Merge pull request #3 from spuerta10/feat/ci-pipelines

Feat/ci pipelines

Author: spuerta10

.env.test

@@ -0,0 +1,10 @@
+# --- Postgres Config ---
+DB_HOST=postgres
+DB_PORT=5432
+DB_USER=test
+DB_PASSWORD=TEST # pragma: allowlist secret
+DB_NAME=event_access
+
+# --- Integration tests config ---
+POSTGRES_HOST=localhost
+BASE_URL=http://localhost:8000

.github/workflows/integration-tests.yml

@@ -0,0 +1,43 @@
+name: Run integration tests
+on:
+  workflow_call:
+    inputs:
+      deployment_env:
+        required: true
+        type: string
+        description: "Deployment environment (e.g., pr, staging, prod)"
+
+jobs:
+  run-integration-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+      
+      - name: Install dependencies
+        run: |
+          uv venv
+          uv pip install -r requirements.txt
+
+      - name: Load env vars from .env.test file
+        uses: xom9ikk/dotenv@v2
+        with:
+          path: . # project's root folder
+          mode: ${{ inputs.deployment_env == 'local' && 'test' || inputs.env_filename }} # .env.deployment_env
+        
+      - name: Start services (docker-compose)
+        if: ${{ inputs.deployment_env == 'local' }}
+        run: docker compose -f docker/docker-compose.yml up --build -d
+      
+      - name: Wait for pSQL to be ready
+        if: ${{ inputs.deployment_env == 'local' }}
+        run: sleep 30
+
+      - name: Execute base integration tests
+        run: uv run pytest tests/integration
+      
+      - name: Destroy Docker resources
+        if: ${{ inputs.deployment_env == 'local' }}
+        run: docker compose -f docker/docker-compose.yml down

.github/workflows/pr-validations.yml

@@ -12,3 +12,56 @@ jobs:
     uses: ./.github/workflows/static-code-analysis.yml
     with:
       coverage_artifact: true
+
+  #sonarqube-analysis:
+    #needs: static-code-analysis
+    #runs-on: ubuntu-latest
+    #steps:
+      #- uses: actions/checkout@v4
+
+      #- name: Download coverage report
+        #uses: actions/download-artifact@v4
+        #with:
+          #name: coverage-report
+          #path: coverage-artifacts  # cov artifacts will be on coverage-artifacts/ folder
+      
+      #- name: Run SonarQube Scan
+        #uses: SonarSource/sonarqube-scan-action@v5.0.0
+        #env:
+          #GITHUB_TOKEN: ${{  }}
+          #SONAR_TOKEN: ${{  }}
+        #with:
+          #args: >
+            #-Dsonar.python.coverage.reportPaths=coverage-artifacts/coverage.xml
+  
+  run-integration-tests:
+    needs: static-code-analysis  # TODO: need sonarqube
+    uses: ./.github/workflows/integration-tests.yml
+    with:
+      deployment_env: 'local'
+
+  build-and-push-register-ticket-api:
+    needs: run-integration-tests
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write # lets write Docker image to GHCR
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Log in Github container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      
+      - name: Build and push Docker image to GHCR
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: docker/Dockerfile.register-ticket-api
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/register-ticket-api:latest
+            ghcr.io/${{ github.repository_owner }}/register-ticket-api:${{ github.sha }}

.github/workflows/static-code-analysis.yml

@@ -27,9 +27,19 @@ jobs:
       
       - name: Run unit tests (with coverage report)
         if: ${{ inputs.coverage_artifact }}
-        run: uv run pytest --cov=./src --cov-report=xml --cov-report=term
+        run: uv run pytest tests/unit --cov=./src --cov-report=xml --cov-report=term
+
+      - name: Upload coverage report
+        uses: actions/upload-artifact@v4
+        if: ${{ inputs.coverage_artifact }}
+        with:
+          name: coverage-report
+          path:
+            coverage.xml
+            .coverage
+            htmlcov/
 
       - name: Run unit tests (console-only coverage)
         if: ${{ !inputs.coverage_artifact }}
-        run: uv run pytest --cov=./src --cov-report=term-missing
+        run: uv run pytest tests/unit --cov=./src --cov-report=term-missing
 

.gitignore

@@ -1,5 +1,5 @@
 __pycache__*
-*.env*
+*.env
 .mypy_cache/
 .pytest_cache/
 .ruff_cache/

.pre-commit-config.yaml

@@ -32,6 +32,8 @@ repos:
       - id: mypy
         args:
           - --config-file=.code_quality/mypy.ini
+        additional_dependencies:
+          - types-requests
 
   - repo: https://github.com/Yelp/detect-secrets
     rev: v1.5.0

docker/Dockerfile.register-ticket-api

@@ -2,7 +2,6 @@ FROM python:3.11-slim
 
 WORKDIR /app
 
-COPY .env .
 COPY requirements.txt .
 
 RUN pip install --no-cache-dir -r requirements.txt

docker/docker-compose.yml

@@ -19,6 +19,12 @@ services:
     build:
       context: .. # root folder
       dockerfile: docker/Dockerfile.register-ticket-api
+    environment:
+      DB_HOST: ${DB_HOST}
+      DB_PORT: ${DB_PORT}
+      DB_USER: ${DB_USER}
+      DB_PASSWORD: ${DB_PASSWORD}
+      DB_NAME: ${DB_NAME}
     ports:
       - "8000:8000"
     depends_on:

pytest.ini

@@ -1,5 +1,7 @@
 [pytest]
 pythonpath = src
-testpaths = tests
+testpaths = 
+    tests/unit
+    tests/integration
 # avoid marking each async test 
 asyncio_mode = auto 

requirements.txt

@@ -3,6 +3,7 @@ anyio==4.11.0
 asyncpg==0.30.0
 certifi==2025.8.3
 cfgv==3.4.0
+charset-normalizer==3.4.4
 click==8.3.0
 coverage==7.10.7
 distlib==0.4.0
@@ -21,6 +22,7 @@ packaging==25.0
 platformdirs==4.5.0
 pluggy==1.6.0
 pre-commit==4.3.0
+psycopg2-binary==2.9.11
 pydantic==2.11.9
 pydantic-core==2.33.2
 pydantic-settings==2.10.1
@@ -32,6 +34,7 @@ pytest-cov==7.0.0
 python-dateutil==2.9.0.post0
 python-dotenv==1.1.1
 pyyaml==6.0.3
+requests==2.32.5
 six==1.17.0
 sniffio==1.3.1
 starlette==0.48.0