HardMax71
diff --git a/‎.github/workflows/docs.yml‎
Lines changed: 4 additions & 11 deletions b/‎.github/workflows/docs.yml‎
Lines changed: 4 additions & 11 deletions
diff --git a/‎.github/workflows/mypy.yml‎
Lines changed: 10 additions & 8 deletions b/‎.github/workflows/mypy.yml‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎.github/workflows/ruff.yml‎
Lines changed: 9 additions & 8 deletions b/‎.github/workflows/ruff.yml‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎.github/workflows/security.yml‎
Lines changed: 10 additions & 8 deletions b/‎.github/workflows/security.yml‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎.github/workflows/tests.yml‎
Lines changed: 8 additions & 10 deletions b/‎.github/workflows/tests.yml‎
Lines changed: 8 additions & 10 deletions
diff --git a/‎backend/Dockerfile‎
Lines changed: 8 additions & 6 deletions b/‎backend/Dockerfile‎
Lines changed: 8 additions & 6 deletions
diff --git a/‎backend/Dockerfile.test‎
Lines changed: 8 additions & 5 deletions b/‎backend/Dockerfile.test‎
Lines changed: 8 additions & 5 deletions
diff --git a/‎backend/pyproject.toml‎
Lines changed: 172 additions & 3 deletions b/‎backend/pyproject.toml‎
Lines changed: 172 additions & 3 deletions
@@ -31,20 +31,13 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
 
-      - name: Set up Python
-        uses: actions/setup-python@v5
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.12'
-
-      - name: Cache pip dependencies
-        uses: actions/cache@v4
-        with:
-          key: mkdocs-${{ hashFiles('mkdocs.yml') }}
-          path: ~/.cache/pip
-          restore-keys: mkdocs-
+          enable-cache: true
 
       - name: Install MkDocs
-        run: pip install mkdocs-material mkdocs-mermaid2-plugin mkdocs-swagger-ui-tag
+        run: uv tool install mkdocs-material --with mkdocs-mermaid2-plugin --with mkdocs-swagger-ui-tag
 
       - name: Download OpenAPI spec
         run: |
 
@@ -13,19 +13,21 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v4
+
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.12'
+          enable-cache: true
+          cache-dependency-glob: "backend/uv.lock"
+
       - name: Install dependencies
         run: |
-          python -m pip install --upgrade pip
-          pip install mypy
-          pip install -r backend/requirements.txt
-          pip install -r backend/requirements-dev.txt
+          cd backend
+          uv sync --frozen
+
       - name: Run mypy
         env:
           SECRET_KEY: ${{ secrets.TEST_SECRET_KEY }}
         run: |
           cd backend
-          mypy --config-file pyproject.toml .
+          uv run mypy --config-file pyproject.toml .
@@ -13,13 +13,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v4
+
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.12'
-      - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install ruff
+          enable-cache: true
+          cache-dependency-glob: "backend/uv.lock"
+
       - name: Run ruff
-        run: ruff check backend/ --config backend/pyproject.toml
+        run: |
+          cd backend
+          uv run ruff check . --config pyproject.toml
@@ -13,13 +13,15 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v4
+
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.12'
-      - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install bandit safety
+          enable-cache: true
+          cache-dependency-glob: "backend/uv.lock"
+
+      - name: Install bandit
+        run: uv tool install bandit
+
       - name: Run bandit
-        run: bandit -r backend/ -x backend/tests/ -ll
+        run: bandit -r backend/ -x backend/tests/ -ll
@@ -130,7 +130,7 @@ jobs:
               docker compose -f docker-compose.ci.yaml logs
               exit 1
             )
-            
+
             echo "Services started. Waiting for stabilization..."
             sleep 45
 
@@ -145,7 +145,7 @@ jobs:
 
             echo "Checking backend logs:"
             docker compose -f docker-compose.ci.yaml logs backend || echo "backend not found"
-            
+
             # Explicitly check for containers that have exited
             if docker compose -f docker-compose.ci.yaml ps | grep -q 'Exit'; then
               echo "::error::One or more containers have exited unexpectedly. See logs above."
@@ -171,18 +171,16 @@ jobs:
           kubectl get roles -n default
           kubectl get rolebindings -n default
 
-      - name: Set up Python for Tests
-        uses: actions/setup-python@v4
+      - name: Set up uv
+        uses: astral-sh/setup-uv@v5
         with:
-          python-version: '3.12'
+          enable-cache: true
+          cache-dependency-glob: "backend/uv.lock"
 
       - name: Install Python test dependencies
         run: |
-          sudo apt-get update
-          sudo apt-get install -y python3 python3-pip
           cd backend
-          pip3 install -r requirements.txt
-          pip3 install -r requirements-dev.txt
+          uv sync --frozen
 
       - name: Run backend tests with coverage
         timeout-minutes: 5
@@ -202,7 +200,7 @@ jobs:
           echo "Using BACKEND_BASE_URL=$BACKEND_BASE_URL"
           echo "Using SCHEMA_SUBJECT_PREFIX=$SCHEMA_SUBJECT_PREFIX"
           echo "MongoDB connection will use default CI credentials"
-          python -m pytest tests/integration tests/unit -v --cov=app --cov-branch --cov-report=xml --cov-report=term --cov-report=term-missing
+          uv run pytest tests/integration tests/unit -v --cov=app --cov-branch --cov-report=xml --cov-report=term --cov-report=term-missing
 
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v5
 
@@ -6,12 +6,14 @@ RUN apt-get update && apt-get upgrade -y liblzma-dev liblzma5 xz-utils && \
     apt-get install -y libsnappy-dev && \
     rm -rf /var/lib/apt/lists/*
 
-## Remove kubectl from runtime image: rely on Python client only
+# Install uv
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
 
-# Install Python dependencies
-COPY requirements.txt .
-RUN pip install --no-cache-dir --upgrade pip setuptools>=70.0.0 wheel
-RUN pip install --no-cache-dir -r requirements.txt
+# Copy dependency files
+COPY pyproject.toml uv.lock ./
+
+# Install Python dependencies (production only, no dev deps)
+RUN uv sync --frozen --no-dev
 
 # Copy application files and configuration
 COPY ./app /app/app
@@ -33,7 +35,7 @@ CMD bash -c "\
   # Use kubeconfig if present, but do not block startup\
   if [ -f /app/kubeconfig.yaml ]; then export KUBECONFIG=/app/kubeconfig.yaml; fi && \
   WEB_CONCURRENCY=${WEB_CONCURRENCY:-4} WEB_THREADS=${WEB_THREADS:-1} WEB_TIMEOUT=${WEB_TIMEOUT:-60} \
-  gunicorn app.main:app \
+  uv run gunicorn app.main:app \
     -k uvicorn.workers.UvicornWorker \
     --bind 0.0.0.0:443 \
     --workers ${WEB_CONCURRENCY} \
 
@@ -9,11 +9,14 @@ RUN apt-get update && apt-get install -y \
     curl \
     && rm -rf /var/lib/apt/lists/*
 
-# Copy requirements
-COPY requirements.txt requirements-dev.txt ./
+# Install uv
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
 
-# Install Python dependencies
-RUN pip install --no-cache-dir -r requirements.txt -r requirements-dev.txt
+# Copy dependency files
+COPY pyproject.toml uv.lock ./
+
+# Install Python dependencies (including dev deps for testing)
+RUN uv sync --frozen
 
 # Copy application code
 COPY . .
@@ -22,4 +25,4 @@ COPY . .
 ENV PYTHONPATH=/app
 
 # Default command runs all tests
-CMD ["pytest", "-v", "--tb=short"]
+CMD ["uv", "run", "pytest", "-v", "--tb=short"]
@@ -1,6 +1,175 @@
+[project]
+name = "integr8scode"
+version = "0.1.0"
+description = "Run Python scripts online in isolated Kubernetes pods"
+requires-python = ">=3.12"
+dependencies = [
+    "aiohappyeyeballs==2.6.1",
+    "aiohttp==3.13.2",
+    "aiosignal==1.4.0",
+    "aiosmtplib==3.0.2",
+    "annotated-doc==0.0.4",
+    "annotated-types==0.7.0",
+    "anyio==4.9.0",
+    "asgiref==3.9.1",
+    "async-timeout==5.0.1",
+    "attrs==25.3.0",
+    "avro-python3==1.10.2",
+    "backoff==2.2.1",
+    "blinker==1.8.2",
+    "Brotli==1.2.0",
+    "cachetools==6.2.0",
+    "certifi==2024.8.30",
+    "charset-normalizer==3.4.0",
+    "click==8.1.7",
+    "ConfigArgParse==1.7.1",
+    "confluent-kafka==2.6.1",
+    "contourpy==1.3.3",
+    "cycler==0.12.1",
+    "Deprecated==1.2.14",
+    "dishka==1.6.0",
+    "dnspython==2.7.0",
+    "durationpy==0.9",
+    "email_validator==2.2.0",
+    "exceptiongroup==1.2.2",
+    "fastapi==0.124.0",
+    "fastavro==1.12.1",
+    "fonttools==4.59.2",
+    "frozenlist==1.7.0",
+    "google-auth==1.6.3",
+    "googleapis-common-protos==1.70.0",
+    "greenlet==3.1.1",
+    "grpcio==1.74.0",
+    "gunicorn==23.0.0",
+    "h11==0.16.0",
+    "httpcore==1.0.9",
+    "httpx==0.28.1",
+    "idna==3.10",
+    "importlib-metadata==6.11.0",
+    "importlib_resources==6.4.5",
+    "itsdangerous==2.2.0",
+    "Jinja2==3.1.6",
+    "kiwisolver==1.4.9",
+    "kubernetes==31.0.0",
+    "limits==3.13.0",
+    "markdown-it-py==3.0.0",
+    "MarkupSafe==3.0.2",
+    "mdurl==0.1.2",
+    "motor==3.6.0",
+    "msgpack==1.1.0",
+    "multidict==6.6.3",
+    "oauthlib==3.2.2",
+    "opentelemetry-api==1.22.0",
+    "opentelemetry-exporter-otlp==1.22.0",
+    "opentelemetry-exporter-otlp-proto-common==1.22.0",
+    "opentelemetry-exporter-otlp-proto-grpc==1.22.0",
+    "opentelemetry-exporter-otlp-proto-http==1.22.0",
+    "opentelemetry-exporter-prometheus==0.43b0",
+    "opentelemetry-instrumentation==0.43b0",
+    "opentelemetry-instrumentation-asgi==0.43b0",
+    "opentelemetry-instrumentation-fastapi==0.43b0",
+    "opentelemetry-instrumentation-httpx==0.43b0",
+    "opentelemetry-instrumentation-logging==0.43b0",
+    "opentelemetry-instrumentation-pymongo==0.43b0",
+    "opentelemetry-instrumentation-redis==0.43b0",
+    "opentelemetry-propagator-b3==1.22.0",
+    "opentelemetry-proto==1.22.0",
+    "opentelemetry-sdk==1.22.0",
+    "opentelemetry-semantic-conventions==0.43b0",
+    "opentelemetry-util-http==0.43b0",
+    "packaging==24.1",
+    "passlib==1.7.4",
+    "pathspec==0.12.1",
+    "prometheus-fastapi-instrumentator==7.0.0",
+    "prometheus_client==0.21.0",
+    "propcache==0.3.2",
+    "protobuf==4.25.8",
+    "psutil==6.1.0",
+    "pyasn1==0.6.1",
+    "pyasn1_modules==0.4.1",
+    "pydantic==2.9.2",
+    "pydantic-avro==0.7.1",
+    "pydantic-settings==2.5.2",
+    "pydantic_core==2.23.4",
+    "Pygments==2.19.2",
+    "PyJWT==2.9.0",
+    "pymongo==4.9.2",
+    "pyparsing==3.2.3",
+    "python-dateutil==2.9.0.post0",
+    "python-dotenv==1.0.1",
+    "python-json-logger==2.0.7",
+    "python-multipart==0.0.18",
+    "PyYAML==6.0.2",
+    "pyzmq==26.2.0",
+    "redis==5.2.1",
+    "regex==2025.8.29",
+    "requests==2.32.3",
+    "requests-oauthlib==2.0.0",
+    "rich==13.9.4",
+    "rsa==4.9",
+    "setuptools==80.9.0",
+    "six==1.16.0",
+    "slowapi==0.1.9",
+    "sniffio==1.3.1",
+    "sortedcontainers==2.4.0",
+    "sse-starlette==2.2.1",
+    "starlette==0.49.1",
+    "tiktoken==0.11.0",
+    "tomli==2.0.2",
+    "typing_extensions==4.12.2",
+    "urllib3==2.6.0",
+    "uvicorn==0.34.2",
+    "websocket-client==1.8.0",
+    "Werkzeug==3.0.4",
+    "wrapt==1.16.0",
+    "yarl==1.20.1",
+    "zipp==3.20.2",
+]
+
+[project.optional-dependencies]
+dev = [
+    "coverage==7.6.2",
+    "hypothesis==6.103.4",
+    "iniconfig==2.0.0",
+    "matplotlib==3.9.2",
+    "mypy==1.17.1",
+    "mypy_extensions==1.1.0",
+    "pipdeptree==2.23.4",
+    "pluggy==1.5.0",
+    "pytest==8.3.3",
+    "pytest-asyncio==0.24.0",
+    "pytest-cov==5.0.0",
+    "pytest-xdist==3.6.1",
+    "ruff==0.12.7",
+    "types-cachetools==6.2.0.20250827",
+    "types-confluent-kafka==1.3.6",
+]
+
 [build-system]
-requires = ["setuptools>=65.5.1", "wheel"]
-build-backend = "setuptools.build_meta"
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build.targets.wheel]
+packages = ["app", "workers"]
+
+[dependency-groups]
+dev = [
+    "coverage==7.6.2",
+    "hypothesis==6.103.4",
+    "iniconfig==2.0.0",
+    "matplotlib==3.9.2",
+    "mypy==1.17.1",
+    "mypy_extensions==1.1.0",
+    "pipdeptree==2.23.4",
+    "pluggy==1.5.0",
+    "pytest==8.3.3",
+    "pytest-asyncio==0.24.0",
+    "pytest-cov==5.0.0",
+    "pytest-xdist==3.6.1",
+    "ruff==0.12.7",
+    "types-cachetools==6.2.0.20250827",
+    "types-confluent-kafka==1.3.6",
+]
 
 # Ruff configuration
 [tool.ruff]
@@ -59,4 +228,4 @@ log_cli = false
 log_cli_level = "ERROR"
 log_capture = true
 log_level = "ERROR"
-addopts = "-n 4 --dist loadfile --tb=short -q --no-header -q"
+addopts = "-n 4 --dist loadfile --tb=short -q --no-header -q"