Skip to content

Fix: Make Flask app test-safe and run full pytest suite in CI#143

Merged
Vishnu2707 merged 2 commits into
openshield-org:devfrom
emon22-ts:feat/test-safe-app-import
Jun 21, 2026
Merged

Fix: Make Flask app test-safe and run full pytest suite in CI#143
Vishnu2707 merged 2 commits into
openshield-org:devfrom
emon22-ts:feat/test-safe-app-import

Conversation

@emon22-ts

@emon22-ts emon22-ts commented Jun 14, 2026

Copy link
Copy Markdown
Collaborator

What does this PR do?

Makes the Flask app safe to import without a live DATABASE_URL, then adds the full Python test suite to CI.

Type of change

  • New scan rule
  • Remediation playbook
  • Bug fix
  • Dashboard/front-end work
  • API endpoint
  • Documentation
  • Compliance mapping

Problem

Importing api.app triggered create_app() which immediately called DatabaseManager() and db.run_migrations(). DatabaseManager.init reads os.environ["DATABASE_URL"] and raises KeyError when it is not set. This caused the full test suite to fail at collection time with no DATABASE_URL available in CI.

Fix

api/app.py

Wrapped the migration block in a DATABASE_URL check:

  • If DATABASE_URL is set → run migrations as before (production and staging unchanged)
  • If DATABASE_URL is not set → log a clear info message and skip migrations (unit tests and local dev without a database)

.github/workflows/ci.yml

Added CHECK 8 — runs the full pytest suite excluding smoke_test.py with OPENSHIELD_ENV=development so JWT secret validation stays permissive during tests.

Acceptance criteria

  • python3 -m pytest -q runs locally without requiring a production database
  • Importing api.app does not trigger migrations when DATABASE_URL is unset
  • CI runs all test files under tests/ excluding smoke tests
  • Deployment startup still runs migrations when DATABASE_URL is set
  • All existing CI checks still pass

Testing

  • Verified locally — app creates successfully without DATABASE_URL
  • No hardcoded credentials or secrets
  • All CI checks passing locally

Related issue

Closes #[ISSUE NUMBER]

TFT444
TFT444 approved these changes Jun 15, 2026
View reviewed changes

@TFT444 TFT444 left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @emon22-ts ,

I reviewed this. The api/app.py fix is the right approach, wrapping migrations in the DATABASE_URL check makes the app itself safe to import without a database which is the correct root cause fix. CI is green and the full pytest step in CI is a solid addition on top of the existing rule regression tests.

Two small things to note: the pytest command has both -v and -q flags which are contradictory, pick one or You can leave as it is.

Also the PR description still says Closes #[ISSUE NUMBER], looks like the actual issue number was not filled in just put the pr number at the end, please.
Approving this, good work.

@Vishnu2707 Vishnu2707 merged commit 4abc2d6 into openshield-org:dev Jun 21, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ritiksah141 ritiksah141 ritiksah141 approved these changes

@TFT444 TFT444 TFT444 approved these changes

@Vishnu2707 Vishnu2707 Awaiting requested review from Vishnu2707

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@emon22-ts @ritiksah141 @TFT444 @Vishnu2707