mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-13 21:01:21 +08:00
bb277d33c9
- Added support for `@opentelemetry/sdk-node` in the backend. - Updated various dependencies including AWS SDK and OpenTelemetry packages. - Implemented graceful shutdown handling for non-Vercel runtimes in `prisma-client.tsx`. - Enhanced AWS credentials retrieval to support GCP Workload Identity Federation. - Introduced a Dockerfile for Cloud Run deployment, optimizing the backend build process. - Updated `.gitignore` to include Terraform runtime files and secrets. This commit improves the backend's observability and deployment flexibility, particularly for Cloud Run environments. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * OpenTelemetry observability with dynamic provider selection per deployment. * Cloud Run trusted-proxy support for accurate client IP handling. * Graceful shutdown that waits for in-flight background work. * New background-task handling to improve async webhook/email delivery reliability. * AWS credential providers added (Vercel OIDC & GCP Workload Identity Federation). * Dockerized backend image for Cloud Run / self-host deployments. * **Chores** * Updated dependencies for OpenTelemetry and AWS SDK support. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
96 lines
3.2 KiB
TypeScript
96 lines
3.2 KiB
TypeScript
import { StackAdminApp, StackClientApp, StackServerApp } from "@stackframe/js";
|
|
import { throwErr } from "@stackframe/stack-shared/dist/utils/errors";
|
|
import { isUuid } from "@stackframe/stack-shared/dist/utils/uuids";
|
|
import { STACK_BACKEND_BASE_URL, it } from "../helpers";
|
|
import { scaffoldProject } from "./js-helpers";
|
|
|
|
// When STACK_TEST_SDK_FALLBACK is set, omit explicit baseUrl so the SDK resolves
|
|
// from NEXT_PUBLIC_STACK_API_URL and exercises its fallback logic
|
|
const sdkBaseUrl = process.env.STACK_TEST_SDK_FALLBACK ? undefined : STACK_BACKEND_BASE_URL;
|
|
|
|
it("StackServerApp can inherit configuration from StackClientApp", async ({ expect }) => {
|
|
const { project, adminUser } = await scaffoldProject();
|
|
const adminApp = new StackAdminApp({
|
|
projectId: project.id,
|
|
baseUrl: sdkBaseUrl,
|
|
projectOwnerSession: adminUser._internalSession,
|
|
tokenStore: "memory",
|
|
redirectMethod: "none",
|
|
});
|
|
|
|
const key = await adminApp.createInternalApiKey({
|
|
description: "inheritance test key",
|
|
expiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
|
|
hasPublishableClientKey: true,
|
|
hasSecretServerKey: true,
|
|
hasSuperSecretAdminKey: true,
|
|
});
|
|
|
|
const clientApp = new StackClientApp({
|
|
baseUrl: sdkBaseUrl,
|
|
projectId: project.id,
|
|
publishableClientKey: key.publishableClientKey,
|
|
tokenStore: "memory",
|
|
redirectMethod: "none",
|
|
});
|
|
|
|
const serverApp = new StackServerApp({
|
|
inheritsFrom: clientApp,
|
|
secretServerKey: key.secretServerKey,
|
|
tokenStore: "memory",
|
|
});
|
|
|
|
const createdUser = await serverApp.createUser({
|
|
primaryEmail: `${crypto.randomUUID()}@inheritance-test.example.com`,
|
|
password: "password",
|
|
primaryEmailAuthEnabled: true,
|
|
});
|
|
|
|
expect(isUuid(createdUser.id)).toBe(true);
|
|
const fetchedUser = await serverApp.getUser(createdUser.id);
|
|
expect(fetchedUser?.id).toBe(createdUser.id);
|
|
});
|
|
|
|
it("StackAdminApp can inherit configuration from StackServerApp", async ({ expect }) => {
|
|
const { project, adminUser } = await scaffoldProject();
|
|
const adminApp = new StackAdminApp({
|
|
projectId: project.id,
|
|
baseUrl: sdkBaseUrl,
|
|
projectOwnerSession: adminUser._internalSession,
|
|
tokenStore: "memory",
|
|
redirectMethod: "none",
|
|
});
|
|
|
|
const key = await adminApp.createInternalApiKey({
|
|
description: "admin inheritance key",
|
|
expiresAt: new Date(Date.now() + 1000 * 60 * 60 * 24),
|
|
hasPublishableClientKey: true,
|
|
hasSecretServerKey: true,
|
|
hasSuperSecretAdminKey: true,
|
|
});
|
|
|
|
const clientApp = new StackClientApp({
|
|
baseUrl: sdkBaseUrl,
|
|
projectId: project.id,
|
|
publishableClientKey: key.publishableClientKey,
|
|
tokenStore: "memory",
|
|
redirectMethod: "none",
|
|
});
|
|
|
|
const serverApp = new StackServerApp({
|
|
inheritsFrom: clientApp,
|
|
secretServerKey: key.secretServerKey ?? throwErr("secret server key missing"),
|
|
tokenStore: "memory",
|
|
});
|
|
|
|
const adminInherited = new StackAdminApp({
|
|
inheritsFrom: serverApp,
|
|
superSecretAdminKey: key.superSecretAdminKey ?? throwErr("super secret admin key missing"),
|
|
tokenStore: "memory",
|
|
});
|
|
|
|
const keys = await adminInherited.listInternalApiKeys();
|
|
expect(Array.isArray(keys)).toBe(true);
|
|
expect(adminInherited.projectId).toBe(project.id);
|
|
});
|