build: add github workflows (#2)

adds the github workflows to be executed in the CI:
- test workflow (linters, mypy, tests on Linux and Windows)
- deploy workflow (publish to PyPI)
- build workflow (create docker image and push to registry)

NOTE: in the first execution of the deploy workflow the step "Check that
the current version isn't already on PyPi" has to be skipped because the
PyPi project first has to be created

Author: jlahovnik

.github/workflows/build.yml

@@ -0,0 +1,62 @@
+name: Create and publish a Docker image
+
+on:
+  push:
+    branches: ['main']
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    # Sets the permissions granted to the GITHUB_TOKEN for the actions in this job.
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+
+    # Uses the docker/login-action action to log in to the Container registry
+    # using the account and password that will publish the packages. Once published,
+    # the packages are scoped to the account defined here.
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # This step uses docker/metadata-action to extract tags and labels that will be applied to the
+      # specified image. The id "meta" allows the output of this step to be referenced in a subsequent step.
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      # Use the docker/build-push-action action to build the image based on Dockerfile. If the build succeeds,
+      # it pushes the image to GitHub Packages. It uses the tags and labels parameters to tag and label the image
+      # with the output from the "meta" step.
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v2
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
+          subject-digest: ${{ steps.push.outputs.digest }}
+          push-to-registry: true

.github/workflows/deploy.yml

@@ -0,0 +1,47 @@
+name: Publish to PyPI
+
+on:
+  push:
+    tags:
+      - "v*"
+  workflow_dispatch:
+
+jobs:
+  build-n-publish:
+    name: Build and publish to PyPI
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout source
+        uses: actions/checkout@v4
+        with:
+          # Get history and tags for SCM versioning to work
+          fetch-depth: 0
+      - name: Install the latest version of uv with cache enabled
+        uses: astral-sh/setup-uv@v3
+        with:
+          version: "latest"
+          enable-cache: true
+          cache-dependency-glob: ""
+      # TODO: uncomment after stac-fastapi-eodag first release
+      # - name: Check that the current version isn't already on PyPi
+      #   run: |
+      #     if [ "$(./get_pypi_latest_version.sh)" != "$(git describe --tags)" ]
+      #     then
+      #       echo "Current version is not on PyPI, proceed with bulding"
+      #     else
+      #       echo "Current version is the latest version uploaded to PyPI"
+      #       exit 1
+      #     fi
+
+      - name: Check long description is OK for PyPI with tox
+        run: uvx --with tox-uv --with sphinx tox -e pypi
+
+      - name: Build a binary wheel and a source tarball
+        run: uvx --from build pyproject-build --sdist --wheel
+
+      - name: Publish distribution to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          user: __token__
+          password: ${{ secrets.PYPI_API_TOKEN }}

.github/workflows/test.yml

@@ -0,0 +1,125 @@
+name: Run Linting and Tests
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "0 7 * * 1"
+  workflow_dispatch:
+
+jobs:
+  lint:
+    name: Linting (pre-commit and mypy)
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout the repo
+      uses: actions/checkout@v4
+      with:
+        # Get history and tags for SCM versioning to work
+        fetch-depth: 0
+    - name: Install the latest version of uv with cache enabled
+      uses: astral-sh/setup-uv@v3
+      with:
+        version: "latest"
+        enable-cache: true
+        cache-dependency-glob: ""
+    - name: Run linters with tox
+      run: uvx --python 3.9 --with tox-uv tox -e linters
+
+  tests:
+    name: Test it!
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        python-version: [3.9, "3.13"]
+        os: [ubuntu-latest, windows-latest]
+    steps:
+    - name: Checkout the repo
+      uses: actions/checkout@v4
+      with:
+        # Get history and tags for SCM versioning to work
+        fetch-depth: 0
+    - name: Install the latest version of uv with cache enabled
+      uses: astral-sh/setup-uv@v3
+      with:
+        version: "latest"
+        enable-cache: true
+        cache-dependency-glob: ""
+    - name: Test with tox
+      run: uvx --python ${{ matrix.python-version }} --with tox-uv --with tox-gh-actions tox
+    - name: Upload Unit Test Results
+      if: always()
+      uses: actions/upload-artifact@v4
+      with:
+        name: unit-test-results-python${{ matrix.python-version }}-${{ matrix.os }}
+        path: |
+          test-reports/junit-report.xml
+          test-reports/coverage.xml
+
+  publish-test-results:
+    name: "Publish Unit Tests Results"
+    needs: tests
+    runs-on: ubuntu-latest
+    if: always()
+
+    steps:
+    - name: Download Artifacts
+      uses: actions/download-artifact@v4
+      with:
+        path: artifacts
+
+    - name: Publish Unit Test Results
+      uses: EnricoMi/publish-unit-test-result-action@v2
+      continue-on-error: true
+      with:
+        files: artifacts/*/junit-report.xml
+
+    - name: Produce the coverage report for Ubuntu
+      uses: insightsengineering/coverage-action@v2
+      with:
+        # Path to the Cobertura XML report.
+        path: artifacts/unit-test-results-python3.13-ubuntu-latest/coverage.xml
+        # Minimum total coverage, if you want to the
+        # workflow to enforce it as a standard.
+        # This has no effect if the `fail` arg is set to `false`.
+        threshold: 70
+        # Fail the workflow if the minimum code coverage
+        # reuqirements are not satisfied.
+        fail: false
+        # Publish the rendered output as a PR comment
+        publish: true
+        # Create a coverage diff report.
+        diff: true
+        # Branch to diff against.
+        # Compare the current coverage to the coverage
+        # determined on this branch.
+        diff-branch: main
+        # This is where the coverage reports for the
+        # `diff-branch` are stored.
+        # Branch is created if it doesn't already exist'.
+        diff-storage: _xml_coverage_reports
+        # A custom title that can be added to the code
+        # coverage summary in the PR comment.
+        coverage-summary-title: "Code Coverage"
+        # Make the code coverage report togglable
+        togglable-report: true
+
+  check-pypi:
+    name: Long description check for PyPI
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout the repo
+      uses: actions/checkout@v4
+      with:
+        # Get history and tags for SCM versioning to work
+        fetch-depth: 0
+    - name: Install the latest version of uv with cache enabled
+      uses: astral-sh/setup-uv@v3
+      with:
+        version: "latest"
+        enable-cache: true
+        cache-dependency-glob: ""
+    - name: Testing with tox and sphinx (to have rst2html.py utility available)
+      run: uvx --with tox-uv --with sphinx tox -e pypi

.gitignore

@@ -71,6 +71,7 @@ nosetests.xml
 coverage.xml
 *,cover
 .hypothesis/
+test-reports*
 
 # Translations
 *.mo
@@ -137,5 +138,4 @@ docs/api/*
 node_modules
 
 # Helm
-
 helm/**/charts/**

get_pypi_latest_version.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+curl https://pypi.org/pypi/stac-fastapi-eodag/json | python -c "import sys, json; print(json.load(sys.stdin)['info']['version']);"

pyproject.toml

@@ -53,6 +53,7 @@ dev = [
     "pytest-cov",
     "pytest-mock",
     "pytest-socket",
+    "pytest-html",
     "responses",
     "stdlib-list",
     "tox",
@@ -74,7 +75,7 @@ module = [
 ignore_missing_imports = true
 
 [tool.pytest.ini_options]
-addopts = "--disable-socket --allow-unix-socket"
+addopts = "--disable-socket --allow-unix-socket --allow-hosts=localhost"
 asyncio_mode = "auto"
 asyncio_default_fixture_loop_scope = "session"
 testpaths = [

stac_fastapi/eodag/eodag_types/queryables.py

@@ -37,11 +37,13 @@ class QueryablesGetParams(BaseModel):
 
     @field_validator("start_datetime", "end_datetime")
     @classmethod
-    def validate_start_end_datetime(cls, values: Optional[str]) -> Optional[str]:
+    def validate_start_end_datetime(cls, values: Optional[list[str]]) -> Optional[str]:
         """
         datetimes must be valid RFC3339 strings
         we assume that only one start_datetime/end_datetime filter is used
         """
+        if not values:
+            raise ValueError
         try:
             parse_single_date(values[0])
             return values[0]
@@ -50,11 +52,13 @@ def validate_start_end_datetime(cls, values: Optional[str]) -> Optional[str]:
 
     @field_validator("datetime")
     @classmethod
-    def validate_datetime(cls, values: Optional[str]) -> Optional[str]:
+    def validate_datetime(cls, values: Optional[list[str]]) -> Optional[str]:
         """
         datetimes must be either single datetime or range separated by "/",
         we assume that only one datetime filter is used
         """
+        if not values:
+            raise ValueError
         try:
             str_to_interval(values[0])
             return values[0]

stac_fastapi/eodag/extensions/data_download.py

@@ -27,7 +27,7 @@
 import attr
 from eodag.api.core import EODataAccessGateway
 from eodag.api.product._product import EOProduct
-from eodag.api.product.metadata_mapping import ONLINE_STATUS, STAGING_STATUS
+from eodag.api.product.metadata_mapping import ONLINE_STATUS, STAGING_STATUS, get_metadata_path_value
 from fastapi import APIRouter, FastAPI, Path, Request
 from fastapi.responses import StreamingResponse
 from stac_fastapi.api.errors import NotFoundError
@@ -132,25 +132,24 @@ def get_data(
             # (the same one as order ID) to make error message clearer
             product.properties["title"] = product.properties["id"]
             # "orderLink" property is set to auth provider conf matching url to create its auth plugin
-            product.properties["orderLink"] = product.properties["orderStatusLink"] = (
-                product.downloader.config.order_on_response["metadata_mapping"]["orderStatusLink"].format(
-                    orderId=item_id
-                )
-            )
+            status_link_metadata = product.downloader.config.order_on_response["metadata_mapping"]["orderStatusLink"]
+            product.properties["orderLink"] = product.properties["orderStatusLink"] = get_metadata_path_value(
+                status_link_metadata
+            ).format(orderId=item_id)
 
-            if product.downloader.config.order_on_response["metadata_mapping"].get("searchLink"):
-                product.properties["searchLink"] = product.downloader.config.order_on_response["metadata_mapping"][
-                    "searchLink"
-                ].format(orderId=item_id)
+            search_link_metadata = product.downloader.config.order_on_response["metadata_mapping"].get("searchLink")
+            if search_link_metadata:
+                product.properties["searchLink"] = get_metadata_path_value(search_link_metadata).format(orderId=item_id)
 
-            if not getattr(product.downloader, "_order_status", None):
+            order_status_method = getattr(product.downloader, "_order_status", None)
+            if not order_status_method:
                 raise MisconfiguredError("Product downloader must have the order status request method")
 
             auth = product.downloader_auth.authenticate() if product.downloader_auth else None
 
             logger.debug("Poll product")
             try:
-                product.downloader._order_status(product=product, auth=auth)
+                order_status_method(product=product, auth=auth)
             # when a NotAvailableError is catched, it means the product is not ready and still needs to be polled
             except NotAvailableError:
                 product.properties["storageStatus"] = STAGING_STATUS