Skip to content

fix(math): restrict sympy expression parsing #809

fix(math): restrict sympy expression parsing

fix(math): restrict sympy expression parsing #809

Workflow file for this run

name: QWED CI / CD
on:
pull_request:
branches: [ main ]
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:15
env:
POSTGRES_USER: qwed
POSTGRES_PASSWORD: qwed_secret
POSTGRES_DB: qwed_db
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
redis:
image: redis:7-alpine
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -e ".[server,dev]"
pip install pytest pytest-asyncio
- name: Check Dependencies
run: |
python -c "import sqlglot; print('SQLGlot version:', sqlglot.__version__)"
python -c "import qwed_new; print('Package qwed_new imported successfully')"
python -c "import redis; r = redis.from_url('redis://localhost:6379'); print('Redis ping:', r.ping())"
- name: Create .env file
run: |
echo "DATABASE_URL=postgresql://qwed:qwed_secret@localhost:5432/qwed_db" >> .env
echo "REDIS_URL=redis://localhost:6379/0" >> .env
echo "ACTIVE_PROVIDER=azure_openai" >> .env
echo "QWED_CORS_ORIGINS=http://localhost:3000" >> .env
DUMMY_API=$(python -c "import secrets; print(secrets.token_hex(32))")
DUMMY_JWT=$(python -c "import secrets; print(secrets.token_hex(32))")
echo "API_KEY_SECRET=${DUMMY_API}" >> $GITHUB_ENV
echo "QWED_JWT_SECRET_KEY=${DUMMY_JWT}" >> $GITHUB_ENV
echo "API_KEY_SECRET=${DUMMY_API}" >> .env
echo "QWED_JWT_SECRET_KEY=${DUMMY_JWT}" >> .env
echo "AZURE_OPENAI_ENDPOINT=${{ secrets.AZURE_OPENAI_ENDPOINT }}" >> .env
echo "AZURE_OPENAI_API_KEY=${{ secrets.AZURE_OPENAI_API_KEY }}" >> .env
echo "AZURE_OPENAI_DEPLOYMENT=${{ secrets.AZURE_OPENAI_DEPLOYMENT }}" >> .env
echo "AZURE_OPENAI_API_VERSION=2024-12-01-preview" >> .env
- name: Start QWED API Server
env:
QWED_CORS_ORIGINS: "http://localhost:3000"
API_KEY_SECRET: ${{ env.API_KEY_SECRET }}
QWED_JWT_SECRET_KEY: ${{ env.QWED_JWT_SECRET_KEY }}
QWED_SKIP_ENV_INTEGRITY_CHECK: "true"
run: |
# Start API server in background
python -m uvicorn qwed_new.api.main:app --host 0.0.0.0 --port 8000 &
API_PID=$!
echo "API_PID=$API_PID" >> $GITHUB_ENV
# Wait for server to be ready (max 30 seconds)
for i in {1..30}; do
if curl -s http://localhost:8000/health > /dev/null 2>&1; then
echo "API server is ready!"
exit 0
fi
echo "Waiting for API server... ($i/30)"
sleep 1
done
echo "::error::API server failed to start within 30 seconds"
exit 1
- name: Run Tests with Coverage
env:
DATABASE_URL: postgresql://qwed:qwed_secret@localhost:5432/qwed_db
REDIS_URL: redis://localhost:6379/0
ACTIVE_PROVIDER: mock
QWED_CORS_ORIGINS: "http://localhost:3000"
API_KEY_SECRET: ${{ env.API_KEY_SECRET }}
QWED_JWT_SECRET_KEY: ${{ env.QWED_JWT_SECRET_KEY }}
run: |
pytest tests/ -v --cov=qwed_sdk --cov=src/qwed_new --cov-report=xml --cov-report=term
- name: Upload Coverage to Codecov
uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage.xml
flags: unittests
name: codecov-umbrella
fail_ci_if_error: false