ci: Run flagsmith-private test suites inline on 0.8.0

[khvn26]

Thanks for submitting a PR! Please check the boxes below:

• I have read the Contributing Guide.
• I have added information to docs/ if required so people know about the feature.
• I have filled in the "Changes" section below.
• I have filled in the "How did you test this code" section below.

Changes

Contributes to Flagsmith/flagsmith-private#177.

Follows on from #7656, which consolidated rbac and workflows_logic into flagsmith-private and runs their suites inline via make test. This extends the same pattern to flagsmith-private 0.8.0, which also bundles auth_controller, so the private suites run inline against Core API again.

• Bump flagsmith-private to >=0.8.0. It now ships auth_controller, so drop the auth-controller extra and its git source; integrate-private-tests no longer clones flagsmith-auth-controller separately.
• integrate-private-tests pulls each app's tests (rbac, workflows_logic, auth_controller, saml unit + integration) from flagsmith-private at the installed wheel's tag and drops them under tests/ so they inherit Core API's tests/conftest and run inline with make test.
• .gitignore the cloned repo and the staged tests/*_tests directories.

scim and release_pipelines_logic are deliberately left out for now and continue to run in flagsmith-private's own CI:

• scim: its compliance tests require an SCIM_SERVICE_PROVIDER config (notably dropping the request-based BASE_LOCATION_GETTER) that directly conflicts with Core API's own tests/integration/scim tests, and django-scim2 reads that setting once at import — so both suites cannot share one pytest session.
• release_pipelines_logic: one test asserts a non-deterministic email ordering that only holds in isolation; it fails when collected alongside the full Core API suite.

Both gaps are tracked in Flagsmith/flagsmith-private#177.

How did you test this code?

Locally, against the Compose Postgres, with --extra dev --extra private installed:

1. make integrate-private-tests to stage the suites.

2. Ran the staged suites under Core API's pytest config (--ds=app.settings.test, --import-mode=importlib):

   uv run pytest tests/rbac_tests tests/workflow_tests tests/auth_controller_tests \
     tests/saml_integration_tests tests/saml_unit_tests
   

   Result: 343 passed.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

3 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
docs	Ignored	Preview	Jun 1, 2026 4:07pm
flagsmith-frontend-preview	Ignored	Preview	Jun 1, 2026 4:07pm
flagsmith-frontend-staging	Ignored	Preview	Jun 1, 2026 4:07pm

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.52%. Comparing base (1ee9b7b) to head (4a1db37).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #7665   +/-   ##
=======================================
  Coverage   98.52%   98.52%           
=======================================
  Files        1444     1444           
  Lines       55083    55087    +4     
=======================================
+ Hits        54273    54277    +4     
  Misses        810      810           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[matthewelwell]

Superseded by #7667