Migrate to uv, Workflows, Bump Gunicorn (#176)

- migrate from poetry to uv
- better isolated tests
- workflows added
- typing fixes
- bump gunicorn to fix vulnerability issue

Author: igorbenav

.github/workflows/linting.yml

@@ -0,0 +1,26 @@
+name: Linting
+
+on: [push, pull_request]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: 3.11
+
+    - name: Install uv
+      run: pip install uv
+
+    - name: Create venv
+      run: uv venv
+
+    - name: Install package with dev dependencies
+      run: uv pip install -e ".[dev]"
+
+    - name: Run Ruff
+      run: uv run ruff check src

.github/workflows/tests.yml

@@ -0,0 +1,30 @@
+name: Tests
+
+on: [push, pull_request]
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: 3.11
+
+    - name: Install uv
+      run: pip install uv
+
+    - name: Create venv
+      run: uv venv
+
+    - name: Install package with dev dependencies
+      run: uv pip install -e ".[dev]"
+
+    - name: Run tests
+      run: uv run pytest
+      env:
+        ENVIRONMENT: local
+        SECRET_KEY: test-secret-key-for-testing-only

.github/workflows/type-checking.yml

@@ -0,0 +1,30 @@
+name: Type Checking
+
+on: [push, pull_request]
+
+jobs:
+  type-check:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: 3.11
+
+    - name: Install uv
+      run: pip install uv
+
+    - name: Create venv
+      run: uv venv
+
+    - name: Install package with dev dependencies
+      run: uv pip install -e ".[dev]"
+
+    - name: Run mypy
+      run: uv run mypy src --config-file pyproject.toml
+      env:
+        ENVIRONMENT: local
+        SECRET_KEY: test-secret-key-for-testing-only

.gitignore

@@ -82,34 +82,7 @@ target/
 profile_default/
 ipython_config.py
 
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# poetry
-#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
-poetry.lock
-
-# pdm
-#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
-#pdm.lock
-#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
-#   in version control.
-#   https://pdm.fming.dev/#use-with-ide
 .pdm.toml
-poetry.lock
-src/poetry.lock
 
 # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
 __pypackages__/
@@ -154,13 +127,6 @@ dmypy.json
 # Cython debug symbols
 cython_debug/
 
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
-
 # Macos
 .DS_Store
 

.pre-commit-config.yaml

@@ -64,7 +64,7 @@ repos:
     - id: unit_test
       name: Unit test
       language: system
-      entry: poetry run pytest
+      entry: uv run pytest
       pass_filenames: false
       always_run: true
       types: [python]

CONTRIBUTING.md

@@ -10,22 +10,27 @@ Start by forking and cloning the FastAPI-boilerplate repository:
 
 1. **Fork the Repository**: Begin by forking the project repository. You can do this by visiting https://github.com/igormagalhaesr/FastAPI-boilerplate and clicking the "Fork" button.
 1. **Create a Feature Branch**: Once you've forked the repo, create a branch for your feature by running `git checkout -b feature/fooBar`.
-1. **Testing Changes**: Ensure that your changes do not break existing functionality by running tests. In the root folder, execute poetry run `python -m pytest` to run the tests.
+1. **Testing Changes**: Ensure that your changes do not break existing functionality by running tests. In the root folder, execute `uv run pytest` to run the tests.
 
-### Using Poetry for Dependency Management
-FastAPI-boilerplate uses Poetry for managing dependencies. If you don't have Poetry installed, follow the instructions on the [official Poetry website](https://python-poetry.org/docs/).
+### Using uv for Dependency Management
+FastAPI-boilerplate uses uv for managing dependencies. If you don't have uv installed, follow the instructions on the [official uv website](https://docs.astral.sh/uv/).
 
-Once Poetry is installed, navigate to the cloned repository and install the dependencies:
+Once uv is installed, navigate to the cloned repository and install the dependencies:
 ```sh
 cd FastAPI-boilerplate
-poetry install
+uv sync
 ```
 
 ### Activating the Virtual Environment
-Poetry creates a virtual environment for your project. Activate it using:
+uv creates a virtual environment for your project. Activate it using:
 
 ```sh
-poetry shell
+source .venv/bin/activate
+```
+
+Alternatively, you can run commands directly with `uv run` without activating the environment:
+```sh
+uv run python your_script.py
 ```
 
 ## Making Contributions
@@ -37,7 +42,7 @@ poetry shell
 ### Testing with Pytest
 FastAPI-boilerplate uses pytest for testing. Run tests using:
 ```sh
-poetry run pytest
+uv run pytest
 ```
 
 ### Linting
@@ -59,7 +64,7 @@ Ensure your code passes linting before submitting.
 It helps in identifying simple issues before submission to code review. By running automated checks, pre-commit can ensure code quality and consistency.
 
 1. **Install Pre-commit**:
-   - **Installation**: Install pre-commit in your development environment. Use the command `pip install pre-commit`.
+   - **Installation**: Install pre-commit in your development environment. Use the command `uv add --dev pre-commit` or `pip install pre-commit`.
    - **Setting Up Hooks**: After installing pre-commit, set up the hooks with `pre-commit install`. This command will install hooks into your .git/ directory which will automatically check your commits for issues.
 1. **Committing Your Changes**:
    After making your changes, use `git commit -am 'Add some fooBar'` to commit them. Pre-commit will run automatically on your files when you commit, ensuring that they meet the required standards.

Dockerfile

@@ -1,27 +1,44 @@
-# --------- requirements ---------
+# --------- Builder Stage ---------
+FROM ghcr.io/astral-sh/uv:python3.11-bookworm-slim AS builder
 
-FROM python:3.11 as requirements-stage
+# Set environment variables for uv
+ENV UV_COMPILE_BYTECODE=1
+ENV UV_LINK_MODE=copy
 
-WORKDIR /tmp
+WORKDIR /app
 
-RUN pip install poetry poetry-plugin-export
+# Install dependencies first (for better layer caching)
+RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=uv.lock,target=uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
+    uv sync --locked --no-install-project
 
-COPY ./pyproject.toml ./poetry.lock* /tmp/
+# Copy the project source code
+COPY . /app
 
-RUN poetry export -f requirements.txt --output requirements.txt --without-hashes
+# Install the project in non-editable mode
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --locked --no-editable
 
+# --------- Final Stage ---------
+FROM python:3.11-slim-bookworm
 
-# --------- final image build ---------
-FROM python:3.11
+# Create a non-root user for security
+RUN groupadd --gid 1000 app \
+    && useradd --uid 1000 --gid app --shell /bin/bash --create-home app
 
-WORKDIR /code
+# Copy the virtual environment from the builder stage
+COPY --from=builder --chown=app:app /app/.venv /app/.venv
 
-COPY --from=requirements-stage /tmp/requirements.txt /code/requirements.txt
+# Ensure the virtual environment is in the PATH
+ENV PATH="/app/.venv/bin:$PATH"
 
-RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt
+# Switch to the non-root user
+USER app
 
-COPY ./src/app /code/app
+# Set the working directory
+WORKDIR /code
 
 # -------- replace with comment to run with gunicorn --------
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload"]
-# CMD ["gunicorn", "app.main:app", "-w", "4", "-k", "uvicorn.workers.UvicornWorker". "-b", "0.0.0.0:8000"]
+# CMD ["gunicorn", "app.main:app", "-w", "4", "-k", "uvicorn.workers.UvicornWorker", "-b", "0.0.0.0:8000"]