Fix: strip PostgreSQL server_default from UUID + gen_random_bytes columns for SQLite tests

The sync engine fixture (engine) and async engine fixture (db_engine) now iterate all Base.metadata tables and null server_default on any column whose SQL text contains 'gen_random_uuid' or 'gen_random_bytes'. This covers all UUIDPrimaryKeyMixin columns (Purchase, PurchaseItem, Store, StoreLocation, Coupon, NormalizedProduct, PriceHistory, ShrinkflationEvent, UserStoreAccount) as well as the email_inbound_token gen_random_bytes expression in User. Without this, SQLite raises 'type UUID is not supported' when the ORM tries to bind Python UUID objects, and NOT NULL constraint failures when server_default expressions reference non-existent PostgreSQL functions. Co-Authored-By: Paperclip <noreply@paperclip.ing>
Fix: strip PostgreSQL server_default from email_inbound_token for SQLite
2026-05-23 23:36:08 +00:00 · 2026-05-23 23:07:39 +00:00 · 2026-05-23 23:00:02 +00:00 · 2026-05-23 22:57:16 +00:00 · 2026-05-23 22:44:02 +00:00 · 2026-05-23 22:31:36 +00:00
8 changed files with 1399 additions and 34 deletions
@@ -15,7 +15,7 @@ permissions:
  packages: write

 env:
-  REGISTRY: ghcr.io
+  REGISTRY: git.farh.net
  IMAGE_NAME: cartsnitch/api

 jobs:
@@ -51,9 +51,6 @@ jobs:
    services:
      postgres:
        image: postgres:15-alpine
-        credentials:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
        env:
          POSTGRES_USER: cartsnitch
          POSTGRES_PASSWORD: cartsnitch_test
@@ -67,9 +64,6 @@ jobs:
          --health-retries 5
      redis:
        image: redis:7-alpine
-        credentials:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
        ports:
          - 6379:6379
        options: >-
@@ -122,19 +116,8 @@ jobs:
          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
          echo "CalVer tag: $VERSION"

-      - name: Log in to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Log in to GHCR
-        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Log in to Gitea Container Registry
+        run: echo "${{ github.token }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin

      - name: Extract metadata
        id: meta
@@ -171,7 +154,7 @@ jobs:
          only-fixed: "true"
          output-format: sarif

-      
+

      - name: Push Docker image
        if: github.event_name == 'push'
@@ -224,7 +207,7 @@ jobs:
        if: needs.build-and-push.result == 'success'
        run: |
          cd infra/apps/overlays/dev
-          kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
+          kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}

      - name: Commit and push to infra
        run: |
@@ -268,7 +251,7 @@ jobs:
        if: needs.build-and-push.result == 'success'
        run: |
          cd infra/apps/overlays/uat
-          kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
+          kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}

      - name: Commit and push to infra
        run: |
@@ -51,8 +51,21 @@ def disable_rate_limiting():

@pytest.fixture
 def engine():
-    """Sync in-memory SQLite engine for model unit tests."""
+    """Sync in-memory SQLite engine for model unit tests.
+
+    Strips PostgreSQL-specific server_default expressions so SQLite can
+    handle all column inserts without missing-function errors.
+    """
    eng = create_engine("sqlite:///:memory:")
+
+    for table in Base.metadata.tables.values():
+        for col in table.columns.values():
+            sd = col.server_default
+            if sd is not None:
+                expr_str = str(sd.expression).lower()
+                if "gen_random_uuid" in expr_str or "gen_random_bytes" in expr_str:
+                    col.server_default = None
+
    Base.metadata.create_all(eng)
    yield eng
    eng.dispose()
@@ -76,9 +89,16 @@ async def db_engine():
        cursor.execute("PRAGMA foreign_keys=ON")
        cursor.close()

+    for table in Base.metadata.tables.values():
+        for col in table.columns.values():
+            sd = col.server_default
+            if sd is not None:
+                expr_str = str(sd.expression).lower()
+                if "gen_random_uuid" in expr_str or "gen_random_bytes" in expr_str:
+                    col.server_default = None
+
    async with engine.begin() as conn:
        await conn.run_sync(Base.metadata.create_all)
-        # Create Better-Auth tables (not managed by SQLAlchemy models)
        await conn.execute(
            text("""
            CREATE TABLE IF NOT EXISTS sessions (
@@ -177,8 +197,10 @@ async def _create_test_user_and_session(
    async with db_engine.begin() as conn:
        await conn.execute(
            text(
-                "INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
-                "VALUES (:id, :email, :hashed_password, :display_name, :email_verified, :created_at, :updated_at)"
+                "INSERT INTO users (id, email, hashed_password, display_name, "
+                "email_verified, email_inbound_token, created_at, updated_at) "
+                "VALUES (:id, :email, :hashed_password, :display_name, "
+                ":email_verified, :email_inbound_token, :created_at, :updated_at)"
            ),
            {
                "id": user_id,
@@ -186,6 +208,7 @@ async def _create_test_user_and_session(
                "hashed_password": "not-used-with-better-auth",
                "display_name": display_name,
                "email_verified": False,
+                "email_inbound_token": secrets.token_urlsafe(16),
                "created_at": now,
                "updated_at": now,
            },
@@ -138,8 +138,9 @@ async def test_expired_session_rejected(client, db_engine):
    async with db_engine.begin() as conn:
        await conn.execute(
            text(
-                "INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
-                "VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
+                "INSERT INTO users (id, email, hashed_password, display_name, "
+                "email_verified, email_inbound_token, created_at, updated_at) "
+                "VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
            ),
            {
                "id": user_id,
@@ -147,6 +148,7 @@ async def test_expired_session_rejected(client, db_engine):
                "hp": "unused",
                "dn": "Expired User",
                "ev": False,
+                "token": secrets.token_urlsafe(16),
                "ca": now,
                "ua": now,
            },
@@ -1,7 +1,5 @@
 """Tests for Settings config, specifically the database_url env var fallback."""

-import os
-
 from cartsnitch_api.config import Settings


@@ -65,8 +65,9 @@ class TestSessionValidation:
        async with db_engine.begin() as conn:
            await conn.execute(
                text(
-                    "INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
-                    "VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
+                    "INSERT INTO users (id, email, hashed_password, display_name, "
+                    "email_verified, email_inbound_token, created_at, updated_at) "
+                    "VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
                ),
                {
                    "id": user_id,
@@ -74,6 +75,7 @@ class TestSessionValidation:
                    "hp": "unused",
                    "dn": "Expired User",
                    "ev": False,
+                    "token": secrets.token_urlsafe(16),
                    "ca": now,
                    "ua": now,
                },
@@ -17,6 +17,15 @@ from cartsnitch_api.models.user import User, UserStoreAccount
@pytest.fixture
 def engine():
    eng = create_engine("sqlite:///:memory:")
+
+    for table in Base.metadata.tables.values():
+        for col in table.columns.values():
+            sd = col.server_default
+            if sd is not None:
+                expr_str = str(sd.expression).lower()
+                if "gen_random_uuid" in expr_str or "gen_random_bytes" in expr_str:
+                    col.server_default = None
+
    Base.metadata.create_all(eng)
    yield eng
    eng.dispose()
@@ -1,7 +1,7 @@
 """Tests for rate limiting middleware."""

 import time
-from unittest.mock import AsyncMock, MagicMock, patch
+from unittest.mock import AsyncMock, MagicMock

 import pytest
Author	SHA1	Message	Date
Barcode Betty	6755ca8c27	Fix: strip PostgreSQL server_default from UUID + gen_random_bytes columns for SQLite tests CI / lint (pull_request) Failing after 3s Details CI / typecheck (pull_request) Failing after 19s Details CI / test (pull_request) Failing after 16s Details CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (pull_request) Has been skipped Details The sync engine fixture (engine) and async engine fixture (db_engine) now iterate all Base.metadata tables and null server_default on any column whose SQL text contains 'gen_random_uuid' or 'gen_random_bytes'. This covers all UUIDPrimaryKeyMixin columns (Purchase, PurchaseItem, Store, StoreLocation, Coupon, NormalizedProduct, PriceHistory, ShrinkflationEvent, UserStoreAccount) as well as the email_inbound_token gen_random_bytes expression in User. Without this, SQLite raises 'type UUID is not supported' when the ORM tries to bind Python UUID objects, and NOT NULL constraint failures when server_default expressions reference non-existent PostgreSQL functions. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 23:36:08 +00:00
Barcode Betty	0e3c9fb52e	Fix: strip PostgreSQL server_default from email_inbound_token for SQLite CI / lint (pull_request) Failing after 5s Details CI / typecheck (pull_request) Failing after 32s Details CI / test (pull_request) Failing after 1m23s Details CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (pull_request) Has been skipped Details The email_inbound_token column uses a PostgreSQL-only server_default (gen_random_bytes/encode/trim) that SQLite cannot parse. Strip the server_default before metadata.create_all() in both the sync engine and async db_engine fixtures so tests run against SQLite. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 23:07:39 +00:00
Barcode Betty	cc6ca5982c	fix: resolve email_inbound_token conflict in test fixtures CI / lint (pull_request) Failing after 7s Details CI / typecheck (pull_request) Failing after 31s Details CI / test (pull_request) Failing after 51s Details CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (pull_request) Has been skipped Details Rebase on latest dev and wrap SQL INSERT lines to honor ruff line-length=100. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 23:00:02 +00:00
Barcode Betty	c9fd066c31	fix: resolve email_inbound_token conflict in test fixtures CI / lint (pull_request) Failing after 7s Details CI / typecheck (pull_request) Failing after 31s Details CI / test (pull_request) Failing after 49s Details CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (pull_request) Has been skipped Details	2026-05-23 22:57:16 +00:00
Savannah Savings	4751154679	Merge pull request 'Fix ruff lint errors across codebase' (#28 ) from cs_betty/api:betty/car-932-lint-fixes into dev CI / lint (push) Failing after 3s Details CI / typecheck (push) Failing after 29s Details CI / test (push) Failing after 48s Details CI / build-and-push (push) Has been skipped Details CI / deploy-uat (push) Has been skipped Details CI / deploy-dev (push) Failing after 27s Details Merge PR #28: Fix ruff lint errors across codebase	2026-05-23 22:44:02 +00:00
Savannah Savings	71cf0a4563	Merge pull request 'ci: migrate from ghcr.io to Gitea built-in registry' (#25 ) from fix/cart-995-gitea-registry-migration into dev CI / lint (push) Failing after 5s Details CI / lint (pull_request) Failing after 5s Details CI / typecheck (pull_request) Failing after 16s Details CI / typecheck (push) Failing after 30s Details CI / test (push) Failing after 51s Details CI / build-and-push (push) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (push) Has been skipped Details CI / test (pull_request) Failing after 1m51s Details CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (push) Failing after 32s Details CI / deploy-uat (pull_request) Has been skipped Details ci: migrate from ghcr.io to Gitea built-in registry (#25) CAR-995: Update CI workflow to use Gitea built-in container registry. - REGISTRY env var: ghcr.io -> git.farh.net - Replace Docker Hub/GHCR login with direct docker login using github.token - Remove Docker Hub credentials from service containers - Update deploy kustomize image refs to use env vars	2026-05-23 22:31:36 +00:00
Barcode Betty	9659e63208	ci: migrate from ghcr.io to Gitea built-in registry CI / lint (pull_request) Failing after 8s Details CI / typecheck (pull_request) Failing after 29s Details CI / test (pull_request) Failing after 50s Details CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (pull_request) Has been skipped Details - Update REGISTRY env var: ghcr.io -> git.farh.net - Replace Docker Hub + GHCR login with Gitea login step - Remove credentials blocks from postgres and redis service definitions - Update deploy-dev/deploy-uat kustomize image refs to use $REGISTRY var Fixes QA FAIL from PR #23: missing Gitea login step. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 22:14:55 +00:00
Barcode Betty	ae2fc15a5b	fix: resolve lint errors in test files [CAR-932] CI / lint (pull_request) Has been cancelled Details CI / typecheck (pull_request) Has been cancelled Details CI / test (pull_request) Has been cancelled Details CI / build-and-push (pull_request) Has been cancelled Details CI / deploy-dev (pull_request) Has been cancelled Details CI / deploy-uat (pull_request) Has been cancelled Details Fix 56 lint errors in test files that were blocking CI: - E501: Split long SQL INSERT statements across multiple lines - F401: Remove unused imports (os, unittest.mock.patch) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 22:09:33 +00:00