Merge branch 'dev' into promptless/document-jwt-restricted-claims

Author: madster456

.github/workflows/db-migration-backwards-compatibility.yaml

@@ -215,7 +215,7 @@ jobs:
         run: pnpm test
 
       - name: Verify data integrity
-        run: pnpm run verify-data-integrity
+        run: pnpm run verify-data-integrity --no-bail
 
       - name: Print Docker Compose logs
         if: always()

.github/workflows/docker-server-build-run.yaml

@@ -22,6 +22,13 @@ jobs:
           docker run -d --name db -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=password -e POSTGRES_DB=stackframe -p 8128:5432 postgres:latest
           sleep 5
           docker logs db
+      
+      - name: Setup clickhouse
+        run: |
+          docker run -d --name clickhouse -e CLICKHOUSE_DB=analytics -e CLICKHOUSE_USER=stackframe -e CLICKHOUSE_PASSWORD=password -e CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT=1 -p 8133:8123 clickhouse/clickhouse-server:25.10
+          sleep 5
+          docker logs clickhouse
+
 
       - name: Build Docker image
         run: docker build -f docker/server/Dockerfile -t server .

.github/workflows/e2e-api-tests.yaml

@@ -156,7 +156,7 @@ jobs:
         run: pnpm test ${{ matrix.freestyle-mode == 'prod' && '--min-workers=1 --max-workers=1' || '' }}
 
       - name: Verify data integrity
-        run: pnpm run verify-data-integrity
+        run: pnpm run verify-data-integrity --no-bail
 
       - name: Print Docker Compose logs
         if: always()

.github/workflows/e2e-custom-base-port-api-tests.yaml

@@ -150,7 +150,7 @@ jobs:
         run: pnpm test
 
       - name: Verify data integrity
-        run: pnpm run verify-data-integrity
+        run: pnpm run verify-data-integrity --no-bail
 
       - name: Print Docker Compose logs
         if: always()

.github/workflows/e2e-source-of-truth-api-tests.yaml

@@ -156,7 +156,7 @@ jobs:
         run: pnpm test
 
       - name: Verify data integrity
-        run: pnpm run verify-data-integrity
+        run: pnpm run verify-data-integrity --no-bail
 
       - name: Print Docker Compose logs
         if: always()

.github/workflows/restart-dev-and-test-with-custom-base-port.yaml

@@ -16,7 +16,7 @@ env:
 
 jobs:
   restart-dev-and-test-with-custom-base-port:
-    runs-on: ubicloud-standard-8
+    runs-on: ubicloud-standard-16
     env:
       NEXT_PUBLIC_STACK_PORT_PREFIX: "69"
 

.github/workflows/restart-dev-and-test.yaml

@@ -16,7 +16,7 @@ env:
 
 jobs:
   restart-dev-and-test:
-    runs-on: ubicloud-standard-8
+    runs-on: ubicloud-standard-16
 
     steps:
       - uses: actions/checkout@v6

.github/workflows/setup-tests-with-custom-base-port.yaml

@@ -16,7 +16,7 @@ env:
 
 jobs:
   setup-tests-with-custom-base-port:
-    runs-on: ubicloud-standard-8
+    runs-on: ubicloud-standard-16
     env:
       NEXT_PUBLIC_STACK_PORT_PREFIX: "69"
 

.github/workflows/setup-tests.yaml

@@ -16,7 +16,7 @@ env:
 
 jobs:
   setup-tests:
-    runs-on: ubicloud-standard-8
+    runs-on: ubicloud-standard-16
     steps:
       - uses: actions/checkout@v6
 

.github/workflows/swift-sdk-publish.yaml

@@ -0,0 +1,100 @@
+name: Publish Swift SDK to prerelease repo
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'sdks/implementations/swift/**'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false  # Don't cancel publishing in progress
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout source repo
+        uses: actions/checkout@v4
+        with:
+          path: source
+
+      - name: Read version from package.json
+        id: version
+        run: |
+          VERSION=$(jq -r '.version' source/sdks/implementations/swift/package.json)
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+          echo "Swift SDK version: $VERSION"
+
+      - name: Check if tag already exists in target repo
+        id: check-tag
+        run: |
+          TAG="v${{ steps.version.outputs.version }}"
+          echo "Checking if tag $TAG exists in stack-auth/swift-sdk-prerelease..."
+          
+          # Use the GitHub API to check if the tag exists
+          HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" \
+            -H "Authorization: Bearer ${{ secrets.SWIFT_SDK_PUBLISH_TOKEN }}" \
+            -H "Accept: application/vnd.github+json" \
+            "https://api.github.com/repos/stack-auth/swift-sdk-prerelease/git/refs/tags/$TAG")
+          
+          if [ "$HTTP_STATUS" = "200" ]; then
+            echo "Tag $TAG already exists, skipping publish"
+            echo "exists=true" >> $GITHUB_OUTPUT
+          else
+            echo "Tag $TAG does not exist, will publish"
+            echo "exists=false" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Clone target repo
+        if: steps.check-tag.outputs.exists == 'false'
+        run: |
+          git clone https://x-access-token:${{ secrets.SWIFT_SDK_PUBLISH_TOKEN }}@github.com/stack-auth/swift-sdk-prerelease.git target
+
+      - name: Copy Swift SDK to target repo
+        if: steps.check-tag.outputs.exists == 'false'
+        run: |
+          # Remove all files except .git from target
+          cd target
+          find . -maxdepth 1 -not -name '.git' -not -name '.' -exec rm -rf {} +
+          cd ..
+          
+          # Copy everything from Swift SDK
+          cp -r source/sdks/implementations/swift/* target/
+          cp source/sdks/implementations/swift/.gitignore target/ 2>/dev/null || true
+          
+          # Remove package.json (it's only for turborepo integration, not part of the Swift package)
+          rm -f target/package.json
+
+      - name: Commit and push to target repo
+        if: steps.check-tag.outputs.exists == 'false'
+        run: |
+          cd target
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git config user.name "github-actions[bot]"
+          
+          git add -A
+          
+          # Check if there are changes to commit
+          if git diff --staged --quiet; then
+            echo "No changes to commit"
+          else
+            git commit -m "Release v${{ steps.version.outputs.version }}"
+          fi
+          
+          # Create and push tag
+          TAG="v${{ steps.version.outputs.version }}"
+          git tag "$TAG"
+          git push origin main --tags
+          
+          echo "Successfully published Swift SDK v${{ steps.version.outputs.version }}"
+
+      - name: Summary
+        run: |
+          if [ "${{ steps.check-tag.outputs.exists }}" = "true" ]; then
+            echo "::notice::Skipped publishing - tag v${{ steps.version.outputs.version }} already exists"
+          else
+            echo "::notice::Published Swift SDK v${{ steps.version.outputs.version }} to stack-auth/swift-sdk-prerelease"
+          fi