Andrew-Harris-Tech · ajharris · Aug 7, 2025 · Aug 7, 2025 · Aug 7, 2025
diff --git a/.github/workflows/test-oauth.yml b/.github/workflows/test-oauth.yml
@@ -0,0 +1,154 @@
+name: ChargeBnB OAuth Authentication Tests
+
+on:
+  push:
+    branches: [ main, develop, '36-generate-project-structure' ]
+    paths:
+      - 'backend/**'
+  pull_request:
+    branches: [ main, develop ]
+    paths:
+      - 'backend/**'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: [3.9, 3.10, 3.11]
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ matrix.python-version }}
+
+    - name: Cache pip dependencies
+      uses: actions/cache@v3
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-${{ hashFiles('backend/requirements.txt') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-
+
+    - name: Install dependencies
+      working-directory: ./backend
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+
+    - name: Set up test environment
+      working-directory: ./backend
+      run: |
+        export FLASK_APP=run.py
+        export FLASK_ENV=testing
+        # Create test configuration
+        echo "TESTING=True" > .env.test
+
+    - name: Run unit tests
+      working-directory: ./backend
+      run: |
+        pytest tests/test_models.py tests/test_oauth_services.py -v --tb=short
+
+    - name: Run authentication route tests
+      working-directory: ./backend
+      run: |
+        pytest tests/test_auth_routes.py -v --tb=short
+
+    - name: Run integration tests
+      working-directory: ./backend
+      run: |
+        pytest tests/test_integration.py -v --tb=short
+
+    - name: Run security and edge case tests
+      working-directory: ./backend
+      run: |
+        pytest tests/test_security_edge_cases.py -v --tb=short
+
+    - name: Run all tests with coverage
+      working-directory: ./backend
+      run: |
+        pytest tests/ --cov=. --cov-report=xml --cov-report=term-missing --cov-fail-under=80
+
+    - name: Upload coverage reports to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        file: ./backend/coverage.xml
+        flags: backend
+        name: codecov-umbrella
+        fail_ci_if_error: true
+
+  security-scan:
+    runs-on: ubuntu-latest
+    needs: test
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: 3.11
+
+    - name: Install security scanning tools
+      run: |
+        pip install bandit safety
+
+    - name: Run Bandit security scan
+      working-directory: ./backend
+      run: |
+        bandit -r . -f json -o bandit-report.json || true
+        bandit -r . -f txt
+
+    - name: Check for known security vulnerabilities
+      working-directory: ./backend
+      run: |
+        safety check --json --output safety-report.json || true
+        safety check
+
+    - name: Upload security reports
+      uses: actions/upload-artifact@v3
+      if: always()
+      with:
+        name: security-reports
+        path: |
+          backend/bandit-report.json
+          backend/safety-report.json
+
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: 3.11
+
+    - name: Install linting tools
+      run: |
+        pip install flake8 black isort mypy
+
+    - name: Run Black code formatter check
+      working-directory: ./backend
+      run: |
+        black --check --diff .
+
+    - name: Run isort import sorting check
+      working-directory: ./backend
+      run: |
+        isort --check-only --diff .
+
+    - name: Run flake8 linting
+      working-directory: ./backend
+      run: |
+        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+
+    - name: Run mypy type checking
+      working-directory: ./backend
+      run: |
+        mypy . --ignore-missing-imports || true