Test, API, CLI Rework

[JohnEarle]

No description provided.

[Copilot]

Pull request overview

This PR implements a comprehensive restructuring of the test suite, API layer, and CLI interface while maintaining backward compatibility. The changes introduce unit and integration tests, a REST API with authentication, and a modular CLI command structure.

Changes:

• Reorganized test suite into unit, integration, and E2E categories with proper fixtures
• Implemented FastAPI-based REST API with API key authentication and RBAC
• Refactored CLI into modular command groups (canary, env, logs, alerts)

Reviewed changes

Copilot reviewed 80 out of 86 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
tests/unit/test_webhook_notifier.py	Adds unit tests for webhook notification timeout and user-agent configuration
tests/unit/test_rotation.py	Tests canary rotation with explicit naming and timestamp suffix generation
tests/unit/test_contracts.py	Contract tests ensuring API stability and interface consistency
tests/unit/test_cli_parsing.py	CLI argument parsing tests for all command groups
tests/unit/test_api_routes.py	API route tests with authentication and CRUD operations
tests/unit/test_api_keys_loader.py	Tests for API key loading and environment variable expansion
tests/unit/test_api_auth.py	Authentication dependency tests for permissions and scopes
tests/integration/test_delete_lifecycle.py	Integration tests for canary deletion workflow
tests/conftest.py	Shared test fixtures for database sessions and test environments
src/tasks/validation.py	Refactored resource validation to use unified health check factory
src/tasks/notifications.py	Enhanced notification system with per-type task dispatching
src/tasks/monitoring.py	Added dynamic monitoring intervals based on last check timestamp
src/tasks/logging.py	Migrated to lifecycle manager pattern with unified handlers
src/tasks/lifecycle.py	New transaction manager for ACID operations and cleanup
src/tasks/helpers.py	Added clean environment execution and improved GCP credential handling
src/tasks/canary.py	Refactored to use lifecycle manager and execution environment
src/tofu_manager.py	Added clean environment mode and stderr capture for plan operations
src/resources/registry.py	Extended registry to support logging provider types
src/resources/logging.py	New handlers for CloudTrail and GCP Audit Sink
src/notifications/webhook.py	Enhanced with configurable timeout and user-agent support
src/notifications/registry.py	Injects configuration name into notifier instances
src/notifications/base.py	Added name attribute to base notifier class
src/monitors/registry.py	Enhanced config builder to support Pydantic models
src/monitors/gcp_audit.py	Added support for service_account_json credential key
src/models.py	Added status to CloudEnvironment, last_checked_at to CanaryResource
src/health/*	New health check system with factory pattern and provider-specific checks
src/environment_sync.py	New module for syncing environments from YAML to database
src/config_schemas.py	Pydantic schemas for configuration validation
src/config_loader.py	Added environment variable expansion and environments support
src/cli/*	Modular CLI with grouped commands and utility functions
src/api/*	Complete REST API implementation with authentication
src/api_keys_loader.py	API key configuration loader with environment expansion
config/environments.yaml	Environment configuration with variable expansion syntax
config/api_keys.yaml	API key configuration with permissions and scopes
requirements.txt	Added dependencies for API, testing, and GCP resource manager
pytest.ini	Test configuration with markers for categorization
pyproject.toml	Package configuration with dependencies and entry points
docker-compose.yml	Added GCP_SERVICE_ACCOUNT_JSON environment variable
README.md	Updated documentation with API and CLI improvements
Dockerfile	Migrated to pyproject.toml-based installation
CONTRIBUTING.md	New contributor guidelines
.github/workflows/ci.yml	CI/CD pipeline configuration

Comments suppressed due to low confidence (3)

src/tasks/logging.py:1

• Parameter name mismatch: the function signature uses 'config' but it's being passed as 'configuration' to the task. The parameter name in create_logging_resource is 'config', not 'configuration'.
  tests/unit/test_webhook_notifier.py:1
• The test should verify that the 'name' attribute was actually set from the configuration key, not just check that names are present. Consider adding an assertion that checks the config dict contains the 'name' key.
  src/monitors/registry.py:1
• The parameter name 'config_obj' is inconsistent with the function's purpose. Since it now handles both Pydantic models and dicts, consider renaming to 'config' to match the existing pattern in the codebase.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.