Compare commits

..

1 Commits

Author SHA1 Message Date
Flea Flicker a58643a712 fix(ci): update kustomize image refs from ghcr.io to git.farh.net
CI / lint (pull_request) Failing after 1m55s
CI / test (pull_request) Failing after 1m44s
CI / build-and-push (pull_request) Has been skipped
CI / deploy-dev (pull_request) Has been skipped
CI / deploy-uat (pull_request) Has been skipped
CI / typecheck (pull_request) Failing after 2m10s
Fixes QA finding: deploy-dev and deploy-uat jobs still referenced ghcr.io
in kustomize edit set image commands.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-05-23 15:54:42 +00:00
6 changed files with 34 additions and 24 deletions
+26 -8
View File
@@ -15,7 +15,7 @@ permissions:
packages: write
env:
REGISTRY: git.farh.net
REGISTRY: ghcr.io
IMAGE_NAME: cartsnitch/api
jobs:
@@ -26,6 +26,7 @@ jobs:
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: pip
- run: pip install ruff
- name: Ruff lint
run: ruff check .
@@ -40,6 +41,7 @@ jobs:
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: pip
- name: Install system dependencies
run: sudo apt-get update && sudo apt-get install -y libpq-dev build-essential
- run: pip install -e ".[dev]" mypy
@@ -51,6 +53,9 @@ jobs:
services:
postgres:
image: postgres:15-alpine
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
env:
POSTGRES_USER: cartsnitch
POSTGRES_PASSWORD: cartsnitch_test
@@ -64,6 +69,9 @@ jobs:
--health-retries 5
redis:
image: redis:7-alpine
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
ports:
- 6379:6379
options: >-
@@ -75,13 +83,12 @@ jobs:
CARTSNITCH_DATABASE_URL: postgresql+asyncpg://cartsnitch:cartsnitch_test@localhost:5432/cartsnitch_test
CARTSNITCH_REDIS_URL: redis://localhost:6379/0
CARTSNITCH_JWT_SECRET_KEY: test-secret-do-not-use-in-prod
CARTSNITCH_SERVICE_KEY: test-service-key-do-not-use-in-prod
CARTSNITCH_FERNET_KEY: wXWQsC0FZlhSz2t_tfVQjNUSP8vgAGG3o3pkjrX8Bw0=
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: pip
- name: Install system dependencies
run: sudo apt-get update && sudo apt-get install -y libpq-dev build-essential
- run: pip install -e ".[dev]"
@@ -116,8 +123,19 @@ jobs:
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "CalVer tag: $VERSION"
- name: Log in to Gitea Container Registry
run: echo "${{ github.token }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to GHCR
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
@@ -154,7 +172,7 @@ jobs:
only-fixed: "true"
output-format: sarif
- name: Push Docker image
if: github.event_name == 'push'
@@ -207,7 +225,7 @@ jobs:
if: needs.build-and-push.result == 'success'
run: |
cd infra/apps/overlays/dev
kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}
kustomize edit set image git.farh.net/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
- name: Commit and push to infra
run: |
@@ -251,7 +269,7 @@ jobs:
if: needs.build-and-push.result == 'success'
run: |
cd infra/apps/overlays/uat
kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}
kustomize edit set image git.farh.net/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
- name: Commit and push to infra
run: |
+1 -6
View File
@@ -23,12 +23,7 @@ class Settings(BaseSettings):
auth_service_url: str = "http://auth:3001"
cors_origins: list[str] = [
"http://localhost:3000",
"https://cartsnitch.com",
"https://dev.cartsnitch.com",
"https://uat.cartsnitch.com",
]
cors_origins: list[str] = ["http://localhost:3000", "https://cartsnitch.com"]
receiptwitness_url: str = "http://receiptwitness:8001"
stickershock_url: str = "http://stickershock:8002"
+1 -1
View File
@@ -6,6 +6,7 @@ from fastapi import APIRouter, FastAPI
from cartsnitch_api.auth.routes import router as auth_router
from cartsnitch_api.cache import cache_client
from cartsnitch_api.database import dispose_engine
from cartsnitch_api.middleware.cors import add_cors_middleware
from cartsnitch_api.middleware.error_handler import add_error_handlers, add_error_monitor_middleware
from cartsnitch_api.middleware.rate_limit import add_rate_limit_middleware
@@ -25,7 +26,6 @@ from cartsnitch_api.routes.user import router as user_router
@asynccontextmanager
async def lifespan(app: FastAPI):
from cartsnitch_api.database import dispose_engine
await cache_client.initialize()
yield
await cache_client.close()
+2 -3
View File
@@ -177,8 +177,8 @@ async def _create_test_user_and_session(
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, :email_verified, :email_inbound_token, :created_at, :updated_at)"
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, :email_verified, :created_at, :updated_at)"
),
{
"id": user_id,
@@ -186,7 +186,6 @@ async def _create_test_user_and_session(
"hashed_password": "not-used-with-better-auth",
"display_name": display_name,
"email_verified": False,
"email_inbound_token": secrets.token_urlsafe(16),
"created_at": now,
"updated_at": now,
},
+2 -3
View File
@@ -138,8 +138,8 @@ async def test_expired_session_rejected(client, db_engine):
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
),
{
"id": user_id,
@@ -147,7 +147,6 @@ async def test_expired_session_rejected(client, db_engine):
"hp": "unused",
"dn": "Expired User",
"ev": False,
"token": secrets.token_urlsafe(16),
"ca": now,
"ua": now,
},
+2 -3
View File
@@ -65,8 +65,8 @@ class TestSessionValidation:
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
),
{
"id": user_id,
@@ -74,7 +74,6 @@ class TestSessionValidation:
"hp": "unused",
"dn": "Expired User",
"ev": False,
"token": secrets.token_urlsafe(16),
"ca": now,
"ua": now,
},