PR to Main branch - Production Ready

.github/scripts/backend_smoke_tests.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+set -e
+
+if [[ -z "$TEST_IP" || -z "$TEST_PORT" ]]; then
+  echo "TEST_IP is empty or unset."
+  exit 0
+
+TESTING_URL="http://${TEST_IP}:${TEST_PORT}"
+
+echo "Running smoke tests against staging environment"
+echo "Testing on backend service at: $TESTING_URL"
+
+# Check Response Body
+echo "Verifying response content..."
+response=$(curl -s "$TESTING_URL/")
+echo "Response: $response"
+
+# Check if response contains expected message
+if echo "$response" | grep -q "$EXPECTED_MESSAGE"; then
+  echo "Response content test passed"
+else
+  echo "Response content test failed"
+  # exit 1
+fi
+
+echo "Done!"

.github/scripts/frontend_smoke_tests.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+set -e
+
+if [[ -z "$TEST_IP" || -z "$TEST_PORT" ]]; then
+  echo "TEST_IP is empty or unset."
+  exit 0
+
+TESTING_URL="http://${TEST_IP}:${TEST_PORT}"
+
+echo "Running smoke tests against staging environment"
+echo "Testing on frontend at: $TESTING_URL"
+
+# Basic test, check for HTML response
+if curl -f -s "$TESTING_URL" | grep -q "<html"; then
+  echo "Frontend is working"
+else
+  echo "Frontend test failed"
+  # exit 1
+fi
+
+echo "Done!"

.github/scripts/get_backend_ip.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Exit immediately if any command fails
+set -e
+
+echo "Current environment: $ENVIRONMENT"
+echo "Waiting for LoadBalancer IPs to be assigned (up to 5 minutes)..."
+NOTES_IP=""
+USERS_IP=""
+
+NOTES_PORT=""
+USERS_PORT=""
+
+for i in $(seq 1 10); do
+  echo "Attempt $i/10 to get IPs..."
+  NOTES_IP=$(kubectl get service notes-service -o jsonpath='{.status.loadBalancer.ingress[0].ip}' -n $ENVIRONMENT)
+  NOTES_PORT=$(kubectl get service notes-service -o jsonpath='{.spec.ports[0].port}' -n $ENVIRONMENT)
+
+  USERS_IP=$(kubectl get service users-service -o jsonpath='{.status.loadBalancer.ingress[0].ip}' -n $ENVIRONMENT)
+  USERS_PORT=$(kubectl get service users-service -o jsonpath='{.spec.ports[0].port}' -n $ENVIRONMENT)
+
+  if [[ -n "$NOTES_IP" && -n "$NOTES_PORT" ]]; then
+    echo "Note Service LoadBalancer IPs assigned!"
+    echo "NOTE Service IP: $NOTES_IP:$NOTES_PORT"
+    break
+  fi
+
+  if [[ -n "$USERS_IP" && -n "$USERS_PORT" ]]; then
+    echo "User Service LoadBalancer IPs assigned!"
+    echo "NOTE Service IP: $NOTES_IP:$NOTES_PORT"
+    echo "USER Service IP: $USERS_IP:$USERS_PORT"
+    break
+  fi
+
+  sleep 5 # Wait 5 seconds before next attempt
+done
+
+if [[ -z "$NOTES_IP" || -z "$NOTES_PORT" || -z "$USERS_IP" || -z "$USERS_PORT" ]]; then
+  echo "Error: One or more LoadBalancer IPs not assigned after timeout."
+  exit 1 # Fail the job if IPs are not obtained
+fi
+
+# These are environment variables for subsequent steps in the *same job*
+# And used to set the job outputs
+echo "NOTES_IP=$NOTES_IP" >> $GITHUB_ENV
+echo "NOTES_PORT=$NOTES_PORT" >> $GITHUB_ENV
+echo "USERS_IP=$USERS_IP" >> $GITHUB_ENV
+echo "USERS_PORT=$USERS_PORT" >> $GITHUB_ENV

.github/scripts/get_frontend_ip.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Exit immediately if any command fails
+set -e
+
+echo "Current environment: $ENVIRONMENT"
+echo "Waiting for Frontend LoadBalancer IPs to be assigned (up to 5 minutes)..."
+FRONTEND_IP=""
+FRONTEND_PORT=""
+
+for i in $(seq 1 10); do
+  echo "Attempt $i/10 to get IPs..."
+  FRONTEND_IP=$(kubectl get service frontend -o jsonpath='{.status.loadBalancer.ingress[0].ip}' -n $ENVIRONMENT)
+  FRONTEND_PORT=$(kubectl get service frontend -o jsonpath='{.spec.ports[0].port}' -n $ENVIRONMENT)
+
+  if [[ -n "$FRONTEND_IP" && -n "$FRONTEND_PORT" ]]; then
+    echo "Frontend LoadBalancer IP assigned!"
+    echo "Frontend IP: $FRONTEND_IP:$FRONTEND_PORT"
+    break
+  fi
+  sleep 5 # Wait 5 seconds before next attempt
+done
+
+if [[ -z "$FRONTEND_IP" || -z "$FRONTEND_PORT" ]]; then
+  echo "Error: One or more LoadBalancer IPs not assigned after timeout."
+  exit 1 # Fail the job if IPs are not obtained
+fi
+
+# These are environment variables for subsequent steps in the *same job*
+# And used to set the job outputs
+echo "FRONTEND_IP=$FRONTEND_IP" >> $GITHUB_ENV
+echo "FRONTEND_PORT=$FRONTEND_PORT" >> $GITHUB_ENV

.github/workflows/_reusable_quality_check_workflow.yml

@@ -0,0 +1,57 @@
+# Reusable quality check: 
+# - black: Code format
+# - pylint: Code quality
+# - bandit: Security linting
+name: Reusable Quality Check Workflow
+
+# Workflow runs on being called by others
+on:
+  workflow_call:
+    inputs:
+      working-directory:
+        required: true
+        type: string
+      python-version:
+        required: false
+        type: string
+        default: "3.10"
+      linting-threshold:
+        required: false
+        type: number
+        default: 8.0
+
+jobs:
+  quality-check:
+    name: Code Quality and Security Check
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ inputs.python-version }}
+
+      - name: Install dependencies
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install -r requirements-dev.txt
+
+      - name: Format check with Black
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          black --check app/ tests/
+
+      - name: Lint with Pylint
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          pylint app/ --fail-under=${{ inputs.linting-threshold }}
+
+      - name: Security scan with Bandit
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          bandit -r app/ -ll

.github/workflows/_reusable_test_workflow.yml

@@ -0,0 +1,119 @@
+# Reusable test workflow
+# - pytest: run all defined test files in tests/
+# - pytest-cov: test coverage
+name: Reusable Test Workflow
+
+# Workflow runs on being called by others
+on:
+  workflow_call:
+    inputs:
+      working-directory:
+        required: true
+        type: string
+      python-version:
+        required: false
+        type: string
+        default: "3.10"
+      coverage-threshold:
+        required: false
+        type: number
+        default: 80
+
+env:
+  POSTGRES_HOST: localhost
+  POSTGRES_USER: postgres
+  POSTGRES_PASSWORD: postgres
+  POSTGRES_DB: test_db
+
+jobs:
+  unit-test:
+    name: Run Unit Testing (schemas, basic logic)
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_USER: ${{ env.POSTGRES_USER }}
+          POSTGRES_PASSWORD: ${{ env.POSTGRES_PASSWORD }}
+          POSTGRES_DB: ${{ env.POSTGRES_DB }}
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd "pg_isready -U postgres"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ inputs.python-version }}
+
+      - name: Install dependencies
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install -r requirements-dev.txt
+
+      - name: Run unit tests
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          pytest tests/unit/ -v
+
+  integration-test:
+    name: Run Integration Testing (API + database)
+    runs-on: ubuntu-latest
+    needs: unit-test
+
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_USER: ${{ env.POSTGRES_USER }}
+          POSTGRES_PASSWORD: ${{ env.POSTGRES_PASSWORD }}
+          POSTGRES_DB: ${{ env.POSTGRES_DB }}
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd "pg_isready -U postgres"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ inputs.python-version }}
+
+      - name: Install dependencies
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install -r requirements-dev.txt
+
+      - name: Run tests
+        working-directory: ${{ inputs.working-directory }}
+        env:
+          POSTGRES_USER: ${{ env.POSTGRES_USER }}
+          POSTGRES_PASSWORD: ${{ env.POSTGRES_PASSWORD }}
+          POSTGRES_DB: ${{ env.POSTGRES_DB }}
+          POSTGRES_HOST: ${{ env.POSTGRES_HOST }}
+          POSTGRES_PORT: 5432
+        run: |
+          pytest tests/integration/ -v --cov=app --cov-report=xml --cov-report=term-missing
+
+      - name: Check coverage
+        working-directory: ${{ inputs.working-directory }}
+        run: |
+          coverage report --fail-under=${{ inputs.coverage-threshold }}

.github/workflows/acceptance_test_cd.yml

@@ -0,0 +1,80 @@
+name: CD - Staging Tests on PR
+
+on:
+  # Manual trigger
+  workflow_dispatch:
+
+  push:
+    branches:
+      - "feature/*staging*"
+      - "fix/*staging*"
+    paths: 
+      - "playwright-python/**"
+      - ".github/workflows/*acceptance*.yml"
+
+  # Run the test when the new PR to develop or main is created
+  # pull_request:
+  #   branches:
+  #     - develop
+  #     - main
+  #   paths:
+  #     - 'backend/**'
+  #     - 'frontend/**'
+  #     - 'k8s/staging/**'
+  #     - 'infrastructure/staging/**'
+  #     - '.github/workflows/*staging*.yml'
+
+env:
+  PYTHON_VERSION: "3.10"
+  FRONTEND_URL: http://localhost:3000
+  USERS_SERVICE_URL: http://localhost:5000
+  NOTES_SERVICE_URL: http://localhost:5001
+
+jobs:
+  # Acceptance Tests (End-to-End)
+  acceptance-tests:
+    name: Acceptance Tests - End-to-end user flow
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: Start services with Docker Compose
+        run: |
+          docker compose build --no-cache
+          docker compose up -d
+
+      - name: Wait for services to be ready
+        run: |
+          echo "Waiting for services to start..."
+          timeout 60 bash -c 'until curl -s ${{ env.USERS_SERVICE_URL }}/health > /dev/null; do sleep 2; done'
+          timeout 60 bash -c 'until curl -s ${{ env.NOTES_SERVICE_URL }}/health > /dev/null; do sleep 2; done'
+          timeout 60 bash -c 'until curl -s ${{ env.FRONTEND_URL }} > /dev/null; do sleep 2; done'
+          echo "Services are ready!"
+
+      - name: Install Playwright
+        run: |
+          echo "Installing Playwright..."
+          pip install pytest-playwright
+          playwright install
+          pip install -r ./playwright-python/requirements.txt
+
+      - name: Run acceptance tests
+        env:
+          FRONTEND_URL: ${{ env.FRONTEND_URL }}
+          USERS_SERVICE_URL: ${{ env.USERS_SERVICE_URL }}
+          NOTES_SERVICE_URL: ${{ env.NOTES_SERVICE_URL }}
+        run: |
+          echo "Runing acceptance tests with Playwright..."
+          pytest ./playwright-python/tests/test_acceptance.py -v
+
+      - name: Stop services
+        if: always()
+        run: |
+          docker compose down -v