From fa30505753ce38f9542908c750ae8347f1544c56 Mon Sep 17 00:00:00 2001
From: Moritz Kowalski <Moritz-Kowalski@gmx.de>
Date: Tue, 17 Jun 2025 09:12:29 +0200
Subject: [PATCH] Add Actions (#2)

This PR adds a workflow for testing. It currently checks, if the app starts up and if the drink and stats request are denied for not loggen in users.

Reviewed-on: http://git.fs.cs.uni-frankfurt.de/Fachschaft/GetraenkelisteWebsite/pulls/2
Co-authored-by: Moritz Kowalski <Moritz-Kowalski@gmx.de>
Co-committed-by: Moritz Kowalski <Moritz-Kowalski@gmx.de>
---
 .gitea/workflows/fastapi-up.yaml | 52 ++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 .gitea/workflows/fastapi-up.yaml

diff --git a/.gitea/workflows/fastapi-up.yaml b/.gitea/workflows/fastapi-up.yaml
new file mode 100644
index 0000000..4724c58
--- /dev/null
+++ b/.gitea/workflows/fastapi-up.yaml
@@ -0,0 +1,52 @@
+name: Test FastAPI Startup
+
+on:
+    push:
+        branches:
+            - main
+    pull_request:
+        branches:
+            - main
+
+jobs:
+    fastapi-up:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+
+            - name: Set up Python
+              uses: actions/setup-python@v5
+              with:
+                  python-version: "3.12"
+
+            - name: Install dependencies
+              run: |
+                  python -m pip install --upgrade pip
+                  pip install -r requirements.txt
+                  pip install uvicorn
+
+            - name: Check FastAPI startup and protected endpoints
+              run: |
+                  uvicorn main:app --host 127.0.0.1 --port 8000 &
+                  sleep 5
+                  curl --fail http://127.0.0.1:8000/ || (echo 'FastAPI did not start!' && exit 1)
+                  # Test: /stats should not be available without login
+                  status=$(curl -s -o /dev/null -w "%{http_code}" http://127.0.0.1:8000/stats)
+                  if [ "$status" = "303" ] || [ "$status" = "401" ] || [ "$status" = "403" ]; then
+                    echo "Access to /stats correctly denied for unauthenticated user."
+                  else
+                    echo "Access to /stats should be denied, got status $status"
+                    exit 1
+                  fi
+                  # Test: POST /drink should not be available without login
+                  status=$(curl -s -o /dev/null -w "%{http_code}" -X POST http://127.0.0.1:8000/drink)
+                  if [ "$status" = "303" ] || [ "$status" = "401" ] || [ "$status" = "403" ]; then
+                    echo "POST to /drink correctly denied for unauthenticated user."
+                  else
+                    echo "POST to /drink should be denied, got status $status"
+                    exit 1
+                  fi
+              env:
+                  SECRET_KEY: test_secret
+                  DATABASE_FILE: test.db