cs_betty/api
1
0
Fork 0
forked from cartsnitch/api
Code Pull Requests 2 Activity

Compare commits

merge into: cs_betty/api:barcode-betty/fix-ci-pipeline
Branches Tags
cs_betty/api:main cs_betty/api:betty/car-932-lint-fixes cs_betty/api:barcode-betty/fix-ci-pipeline cs_betty/api:barcode-betty/car-995-gitea-registry-v2 cs_betty/api:car992-fix cs_betty/api:betty/car-964-gitea-registry-v2 cs_betty/api:barcode-betty/gitea-registry cs_betty/api:barcode-betty/fix-dispose-engine-import cs_betty/api:uat cs_betty/api:dev cs_betty/api:savannah/fix-ci-uat-trigger cs_betty/api:barcode-betty/fix-ci-uat-trigger cs_betty/api:betty/car-869-gitea-actions-api cs_betty/api:betty/car-723-final-review cs_betty/api:betty/car-723-ci-workflow cs_betty/api:feat/car-723-migrate-api-to-new-repo cartsnitch/api:dev cartsnitch/api:uat cartsnitch/api:betty/car-1362-cache-remove-uat cartsnitch/api:betty/car-1362-push-unknown-fix cartsnitch/api:betty/car-1362-remove-gha-cache-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-uat cartsnitch/api:betty/car-1330-dev-ci-fix cartsnitch/api:betty/car-1340-uat-ci-fix cartsnitch/api:barcode-betty/fix-car-1135-dispose-engine cartsnitch/api:betty/car-1132-comprehensive-fix cartsnitch/api:promote/car1077-dev-uat cartsnitch/api:betty/fix-postgres-pool cartsnitch/api:betty/fix-sqlite-uuid-server-default cartsnitch/api:betty/fix-ci-test-failures-v2 cartsnitch/api:remove-deploy-dev-uat-jobs cartsnitch/api:main cartsnitch/api:betty/fix-ci-test-failures cartsnitch/api:barcode-betty/fix-lint-f402 cartsnitch/api:betty/fix-email-inbound-token-tests cartsnitch/api:barcode-betty/car-1004-fix-ruff-lint cartsnitch/api:betty/fix-lint-errors cartsnitch/api:fix/cart-995-gitea-registry-migration cartsnitch/api:fix-gitea-registry-migration cartsnitch/api:betty/car-995-gitea-registry cartsnitch/api:betty/car-932-dispose-import-v3 cartsnitch/api:barcode-betty/car-995-gitea-registry cartsnitch/api:betty/car-932-fix-dispose-engine cartsnitch/api:betty/car-964-gitea-registry-v2 cartsnitch/api:barcode-betty/gitea-registry cartsnitch/api:barcode-betty/fix-dispose-engine-import cartsnitch/api:savannah/fix-ci-uat-trigger cartsnitch/api:barcode-betty/fix-ci-uat-trigger cartsnitch/api:betty/car-869-gitea-actions-api cartsnitch/api:betty/car-723-final-review cartsnitch/api:betty/car-723-ci-workflow cartsnitch/api:feat/car-723-migrate-api-to-new-repo
...
pull from: cartsnitch/api:main
Branches Tags
cartsnitch/api:dev cartsnitch/api:uat cartsnitch/api:betty/car-1362-cache-remove-uat cartsnitch/api:betty/car-1362-push-unknown-fix cartsnitch/api:betty/car-1362-remove-gha-cache-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-dev cartsnitch/api:betty/car-1330-buildpush-registry-token-uat cartsnitch/api:betty/car-1330-dev-ci-fix cartsnitch/api:betty/car-1340-uat-ci-fix cartsnitch/api:barcode-betty/fix-car-1135-dispose-engine cartsnitch/api:betty/car-1132-comprehensive-fix cartsnitch/api:promote/car1077-dev-uat cartsnitch/api:betty/fix-postgres-pool cartsnitch/api:betty/fix-sqlite-uuid-server-default cartsnitch/api:betty/fix-ci-test-failures-v2 cartsnitch/api:remove-deploy-dev-uat-jobs cartsnitch/api:main cartsnitch/api:betty/fix-ci-test-failures cartsnitch/api:barcode-betty/fix-lint-f402 cartsnitch/api:betty/fix-email-inbound-token-tests cartsnitch/api:barcode-betty/car-1004-fix-ruff-lint cartsnitch/api:betty/fix-lint-errors cartsnitch/api:fix/cart-995-gitea-registry-migration cartsnitch/api:fix-gitea-registry-migration cartsnitch/api:betty/car-995-gitea-registry cartsnitch/api:betty/car-932-dispose-import-v3 cartsnitch/api:barcode-betty/car-995-gitea-registry cartsnitch/api:betty/car-932-fix-dispose-engine cartsnitch/api:betty/car-964-gitea-registry-v2 cartsnitch/api:barcode-betty/gitea-registry cartsnitch/api:barcode-betty/fix-dispose-engine-import cartsnitch/api:savannah/fix-ci-uat-trigger cartsnitch/api:barcode-betty/fix-ci-uat-trigger cartsnitch/api:betty/car-869-gitea-actions-api cartsnitch/api:betty/car-723-final-review cartsnitch/api:betty/car-723-ci-workflow cartsnitch/api:feat/car-723-migrate-api-to-new-repo cs_betty/api:main cs_betty/api:betty/car-932-lint-fixes cs_betty/api:barcode-betty/fix-ci-pipeline cs_betty/api:barcode-betty/car-995-gitea-registry-v2 cs_betty/api:car992-fix cs_betty/api:betty/car-964-gitea-registry-v2 cs_betty/api:barcode-betty/gitea-registry cs_betty/api:barcode-betty/fix-dispose-engine-import cs_betty/api:uat cs_betty/api:dev cs_betty/api:savannah/fix-ci-uat-trigger cs_betty/api:barcode-betty/fix-ci-uat-trigger cs_betty/api:betty/car-869-gitea-actions-api cs_betty/api:betty/car-723-final-review cs_betty/api:betty/car-723-ci-workflow cs_betty/api:feat/car-723-migrate-api-to-new-repo

24 Commits
barcode-betty/fix-ci-pipeline ... main

Author SHA1 Message Date
Chris Farhood 24d1b199ea Add .mcp.json 2026-05-25 21:46:58 +00:00
Savannah Savings 46906cc333 Merge pull request 'Promote to Production: CAR-894 Gitea workflows migration' (#36) from uat into main 2026-05-24 18:51:43 +00:00
Savannah Savings 0c0cc63d59 Merge pull request 'Promote dev → uat: test fixes (CAR-1006)' (#33) from dev into uat 2026-05-23 23:43:08 +00:00
Savannah Savings 280882f515 Merge pull request 'Fix test failures: email_inbound_token server_default for SQLite' (#29) from betty/fix-email-inbound-token-tests into dev 
Fix test failures: email_inbound_token server_default for SQLite (#29)

Strip PostgreSQL-only server_default from email_inbound_token before SQLite create_all(). Add email_inbound_token to test user INSERT statements.

Reviewed-by: Savannah Savings (CTO)
Approved-by: Checkout Charlie (QA)
 2026-05-23 23:25:03 +00:00
Savannah Savings 21443a266a Merge pull request 'Promote dev → uat: ruff lint fixes (CAR-1004)' (#31) from dev into uat 
Promote dev → uat: ruff lint fixes (CAR-1004)
 2026-05-23 23:12:10 +00:00
Savannah Savings ec4eaa1f03 Merge pull request 'Fix ruff lint errors across codebase' (#30) from barcode-betty/car-1004-fix-ruff-lint into dev 
Merge PR #30: Fix ruff lint errors across codebase

Fixes 56 ruff lint errors (E501, F401, I001) in cartsnitch/api.
QA: cs_charlie APPROVED
CTO: cs_savannah APPROVED
 2026-05-23 23:11:54 +00:00
Barcode Betty 0e3c9fb52e Fix: strip PostgreSQL server_default from email_inbound_token for SQLite 
The email_inbound_token column uses a PostgreSQL-only server_default
(gen_random_bytes/encode/trim) that SQLite cannot parse.
Strip the server_default before metadata.create_all() in both the
sync engine and async db_engine fixtures so tests run against SQLite.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 23:07:39 +00:00
Barcode Betty cc6ca5982c fix: resolve email_inbound_token conflict in test fixtures 
Rebase on latest dev and wrap SQL INSERT lines to honor ruff line-length=100.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 23:00:02 +00:00
Barcode Betty c9fd066c31 fix: resolve email_inbound_token conflict in test fixtures 2026-05-23 22:57:16 +00:00
Barcode Betty c68838acf2 Fix ruff lint errors across codebase 
- Auto-fix F401 (unused imports) and I001 (unsorted imports) with ruff --fix
- Manually fix E501 (line too long) in alembic migrations and src/ models
- Run ruff format to ensure consistent formatting

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 22:47:17 +00:00
Savannah Savings 4751154679 Merge pull request 'Fix ruff lint errors across codebase' (#28) from cs_betty/api:betty/car-932-lint-fixes into dev 
Merge PR #28: Fix ruff lint errors across codebase
 2026-05-23 22:44:02 +00:00
Savannah Savings 6799b0e7b1 Merge pull request 'promote: dev → uat (CAR-995 CI registry migration)' (#27) from dev into uat 
promote: dev → uat (CAR-995 CI registry migration) (#27)
 2026-05-23 22:31:54 +00:00
Savannah Savings 71cf0a4563 Merge pull request 'ci: migrate from ghcr.io to Gitea built-in registry' (#25) from fix/cart-995-gitea-registry-migration into dev 
ci: migrate from ghcr.io to Gitea built-in registry (#25)

CAR-995: Update CI workflow to use Gitea built-in container registry.
- REGISTRY env var: ghcr.io -> git.farh.net
- Replace Docker Hub/GHCR login with direct docker login using github.token
- Remove Docker Hub credentials from service containers
- Update deploy kustomize image refs to use env vars
 2026-05-23 22:31:36 +00:00
Barcode Betty 9659e63208 ci: migrate from ghcr.io to Gitea built-in registry 
- Update REGISTRY env var: ghcr.io -> git.farh.net
- Replace Docker Hub + GHCR login with Gitea login step
- Remove credentials blocks from postgres and redis service definitions
- Update deploy-dev/deploy-uat kustomize image refs to use $REGISTRY var

Fixes QA FAIL from PR #23: missing Gitea login step.
Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 22:14:55 +00:00
Savannah Savings 50110a54b7 Merge pull request 'Promote dev → uat: CI pipeline fixes (CAR-1000)' (#24) from dev into uat 
Promote dev → uat: CI pipeline fixes (CAR-1000)

Promotes PR #22 fixes to UAT environment.
 2026-05-23 22:14:44 +00:00
Savannah Savings 5c33b6ee38 Merge pull request 'Fix CI pipeline failures in cartsnitch/api' (#22) from cs_betty/api:barcode-betty/fix-ci-pipeline into dev 
Merge PR #22: Fix CI pipeline failures in cartsnitch/api

Fixes:
- Remove cache: pip from setup-python to fix intermittent tar corruption
- Add CARTSNITCH_SERVICE_KEY and CARTSNITCH_FERNET_KEY test env vars

Reviewed-by: Savannah Savings (CTO)
Approved-by: Checkout Charlie (QA)
 2026-05-23 22:13:56 +00:00
Barcode Betty ae2fc15a5b fix: resolve lint errors in test files [CAR-932] 
Fix 56 lint errors in test files that were blocking CI:
- E501: Split long SQL INSERT statements across multiple lines
- F401: Remove unused imports (os, unittest.mock.patch)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-23 22:09:33 +00:00
Savannah Savings 28ad343759 Merge pull request 'chore: promote dev to uat (dispose_engine fix, CAR-932)' (#20) from dev into uat 
chore: promote dev to uat (dispose_engine fix, CAR-932)
 2026-05-23 21:52:24 +00:00
Savannah Savings 06c6dbed5c Merge pull request 'promote: dev → uat (CAR-992 cors_origins fix)' (#15) from dev into uat 
promote: dev → uat (CAR-992 cors_origins fix) (#15)
 2026-05-23 20:56:06 +00:00
Savannah Savings 228a83c355 Merge pull request 'promote: dev → uat (CI trigger fix)' (#10) from dev into uat 
promote: dev → uat (CI trigger fix) (#10)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-05-21 14:39:13 +00:00
Savannah Savings fbfedd4e8f Merge pull request 'chore: promote dev to uat (CAR-898 workflow move)' (#7) from dev into uat 
chore: promote dev to uat (CAR-898 workflow move) (#7)
 2026-05-21 13:05:23 +00:00
Coupon Carl 6a8db71537 Merge pull request 'ci: promote Gitea Actions conversion to UAT' (#5) from dev into uat 2026-05-21 04:55:13 +00:00
cartsnitch-ceo[bot] cb180b511f release: promote API migration to production 
Production merge approved by CEO (Coupon Carl). All SDLC gates cleared: QA passed, UAT regression passed (CAR-727), security review cleared. Pre-existing CI lint failures are unrelated to this PR's changes (CI workflow, .grype.yaml, CLAUDE.md only).
 2026-04-19 12:27:19 +00:00
savannah-savings-cto[bot] 556b43b424 Merge pull request #2 from cartsnitch/dev 
chore: promote dev to uat
 2026-04-19 12:11:48 +00:00
20 changed files with 1635 additions and 87 deletions
Expand all files Collapse all files
.gitea/workflows/ci.yml
+6 -23
View File
@@ -15,7 +15,7 @@ permissions:
packages: write
env:
REGISTRY: ghcr.io
REGISTRY: git.farh.net
IMAGE_NAME: cartsnitch/api
jobs:
@@ -51,9 +51,6 @@ jobs:
services:
postgres:
image: postgres:15-alpine
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
env:
POSTGRES_USER: cartsnitch
POSTGRES_PASSWORD: cartsnitch_test
@@ -67,9 +64,6 @@ jobs:
--health-retries 5
redis:
image: redis:7-alpine
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
ports:
- 6379:6379
options: >-
@@ -122,19 +116,8 @@ jobs:
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "CalVer tag: $VERSION"
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to GHCR
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log in to Gitea Container Registry
run: echo "${{ github.token }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin
- name: Extract metadata
id: meta
@@ -171,7 +154,7 @@ jobs:
only-fixed: "true"
output-format: sarif
- name: Push Docker image
if: github.event_name == 'push'
@@ -224,7 +207,7 @@ jobs:
if: needs.build-and-push.result == 'success'
run: |
cd infra/apps/overlays/dev
kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}
- name: Commit and push to infra
run: |
@@ -268,7 +251,7 @@ jobs:
if: needs.build-and-push.result == 'success'
run: |
cd infra/apps/overlays/uat
kustomize edit set image ghcr.io/cartsnitch/api:${{ steps.api_tag.outputs.tag }}
kustomize edit set image ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.api_tag.outputs.tag }}
- name: Commit and push to infra
run: |
.mcp.json
+11
View File
@@ -0,0 +1,11 @@
{
"mcpServers": {
"gitea": {
"type": "http",
"url": "https://git-mcp.farh.net/mcp",
"headers": {
"Authorization": "Bearer ${GITEA_TOKEN}"
}
}
}
}
alembic/env.py
+6 -1
View File
@@ -45,7 +45,11 @@ def run_migrations_online() -> None:
poolclass=pool.NullPool,
)
with connectable.connect() as connection:
context.configure(connection=connection, target_metadata=target_metadata, version_table_column_width=128)
context.configure(
connection=connection,
target_metadata=target_metadata,
version_table_column_width=128,
)
with context.begin_transaction():
context.run_migrations()
# Create any tables defined in models but not yet created by migrations.
@@ -56,6 +60,7 @@ def run_migrations_online() -> None:
connection.commit()
except Exception as exc:
import logging
logging.getLogger("alembic.env").warning(
"create_all failed (non-fatal, migrations should handle table creation): %s", exc
)
alembic/versions/002_better_auth_tables.py
+44 -9
View File
@@ -30,7 +30,10 @@ def upgrade() -> None:
if inspector.has_table("users"):
existing_user_cols = [c["name"] for c in inspector.get_columns("users")]
if "email_verified" not in existing_user_cols:
op.add_column("users", sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"))
op.add_column(
"users",
sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"),
)
if "image" not in existing_user_cols:
op.add_column("users", sa.Column("image", sa.Text(), nullable=True))
@@ -44,8 +47,18 @@ def upgrade() -> None:
sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
sa.Column("ip_address", sa.Text(), nullable=True),
sa.Column("user_agent", sa.Text(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
op.create_index("ix_sessions_token", "sessions", ["token"], unique=True)
@@ -66,8 +79,18 @@ def upgrade() -> None:
sa.Column("scope", sa.Text(), nullable=True),
sa.Column("id_token", sa.Text(), nullable=True),
sa.Column("password", sa.Text(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
op.create_index("ix_accounts_user_id", "accounts", ["user_id"])
@@ -80,8 +103,18 @@ def upgrade() -> None:
sa.Column("identifier", sa.Text(), nullable=False),
sa.Column("value", sa.Text(), nullable=False),
sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
@@ -96,8 +129,10 @@ def upgrade() -> None:
user_id_str = str(user_id)
conn.execute(
text(
"INSERT INTO accounts (id, user_id, account_id, provider_id, password, created_at, updated_at) "
"VALUES (gen_random_uuid()::text, :user_id, :account_id, 'credential', :password, now(), now())"
"INSERT INTO accounts "
"(id, user_id, account_id, provider_id, password, created_at, updated_at) "
"VALUES (gen_random_uuid()::text, :user_id, :account_id, "
"'credential', :password, now(), now())"
),
{"user_id": user_id_str, "account_id": user_id_str, "password": hashed_password},
)
alembic/versions/004_fix_user_id_text.py
+12 -2
View File
@@ -40,7 +40,12 @@ def upgrade() -> None:
return # already TEXT — nothing to do
# Step 1: Drop existing FK constraints (ignore if they don't exist)
op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
op.execute(
text(
"ALTER TABLE user_store_accounts "
"DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"
)
)
op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))
# Step 2: Alter users.id from uuid to text
@@ -89,7 +94,12 @@ def upgrade() -> None:
def downgrade() -> None:
# Drop FK constraints
op.execute(text("ALTER TABLE user_store_accounts DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"))
op.execute(
text(
"ALTER TABLE user_store_accounts "
"DROP CONSTRAINT IF EXISTS user_store_accounts_user_id_fkey"
)
)
op.execute(text("ALTER TABLE purchases DROP CONSTRAINT IF EXISTS purchases_user_id_fkey"))
# Revert users.id from text to uuid
alembic/versions/005_add_email_inbound_token.py
+1 -1
View File
@@ -20,7 +20,7 @@ depends_on = None
def upgrade() -> None:
conn = op.get_bind()
inspector = sa.inspect(conn)
# Guard: on a fresh DB Base.metadata.create_all creates users table with the column already present
# Guard: on fresh DB, Base.metadata.create_all already has the column
if not inspector.has_table("users"):
return
existing_cols = [c["name"] for c in inspector.get_columns("users")]
alembic/versions/006_email_inbound_token_server_default.py
+3 -1
View File
@@ -6,6 +6,7 @@ Create Date: 2026-04-04
"""
import sqlalchemy as sa
from alembic import op
revision = "006_email_inbound_token_server_default"
@@ -29,7 +30,8 @@ def upgrade() -> None:
"users",
"email_inbound_token",
server_default=sa.text(
"replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
"replace(replace(trim(trailing '=' from "
"encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
),
)
alembic/versions/007_bootstrap_users_table.py
+13 -3
View File
@@ -27,7 +27,8 @@ def upgrade() -> None:
if inspector.has_table("users"):
return # Table already exists (non-fresh DB or create_all already ran)
conn.execute(text("""
conn.execute(
text("""
CREATE TABLE users (
id TEXT PRIMARY KEY,
email VARCHAR(255) NOT NULL UNIQUE,
@@ -36,11 +37,20 @@ def upgrade() -> None:
email_verified BOOLEAN NOT NULL DEFAULT false,
image TEXT,
email_inbound_token VARCHAR(22) NOT NULL UNIQUE
DEFAULT replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_'),
DEFAULT (
replace(
replace(
trim(trailing '=' from encode(gen_random_bytes(16), 'base64')),
'+', '-'
),
'/', '_'
)
),
created_at TIMESTAMPTZ NOT NULL DEFAULT now(),
updated_at TIMESTAMPTZ NOT NULL DEFAULT now()
)
"""))
""")
)
def downgrade() -> None:
alembic/versions/008_create_domain_tables.py
+150 -26
View File
@@ -29,8 +29,18 @@ def upgrade() -> None:
sa.Column("slug", sa.String(20), nullable=False, unique=True),
sa.Column("logo_url", sa.String(500), nullable=True),
sa.Column("website_url", sa.String(500), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 2. store_locations
@@ -45,8 +55,18 @@ def upgrade() -> None:
sa.Column("zip", sa.String(10), nullable=False),
sa.Column("lat", sa.Float(), nullable=True),
sa.Column("lng", sa.Float(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 3. normalized_products
@@ -61,8 +81,18 @@ def upgrade() -> None:
sa.Column("size", sa.String(50), nullable=True),
sa.Column("size_unit", sa.String(10), nullable=True),
sa.Column("upc_variants", sa.JSON(), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 4. purchases
@@ -72,7 +102,9 @@ def upgrade() -> None:
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("user_id", sa.Text(), sa.ForeignKey("users.id"), nullable=False),
sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
sa.Column("store_location_id", sa.Uuid(), sa.ForeignKey("store_locations.id"), nullable=True),
sa.Column(
"store_location_id", sa.Uuid(), sa.ForeignKey("store_locations.id"), nullable=True
),
sa.Column("receipt_id", sa.String(200), nullable=False),
sa.Column("purchase_date", sa.Date(), nullable=False),
sa.Column("total", sa.Numeric(10, 2), nullable=False),
@@ -81,9 +113,24 @@ def upgrade() -> None:
sa.Column("savings_total", sa.Numeric(10, 2), nullable=True),
sa.Column("source_url", sa.String(500), nullable=True),
sa.Column("raw_data", sa.JSON(), nullable=True),
sa.Column("ingested_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"ingested_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.UniqueConstraint("user_id", "store_id", "receipt_id", name="uq_purchase_receipt"),
sa.Index("ix_purchases_user_store", "user_id", "store_id"),
)
@@ -104,9 +151,24 @@ def upgrade() -> None:
sa.Column("coupon_discount", sa.Numeric(10, 2), nullable=True),
sa.Column("loyalty_discount", sa.Numeric(10, 2), nullable=True),
sa.Column("category_raw", sa.String(100), nullable=True),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=True,
),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 6. coupons
@@ -115,7 +177,12 @@ def upgrade() -> None:
"coupons",
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=True),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=True,
),
sa.Column("title", sa.String(300), nullable=False),
sa.Column("description", sa.String(1000), nullable=True),
sa.Column("discount_type", sa.String(20), nullable=False),
@@ -127,8 +194,18 @@ def upgrade() -> None:
sa.Column("coupon_code", sa.String(100), nullable=True),
sa.Column("source_url", sa.String(500), nullable=True),
sa.Column("scraped_at", sa.DateTime(timezone=True), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 7. price_history
@@ -136,7 +213,12 @@ def upgrade() -> None:
op.create_table(
"price_history",
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=False),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=False,
),
sa.Column("store_id", sa.Uuid(), sa.ForeignKey("stores.id"), nullable=False),
sa.Column("observed_date", sa.Date(), nullable=False),
sa.Column("regular_price", sa.Numeric(10, 2), nullable=False),
@@ -144,10 +226,27 @@ def upgrade() -> None:
sa.Column("loyalty_price", sa.Numeric(10, 2), nullable=True),
sa.Column("coupon_price", sa.Numeric(10, 2), nullable=True),
sa.Column("source", sa.String(20), nullable=False),
sa.Column("purchase_item_id", sa.Uuid(), sa.ForeignKey("purchase_items.id"), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Index("ix_price_history_product_store_date", "normalized_product_id", "store_id", "observed_date"),
sa.Column(
"purchase_item_id", sa.Uuid(), sa.ForeignKey("purchase_items.id"), nullable=True
),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Index(
"ix_price_history_product_store_date",
"normalized_product_id",
"store_id",
"observed_date",
),
)
# 8. shrinkflation_events
@@ -155,7 +254,12 @@ def upgrade() -> None:
op.create_table(
"shrinkflation_events",
sa.Column("id", sa.Uuid(), server_default=text("gen_random_uuid()"), primary_key=True),
sa.Column("normalized_product_id", sa.Uuid(), sa.ForeignKey("normalized_products.id"), nullable=False),
sa.Column(
"normalized_product_id",
sa.Uuid(),
sa.ForeignKey("normalized_products.id"),
nullable=False,
),
sa.Column("detected_date", sa.Date(), nullable=False),
sa.Column("old_size", sa.String(50), nullable=False),
sa.Column("new_size", sa.String(50), nullable=False),
@@ -165,8 +269,18 @@ def upgrade() -> None:
sa.Column("price_at_new_size", sa.Numeric(10, 2), nullable=True),
sa.Column("confidence", sa.Numeric(3, 2), server_default=text("1.00"), nullable=False),
sa.Column("notes", sa.String(1000), nullable=True),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
)
# 9. user_store_accounts
@@ -180,8 +294,18 @@ def upgrade() -> None:
sa.Column("session_expires_at", sa.DateTime(timezone=True), nullable=True),
sa.Column("last_sync_at", sa.DateTime(timezone=True), nullable=True),
sa.Column("status", sa.String(20), server_default=text("'active'"), nullable=False),
sa.Column("created_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column("updated_at", sa.DateTime(timezone=True), server_default=sa.func.now(), nullable=False),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.Column(
"updated_at",
sa.DateTime(timezone=True),
server_default=sa.func.now(),
nullable=False,
),
sa.UniqueConstraint("user_id", "store_id", name="uq_user_store_account"),
)
alembic/versions/009_add_gin_index_upc_variants.py
+1
View File
@@ -6,6 +6,7 @@ Create Date: 2026-04-14
"""
import sqlalchemy as sa
from alembic import op
revision = "009_add_gin_index_upc_variants"
src/cartsnitch_api/auth/dependencies.py
+2 -1
View File
@@ -5,7 +5,8 @@ Sessions are verified by querying the shared sessions table directly.
"""
from datetime import UTC, datetime
from fastapi import Cookie, Depends, Header, HTTPException, Request, status
from fastapi import Depends, Header, HTTPException, Request, status
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from sqlalchemy import text
from sqlalchemy.ext.asyncio import AsyncSession
src/cartsnitch_api/auth/routes.py
-3
View File
@@ -6,13 +6,10 @@ endpoints that query our own user data from the shared database.
"""
from fastapi import APIRouter, Depends, HTTPException, status
from pydantic import BaseModel
from sqlalchemy import select
from sqlalchemy.ext.asyncio import AsyncSession
from cartsnitch_api.auth.dependencies import get_current_user
from cartsnitch_api.database import get_db
from cartsnitch_api.models import User
from cartsnitch_api.schemas import (
UpdateUserRequest,
UserResponse,
src/cartsnitch_api/main.py
+2 -1
View File
@@ -6,10 +6,10 @@ from fastapi import APIRouter, FastAPI
from cartsnitch_api.auth.routes import router as auth_router
from cartsnitch_api.cache import cache_client
from cartsnitch_api.middleware.audit import add_audit_middleware
from cartsnitch_api.middleware.cors import add_cors_middleware
from cartsnitch_api.middleware.error_handler import add_error_handlers, add_error_monitor_middleware
from cartsnitch_api.middleware.rate_limit import add_rate_limit_middleware
from cartsnitch_api.middleware.audit import add_audit_middleware
from cartsnitch_api.routes.alerts import router as alerts_router
from cartsnitch_api.routes.coupons import router as coupons_router
from cartsnitch_api.routes.health import router as health_router
@@ -26,6 +26,7 @@ from cartsnitch_api.routes.user import router as user_router
@asynccontextmanager
async def lifespan(app: FastAPI):
from cartsnitch_api.database import dispose_engine
await cache_client.initialize()
yield
await cache_client.close()
src/cartsnitch_api/models/user.py
+3 -4
View File
@@ -26,9 +26,7 @@ class User(TimestampMixin, Base):
email: Mapped[str] = mapped_column(String(255), nullable=False, unique=True)
hashed_password: Mapped[str | None] = mapped_column(String(255), nullable=True)
display_name: Mapped[str | None] = mapped_column(String(100))
email_verified: Mapped[bool] = mapped_column(
Boolean, nullable=False, server_default="false"
)
email_verified: Mapped[bool] = mapped_column(Boolean, nullable=False, server_default="false")
image: Mapped[str | None] = mapped_column(Text, nullable=True)
email_inbound_token: Mapped[str] = mapped_column(
String(22),
@@ -36,7 +34,8 @@ class User(TimestampMixin, Base):
unique=True,
default=lambda: secrets.token_urlsafe(16),
server_default=sa.text(
"replace(replace(trim(trailing '=' from encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
"replace(replace(trim(trailing '=' from "
"encode(gen_random_bytes(16), 'base64')), '+', '-'), '/', '_')"
),
)
tests/conftest.py
+12 -2
View File
@@ -53,6 +53,10 @@ def disable_rate_limiting():
def engine():
"""Sync in-memory SQLite engine for model unit tests."""
eng = create_engine("sqlite:///:memory:")
from cartsnitch_api.models.user import User
col = User.__table__.columns["email_inbound_token"]
col.server_default = None
Base.metadata.create_all(eng)
yield eng
eng.dispose()
@@ -77,6 +81,9 @@ async def db_engine():
cursor.close()
async with engine.begin() as conn:
from cartsnitch_api.models.user import User
User.__table__.columns["email_inbound_token"].server_default = None
await conn.run_sync(Base.metadata.create_all)
# Create Better-Auth tables (not managed by SQLAlchemy models)
await conn.execute(
@@ -177,8 +184,10 @@ async def _create_test_user_and_session(
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, :email_verified, :created_at, :updated_at)"
"INSERT INTO users (id, email, hashed_password, display_name, "
"email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hashed_password, :display_name, "
":email_verified, :email_inbound_token, :created_at, :updated_at)"
),
{
"id": user_id,
@@ -186,6 +195,7 @@ async def _create_test_user_and_session(
"hashed_password": "not-used-with-better-auth",
"display_name": display_name,
"email_verified": False,
"email_inbound_token": secrets.token_urlsafe(16),
"created_at": now,
"updated_at": now,
},
tests/test_auth/test_auth_endpoints.py
+4 -2
View File
@@ -138,8 +138,9 @@ async def test_expired_session_rejected(client, db_engine):
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
"INSERT INTO users (id, email, hashed_password, display_name, "
"email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
),
{
"id": user_id,
@@ -147,6 +148,7 @@ async def test_expired_session_rejected(client, db_engine):
"hp": "unused",
"dn": "Expired User",
"ev": False,
"token": secrets.token_urlsafe(16),
"ca": now,
"ua": now,
},
tests/test_config.py
+12 -5
View File
@@ -1,7 +1,5 @@
"""Tests for Settings config, specifically the database_url env var fallback."""
import os
from cartsnitch_api.config import Settings
@@ -30,7 +28,10 @@ def test_database_url_normalizes_plain_postgresql_prefix():
"DATABASE_URL": "postgresql://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
}
settings = Settings(**env)
assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
assert (
settings.database_url
== "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
)
def test_database_url_preserves_asyncpg_prefix():
@@ -39,10 +40,16 @@ def test_database_url_preserves_asyncpg_prefix():
"CARTSNITCH_DATABASE_URL": "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch",
}
settings = Settings(**env)
assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
assert (
settings.database_url
== "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
)
def test_database_url_default():
"""When neither env var is set, the hardcoded default is used."""
settings = Settings()
assert settings.database_url == "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
assert (
settings.database_url
== "postgresql+asyncpg://cartsnitch:cartsnitch@localhost:5432/cartsnitch"
)
tests/test_e2e/test_auth_validation.py
+4 -2
View File
@@ -65,8 +65,9 @@ class TestSessionValidation:
async with db_engine.begin() as conn:
await conn.execute(
text(
"INSERT INTO users (id, email, hashed_password, display_name, email_verified, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :ca, :ua)"
"INSERT INTO users (id, email, hashed_password, display_name, "
"email_verified, email_inbound_token, created_at, updated_at) "
"VALUES (:id, :email, :hp, :dn, :ev, :token, :ca, :ua)"
),
{
"id": user_id,
@@ -74,6 +75,7 @@ class TestSessionValidation:
"hp": "unused",
"dn": "Expired User",
"ev": False,
"token": secrets.token_urlsafe(16),
"ca": now,
"ua": now,
},
tests/test_middleware/test_rate_limit.py
+1 -1
View File
@@ -1,7 +1,7 @@
"""Tests for rate limiting middleware."""
import time
from unittest.mock import AsyncMock, MagicMock, patch
from unittest.mock import AsyncMock, MagicMock
import pytest
uv.lock
Generated
+1348
View File
File diff suppressed because it is too large Load Diff