mirror of
https://github.com/azaion/detections.git
synced 2026-04-22 06:46:32 +00:00
Oleksandr Bezdieniezhnykh
097811a67b
- Pin all deps; h11==0.16.0 (CVE-2025-43859), python-multipart>=1.3.1 (CVE-2026-28356), PyJWT==2.12.1
- Add HMAC JWT verification (require_auth FastAPI dependency, JWT_SECRET-gated)
- Fix TokenManager._refresh() to use ADMIN_API_URL instead of ANNOTATIONS_URL
- Rename POST /detect → POST /detect/image (image-only, rejects video files)
- Replace global SSE stream with per-job SSE: GET /detect/{media_id} with event replay buffer
- Apply require_auth to all 4 protected endpoints
- Fix on_annotation/on_status closure to use mutable current_id for correct post-upload event routing
- Add non-root appuser to Dockerfile and Dockerfile.gpu
- Add JWT_SECRET to e2e/docker-compose.test.yml and run-tests.sh
- Update all e2e tests and unit tests for new endpoints and HMAC token signing
- 64/64 tests pass
Made-with: Cursor
80 lines
2.5 KiB
Bash
Executable File
80 lines
2.5 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
ROOT="$(cd "$(dirname "$0")" && pwd)"
|
|
FIXTURES="$ROOT/e2e/fixtures"
|
|
|
|
LOADER_PORT=8080
|
|
ANNOTATIONS_PORT=8081
|
|
DETECTIONS_PORT=8000
|
|
PIDS=()
|
|
|
|
cleanup() {
|
|
for pid in "${PIDS[@]+"${PIDS[@]}"}"; do
|
|
kill "$pid" 2>/dev/null || true
|
|
done
|
|
wait 2>/dev/null
|
|
}
|
|
trap cleanup EXIT
|
|
|
|
PY="$(command -v python3 2>/dev/null || command -v python 2>/dev/null || echo python)"
|
|
|
|
echo "Installing dependencies ..."
|
|
"$PY" -m pip install -q -r "$ROOT/requirements.txt" -r "$ROOT/e2e/requirements.txt" 2>/dev/null || echo " (some deps skipped — verify manually if tests fail with import errors)"
|
|
|
|
echo "Building Cython extensions ..."
|
|
"$PY" setup.py build_ext --inplace
|
|
|
|
for port in $LOADER_PORT $ANNOTATIONS_PORT $DETECTIONS_PORT; do
|
|
if lsof -ti :"$port" >/dev/null 2>&1; then
|
|
echo "Killing stale process on port $port ..."
|
|
lsof -ti :"$port" | xargs kill -9 2>/dev/null || true
|
|
sleep 1
|
|
fi
|
|
done
|
|
|
|
echo "Starting mock-loader on :$LOADER_PORT ..."
|
|
cd "$ROOT"
|
|
MODELS_ROOT="$FIXTURES" PYTHONPATH="$ROOT" \
|
|
"$PY" -m gunicorn --bind "0.0.0.0:$LOADER_PORT" --workers 1 --timeout 120 \
|
|
'e2e.mocks.loader.app:app' >/dev/null 2>&1 &
|
|
PIDS+=($!)
|
|
|
|
echo "Starting mock-annotations on :$ANNOTATIONS_PORT ..."
|
|
MEDIA_DIR="$FIXTURES" PYTHONPATH="$ROOT" \
|
|
"$PY" -m gunicorn --bind "0.0.0.0:$ANNOTATIONS_PORT" --workers 1 --timeout 120 \
|
|
'e2e.mocks.annotations.app:app' >/dev/null 2>&1 &
|
|
PIDS+=($!)
|
|
|
|
echo "Starting detections service on :$DETECTIONS_PORT ..."
|
|
LOADER_URL="http://localhost:$LOADER_PORT" \
|
|
ANNOTATIONS_URL="http://localhost:$ANNOTATIONS_PORT" \
|
|
JWT_SECRET="test-secret-local-only" \
|
|
PYTHONPATH="$ROOT/src" \
|
|
"$PY" -m uvicorn main:app --host 0.0.0.0 --port "$DETECTIONS_PORT" \
|
|
--log-level warning >/dev/null 2>&1 &
|
|
PIDS+=($!)
|
|
|
|
echo "Waiting for services ..."
|
|
for url in \
|
|
"http://localhost:$DETECTIONS_PORT/health" \
|
|
"http://localhost:$LOADER_PORT/mock/status" \
|
|
"http://localhost:$ANNOTATIONS_PORT/mock/status"; do
|
|
for i in $(seq 1 30); do
|
|
if curl -sf "$url" >/dev/null 2>&1; then break; fi
|
|
if [ "$i" -eq 30 ]; then echo "ERROR: $url not ready" >&2; exit 1; fi
|
|
sleep 1
|
|
done
|
|
done
|
|
|
|
echo "All services ready. Running tests ..."
|
|
echo ""
|
|
|
|
BASE_URL="http://localhost:$DETECTIONS_PORT" \
|
|
MOCK_LOADER_URL="http://localhost:$LOADER_PORT" \
|
|
MOCK_ANNOTATIONS_URL="http://localhost:$ANNOTATIONS_PORT" \
|
|
MEDIA_DIR="$FIXTURES" \
|
|
JWT_SECRET="test-secret-local-only" \
|
|
PYTHONPATH="$ROOT/src" \
|
|
"$PY" -m pytest e2e/tests/ tests/ -v --tb=short --durations=0 "$@"
|