fix(tests): finally fixed the test DB deployment :}

fix(tests): fixed testing DB deployment v9 :O
fix(tests): fixed testing DB deployment v8 :D
2026-03-22 06:57:47 +01:00 · 2025-10-29 20:04:50 +01:00 · 2025-10-29 20:01:21 +01:00 · 2025-10-29 19:57:20 +01:00 · 2025-10-29 19:53:26 +01:00 · 2025-10-29 19:45:08 +01:00
16 changed files with 117 additions and 159 deletions
--- a/.github/workflows/deploy-pr.yaml
+++ b/.github/workflows/deploy-pr.yaml
@@ -12,25 +12,7 @@ jobs:
  test:
    name: Run Python Tests
    if: github.event.action != 'closed'
-    runs-on: ubuntu-latest
+    uses: ./.github/workflows/run-tests.yml
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Set up Python 3.11
        uses: actions/setup-python@v5
        with:
          python-version: '3.11'
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt
      - name: Run tests with pytest
        run: pytest
        working-directory: ./7project/backend
  build:
    if: github.event.action != 'closed'
@@ -118,7 +100,8 @@ jobs:
            --set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
            --set image.digest="$DIGEST" \
            --set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
-            --set-string database.password="$DB_PASSWORD"
+            --set-string database.password="$DB_PASSWORD" \
            --set-string database.encryptionSecret="$PR"
      - name: Post preview URLs as PR comment
        uses: actions/github-script@v7
--- a/.github/workflows/deploy-prod.yaml
+++ b/.github/workflows/deploy-prod.yaml
@@ -23,26 +23,7 @@ concurrency:
 jobs:
  test:
    name: Run Python Tests
-    if: github.event.action != 'closed'
+    uses: ./.github/workflows/run-tests.yml
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: Set up Python 3.11
        uses: actions/setup-python@v5
        with:
          python-version: '3.11'
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt
      - name: Run tests with pytest
        run: pytest
        working-directory: ./7project/backend
  build:
    name: Build and push image (reusable)
@@ -129,4 +110,5 @@ jobs:
            --set-string oauth.mojeid.clientSecret="$MOJEID_CLIENT_SECRET" \
            --set-string oauth.csas.clientId="$CSAS_CLIENT_ID" \
            --set-string oauth.csas.clientSecret="$CSAS_CLIENT_SECRET" \
-            --set-string sentry_dsn="$SENTRY_DSN" \
+            --set-string sentry_dsn="$SENTRY_DSN" \
            --set-string database.encryptionSecret="${{ secrets.PROD_DB_ENCRYPTION_KEY }}"
--- a/.github/workflows/run-tests.yml
+++ b/.github/workflows/run-tests.yml
@@ -2,54 +2,60 @@ name: Run Python Tests
 permissions:
  contents: read
 # -----------------
 # --- Triggers ----
 # -----------------
 # This section defines when the workflow will run.
 on:
-  # Run on every push to the 'main' branch
+  workflow_call:
  push:
    branches: [ "main", "30-create-tests-and-set-up-a-github-pipeline" ]
  # Also run on every pull request that targets the 'main' branch
  pull_request:
    branches: [ "main" ]
 # -----------------
 # ------ Jobs -----
 # -----------------
 # A workflow is made up of one or more jobs that can run in parallel or sequentially.
 jobs:
  # A descriptive name for your job
  build-and-test:
    # Specifies the virtual machine to run the job on. 'ubuntu-latest' is a common and cost-effective choice.
    runs-on: ubuntu-latest
-    # -----------------
+    services:
-    # ----- Steps -----
+      mariadb:
-    # -----------------
+        image: mariadb:11.4
-    # A sequence of tasks that will be executed as part of the job.
+        env:
          MARIADB_ROOT_PASSWORD: rootpw
          MARIADB_DATABASE: group_project
          MARIADB_USER: appuser
          MARIADB_PASSWORD: apppass
        ports:
          - 3306:3306
        options: >-
          --health-cmd="mariadb-admin ping -h 127.0.0.1 -u root -prootpw --silent"
          --health-interval=5s
          --health-timeout=2s
          --health-retries=20
    env:
      MARIADB_HOST: 127.0.0.1
      MARIADB_PORT: "3306"
      MARIADB_DB: group_project
      MARIADB_USER: appuser
      MARIADB_PASSWORD: apppass
    steps:
      # Step 1: Check out your repository's code
      # This action allows the workflow to access your code.
      - name: Check out repository code
        uses: actions/checkout@v4
      # Step 2: Set up the Python environment
      # This action installs a specific version of Python on the runner.
      - name: Set up Python 3.11
        uses: actions/setup-python@v5
        with:
-          python-version: '3.11' # Use the Python version that matches your project
+          python-version: '3.11'
      - name: Add test dependencies to requirements
        run: |
          echo "pytest==8.4.2" >> ./7project/backend/requirements.txt
          echo "pytest-asyncio==1.2.0" >> ./7project/backend/requirements.txt
      # Step 3: Install project dependencies
      # Runs shell commands to install the libraries listed in your requirements.txt.
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
-          pip install -r requirements.txt
+          pip install -r ./7project/backend/requirements.txt
-      
+
-      # Step 4: Run your tests!
+      - name: Run Alembic migrations
-      # Executes the pytest command to run your test suite.
+        run: |
          alembic upgrade head
        working-directory: ./7project/backend
      - name: Run tests with pytest
        run: pytest
        working-directory: ./7project/backend
--- a/7project/backend/alembic/env.py
+++ b/7project/backend/alembic/env.py
@@ -25,7 +25,8 @@ if not DATABASE_URL:
 SYNC_DATABASE_URL = DATABASE_URL.replace("+asyncmy", "+pymysql")
-ssl_enabled = os.getenv("MARIADB_HOST", "localhost") != "localhost"
+host_env = os.getenv("MARIADB_HOST", "localhost")
 ssl_enabled = host_env not in {"localhost", "127.0.0.1"}
 connect_args = {"ssl": {"ssl": True}} if ssl_enabled else {}
 def run_migrations_offline() -> None:
--- a/7project/backend/alembic/versions/2025_10_29_1326-46b9e702e83f_add_encrypted_type.py
+++ b/7project/backend/alembic/versions/2025_10_29_1326-46b9e702e83f_add_encrypted_type.py
@@ -0,0 +1,47 @@
 """Add encrypted type
 Revision ID: 46b9e702e83f
 Revises: 1f2a3c4d5e6f
 Create Date: 2025-10-29 13:26:24.568523
 """
 from typing import Sequence, Union
 import sqlalchemy_utils
 from alembic import op
 import sqlalchemy as sa
 from sqlalchemy.dialects import mysql
 # revision identifiers, used by Alembic.
 revision: str = '46b9e702e83f'
 down_revision: Union[str, Sequence[str], None] = '1f2a3c4d5e6f'
 branch_labels: Union[str, Sequence[str], None] = None
 depends_on: Union[str, Sequence[str], None] = None
 def upgrade() -> None:
    """Upgrade schema."""
    # ### commands auto generated by Alembic - please adjust! ###
    op.alter_column('transaction', 'amount',
               existing_type=mysql.FLOAT(),
               type_=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
               existing_nullable=False)
    op.alter_column('transaction', 'description',
               existing_type=mysql.VARCHAR(length=255),
               type_=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
               existing_nullable=True)
    # ### end Alembic commands ###
 def downgrade() -> None:
    """Downgrade schema."""
    # ### commands auto generated by Alembic - please adjust! ###
    op.alter_column('transaction', 'description',
               existing_type=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
               type_=mysql.VARCHAR(length=255),
               existing_nullable=True)
    op.alter_column('transaction', 'amount',
               existing_type=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
               type_=mysql.FLOAT(),
               existing_nullable=False)
    # ### end Alembic commands ###
--- a/7project/backend/app/app.py
+++ b/7project/backend/app/app.py
@@ -124,10 +124,6 @@ async def root():
 async def authenticated_route(user: User = Depends(current_active_verified_user)):
    return {"message": f"Hello {user.email}!"}
@fastApi.get("/sentry-debug")
 async def trigger_error():
    division_by_zero = 1 / 0
@fastApi.get("/debug/scrape/csas/all", tags=["debug"])
 async def debug_scrape_csas_all():
--- a/7project/backend/app/core/db.py
+++ b/7project/backend/app/core/db.py
@@ -19,7 +19,8 @@ from app.models.user import User
 from app.models.transaction import Transaction
 from app.models.categories import Category
-ssl_enabled = os.getenv("MARIADB_HOST", "localhost") != "localhost"
+host_env = os.getenv("MARIADB_HOST", "localhost")
 ssl_enabled = host_env not in {"localhost", "127.0.0.1"}
 connect_args = {"ssl": {"ssl": True}} if ssl_enabled else {}
 engine = create_async_engine(
--- a/7project/backend/app/models/transaction.py
+++ b/7project/backend/app/models/transaction.py
@@ -1,15 +1,21 @@
 import os
 from fastapi_users_db_sqlalchemy import GUID
 from sqlalchemy import Column, Integer, String, Float, ForeignKey, Date, func
 from sqlalchemy.orm import relationship
 from sqlalchemy_utils import EncryptedType
 from sqlalchemy_utils.types.encrypted.encrypted_type import FernetEngine
 from app.core.base import Base
 from app.models.categories import association_table
 SECRET_KEY = os.environ.get("DB_ENCRYPTION_KEY", "localdev")
 class Transaction(Base):
    __tablename__ = "transaction"
    id = Column(Integer, primary_key=True, autoincrement=True)
-    amount = Column(Float, nullable=False)
+    amount = Column(EncryptedType(Float, SECRET_KEY, engine=FernetEngine), nullable=False)
-    description = Column(String(length=255), nullable=True)
+    description = Column(EncryptedType(String(length=255), SECRET_KEY, engine=FernetEngine), nullable=True)
    date = Column(Date, nullable=False, server_default=func.current_date())
    user_id = Column(GUID, ForeignKey("user.id"), nullable=False)
--- a/7project/backend/requirements.txt
+++ b/7project/backend/requirements.txt
@@ -54,6 +54,7 @@ sentry-sdk==2.42.0
 six==1.17.0
 sniffio==1.3.1
 SQLAlchemy==2.0.43
 SQLAlchemy-Utils==0.42.0
 starlette==0.48.0
 tomli==2.2.1
 typing-inspection==0.4.1
--- a/7project/backend/tests/test_integration_app.py
+++ b/7project/backend/tests/test_integration_app.py
@@ -14,11 +14,6 @@ def test_authenticated_route_requires_auth(client):
    assert resp.status_code in (status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN)
 def test_sentry_debug_raises_exception(client):
    with pytest.raises(ZeroDivisionError):
        client.get("/sentry-debug")
@pytest.mark.asyncio
 async def test_create_and_get_category(fastapi_app, test_user):
    # Use AsyncClient for async tests
--- a/7project/backend/tests/test_unit_user_service.py
+++ b/7project/backend/tests/test_unit_user_service.py
@@ -19,7 +19,7 @@ def test_get_oauth_provider_known_unknown():
 def test_get_jwt_strategy_lifetime():
    strategy = user_service.get_jwt_strategy()
    assert strategy is not None
-    # Basic smoke check: strategy has a lifetime set to 3600
+    # Basic smoke check: strategy has a lifetime set to 604800
    assert getattr(strategy, "lifetime_seconds", None) in (604800,)
--- a/7project/charts/myapp-chart/templates/app-deployment.yaml
+++ b/7project/charts/myapp-chart/templates/app-deployment.yaml
@@ -101,6 +101,11 @@ spec:
                secretKeyRef:
                  name: prod
                  key: SENTRY_DSN
            - name: DB_ENCRYPTION_KEY
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: DB_ENCRYPTION_KEY
          livenessProbe:
            httpGet:
              path: /
--- a/7project/charts/myapp-chart/templates/prod.yaml
+++ b/7project/charts/myapp-chart/templates/prod.yaml
@@ -18,3 +18,4 @@ stringData:
  RABBITMQ_PASSWORD: {{ .Values.rabbitmq.password | default "" | quote }}
  RABBITMQ_USERNAME: {{ .Values.rabbitmq.username | quote }}
  SENTRY_DSN: {{ .Values.sentry_dsn | quote }}
  DB_ENCRYPTION_KEY: {{ required "Set .Values.database.encryptionSecret" .Values.database.encryptionSecret | quote }}
--- a/7project/charts/myapp-chart/templates/worker-deployment.yaml
+++ b/7project/charts/myapp-chart/templates/worker-deployment.yaml
@@ -20,7 +20,7 @@ spec:
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
-              drop: ["ALL"]
+              drop: [ "ALL" ]
          command:
            - celery
            - -A
@@ -80,3 +80,8 @@ spec:
                secretKeyRef:
                  name: prod
                  key: CSAS_CLIENT_SECRET
            - name: DB_ENCRYPTION_KEY
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: DB_ENCRYPTION_KEY
--- a/7project/charts/myapp-chart/values.yaml
+++ b/7project/charts/myapp-chart/values.yaml
@@ -75,3 +75,4 @@ database:
  userName: app-demo-user
  secretName: app-demo-database-secret
  password: ""
  encryptionSecret: ""
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,72 +0,0 @@
 aio-pika==9.5.6
 aiormq==6.8.1
 aiosqlite==0.21.0
 alembic==1.16.5
 amqp==5.3.1
 annotated-types==0.7.0
 anyio==4.11.0
 argon2-cffi==23.1.0
 argon2-cffi-bindings==25.1.0
 asyncmy==0.2.9
 bcrypt==4.3.0
 billiard==4.2.2
 celery==5.5.3
 certifi==2025.10.5
 cffi==2.0.0
 click==8.1.8
 click-didyoumean==0.3.1
 click-plugins==1.1.1.2
 click-repl==0.3.0
 cryptography==46.0.1
 dnspython==2.7.0
 email_validator==2.2.0
 exceptiongroup==1.3.0
 fastapi==0.117.1
 fastapi-users==14.0.1
 fastapi-users-db-sqlalchemy==7.0.0
 greenlet==3.2.4
 h11==0.16.0
 httpcore==1.0.9
 httptools==0.6.4
 httpx==0.28.1
 httpx-oauth==0.16.1
 idna==3.10
 iniconfig==2.3.0
 kombu==5.5.4
 makefun==1.16.0
 Mako==1.3.10
 MarkupSafe==3.0.2
 multidict==6.6.4
 packaging==25.0
 pamqp==3.3.0
 pluggy==1.6.0
 prompt_toolkit==3.0.52
 propcache==0.3.2
 pwdlib==0.2.1
 pycparser==2.23
 pydantic==2.11.9
 pydantic_core==2.33.2
 Pygments==2.19.2
 PyJWT==2.10.1
 PyMySQL==1.1.2
 pytest==8.4.2
 pytest-asyncio==1.2.0
 python-dateutil==2.9.0.post0
 python-dotenv==1.1.1
 python-multipart==0.0.20
 PyYAML==6.0.2
 six==1.17.0
 sniffio==1.3.1
 SQLAlchemy==2.0.43
 starlette==0.48.0
 tomli==2.2.1
 typing-inspection==0.4.1
 typing_extensions==4.15.0
 tzdata==2025.2
 uvicorn==0.37.0
 uvloop==0.21.0
 vine==5.1.0
 watchfiles==1.1.0
 wcwidth==0.2.14
 websockets==15.0.1
 yarl==1.20.1
Author	SHA1	Message	Date
ribardej	4c9879cebf	fix(tests): finally fixed the test DB deployment :}	2025-10-29 20:04:50 +01:00
ribardej	d9c562f867	fix(tests): fixed testing DB deployment v9 :O	2025-10-29 20:01:21 +01:00
ribardej	dddca9d805	fix(tests): fixed testing DB deployment v8 :D	2025-10-29 19:57:20 +01:00
ribardej	483a859b4b	fix(tests): fixed testing DB deployment v7	2025-10-29 19:53:26 +01:00
ribardej	7529c9b265	fix(tests): fixed testing DB deployment v6	2025-10-29 19:45:08 +01:00
ribardej	2ca8a3b576	Merge remote-tracking branch 'origin/main' into 33-frontend-looks-like-logged-in-even-after-token-expires # Conflicts: # .github/workflows/run-tests.yml	2025-10-29 14:54:01 +01:00
ribardej	52f6bd6a53	fix(tests): fixed testing DB deployment v5	2025-10-29 14:43:26 +01:00
Lukáš Trkan	d8ea25943c	feat(code): remove sentry debug endpoint	2025-10-29 14:32:25 +01:00
Lukáš Trkan	06dcccb321	fix(tests): add missing dependencies	2025-10-29 14:28:25 +01:00
Lukáš Trkan	e916a57e4e	fix(tests): move requirements.txt	2025-10-29 14:25:18 +01:00
Lukáš Trkan	7d2e94e683	feat(database): add encryption key	2025-10-29 14:23:14 +01:00
ribardej	55f8e38376	fix(tests): fixed testing DB deployment v4	2025-10-29 14:20:20 +01:00
Lukáš Trkan	3348e0a035	feat(database): encrypt transactions data	2025-10-29 14:17:53 +01:00
ribardej	542b05d541	fix(tests): fixed testing DB deployment v3	2025-10-29 14:11:43 +01:00
ribardej	65957d78ec	fix(tests): fixed testing DB deployment	2025-10-29 14:07:06 +01:00
ribardej	edb4dfd147	fix(tests): fixed testing DB deployment	2025-10-29 13:50:04 +01:00
ribardej	cf1d520a30	feat(tests): added testing DB	2025-10-29 13:42:01 +01:00