diff --git a/.github/workflows/api-deploy-production-ecs.yml b/.github/workflows/api-deploy-production-ecs.yml index bccb331469f9..2415bc27e937 100644 --- a/.github/workflows/api-deploy-production-ecs.yml +++ b/.github/workflows/api-deploy-production-ecs.yml @@ -45,7 +45,7 @@ jobs: run: | echo "https://${{ secrets.GH_PRIVATE_ACCESS_TOKEN }}:@github.com" > ${HOME}/.git-credentials git config --global credential.helper store - make install-packages opts="--extra private --extra auth-controller" + make install-packages opts="--extra private" rm -rf ${HOME}/.git-credentials - name: Generate MCP schema diff --git a/.github/workflows/api-tests-with-private-packages.yml b/.github/workflows/api-tests-with-private-packages.yml index 411a8e3f19c4..b6412642c7d0 100644 --- a/.github/workflows/api-tests-with-private-packages.yml +++ b/.github/workflows/api-tests-with-private-packages.yml @@ -56,7 +56,7 @@ jobs: run: | echo "https://${{ secrets.GH_PRIVATE_ACCESS_TOKEN }}:@github.com" > ${HOME}/.git-credentials git config --global credential.helper store - make install-packages opts="--extra dev --extra private --extra auth-controller" + make install-packages opts="--extra dev --extra private" make integrate-private-tests rm -rf ${HOME}/.git-credentials diff --git a/Dockerfile b/Dockerfile index 2df6d730f75f..278100167c4a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -107,7 +107,7 @@ RUN --mount=type=cache,target=/root/.cache/uv \ FROM build-python AS build-python-private # Authenticate git with token and install private Python dependencies -ARG EXTRAS="--extra private --extra auth-controller --extra ldap --extra licensing" +ARG EXTRAS="--extra private" RUN --mount=type=secret,id=github_private_cloud_token \ --mount=type=secret,id=codeartifact_token \ --mount=type=cache,target=/root/.cache/uv \ @@ -176,7 +176,7 @@ RUN --mount=type=secret,id=codeartifact_token \ --mount=type=cache,target=/root/.cache/uv \ UV_INDEX_FLAGSMITH_PYPI_PRODUCTION_USERNAME=aws \ UV_INDEX_FLAGSMITH_PYPI_PRODUCTION_PASSWORD="$(cat /run/secrets/codeartifact_token)" \ - make install-packages opts='--extra dev --extra private --extra auth-controller --extra ldap --extra licensing' && \ + make install-packages opts='--extra dev --extra private' && \ make integrate-private-tests && \ git config --global --unset credential.helper && \ rm -f ${HOME}/.git-credentials diff --git a/api/.gitignore b/api/.gitignore index 3f3bcfe9255f..8e68b95c7df4 100644 --- a/api/.gitignore +++ b/api/.gitignore @@ -9,5 +9,15 @@ static/* saml/ features/workflows/logic/ +# flagsmith-private test suites integrated via `make integrate-private-tests` +/flagsmith-private/ +/tests/rbac_tests/ +/tests/workflow_tests/ +/tests/auth_controller_tests/ +/tests/saml_integration_tests/ +/tests/licensing_integration_tests/ +/tests/ldap_integration_tests/ +/tests/saml_unit_tests/ + # Unit test coverage .coverage diff --git a/api/Makefile b/api/Makefile index d07469bfbd9e..9b4ea41ed87e 100644 --- a/api/Makefile +++ b/api/Makefile @@ -149,16 +149,24 @@ generate-grafana-client-types: --wrap-string-literal \ --special-field-name-prefix= +# scim and release_pipelines_logic are deliberately not pulled here: scim's +# compliance tests need an SCIM_SERVICE_PROVIDER config that conflicts with Core +# API's own scim tests (django-scim2 caches it globally), and release_pipelines +# has an order-dependent assertion that only holds in isolation. Both run in +# flagsmith-private's own CI. +# TODO https://github.com/Flagsmith/flagsmith-private/issues/177 .PHONY: integrate-private-tests integrate-private-tests: $(eval FLAGSMITH_PRIVATE_REVISION := v$(shell uv run python -c 'import importlib.metadata; print(importlib.metadata.version("flagsmith-private"))')) - $(eval AUTH_CONTROLLER_REVISION := $(shell uv run python -c 'import tomllib; d=tomllib.load(open("pyproject.toml","rb")); s=d.get("tool",{}).get("uv",{}).get("sources",{}).get("auth-controller",{}); print(s.get("tag") or s.get("rev") or "")')) - - git clone https://github.com/Flagsmith/flagsmith-private --depth 1 --branch ${FLAGSMITH_PRIVATE_REVISION} \ - && mv ./flagsmith-private/integration_tests/rbac tests/rbac_tests \ - && mv ./flagsmith-private/integration_tests/workflows_logic tests/workflow_tests - git clone https://github.com/flagsmith/flagsmith-auth-controller --depth 1 --branch ${AUTH_CONTROLLER_REVISION} && mv ./flagsmith-auth-controller/tests tests/auth_controller_tests - rm -rf ./flagsmith-private ./flagsmith-auth-controller + git clone https://github.com/Flagsmith/flagsmith-private --depth 1 --branch ${FLAGSMITH_PRIVATE_REVISION} + mv ./flagsmith-private/integration_tests/rbac tests/rbac_tests + mv ./flagsmith-private/integration_tests/workflows_logic tests/workflow_tests + mv ./flagsmith-private/integration_tests/auth_controller tests/auth_controller_tests + mv ./flagsmith-private/integration_tests/saml tests/saml_integration_tests + mv ./flagsmith-private/integration_tests/licensing tests/licensing_integration_tests + mv ./flagsmith-private/integration_tests/flagsmith_ldap tests/ldap_integration_tests + mv ./flagsmith-private/unit_tests/saml tests/saml_unit_tests + rm -rf ./flagsmith-private .PHONY: generate-docs generate-docs: generate-flagsmith-sdk-openapi diff --git a/api/pyproject.toml b/api/pyproject.toml index 494c1d6ce182..6a128aa33bc6 100644 --- a/api/pyproject.toml +++ b/api/pyproject.toml @@ -94,20 +94,8 @@ dependencies = [ # without a PEP 517 `[build-system]` table, so setuptools fallback drops # them from the built wheel. We re-declare those transitive deps here so # the resolution matches what poetry produced on main. -auth-controller = [ - "auth-controller", - "django-multiselectfield>=1.0.1,<2", -] private = [ - "flagsmith-private>=0.7.0,<1", -] -ldap = [ - "flagsmith-ldap", - "django-python3-ldap>=0.15.6,<1", -] -licensing = [ - "licensing", - "cryptography>=44.0.1", + "flagsmith-private>=0.9.0,<1", ] dev = [ "django-test-migrations>=1.2.0,<2.0.0", @@ -174,9 +162,6 @@ url = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazon explicit = true [tool.uv.sources] -auth-controller = { git = "https://github.com/flagsmith/flagsmith-auth-controller", tag = "v0.2.0" } -flagsmith-ldap = { git = "https://github.com/flagsmith/flagsmith-ldap", tag = "v0.1.2" } -licensing = { git = "https://github.com/flagsmith/licensing", tag = "v0.3.0" } flagsmith-private = { index = "flagsmith-pypi-production" } clickhouse-driver = { git = "https://github.com/Flagsmith/clickhouse-driver", branch = "newjson" } diff --git a/api/uv.lock b/api/uv.lock index 33a443ae6a8c..9852d1fbbdf6 100644 --- a/api/uv.lock +++ b/api/uv.lock @@ -367,11 +367,6 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/f0/eb/fcb708c7bf5056045e9e98f62b93bd7467eb718b0202e7698eb11d66416c/attrs-23.1.0-py3-none-any.whl", hash = "sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04", size = 61160, upload-time = "2023-04-16T10:48:16.358Z" }, ] -[[package]] -name = "auth-controller" -version = "0.0.0" -source = { git = "https://github.com/flagsmith/flagsmith-auth-controller?tag=v0.2.0#b7fa1f42c333b443763548ea1fe0054f07cdf641" } - [[package]] name = "autopep8" version = "2.0.4" @@ -1473,10 +1468,6 @@ dependencies = [ ] [package.optional-dependencies] -auth-controller = [ - { name = "auth-controller" }, - { name = "django-multiselectfield" }, -] dev = [ { name = "autopep8" }, { name = "boto3-stubs" }, @@ -1518,14 +1509,6 @@ dev = [ { name = "types-pytz" }, { name = "types-requests" }, ] -ldap = [ - { name = "django-python3-ldap" }, - { name = "flagsmith-ldap" }, -] -licensing = [ - { name = "cryptography" }, - { name = "licensing" }, -] private = [ { name = "flagsmith-private" }, ] @@ -1534,7 +1517,6 @@ private = [ requires-dist = [ { name = "appdirs", specifier = ">=1.4.4,<1.5.0" }, { name = "asgiref", specifier = ">=3.8.1,<3.9.0" }, - { name = "auth-controller", marker = "extra == 'auth-controller'", git = "https://github.com/flagsmith/flagsmith-auth-controller?tag=v0.2.0" }, { name = "autopep8", marker = "extra == 'dev'", specifier = ">=2.0.1,<2.1.0" }, { name = "backoff", specifier = ">=2.2.1,<2.3.0" }, { name = "boto3", specifier = ">=1.35.95,<1.36.0" }, @@ -1542,7 +1524,6 @@ requires-dist = [ { name = "chargebee", specifier = ">=3.10.0,<4.0.0" }, { name = "clickhouse-driver", git = "https://github.com/Flagsmith/clickhouse-driver?branch=newjson" }, { name = "coreapi", specifier = ">=2.3.3,<2.4.0" }, - { name = "cryptography", marker = "extra == 'licensing'", specifier = ">=44.0.1" }, { name = "datamodel-code-generator", marker = "extra == 'dev'", specifier = ">=0.25,<0.26.0" }, { name = "diff-cover", marker = "extra == 'dev'", specifier = ">=10.1.0,<11.0.0" }, { name = "dj-database-url", specifier = ">=3.0.1,<3.1.0" }, @@ -1558,10 +1539,8 @@ requires-dist = [ { name = "django-filter", specifier = ">=2.4.0,<2.5.0" }, { name = "django-health-check", specifier = ">=3.18.2,<3.19.0" }, { name = "django-lifecycle", specifier = ">=1.2.4,<1.3.0" }, - { name = "django-multiselectfield", marker = "extra == 'auth-controller'", specifier = ">=1.0.1,<2" }, { name = "django-oauth-toolkit", specifier = ">=3.0.1,<4.0.0" }, { name = "django-ordered-model", specifier = ">=3.4.1,<3.5.0" }, - { name = "django-python3-ldap", marker = "extra == 'ldap'", specifier = ">=0.15.6,<1" }, { name = "django-redis", specifier = ">=5.4.0,<6.0.0" }, { name = "django-ses", specifier = ">=3.5.0,<3.6.0" }, { name = "django-simple-history", specifier = ">=2.12.0,<2.13.0" }, @@ -1585,8 +1564,7 @@ requires-dist = [ { name = "flagsmith-common", extras = ["common-core", "flagsmith-schemas", "task-processor"], specifier = ">=3.9.1,<4" }, { name = "flagsmith-common", extras = ["test-tools"], marker = "extra == 'dev'" }, { name = "flagsmith-flag-engine", specifier = ">=10.1.0,<11.0.0" }, - { name = "flagsmith-ldap", marker = "extra == 'ldap'", git = "https://github.com/flagsmith/flagsmith-ldap?tag=v0.1.2" }, - { name = "flagsmith-private", marker = "extra == 'private'", specifier = ">=0.7.0,<1", index = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/" }, + { name = "flagsmith-private", marker = "extra == 'private'", specifier = ">=0.9.0,<1", index = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/" }, { name = "flagsmith-sql-flag-engine", specifier = ">=0.1.0,<0.2.0" }, { name = "google-api-python-client", specifier = ">=1.12.5,<1.13.0" }, { name = "google-re2", specifier = ">=1.0,<2.0.0" }, @@ -1594,7 +1572,6 @@ requires-dist = [ { name = "hubspot-api-client", specifier = ">=12.0.0,<13.0.0" }, { name = "influxdb-client", specifier = ">=1.50.0,<1.51.0" }, { name = "ipython", marker = "extra == 'dev'", specifier = ">=9.10.0,<10.0.0" }, - { name = "licensing", marker = "extra == 'licensing'", git = "https://github.com/flagsmith/licensing?tag=v0.3.0" }, { name = "moto", marker = "extra == 'dev'", specifier = ">=4.1.3,<4.2.0" }, { name = "mypy", marker = "extra == 'dev'", specifier = ">=1.15.0,<2.0.0" }, { name = "mypy-boto3-dynamodb", marker = "extra == 'dev'", specifier = ">=1.33.0,<2.0.0" }, @@ -1650,7 +1627,7 @@ requires-dist = [ { name = "tzdata", specifier = ">=2024.1,<2025.0.0" }, { name = "whitenoise", specifier = ">=6.0.0,<6.1.0" }, ] -provides-extras = ["auth-controller", "private", "ldap", "licensing", "dev"] +provides-extras = ["private", "dev"] [[package]] name = "flagsmith-common" @@ -1718,23 +1695,21 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/cd/55/cfc11f6bd20209c1b77e8449c01d369d12a87d38c3ac064e3742d1a53389/flagsmith_flag_engine-10.1.0-py3-none-any.whl", hash = "sha256:767dcf2f32586948eaa7816b5cbdae272d76d89e30c4642cbd74894c89a2d469", size = 14181, upload-time = "2026-05-06T08:26:06.131Z" }, ] -[[package]] -name = "flagsmith-ldap" -version = "0.0.0" -source = { git = "https://github.com/flagsmith/flagsmith-ldap?tag=v0.1.2#2456465164f39c8ec77c28a029f72119a93c6776" } - [[package]] name = "flagsmith-private" -version = "0.7.0" +version = "0.9.0" source = { registry = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/" } dependencies = [ + { name = "cryptography" }, + { name = "django-multiselectfield" }, + { name = "django-python3-ldap" }, { name = "django-scim2" }, { name = "pysaml2" }, { name = "scim2-filter-parser" }, ] -sdist = { url = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/flagsmith-private/0.7.0/flagsmith_private-0.7.0.tar.gz", hash = "sha256:5fc8cab32e51cf0ff8fa6205124128c6182433731934f5df60f3889d98df7b71" } +sdist = { url = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/flagsmith-private/0.9.0/flagsmith_private-0.9.0.tar.gz", hash = "sha256:fc7b11ff24205f07e8eca8debbbf71807ec1da456a2572df4ec6815a4cce8ade" } wheels = [ - { url = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/flagsmith-private/0.7.0/flagsmith_private-0.7.0-py3-none-any.whl", hash = "sha256:370bebed2bc28f857acbaf4c1080fcd377b202ad8839ca5daceedce53948351a" }, + { url = "https://flagsmith-production-084060095745.d.codeartifact.eu-west-2.amazonaws.com/pypi/flagsmith-pypi-production/simple/flagsmith-private/0.9.0/flagsmith_private-0.9.0-py3-none-any.whl", hash = "sha256:6e3fa41790af07cc3296cd45c498e73c35f5b8645a59679627e8287717dcdc95" }, ] [[package]] @@ -2230,11 +2205,6 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/4e/f6/71d6ec9f18da0b2201287ce9db6afb1a1f637dedb3f0703409558981c723/ldap3-2.9.1-py2.py3-none-any.whl", hash = "sha256:5869596fc4948797020d3f03b7939da938778a0f9e2009f7a072ccf92b8e8d70", size = 432192, upload-time = "2021-07-18T06:34:12.905Z" }, ] -[[package]] -name = "licensing" -version = "0.0.0" -source = { git = "https://github.com/flagsmith/licensing?tag=v0.3.0#d38953cd93cb99eab7fd92a0467d8bfcccc4cf96" } - [[package]] name = "markupsafe" version = "2.1.3"