Features/3 add tests and coverage with GitHub actions

.github/workflows/coverage.yml

@@ -0,0 +1,31 @@
+name: Coverage
+
+on:
+  workflow_run:
+    workflows: ["Tests"]
+    types:
+      - completed
+
+jobs:
+  coverage:
+    name: Run tests & display coverage
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
+    permissions:
+      # Gives the action the necessary permissions for publishing new
+      # comments in pull requests.
+      pull-requests: write
+      # Gives the action the necessary permissions for editing existing
+      # comments (to avoid publishing multiple comments in the same PR)
+      contents: write
+      # Gives the action the necessary permissions for looking up the
+      # workflow that launched this workflow, and download the related
+      # artifact that contains the comment to be published
+      actions: read
+    steps:
+      - name: Post comment
+        uses: py-cov-action/python-coverage-comment-action@v3
+        with:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_PR_RUN_ID: ${{ github.event.workflow_run.id }}
+          verbose: true

.github/workflows/tests.yml

@@ -0,0 +1,47 @@
+name: Tests
+
+on:
+  pull_request:
+  push:
+    branches:
+      - "main"
+
+jobs:
+  unit-tests:
+    runs-on: ubuntu-latest
+    permissions:
+      # Gives the action the necessary permissions for publishing new
+      # comments in pull requests.
+      pull-requests: write
+      # Gives the action the necessary permissions for pushing data to the
+      # python-coverage-comment-action branch, and for editing existing
+      # comments (to avoid publishing multiple comments in the same PR)
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.11
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install poetry
+          poetry config virtualenvs.create false
+          poetry install --no-root
+      - name: Launch tests & generate report
+        run: poetry run pytest
+      - name: Coverage comment
+        id: coverage_comment
+        uses: py-cov-action/python-coverage-comment-action@v3
+        with:
+          GITHUB_TOKEN: ${{ github.token }}
+          verbose: true
+      - name: Store Pull Request comment to be posted
+        uses: actions/upload-artifact@v3
+        if: steps.coverage_comment.outputs.COMMENT_FILE_WRITTEN == 'true'
+        with:
+          # If you use a different name, update COMMENT_ARTIFACT_NAME accordingly
+          name: python-coverage-comment-action
+          # If you use a different name, update COMMENT_FILENAME accordingly
+          path: python-coverage-comment-action.txt

pyproject.toml

@@ -19,6 +19,38 @@ pydantic-settings = "^2.1.0"
 ruff = "^0.1.7"
 black = "^23.11.0"
 pytest = "^7.4.3"
+pytest-cov = "^4.1.0"
+pytest-mock = "^3.12.0"
+pytest-env = "^1.1.3"
+pytest-asyncio = "^0.21.1"
+httpx = "^0.24.1"
+
+
+[tool.pytest.ini_options]
+asyncio_mode = "auto"
+pythonpath = ["src"]
+addopts = [
+  "--cov-report=term-missing",
+  "--cov-branch",
+  "--cov-report=xml",
+  "--cov-report=term",
+  "--cov=src",
+  "-vv",
+  "--strict-markers",
+  "-rfE",
+]
+testpaths = ["tests"]
+env = [
+  "KC_URL=http://localhost",
+  "KC_REALM=",
+  "KC_ADMIN_CLIENT_ID=",
+  "KC_ADMIN_CLIENT_SECRET=",
+  "KC_REALM_URL=http://localhost",
+  "AUTH_URL=http://localhost",
+  "TOKEN_URL=http://localhost",
+  "CERTS_URL=http://localhost",
+  "AUTH_CLIENT=",
+]
 
 [tool.black]
 line-length = 120
@@ -29,3 +61,10 @@ line-length = 120
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"
+
+[tool.coverage.run]
+relative_files = true
+source = ["src"]
+
+[tool.coverage.report]
+skip_empty = true

src/regtech_api_commons/oauth2/config.py

@@ -2,15 +2,13 @@
 from typing import Dict, Any
 
 from pydantic import TypeAdapter
-from pydantic.networks import HttpUrl, PostgresDsn
+from pydantic.networks import HttpUrl
 from pydantic.types import SecretStr
 from pydantic_settings import BaseSettings, SettingsConfigDict
 from pydantic_settings.sources import DotenvType, ENV_FILE_SENTINEL
 
 
 class KeycloakSettings(BaseSettings):
-    inst_conn: PostgresDsn
-    inst_db_schema: str = "public"
     auth_client: str
     auth_url: HttpUrl
     token_url: HttpUrl

tests/api/test_router_wrapper.py

@@ -0,0 +1,62 @@
+from fastapi import FastAPI
+from fastapi.responses import RedirectResponse
+from fastapi.testclient import TestClient
+import starlette.status as status
+
+
+from regtech_api_commons.api.router_wrapper import Router
+
+router = Router()
+app = FastAPI()
+
+
+@router.api_route("/items/{item_id}", methods=["GET"])
+def get_items(item_id: str):
+    return {"item_id": item_id}
+
+
+def get_not_decorated(item_id: str):
+    return {"item_id": item_id}
+
+
+async def get_not_decorated_redirect():
+    return RedirectResponse("/items-not-decorated/no_item_id", status_code=status.HTTP_302_FOUND)
+
+
+router.add_api_route("/items-not-decorated/{item_id}", get_not_decorated)
+router.add_api_route("/items-not-decorated", get_not_decorated_redirect)
+
+app.include_router(router)
+
+client = TestClient(app)
+
+
+def test_get_api_route():
+    response = client.get("/items/foo")
+    assert response.status_code == 200, response.text
+    assert response.json() == {"item_id": "foo"}
+
+
+def test_get_api_route_ends_with_forward_slash():
+    response = client.get("/items/foo/")
+    assert response.status_code == 200, response.text
+    assert response.json() == {"item_id": "foo"}
+
+
+def test_get_api_route_wrong_path():
+    response = client.get("/item/foo/")
+    assert response.status_code == 404, response.text
+    assert response.json() != {"item_id": "foo"}
+
+
+def test_get_api_route_not_decorated():
+    response = client.get("/items-not-decorated/foo")
+    assert response.status_code == 200, response.text
+    assert response.json() == {"item_id": "foo"}
+
+
+def test_get_api_route_not_decorated_redirect():
+    response = client.get("/items-not-decorated")
+    assert response.history[0].status_code == 302
+    assert response.status_code == 200, response.text
+    assert response.json() == {"item_id": "no_item_id"}

tests/models/test_auth.py

@@ -0,0 +1,61 @@
+from regtech_api_commons.models import AuthenticatedUser
+
+
+def test_from_claims():
+    test_claims = {
+        "name": "test",
+        "preferred_username": "test_user",
+        "email": "[email protected]",
+        "sub": "testuser123",
+        "institutions": ["/TEST1LEI", "/TEST2LEI/TEST2CHILDLEI"],
+    }
+    test_authenticated_user = AuthenticatedUser(
+        claims=test_claims,
+        name=test_claims.get("name"),
+        username=test_claims.get("preferred_username"),
+        email=test_claims.get("email"),
+        id=test_claims.get("sub"),
+        institutions=AuthenticatedUser.parse_institutions(test_claims.get("institutions")),
+    )
+
+    assert AuthenticatedUser.from_claim(test_claims) == test_authenticated_user
+
+
+def test_parse_institutions():
+    test_claims_with_institutions = {
+        "name": "test",
+        "preferred_username": "test_user",
+        "email": "[email protected]",
+        "sub": "testuser123",
+        "institutions": ["/TEST1LEI", "/TEST2LEI/TEST2CHILDLEI"],
+    }
+    assert AuthenticatedUser.from_claim(test_claims_with_institutions).institutions == ["TEST1LEI", "TEST2CHILDLEI"]
+
+    test_claims_without_institutions = {
+        "name": "test",
+        "preferred_username": "test_user",
+        "email": "[email protected]",
+        "sub": "testuser123",
+    }
+
+    assert AuthenticatedUser.from_claim(test_claims_without_institutions).institutions == []
+
+
+def test_is_authenticated():
+    test_claims = {
+        "name": "test",
+        "preferred_username": "test_user",
+        "email": "[email protected]",
+        "sub": "testuser123",
+        "institutions": ["/TEST1LEI", "/TEST2LEI/TEST2CHILDLEI"],
+    }
+    test_authenticated_user = AuthenticatedUser(
+        claims=test_claims,
+        name=test_claims.get("name"),
+        username=test_claims.get("preferred_username"),
+        email=test_claims.get("email"),
+        id=test_claims.get("sub"),
+        institutions=AuthenticatedUser.parse_institutions(test_claims.get("institutions")),
+    )
+
+    assert test_authenticated_user.is_authenticated is True

tests/oauth2/test_config.py

@@ -0,0 +1,23 @@
+import pytest
+from regtech_api_commons.oauth2.config import KeycloakSettings
+
+
+def test_jwt_opts_valid_values():
+    mock_config = {
+        "jwt_opts_test1": "true",
+        "jwt_opts_test2": "true",
+        "jwt_opts_test3": "12",
+    }
+    kc_settings = KeycloakSettings(**mock_config)
+    assert kc_settings.jwt_opts == {"test1": True, "test2": True, "test3": 12}
+
+
+def test_jwt_opts_invalid_values():
+    mock_config = {
+        "jwt_opts_test1": "not a bool or int",
+        "jwt_opts_test2": "true",
+        "jwt_opts_test3": "12",
+    }
+    with pytest.raises(Exception) as e:
+        KeycloakSettings(**mock_config)
+    assert "validation error" in str(e.value)