defensive?

[codecov-commenter]

Codecov Report

❌ Patch coverage is 97.18310% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 70.99%. Comparing base (986afe7) to head (2c13aff).

Files with missing lines	Patch %	Lines
...flags/internal/aggregation/EvaluationAggregator.kt	93.55%	0 Missing and 2 partials ⚠️
...ndroid/flags/internal/EvaluationEventsProcessor.kt	98.25%	1 Missing ⚠️
...oid/flags/internal/aggregation/AggregationStats.kt	97.92%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@                          Coverage Diff                          @@
##           feature/flags-evaluations-logging    #3145      +/-   ##
=====================================================================
+ Coverage                              70.81%   70.99%   +0.18%     
=====================================================================
  Files                                    901      905       +4     
  Lines                                  33172    33314     +142     
  Branches                                5596     5618      +22     
=====================================================================
+ Hits                                   23489    23648     +159     
+ Misses                                  8118     8106      -12     
+ Partials                                1565     1560       -5     

Files with missing lines	Coverage Δ
...droid/flags/internal/aggregation/AggregationKey.kt	100.00% <100.00%> (ø)
...ndroid/flags/internal/EvaluationEventsProcessor.kt	98.25% <98.25%> (ø)
...oid/flags/internal/aggregation/AggregationStats.kt	97.92% <97.92%> (ø)
...flags/internal/aggregation/EvaluationAggregator.kt	93.55% <93.55%> (ø)

... and 35 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[typotter]

Thanks Oleksii, as always for your 👀 . ptal

[dd-oleksii]

nit: view name is duplicated in aggregation key. do we need it here?

[typotter]

fixed

[dd-oleksii]

minor: the condition I would use here is aggregationKey.variantKey == null. Reasons are somewhat less reliable and it's valid to return runtime default with reasons besides "default" or "error"

[typotter]

good idea. fixed

[dd-oleksii]

minor: if there are many threads recording evaluations, it's still possible to flush too frequently:

1. Thread A records an event, shouldFlush is true
2. Thread B records an event, shouldFlush is true
3. Thread A flushes all events, aggregation map is now empty
4. Thread C records an event, shouldFlush is false
5. Thread B tries to flush, flushes a single event (written by C)

Note in my previous message, the size limit is re-checked after acquiring a write lock and holding it through to the flush.

Two ways we can implement this in the current structure: either add a parameter to flush() for it to do an extra check and only flush if the size exceeds the limit. Alternatively, we can make aggregator.record() return drained records instead of a flag—then we can keep this synchronization entirely inside aggregator.

[typotter]

return drained records instead of a flag—then we can keep this synchronization entirely inside aggregator.

Interesting approach

[dd-oleksii]

yeah, the only downside is that it doesn't cancel scheduled flush holding the same lock, so it's possible for:

1. Thread A calls aggregator.record() which triggers size limit and drains records
2. Thread B writes more records
3. Thread C — scheduled flush triggers
4. Thread A flushes returned records
5. Thread C continues with scheduled flush and writes just a few records

This is probably less severe than the previous situation with extra flushes due to size limit because there's at most one scheduled flush whereas the number of threads producing evaluations can be much higher.

[typotter]

agreed

[dd-oleksii]

minor: this mapping is best done outside of write lock

[dd-oleksii]

re-schedule periodic flush here? (don't forget flushMutex, so we don't schedule multiple futures simultaneously)

[0xnm]

nit: as I noted in another review, maybe it can be just write, especially if we don't expect another methods in this interface

[0xnm]

Is there specific reason why targetingKey has no default value as other nullable properties of this class?

Should this property be nullable?

[dd-oleksii]

It must be nullable because the user might not pass the targeting key. But null is not a good default value per se as that might hide issues/bugs.

I would suggest removing default values from the rest of the properties. If they are null, it's better to pass that explicitly

[0xnm]

It seems that aggregation logic can be done on the backend side, is there a reason we do this on the client side? Seems like doing it on the client side adds some complexity.

Or is it because otherwise we have to send too many events to the intake?

[dd-oleksii]

Yep, the client-side aggregation is to reduce network usage. Flag evaluations can be on the hot path in users' code, and would generate tons of events without aggregation.

[0xnm]

this can be simpler:

val toDrain = aggregationMap.toMap()
aggregationMap.clear()

and then aggregationMap can be simply val without @Volatile

[0xnm]

although aggregationMap.putIfAbsent below is a write operation

[0xnm]

note:

* Bear in mind that the results of aggregate status methods including
 * {@code size}, {@code isEmpty}, and {@code containsValue} are typically
 * useful only when a map is not undergoing concurrent updates in other threads.

but probably it is fine is .size call is off by a bit

[0xnm]

I think this can be done simpler, without mutability and synchronisation primitives.

AggregationStats can be just a data class, meaning when update is needed .copy method is called at the usage side.

[0xnm]

Generally speaking View URL != View Name. Is there a mistake here?

[0xnm]

if we guard concurrent access to this class from the processor side, why do we need another guard here?