first commit

Author: GioeleB00

.gitattributes

@@ -0,0 +1,4 @@
+*.sh text eol=lf
+*.py text eol=lf
+*.env text eol=lf
+*.yml text eol=lf

.github/workflows/ci-cd-main.yml

@@ -0,0 +1,148 @@
+name: CI – Develop Branch
+
+
+# Triggers
+# --------
+# • pull_request → quick job (lint + type-check + unit tests)
+# • push         → full job  (quick job + DB migrations + integration tests +
+#                              Docker build & smoke test)
+
+on:
+  pull_request:
+    branches: [develop]
+  push:
+    branches: [develop]
+
+
+# Job 1 ─ Quick validation (executed only on pull_request events)
+# --------------------------------------------------------------------------- #
+# Runs fast checks that give reviewers immediate feedback.  No external
+# services or Docker are used to keep runtime under one minute.
+
+jobs:
+  quick:
+    if: github.event_name == 'pull_request'
+    runs-on: ubuntu-latest
+
+    steps:
+      # Checkout repository
+      - uses: actions/checkout@v3
+
+      # Install Python 3.12
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.12"
+
+      # Restore Poetry cache for faster installs
+      - uses: actions/cache@v3
+        with:
+          path: ~/.cache/pypoetry
+          key: ${{ runner.os }}-poetry-${{ hashFiles('**/poetry.lock') }}
+
+      # Install project + development dependencies
+      - name: Install dependencies
+        run: |
+          curl -sSL https://install.python-poetry.org | python3 -
+          poetry config virtualenvs.create false
+          poetry install --with dev --no-interaction
+
+      # Code quality gates
+      - name: Run Ruff (lint & formatting check)
+        run: poetry run ruff check src tests
+
+      - name: Run MyPy (type-check)
+        run: poetry run mypy src tests
+      
+      # Unit-tests only (exclude integration markers)
+      - name: Run unit tests
+        run: poetry run pytest -m "not integration" --disable-warnings
+
+
+
+# Job 2 ─ Full validation (executed only on push events)
+# --------------------------------------------------------------------------- #
+# Includes everything from the quick job plus:
+# • PostgreSQL service container
+# • Alembic migrations
+# • Integration tests
+# • Multi-stage Docker build and health-check
+
+  full:
+    if: |
+      github.event_name == 'push' &&
+      github.ref == 'refs/heads/develop'
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:17
+        env:
+          POSTGRES_USER: ${{ secrets.DB_USER }}
+          POSTGRES_PASSWORD: ${{ secrets.DB_PASSWORD }}
+          POSTGRES_DB: ${{ secrets.DB_NAME }}
+        ports: ["5432:5432"]
+        options: >-
+          --health-cmd "pg_isready -U $POSTGRES_USER -d $POSTGRES_DB"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with: { python-version: '3.12' }
+      - uses: actions/cache@v3
+        with:
+          path: ~/.cache/pypoetry
+          key: ${{ runner.os }}-poetry-${{ hashFiles('**/poetry.lock') }}
+
+      - name: Install dependencies
+        run: |
+          curl -sSL https://install.python-poetry.org | python3 -
+          poetry config virtualenvs.create false
+          poetry install --with dev --no-interaction
+
+      - name: Run Ruff
+        run: poetry run ruff check src tests
+
+      - name: Run mypy
+        run: poetry run mypy src
+
+      - name: Apply Alembic migrations
+        env:
+          ENVIRONMENT: test
+          DB_URL: postgresql+psycopg://${{ secrets.DB_USER }}:${{ secrets.DB_PASSWORD }}@localhost:5432/${{ secrets.DB_NAME }}
+        run: poetry run alembic upgrade head
+
+      - name: Run all tests
+        env:
+          ENVIRONMENT: test
+          DB_URL: postgresql+asyncpg://${{ secrets.DB_USER }}:${{ secrets.DB_PASSWORD }}@localhost:5432/${{ secrets.DB_NAME }}
+        run: |
+          poetry run pytest \
+            --cov=src --cov-report=term \
+            --disable-warnings
+
+      - name: Build Docker image
+        run: docker build --progress=plain -t backend:ci .
+
+      - name: Smoke test container
+        run: |
+          # partiamo con --network host così il container condivide la rete del runner
+          docker run -d \
+            --name backend_ci \
+            --network host \
+            -e ENVIRONMENT=test \
+            -e DB_URL=postgresql+asyncpg://${{ secrets.DB_USER }}:${{ secrets.DB_PASSWORD }}@localhost:5432/${{ secrets.DB_NAME }} \
+            backend:ci \
+            uvicorn app.main:app --host 0.0.0.0 --port 8000
+
+          for i in {1..10}; do
+            if curl --silent --fail http://localhost:8000/health; then
+              echo "✔ Health OK"; break
+            else
+              echo "Waiting…"; sleep 3
+            fi
+          done
+
+          docker stop backend_ci

.github/workflows/ci-develop.yml

@@ -0,0 +1,79 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+*.egg-info/
+.installed.cfg
+*.egg
+*.whl
+pip-wheel-metadata/
+
+# Virtual environments
+.venv/
+venv/
+ENV/
+env/
+
+# Poetry-specific
+.cache/pypoetry/
+poetry.lock    # <– tienilo in repo se vuoi bloccare le versioni; altrimenti aggiungilo
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.coverage
+.coverage.*
+.junit.*
+nose2-junit.xml
+coverage.xml
+.cache/
+.pytest_cache/
+
+# MyPy
+.mypy_cache/
+.dmypy.json
+
+# Ruff
+.ruff_cache
+
+# Environment variables
+.env
+.env.*            # escludi .env.local, .env.production, etc.
+!.env.example     # ma tieni il template
+
+# IDEs and editors
+.vscode/
+.idea/
+*.sublime-project
+*.sublime-workspace
+
+# OS generated
+.DS_Store
+Thumbs.db
+
+# Logs
+*.log
+
+# Other
+*.sqlite3

.gitignore

@@ -0,0 +1,50 @@
+# ─────────────── Build stage ───────────────
+FROM python:3.12-slim AS builder
+
+# Install system dependencies for psycopg and build tools
+RUN apt-get update \
+ && apt-get install -y --no-install-recommends gcc libpq-dev curl \
+ && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /opt/app
+
+# Copy only pyproject.toml, poetry.lock, README so we leverage cache
+COPY pyproject.toml poetry.lock* README.md ./
+
+# Install Poetry (into /root/.local/bin)
+RUN curl -sSL https://install.python-poetry.org | python3 -
+
+# Symlink Poetry into /usr/local/bin so "poetry" is on PATH
+RUN ln -s /root/.local/bin/poetry /usr/local/bin/poetry
+
+# Tell Poetry not to create its own venv
+RUN poetry config virtualenvs.create false
+
+# Install only the prod deps (uvicorn, fastapi, sqlalchemy, psycopg...)
+RUN poetry install --no-root --without dev
+
+# Now copy in your application code
+COPY src/ ./src
+
+# ─────────── Runtime stage ───────────
+FROM python:3.12-slim AS runtime
+
+WORKDIR /opt/app
+
+# 1) Copy installed libraries
+COPY --from=builder /usr/local/lib/python3.12 /usr/local/lib/python3.12
+
+# 2) Copy console scripts (uvicorn, alembic, etc.)
+COPY --from=builder /usr/local/bin /usr/local/bin
+
+# 3) Copy application code
+COPY --from=builder /opt/app/src ./src
+
+# 4) Non-root user
+RUN adduser --disabled-password --gecos '' appuser
+USER appuser
+
+WORKDIR /opt/app/src
+
+# 5) Default command
+CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]

Dockerfile

@@ -1 +1,86 @@
-# FastSim-backend
+## 🚀 How to Start the Backend with Docker (Development)
+
+To spin up the backend and its supporting services in development mode:
+
+1. **Install & run Docker** on your machine.
+2. **Clone** the repository and `cd` into its root.
+3. Execute:
+
+   ```bash
+   bash ./scripts/init-docker-dev.sh
+   ```
+
+   This will launch:
+
+   * A **PostgreSQL** container
+   * A **Backend** container that mounts your local `src/` folder with live-reload
+
+---
+
+## 🏗️ Development Architecture & Philosophy
+
+We split responsibilities between Docker-managed services and local workflows:
+
+### 🐳 Docker-Compose Dev
+
+* **Containers** host external services (PostgreSQL) and run the FastAPI app.
+* Your **local `src/` directory** is mounted into the backend container for hot-reload.
+* **No tests, migrations, linting, or type checks** run inside these containers during development.
+
+**Why?**
+
+* ⚡ **Instant feedback** on code changes
+* 🛠️ **Full IDE support** (debugging, autocomplete, refactoring)
+* ⏱️ **Blistering speed**—no rebuilding images on every change
+
+---
+
+### 🧪 Local Quality & Testing Workflow
+
+All code quality tools, migrations, and tests execute on your host machine:
+
+| Task                  | Command                                  | Notes                                             |
+| --------------------- | ---------------------------------------- | ------------------------------------------------- |
+| **Lint & format**     | `poetry run ruff check src tests`        | Style and best-practice validations               |
+| **Type checking**     | `poetry run mypy src tests`              | Static type enforcement                           |
+| **Unit tests**        | `poetry run pytest -m "not integration"` | Fast, isolated tests—no DB required               |
+| **Integration tests** | `poetry run pytest -m integration`       | Real-DB tests against Docker’s PostgreSQL         |
+| **DB migrations**     | `poetry run alembic upgrade head`        | Applies migrations to your local Docker-hosted DB |
+
+> **Rationale:**
+> Running tests or Alembic migrations inside Docker images would force you to mount the full source tree, install dev dependencies in each build, and copy over configs—**slowing down** your feedback loop and **limiting** IDE features.
+
+---
+
+## ⚙️ CI/CD with GitHub Actions
+
+We maintain two jobs on the `develop` branch:
+
+### 🔍 Quick (on Pull Requests)
+
+* Ruff & MyPy
+* Unit tests only
+* **No database** → < 1-minute feedback
+
+### 🛠️ Full (on pushes to `develop`)
+
+* All **Quick** checks
+* Start a **PostgreSQL** service container
+* Run **Alembic** migrations
+* Execute **unit + integration** tests
+* Build the **Docker** image
+* **Smoke-test** the `/health` endpoint
+
+> **Guarantee:** Every commit in `develop` is style-checked, type-safe, DB-tested, and Docker-ready.
+
+---
+
+## 🧠 Summary
+
+1. **Docker-Compose** for services & hot-reload of the app code
+2. **Local** execution of migrations, tests, and QA for speed and IDE integration
+3. **CI pipeline** split into quick PR checks and full develop-branch validation
+
+This hybrid setup delivers **fast development** without sacrificing **production-grade safety** in CI.
+
+