fsecada01/Pygentic-AI
0
0
Fork 0
mirror of https://github.com/fsecada01/Pygentic-AI.git synced 2026-05-12 12:15:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
93 Commits 4 Branches 0 Tags
dev_deploy
Commit Graph

6 Commits

Author SHA1 Message Date
Francis Secada
c7af645c07 fix(ci): revert to direct env vars - simpler and reliable
Some checks failed
Bandit / bandit (push) Has been cancelled
Details
Docker Image CI / build (3.13) (push) Has been cancelled
Details
Tests / test (3.13) (push) Has been cancelled
Details 
BREAKING: Remove custom action approach (too complex, failing)

Issue: Custom action with toJSON(secrets) failing due to:
- Special characters in SSH_PRIVATE_KEY
- Shell escaping complexity
- JSON parsing edge cases

Solution: Back to basics - direct env vars in workflow
- More verbose but 100% reliable
- No shell escaping issues
- Standard GitHub Actions pattern
- Works with all secret types

Trade-off accepted:
- Verbose: 25 env var declarations
- Reliable: No parsing, no escaping, no failures
- Maintainable: Add secrets via 'gh secret set'
- Standard: Uses GitHub's native secret injection

"Premature optimization is the root of all evil" - Knuth

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-04 16:31:49 -05:00
Francis Secada
3322e6079a feat(ci): dynamic secret injection using custom action 
BREAKING: Replaces explicit env var declarations with dynamic approach

Changes:
- Created .github/actions/setup-env custom action
- Uses toJSON(secrets) to pass ALL repository secrets dynamically
- Generates .env file automatically from secrets
- No need to update workflow when adding new secrets

How It Works:
1. toJSON(secrets) serializes all secrets to JSON
2. Custom action parses JSON with jq
3. Writes all secrets to .env file
4. Application loads .env via python-decouple/python-dotenv

Benefits:
-  Fully dynamic - new secrets auto-included
-  DRY - no repetitive secret declarations
-  Maintainable - add secrets via 'gh secret set' only
-  Secure - secrets never in workflow YAML
-  Transparent - .env approach matches local dev

Usage:
  gh secret set NEW_SECRET --body "value"
  # Automatically available in next CI run!

Before:
  30+ lines of explicit env: declarations

After:
  3 lines with toJSON(secrets)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-04 16:25:42 -05:00
Francis Secada
80bb08eb51 fix(ci): use GitHub secrets instead of hardcoded test values 
BREAKING: Previous commit used hardcoded test values (security risk)

Changes:
- Replace all hardcoded env vars with ${{ secrets.* }}
- Use existing GitHub secrets configured via 'gh secret set'
- Maintain proper secret isolation in CI/CD

Secrets used:
- SECRET_KEY, DEBUG, HTTPS_ONLY, SERVER_ENV
- Database: SQL_DIALECT, LOCAL_DB_*, CLOUD_DB_*
- API Keys: OPENAI_*, TAVILY_API_KEY
- Reddit: REDDIT_*

Benefits:
-  No secrets exposed in YAML file
-  Uses existing secret management infrastructure
-  Proper separation of concerns
-  Secrets can be rotated via 'gh secret set'

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-04 16:20:22 -05:00
Francis Secada
b976fac645 fix(ci): add test environment variables to prevent import errors 
Issue: CI failing with "UndefinedValueError: SECRET_KEY not found"
Root Cause: Settings modules load env vars at import time, before
conftest.py can set TESTING=true

Fix: Add minimal test environment variables to CI workflow
- SECRET_KEY for security module
- Database credentials (not used, but required for imports)
- API keys (fake values for testing, not used)
- Reddit credentials (not used in tests)

All values are fake/test-only and do not expose real credentials.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-04 16:13:25 -05:00
Francis Secada
a11e0c65fe refactor: migrate to uv + pyproject.toml dependency management 
BREAKING CHANGE: Removed pip-style requirements files

Migration Details:
- Removed core_requirements.{in,txt} and dev_requirements.in
- Consolidated all dependencies into pyproject.toml
- Added platform markers for Windows-specific packages:
  - pywin32>=311 (sys_platform == 'win32')
  - win32-setctime>=1.2.0 (sys_platform == 'win32')
  - hypercorn (Windows ASGI server)
  - gunicorn (Unix WSGI server)

CI/CD Changes:
- Updated .github/workflows/test.yml to use 'uv sync --group test'
- Simplified installation: no more manual pip install steps
- Uses 'uv run pytest' for test execution with PYTHONPATH

Benefits:
-  Fixes pywin32 installation failure on Ubuntu CI runners
-  Single source of truth for dependencies (pyproject.toml)
-  Faster resolution with uv lockfile
-  Modern Python packaging (PEP 621)
-  Proper dependency groups (dev, test)
-  Platform-aware installation

New Workflow:
- Production: uv sync
- With tests: uv sync --group test
- With dev tools: uv sync --group dev
- All groups: uv sync --all-groups

Added MIGRATION_UV.md with full migration guide for developers.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-04 16:07:14 -05:00
Francis Secada
1be156ed7c feat: add pytest infrastructure and regression tests 
Implements comprehensive testing framework to prevent regressions like:
- PDF style name conflicts (BodyText)
- StreamingResponse type errors
- Template not found after refactors

Test Infrastructure:
- pytest.ini: Configuration with coverage, markers, asyncio support
- conftest.py: Shared fixtures (test_client, test_db, sample_data)
- GitHub Actions CI: Automated testing on push/PR
- Directory structure: tests/{unit,integration,fixtures}

Integration Tests (test_analyze_flow.py):
- Regression: analyze endpoint returns empty response (not status.html)
- Status polling with OOB swaps
- Session creation and management
- First poll returns container + items
- Subsequent polls return only new items
- Result endpoint with/without data

Integration Tests (test_pdf_export.py):
- Regression: PDF generation returns BytesIO (not int)
- Regression: No ReportLab style name conflicts
- PDF download endpoint with streaming response
- PDF caching behavior
- Valid PDF format verification
- Filename format validation

Unit Tests (test_pdf_service.py):
- Content hash generation and consistency
- PDF generator initialization
- Custom style creation without conflicts
- SwotAnalysis model validation

CI/CD:
- GitHub Actions workflow for automated testing
- Python 3.13 support
- Coverage reporting with codecov integration

Test Markers:
- @pytest.mark.unit: Fast, isolated tests
- @pytest.mark.integration: Multi-component tests
- @pytest.mark.pdf: PDF-related tests
- @pytest.mark.api: API endpoint tests

Fixtures:
- test_client: FastAPI TestClient
- test_db_session: SQLite in-memory database
- sample_swot_analysis: Mock SWOT data
- clear_caches: Auto-cleanup between tests

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-04 15:18:07 -05:00