Merge pull request 'Pull request demo' (#1) from pull_request_demo into main

Reviewed-on: #1

.gitea/workflows/001_manual_trigger.yaml

@@ -0,0 +1,37 @@
+name: Conditional Steps  # Name of workflow
+
+on:
+  workflow_dispatch:  
+
+jobs:
+  example_job:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Step 1 - Exit Code 0
+        id: successful_step
+        run: |
+          echo "exit code 0"
+          exit 0  # Success (exit code 0)
+        shell: bash  # If you want you can change the shell per step
+
+      - name: Step 2 - Execute If Previous Succeeded
+        # The syntax bellow ${{}} is expression syntax in github actions
+        # Success and failure are status expressions
+        if: ${{ success() }}  # Only run this step if the previous step succeeded
+        run: |
+          echo "Running because the previous step has succeeded"
+
+      - name: Step 3 - I am Failing
+        run: |
+          echo "I am failing"
+          exit 1  # Failure (non-zero exit code)
+
+      - name: Step 4 - I Will Never Execute # Because of failure of Step 3
+        run: |
+          echo "I will never execute"
+
+      - name: Step 5 - Execute on Workflow Failure
+        if: ${{ failure() }}  # Only run this step if the workflow failed
+        run: |
+          echo "Workflow failed"

.gitea/workflows/002_parallel_jobs.yaml

@@ -0,0 +1,26 @@
+name: Parallel Jobs
+
+on:
+  workflow_dispatch:  
+  
+jobs:
+  linting:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Linting
+        run: echo "Running linting..."
+
+  unit_tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Unit Tests
+        run: echo "Running unit tests..."
+
+  integration_tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set Up Test Environment
+        run: echo "Setting up test environment..."
+
+      - name: Integration Tests
+        run: echo "Running integration tests..."

.gitea/workflows/003_first_workflow.yaml

@@ -0,0 +1,23 @@
+name: workflow_dispatch # Name of workflow
+
+on:
+  workflow_dispatch:
+    inputs:
+      username:
+        description: 'Username'
+        default: 'Hang'
+        required: true
+        type: string
+      age:
+        description: 'Age'
+        required: true
+        type: number
+
+jobs:
+  echo-username-age: # Name of job
+    runs-on: ubuntu-latest
+    steps:
+      - name: Echo Username and Age
+        run: |
+          echo "Username: ${{ inputs.username }}"
+          echo "Age: ${{ inputs.age }}"

.gitea/workflows/003_second_workflow.yaml

@@ -0,0 +1,17 @@
+name: workflow_run # Name of workflow
+
+on:
+  workflow_run: # Depend on the workflow completion of "workflow_dispatch"
+    workflows: ["workflow_dispatch"]
+    types:
+      - completed
+
+jobs:
+  echo-hi-all: # Name of job
+    # Only run if the first workflow succeeded
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Echo "Hi all"
+        run: |
+          echo "Hi all (chained via workflow_run)"

.gitea/workflows/004_checkout_example.yaml

@@ -0,0 +1,19 @@
+name: Checkout Example
+
+on:
+  workflow_dispatch:
+
+jobs:
+  demo-checkout:
+    runs-on: ubuntu-latest
+    steps:
+      - name: List space
+        # workspace is a special variable containing the path to the working directory 
+        # on the runner machine. Github is a context which we can access in expression ${{}}. 
+        run: ls -la ${{ github.workspace }}
+      
+      - name: Checkout source code 
+        uses: actions/checkout@v4 # use github action from repo github.com/actions/checkout
+      
+      - name: List space again
+        run: ls -la ${{ github.workspace }}

.gitea/workflows/005_passing_data_between_jobs.yaml

@@ -0,0 +1,24 @@
+name: Passing Data Between Jobs
+
+on:
+  workflow_dispatch:
+
+jobs:
+  data-sender:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Create data
+        id: sender # Set the output name for this step to Apple
+        run: |
+          echo "name=Apple" >> $GITHUB_OUTPUT
+    outputs:
+      name: ${{ steps.sender.outputs.name }}
+
+  data-receiver:
+    runs-on: ubuntu-22.04
+    needs: ["data-sender"] 
+    steps: # In order to have data for receiver sender needs to first produce some data.
+      - name: Receive data
+        # Notice how we use needs object to access the sender job's outputs
+        run: |
+          echo ${{ needs.data-sender.outputs.name }} 

.gitea/workflows/005_passing_data_between_steps.yaml

@@ -0,0 +1,17 @@
+name: Passing Data Between Steps
+
+on:
+  workflow_dispatch:
+
+jobs:
+  data-passing:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Create data
+        id: sender # Set the output name for this step to Apple
+        run: |                                 
+          echo "name=Apple" >> $GITHUB_OUTPUT 
+
+      - name: Receive data
+        run: | 
+          echo ${{ steps.sender.outputs.name }}

.gitea/workflows/006_upload_artifact.yaml

@@ -0,0 +1,26 @@
+name: Upload Artifacts
+
+on:
+  workflow_dispatch:
+
+jobs:
+  build-and-upload:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Create an artifact
+        run: |
+          ls -la ${{ github.workspace }}
+          cd backend
+          echo "This is my artifact content." > artifact.txt
+          ls -la ${{ github.workspace }}/backend
+          stat ./artifact.txt
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: build-artifact # Folder name of artifact.txt
+          path: ${{ github.workspace }}/backend/artifact.txt
+          retention-days: 5 # Optional: Set the retention period for the artifact

.gitea/workflows/007_passing_artifact.yaml

@@ -0,0 +1,51 @@
+name: Passing Files In Artifacts
+
+on:
+  workflow_dispatch:
+    
+jobs:
+  unit-tests:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository 
+        uses: actions/checkout@v4
+
+      - name: Install Python 3.10.12 # Setup Python inside the runner
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.10.12'
+
+      - name: Install tox # Tool used for Python unit tests
+        run: pip install tox
+      - name: Run unit tests
+        run: | # Use zip to take care of .hidden_files
+          cd backend
+          apt install zip
+          COVERAGE_FILE=.coverage tox -e unit
+          ls -la ${{ github.workspace }}/backend
+          stat ./.coverage
+          zip coverage.zip ./.coverage 
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: build-coverage
+          path: ${{ github.workspace }}/backend/coverage.zip
+          if-no-files-found: error
+  
+  load-file-example:
+    runs-on: ubuntu-22.04
+    needs: [unit-tests]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: build-coverage
+          path: ${{ github.workspace }} # Move the coverage to ${{ github.workspace }}
+
+      - name: List folder 
+        run: |
+          ls -la ${{ github.workspace }}
+          unzip coverage.zip
+          ls -la ${{ github.workspace }}
+

.gitea/workflows/008_secrets_and_variables.yaml

@@ -0,0 +1,38 @@
+name: Secrets And Variables
+
+on:
+  workflow_dispatch:
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-22.04
+
+    env:
+      DEPLOYMENT_ENV: 'production'  # Define a workflow-level environment variable
+
+    steps:
+      - name: Build
+        run: | # Build your application here
+          echo "Building the application"
+          echo "API_KEY: ${{ secrets.API_KEY }}"
+          echo $SECRET_API_KEY
+          echo "DEPLOYMENT_ENV: ${{ env.DEPLOYMENT_ENV }}"
+          echo $CONFIG_VARIABLE
+          echo "USERNAME: ${{ vars.USERNAME }}"
+          echo $STEPS_USERNAME
+        env:
+          SECRET_API_KEY: ${{ secrets.API_KEY }}        # Access a secret as an environment variable
+          STEPS_USERNAME: ${{ vars.USERNAME }}
+          CONFIG_VARIABLE: ${{ env.DEPLOYMENT_ENV }}    # Use a workflow-level environment variable
+
+      - name: Deploy
+        run: | # Deploy your application using the secrets and variables
+          echo "Global job variable ${{ env.DEPLOYMENT_ENV }}"
+          echo "Variable from this step ${CONFIG_VARIABLE2} environment"
+          echo "Local step variable ${ANOTHER_VARIABLE}"
+          echo "Secret print ${{ secrets.API_KEY }}"
+          echo "Step's secret variable ${SECRET_API_KEY}"
+        env:
+          SECRET_API_KEY: ${{ secrets.API_KEY }}
+          CONFIG_VARIABLE2: ${{ env.DEPLOYMENT_ENV }}  # Use a workflow-level environment variable
+          ANOTHER_VARIABLE: 'some value'               # Define a variable directly in the workflow

.gitea/workflows/009_matrix.yaml

@@ -0,0 +1,29 @@
+name: Matrix 
+
+on:
+  workflow_dispatch:
+    
+jobs:
+  run-tests:
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [ubuntu-20.04, ubuntu-22.04]
+        python-version: ['3.8', '3.10']
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+
+      - name: Install Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "${{ matrix.python-version }}"
+        
+      - name: Install tox
+        run: pip install tox
+        
+      - name: Run unit tests
+        run: |
+          cd backend
+          tox -e unit

.gitea/workflows/010_ci_docker_image.yaml

@@ -0,0 +1,150 @@
+name: Example CI
+
+on:
+  workflow_dispatch:
+    inputs:
+      image-name:
+        description: "Name for image"
+        default: "gitea.cuihang1201.synology.me/hangpersonal/ci-test"
+        type: string
+        required: true
+      image-tag: 
+        description: "Tag for image"
+        default: "latest"
+        type: string
+        required: true
+      container-name: 
+        description: "Name for container"
+        default: "ci-test"
+        type: string
+        required: true
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+      - name: Install Python 3.10
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+      - name: Install tox
+        run: pip install tox
+      - name: Run lint
+        run: |
+          cd backend
+          tox -e lint
+  
+  unit-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+      - name: Install Python 3.10
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+      - name: Install tox
+        run: pip install tox
+      - name: Run unit tests
+        run: |
+          cd backend
+          tox -e unit
+
+  build-image:
+    runs-on: ubuntu-latest
+    needs: [lint, unit-test]  # Specify that build-image depends on lint and unit-test
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and export
+        uses: docker/build-push-action@v5 # Build Docker image via Dockerfile
+        with:
+          context: backend # Directory of Dockerfile
+          tags: ${{ inputs.image-name }}:${{ inputs.image-tag }} 
+          outputs: type=docker,dest=/tmp/image.tar
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: image
+          path: /tmp/image.tar
+          retention-days: 1
+
+  integration-tests:
+    runs-on: ubuntu-latest
+    needs: [build-image]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image
+          path: /tmp
+      - name: Load image
+        run: |
+          docker load --input /tmp/image.tar
+          docker image ls -a
+          docker run --rm -p 8143:80 --name ${{ inputs.container-name }} -d ${{ inputs.image-name }}:${{ inputs.image-tag }} 
+          sleep 5
+          curl -s "http://${{ vars.LOCALHOST }}:8143/" ; echo
+          echo "Stop container: "
+          docker container stop ${{ inputs.container-name }}
+
+  vulnerability-scan:
+    runs-on: ubuntu-latest
+    needs: [build-image]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image
+          path: /tmp
+      - name: Install Trivy CLI
+        run: |
+          set -euo pipefail
+          curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh \
+            | sh -s -- -b /usr/local/bin v0.65.0
+          trivy --version
+      - name: Scan saved image tar with Trivy
+        run: |
+          ls -la /tmp || true
+          trivy image \
+            --input /tmp/image.tar \
+            --format json \
+            --output /tmp/trivy-results.json \
+            --severity CRITICAL,HIGH \
+            --ignore-unfixed
+      - name: Upload results
+        uses: actions/upload-artifact@v3
+        with:
+          name: trivy-results
+          path: /tmp/trivy-results.json
+          retention-days: 1
+          
+  publish-image:
+    runs-on: ubuntu-latest
+    needs: [integration-tests, vulnerability-scan]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image
+          path: /tmp
+      - name: Load image
+        run: |
+          docker load --input /tmp/image.tar
+          docker image ls -a
+      - name: Login to Gitea Docker Registry
+        run: |
+          echo "${{ secrets.REGISTRY_TOKEN }}" | \
+          docker login gitea.cuihang1201.synology.me -u ${{ secrets.REGISTRY_USER }} --password-stdin
+      - name: Push Docker image
+        run: |
+          docker image ls -a
+          docker push ${{ inputs.image-name }}:${{ inputs.image-tag }}
+      - name: Clean Docker image on Host
+        run: |
+          docker rmi ${{ inputs.image-name }}:${{ inputs.image-tag }}
+          docker image ls -a          

.gitea/workflows/011_permissions.yaml

@@ -0,0 +1,23 @@
+name: "Permissions"
+
+on:
+  workflow_dispatch:
+
+jobs:
+  example-job:
+    permissions:
+      contents: write
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Attempt Write Operation
+        run: |
+          touch permissions-test.txt
+          git config --global user.name 'hangpersonal'
+          git config --global user.email 'hangcui1201@gmail.com'
+          git add permissions-test.txt
+          git commit -m "Attempt to write"
+          git push origin ${{ github.ref }}

.gitea/workflows/011_permissions_error.yaml

@@ -0,0 +1,29 @@
+name: "Permissions Error"
+
+on:
+  workflow_dispatch:
+
+permissions:
+  contents: read  # only read commits/tags cannot create ones from this workflow 
+
+jobs:
+  example-job:
+    # It can be also here for job scope
+    # permissions:
+    #   contents: read
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Attempt Write Operation
+        run: |
+          # This is an intentional error to demonstrate lack of write permissions
+          touch new-file.txt
+          git config --global user.name 'hangpersonal'
+          git config --global user.email 'hangcui1201@gmail.com'
+          git add new-file.txt
+          git commit -m "Attempt to write"
+          git push origin ${{ github.ref }}
+        continue-on-error: true

.gitea/workflows/012_pat.yaml

@@ -0,0 +1,26 @@
+name: Pat Bump Tag
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+
+jobs:
+  build:
+    # Accessing the context for Github
+    if: ${{  github.event.pull_request.merged == true }}  
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        ref: ${{ github.event.pull_request.merge_commit_sha }}
+        fetch-depth: '0'
+
+    - name: Bump version and push tag
+      uses: anothrNick/github-tag-action@1.64.0 
+      env:
+        # if you don't want to set write permissions use a PAT token
+        GITHUB_TOKEN: ${{ secrets.REGISTRY_TOKEN }} 
+        WITH_V: true

.gitea/workflows/ci.yml

@@ -1,24 +1,27 @@
-name: CI Workflow
+name: CI Workflow
-
+
-on:
+#on:
-  push:
+#  push:
-    branches:
+#    branches:
-      - "**"
+#      - "**"
-
+
-jobs:
+on:
-  build-and-test:
+  workflow_dispatch:  
-    runs-on: ubuntu-latest
+  
-    steps:
+jobs:
-      - name: Checkout code
+  build-and-test:
-        uses: actions/checkout@v3
+    runs-on: ubuntu-latest
-
+    steps:
-      - name: Set up Python
+      - name: Checkout code
-        uses: actions/setup-python@v4
+        uses: actions/checkout@v4
-        with:
+
-          python-version: "3.10"
+      - name: Set up Python
-
+        uses: actions/setup-python@v4
-      - name: Install dependencies
+        with:
-        run: pip install -r requirements.txt
+          python-version: "3.10"
-
+
-      - name: Run tests
+      - name: Install dependencies
+        run: pip install -r requirements.txt
+
+      - name: Run tests
         run: pytest -v

.gitea/workflows/docker-build.yml

@@ -1,25 +1,55 @@
-name: Docker Build
+name: Docker Build
-
+
-on:
+"on":
-  push:
+  workflow_dispatch:
-    branches:
+  # Uncomment if you also want auto-builds on pushes:
-      - main
+  # push:
-
+  #   branches: [ "main" ]
-jobs:
+
-  docker:
+jobs:
-    runs-on: ubuntu-latest
+  docker:
-    steps:
+    runs-on: ubuntu-latest
-      - name: Checkout code
+    permissions:
-        uses: actions/checkout@v3
+      contents: read
-
+      packages: write
-      - name: Log in to Gitea Registry
+
-        run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login gitea.cuihang1201.synology.me -u hangpersonal --password-stdin
+    steps:
-
+      - name: Checkout code
-      - name: Build Docker image
+        uses: actions/checkout@v4
-        run: docker build -t gitea.cuihang1201.synology.me/hangpersonal/myapp:latest .
+
-        
+      - name: Set up Docker Buildx
-      - name: Run Docker image
+        uses: docker/setup-buildx-action@v3
-        run: docker run --rm gitea.cuihang1201.synology.me/hangpersonal/myapp:latest   
+
-
+      - name: Log in to Gitea Registry
-      - name: Push Docker image
+        uses: docker/login-action@v3
-        run: docker push gitea.cuihang1201.synology.me/hangpersonal/myapp:latest
+        with:
+          registry: gitea.cuihang1201.synology.me
+          username: ${{ secrets.REGISTRY_USER }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
+
+      - name: Build and push image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: gitea.cuihang1201.synology.me/hangpersonal/docker-build:latest
+    
+      # Optional quick health check, runs detached and then cleaned up
+      - name: Smoke test
+        run: |
+          docker run --name docker-build \
+            gitea.cuihang1201.synology.me/hangpersonal/docker-build:latest
+          sleep 5
+        if: ${{ always() }}
+
+      - name: Cleanup local container/images
+        if: always()
+        run: |
+          echo "Stop container: "
+          docker stop docker-build
+          echo "Remove container: "
+          docker rm -f docker-build 2>/dev/null || true
+          echo "Remove image: "
+          docker rmi gitea.cuihang1201.synology.me/hangpersonal/docker-build:latest
+          docker image ls -a

.gitea/workflows/release.yml

@@ -1,42 +1,44 @@
-name: Release Workflow
+name: Release Workflow
-
+
-on:
+on:
-  # The workflow only runs with push a Git tag
+  workflow_dispatch:  
-  push: 
+  
-    tags:
+#on: # The workflow only runs with push a Git tag
-      - "v*.*.*" # v1.0.0, v2.5.3, v10.23.7
+#  push: 
-
+#    tags:
-jobs:
+#      - "v*.*.*" # v1.0.0, v2.5.3, v10.23.7
-  # Defines a job named release
+
-  release:
+jobs:
-    # According to the Gitea documentation, the ubuntu-latest label is mapped 
+  # Defines a job named release
-    # internally to Ubuntu 22.04 environments  
+  release:
-    runs-on: ubuntu-latest
+    # According to the Gitea documentation, the ubuntu-latest label is mapped 
-    steps:
+    # internally to Ubuntu 22.04 environments  
-      - name: Checkout code
+    runs-on: ubuntu-22.04
-        # Pulls your repo into the runner so it has access to the source code
+    steps:
-        uses: actions/checkout@v3
+      - name: Checkout code
-
+        # Pulls your repo into the runner so it has access to the source code
-      - name: Build artifact
+        uses: actions/checkout@v4
-        # Makes a directory dist/
+
-        # Creates a file README.txt inside dist/
+      - name: Build artifact
-        # $GITHUB_REF_NAME is an environment variable set by Actions - 
+        # Makes a directory dist/
-        # it will be the name of the Git tag that triggered this workflow
+        # Creates a file README.txt inside dist/
-        # If you pushed v1.2.3, the file will contain "Release version v1.2.3"
+        # $GITHUB_REF_NAME is an environment variable set by Actions - 
-        # run, execute these shell commands
+        # it will be the name of the Git tag that triggered this workflow
-        # |, treat everything indented below this as a multi-line string, 
+        # If you pushed v1.2.3, the file will contain "Release version v1.2.3"
-        # and keep line breaks as they are.
+        # run, execute these shell commands
-        # /workspace/<owner>/<repo>/dist/
+        # |, treat everything indented below this as a multi-line string, 
-        run: |
+        # and keep line breaks as they are.
-          mkdir dist
+        # /workspace/<owner>/<repo>/dist/
-          echo "Release version $GITHUB_REF_NAME" > dist/README.txt
+        run: |
-          echo "Ref $GITHUB_REF" >> dist/README.txt
+          mkdir dist
-
+          echo "Release version $GITHUB_REF_NAME" > dist/README.txt
-      - name: Upload artifact
+          echo "Ref $GITHUB_REF" >> dist/README.txt
-        # Packages whatever is inside dist/ (in this case, just the README.txt)
+
-        # Uploads it to Gitea Actions as a downloadable artifact
+      - name: Upload artifact
-        # In the Actions UI, after the run finishes, a link to download release-files.zip
+        # Packages whatever is inside dist/ (in this case, just the README.txt)
-        uses: actions/upload-artifact@v3
+        # Uploads it to Gitea Actions as a downloadable artifact
-        with:
+        # In the Actions UI, after the run finishes, a link to download release-files.zip
-          name: release-files
+        uses: actions/upload-artifact@v3
-          path: dist/
+        with:
+          name: release-files
+          path: dist/

.gitignore

@@ -0,0 +1,9 @@
+venv/
+build/
+*.charm
+.tox/
+.coverage
+__pycache__/
+.pytest_cache/
+*.py[cod]
+.idea

Dockerfile

@@ -1,15 +1,15 @@
-# Base image with Python 3.10
+# Base image with Python 3.10
-FROM python:3.10-slim
+FROM python:3.10-slim
-
+
-# Set work directory inside container
+# Set work directory inside container
-WORKDIR /app
+WORKDIR /app
-
+
-# Copy dependency file and install dependencies
+# Copy dependency file and install dependencies
-COPY requirements.txt .
+COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
+RUN pip install --no-cache-dir -r requirements.txt
-
+
-# Copy the rest of your code
+# Copy the rest of your code
-COPY . .
+COPY . .
-
+
-# Default command (can be overridden in docker run)
+# Default command (can be overridden in docker run)
-CMD ["python3", "main.py"]
+CMD ["python3", "main.py"]

LICENSE

@@ -1,18 +1,18 @@
-MIT License
+MIT License
-
+
-Copyright (c) 2025 hangpersonal
+Copyright (c) 2025 hangpersonal
-
+
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and 
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and 
-associated documentation files (the "Software"), to deal in the Software without restriction, including 
+associated documentation files (the "Software"), to deal in the Software without restriction, including 
-without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
+without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
-copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the 
+copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the 
-following conditions:
+following conditions:
-
+
-The above copyright notice and this permission notice shall be included in all copies or substantial 
+The above copyright notice and this permission notice shall be included in all copies or substantial 
-portions of the Software.
+portions of the Software.
-
+
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 
-LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO 
+LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO 
-EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
+EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
-IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 
-USE OR OTHER DEALINGS IN THE SOFTWARE.
+USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -1,2 +1,3 @@
-# Gitea_Action_Test
+# Gitea_Action_Test
-
+
+Test pull request with 012_pat.yaml

backend/Dockerfile

@@ -0,0 +1,9 @@
+FROM python:3.10-slim
+
+WORKDIR /app
+COPY requirements.txt /app/requirements.txt
+RUN pip install -r requirements.txt
+COPY . /app
+
+EXPOSE 80
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "80"]

backend/main.py

@@ -0,0 +1,8 @@
+from fastapi import FastAPI
+
+app = FastAPI()
+
+
+@app.get("/")
+def read_root():
+    return {"message": "Hello, World!"}

backend/requirements-fmt.txt

@@ -0,0 +1,24 @@
+#
+# This file is autogenerated by pip-compile with Python 3.8
+# by the following command:
+#
+#    pip-compile requirements-fmt.in
+#
+black==23.9.1
+    # via -r requirements-fmt.in
+click==8.1.7
+    # via black
+isort==5.12.0
+    # via -r requirements-fmt.in
+mypy-extensions==1.0.0
+    # via black
+packaging==23.1
+    # via black
+pathspec==0.11.2
+    # via black
+platformdirs==3.10.0
+    # via black
+tomli==2.0.1
+    # via black
+typing-extensions==4.8.0
+    # via black

backend/requirements-lint.txt

@@ -0,0 +1,51 @@
+#
+# This file is autogenerated by pip-compile with Python 3.8
+# by the following command:
+#
+#    pip-compile requirements-lint.in
+#
+black==23.9.1
+    # via -r requirements-lint.in
+click==8.1.7
+    # via black
+codespell==2.2.5
+    # via -r requirements-lint.in
+flake8==6.0.0
+    # via
+    #   -r requirements-lint.in
+    #   flake8-builtins
+    #   pep8-naming
+    #   pyproject-flake8
+flake8-builtins==2.1.0
+    # via -r requirements-lint.in
+flake8-copyright==0.2.4
+    # via -r requirements-lint.in
+isort==5.12.0
+    # via -r requirements-lint.in
+mccabe==0.7.0
+    # via flake8
+mypy-extensions==1.0.0
+    # via black
+packaging==23.1
+    # via black
+pathspec==0.11.2
+    # via black
+pep8-naming==0.13.3
+    # via -r requirements-lint.in
+platformdirs==3.10.0
+    # via black
+pycodestyle==2.10.0
+    # via flake8
+pyflakes==3.0.1
+    # via flake8
+pyproject-flake8==6.0.0.post1
+    # via -r requirements-lint.in
+tomli==2.0.1
+    # via
+    #   black
+    #   pyproject-flake8
+typing-extensions==4.8.0
+    # via black
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools

backend/requirements-unit.txt

@@ -0,0 +1,5 @@
+coverage
+fastapi
+httpx
+pytest
+uvicorn

backend/requirements.txt

@@ -0,0 +1,4 @@
+fastapi
+httpx
+pytest
+uvicorn

backend/tests/test_main.py

@@ -0,0 +1,11 @@
+from fastapi.testclient import TestClient
+
+from main import app
+
+client = TestClient(app)
+
+
+def test_read_root():
+    response = client.get("/")
+    assert response.status_code == 200
+    assert response.json() == {"message": "Hello, World!"}

backend/tox.ini

@@ -0,0 +1,54 @@
+[flake8]
+max-line-length = 100
+
+[tox]
+skipsdist = True
+skip_missing_interpreters = True
+envlist = fmt, lint, unit, integration
+
+[vars]
+all_path = {[vars]src_path} {[vars]tst_path}
+src_path = {toxinidir}
+tst_path = {toxinidir}/tests/
+
+[testenv]
+passenv =
+    PYTHONPATH
+    CHARM_BUILD_DIR
+    MODEL_SETTINGS
+    KUBECONFIG
+setenv =
+    PYTHONPATH = {toxinidir}:{toxinidir}/lib:{[vars]src_path}
+    PYTHONBREAKPOINT=ipdb.set_trace
+    PY_COLORS=1
+
+[testenv:fmt]
+commands =
+    isort {[vars]all_path}
+    black {[vars]all_path}
+deps =
+    -r requirements-fmt.txt
+description = Apply coding style standards to code
+
+[testenv:lint]
+commands =
+    codespell {toxinidir}/. --skip {toxinidir}/.git --skip {toxinidir}/.tox \
+      --skip {toxinidir}/build --skip {toxinidir}/lib --skip {toxinidir}/venv \
+      --skip {toxinidir}/.mypy_cache \
+      --skip {toxinidir}/icon.svg --skip *.json.tmpl
+    # pflake8 wrapper supports config from pyproject.toml
+    pflake8 {[vars]all_path}
+    isort --check-only --diff {[vars]all_path}
+    black --check --diff {[vars]all_path}
+deps =
+    -r requirements-lint.txt
+description = Check code against coding style standards
+
+[testenv:unit]
+commands =
+    coverage run --source={[vars]src_path} \
+        -m pytest -vv --tb native {posargs}
+    coverage report
+deps =
+    -r requirements-unit.txt
+description = Run unit tests

pytest.ini

@@ -1,4 +1,4 @@
-[pytest]
+[pytest]
-testpaths = tests
+testpaths = tests
-python_files = test_*.py
+python_files = test_*.py
-python_functions = test_*
+python_functions = test_*

requirements.txt

@@ -1,3 +1,3 @@
-numpy==1.26.4
+numpy==1.26.4
-requests>=2.31
+requests>=2.31
 pytest

tests/test_smoke.py

@@ -1,3 +1,3 @@
-# tests/test_smoke.py
+# tests/test_smoke.py
-def test_smoke():
+def test_smoke():
     assert True