Skip to content

test(auth): use supabase cli where possible - docker for extra tests #1985

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mandarini wants to merge 1 commit into
base: master
Choose a base branch
from
Open

test(auth): use supabase cli where possible - docker for extra tests #1985

mandarini wants to merge 1 commit into from
+1,002 −401

Conversation

@mandarini
Copy link
Contributor

@mandarini mandarini commented Dec 24, 2025
edited
Loading

Summary

This PR migrates the auth-js test infrastructure from a multi-instance Docker Compose setup to a single Supabase CLI instance for the majority of tests, while preserving Docker-based tests for edge cases that require specific GoTrue configurations.

Motivation

The original auth-js test setup used Docker Compose to run 4 separate GoTrue instances with different configurations:

Port Configuration Use Case
9999 Signup enabled, autoconfirm OFF Email verification flows, SMS tests
9998 Signup enabled, autoconfirm ON Standard auth flows
9997 Signup disabled, autoconfirm OFF Signup disabled tests
9996 Signup enabled, asymmetric keys RS256 JWT verification

We have decided to move our test suites to use the supabase CLI wherever possible. It provides a simpler, faster alternative that covers the majority of test scenarios with a single instance.

Changes

New Test Structure

packages/core/auth-js/test/
├── lib/
│   └── clients.ts          # CLI clients only (simplified)
├── docker-tests/
│   ├── clients.ts          # Docker clients (self-contained)
│   ├── signup-disabled.test.ts
│   ├── asymmetric-jwt.test.ts
│   ├── phone-otp.test.ts
│   └── anonymous-disabled.test.ts
├── supabase/
│   └── config.toml         # Supabase CLI configuration
├── GoTrueClient.test.ts    # Main tests (CLI)
├── GoTrueApi.test.ts       # Admin API tests (CLI)
└── ...other test files

Test Distribution

Test Suite Runner Tests Description
test:auth Supabase CLI 331 Standard auth flows
test:docker Docker Compose 11 Edge cases requiring specific configs

Docker-Only Tests (11 total)

These tests require GoTrue configurations not possible with a single CLI instance:

  1. Signup Disabled (1 test)

    • Requires GOTRUE_DISABLE_SIGNUP=true

  2. Asymmetric JWT / RS256 (3 tests)

    • Requires GoTrue configured with RS256 signing keys
    • CLI uses HS256 by default

  3. Phone OTP / SMS (6 tests)

    • Requires Twilio SMS provider configuration
    • CLI does not include SMS provider setup

  4. Anonymous Sign-in Disabled (1 test)

    • Requires GOTRUE_EXTERNAL_ANONYMOUS_USERS_ENABLED=false

Targets/Scripts to run

Target Description
test:auth Full CLI test lifecycle (331 tests)
test:infra Start Supabase CLI instance
test:suite Run CLI tests only
test:docker Full Docker test lifecycle (11 tests)
test:docker:infra Start Docker containers
test:docker:suite Run Docker tests only 

### CI Configuration

The CI workflow runs both test suites in parallel:

```yaml
jobs:
  setup-build-test-node-20:
    # Runs test:auth (CLI tests) - 331 tests
    
  test-auth-js-docker:
    # Runs test:docker (Docker tests) - 11 tests

Supabase CLI Configuration

Key settings in test/supabase/config.toml:

[auth]
enable_anonymous_sign_ins = true

[auth.email]
enable_confirmations = false  # Autoconfirm ON

[auth.sms]
enable_signup = true
max_frequency = "1s"

[auth.sms.test_otp]
"1234567890" = "123456"

[auth.mfa.totp]
enroll_enabled = true
verify_enabled = true

[auth.mfa.phone]
enroll_enabled = true
verify_enabled = true

How to Test

Run CLI tests locally

npx nx test:auth auth-js

Run Docker tests locally

npx nx test:docker auth-js

Bug Fixes

This PR also fixes a pre-existing test bug:

  • fetchJwk tests leaking mocked fetch - The fetchJwk tests were overriding authWithSession['fetch'] with a mock but never restoring it. This caused subsequent tests (like signInAnonymously) to fail because they used the mocked fetch that returned JWKS data instead of auth responses. Fixed by adding beforeEach/afterEach to save and restore the original fetch.

@github-actions github-actions bot added the auth-js Related to the auth-js library. label Dec 24, 2025
@mandarini mandarini self-assigned this Dec 24, 2025
@mandarini mandarini force-pushed the test/supabase-cli-authjs branch from b9ad89a to 72ecfa2 Compare December 24, 2025 11:53
@mandarini mandarini changed the title test(auth): set up cache test(auth): use supabase cli where possible - docker for extra Dec 24, 2025
@mandarini mandarini changed the title test(auth): use supabase cli where possible - docker for extra test(auth): use supabase cli where possible - docker for extra tests Dec 24, 2025
@mandarini mandarini marked this pull request as ready for review December 24, 2025 13:27
@mandarini mandarini requested review from a team as code owners December 24, 2025 13:27
@mandarini mandarini force-pushed the test/supabase-cli-authjs branch from 059be8e to 8887523 Compare December 24, 2025 13:34
@pkg-pr-new
Copy link

pkg-pr-new bot commented Dec 24, 2025
edited
Loading

Open in StackBlitz

@supabase/auth-js

npm i https://pkg.pr.new/@supabase/auth-js@1985

@supabase/functions-js

npm i https://pkg.pr.new/@supabase/functions-js@1985

@supabase/postgrest-js

npm i https://pkg.pr.new/@supabase/postgrest-js@1985

@supabase/realtime-js

npm i https://pkg.pr.new/@supabase/realtime-js@1985

@supabase/storage-js

npm i https://pkg.pr.new/@supabase/storage-js@1985

@supabase/supabase-js

npm i https://pkg.pr.new/@supabase/supabase-js@1985

commit: 8887523

Base automatically changed from test/supabase-cli-postgrest to master December 24, 2025 13:42
@grdsdev grdsdev requested review from a team as code owners December 24, 2025 13:42
@mandarini mandarini force-pushed the test/supabase-cli-authjs branch 3 times, most recently from 3b3c85c to ef7b834 Compare December 24, 2025 13:49
@mandarini mandarini requested review from cemalkilic and hf December 24, 2025 13:51
@supabase supabase deleted a comment from coveralls Jan 7, 2026
@mandarini mandarini force-pushed the test/supabase-cli-authjs branch from ef7b834 to c68e3f9 Compare January 7, 2026 14:49
@mandarini mandarini requested a review from a team as a code owner January 7, 2026 14:58
@mandarini mandarini force-pushed the test/supabase-cli-authjs branch from 9d0d2c6 to c68e3f9 Compare January 7, 2026 15:11
@mandarini mandarini force-pushed the test/supabase-cli-authjs branch from c68e3f9 to 7dba452 Compare January 8, 2026 13:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hf hf Awaiting requested review from hf

@cemalkilic cemalkilic Awaiting requested review from cemalkilic

At least 1 approving review is required to merge this pull request.

Assignees

@mandarini mandarini

Labels

auth-js Related to the auth-js library.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mandarini