ci: run backend pytest on backend changes

[divgunjan]

Summary

Briefly describe the change and why it is needed.

Fixes #

Type of change

• Bug fix
• Feature
• Documentation update
• Refactor
• CI / tooling

What changed

Screenshots / recordings (for UI changes)

Attach before/after screenshots or a short video.

How to test

List exact steps/commands used to validate this PR.

Checklist

• I linked the related issue
• I ran required checks from CONTRIBUTING.md
• I updated docs/env notes if needed
• My PR is scoped to a single issue
• I followed commit message conventions
• I am not committing secrets or local artifacts

GSSoC'26 checklist

• I requested issue assignment before starting
• I have meaningful commits (no spam commits)
• I am ready to explain my implementation in review comments

Summary by CodeRabbit

• Tests

  • Added smoke test for backend health check endpoint.

• Chores

  • Enhanced CI/CD pipeline with automated backend test execution.

[github-actions]

PR Context Summary

• Linked issue(s): none
• Referenced but not closing: none
• PR author trusted by GitHub: no
• Dependabot PR: no
• PR assignee synced from linked issue: no change
• Macroscope review status: Skipped because do-not-merge is present.

Suggested issue links

• ci: run backend pytest suite in CI #151 - ci: run backend pytest suite in CI
• ci: plan signed desktop installer release pipeline #48 - ci: plan signed desktop installer release pipeline
• research: design feedback-to-training pipeline for local model adaptation #231 - research: design feedback-to-training pipeline for local model adaptation

Use Fixes #123 or Closes #123 in the PR body when one of the suggestions is the intended issue.
Manual rerun: Actions > PR Context Triage > Run workflow > set pr_number and force_review=true.

[coderabbitai]

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4ed773d3-2a26-43bd-acb6-0dd996392170

📥 Commits

Reviewing files that changed from the base of the PR and between dd7d972 and 4345aa0.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

---

📝 Walkthrough

Walkthrough

This PR adds a backend health check smoke test and integrates pytest execution into the CI workflow. The smoke test validates that the FastAPI /health endpoint returns a 200 response with a healthy status, and a new CI step runs the full pytest suite with mock ML mode during backend checks.

Changes

Backend smoke test and CI pytest step

Layer / File(s)	Summary
Backend health check smoke test backend/tests/test_smoke.py	Adds a pytest smoke test that creates a FastAPI TestClient and validates the /health endpoint returns HTTP 200 with JSON containing status == "healthy".
CI: Run pytest suite step .github/workflows/ci.yml	Adds a Run backend pytest suite workflow step to the backend-check job that executes uv run pytest tests/ -v with ML_MODE=mock after the import smoke check.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• Abhash-Chakraborty/Find#211: Introduced the backend import smoke check job in CI; this PR extends it by adding a pytest suite execution step and corresponding FastAPI health check test.

Suggested labels

backend, ci, type:devops

Suggested reviewers

• Abhash-Chakraborty

Poem

🐰 A test for /health hops into view,
FastAPI's heartbeat confirmed true—
Mock ML mode runs swift and clean,
CI ensures all is serene! ✨

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is entirely blank/templated with no actual content filled in; all sections are empty, unchecked, or contain placeholder text.	Complete the description by filling in the Summary section explaining the changes, selecting the CI/tooling type, listing what changed, and providing test instructions.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'ci: run backend pytest on backend changes' directly relates to the main changes: adding a pytest step to CI and a smoke test file for backend validation.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[macroscopeapp]

Approvability

Verdict: Needs human review

Unable to check for correctness in 4345aa0.

^{You can customize Macroscope's approvability policy. Learn more.}

[Karanjot786]

Hey @divgunjan! Saw your work on GSSoC 2026.

We are building TermUI, a TypeScript terminal UI framework with React-style hooks and JSX, rendered entirely in the terminal.

We have 74 unassigned GSSoC issues open, including well-scoped bug fixes with clear repro steps. Your TypeScript background transfers directly.

• Open issues (GSSoC 2026)
• TermUI on GSSoC

Karanjot, TermUI maintainer

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@backend/tests/test_smoke.py`:
- Around line 4-12: The TestClient is created at module scope which can skip
ASGI lifespan events; update the test_health function to instantiate
TestClient(app) inside a context manager (use with TestClient(app) as client:)
so startup/shutdown lifespans run and the test is isolated; modify references to
the module-level client to use the local client variable within test_health
(function name: test_health, symbol: TestClient and client).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9fd55d5a-b7cc-4a78-9df9-1f073bed6acf

📥 Commits

Reviewing files that changed from the base of the PR and between 567d18d and d771762.

📒 Files selected for processing (2)

• backend/tests/test_smoke.py
• frontend/next-env.d.ts

✅ Files skipped from review due to trivial changes (1)

• frontend/next-env.d.ts

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

For FastAPI 0.135.1 / Starlette TestClient, is lifespan (startup/shutdown) guaranteed when TestClient is instantiated at module scope without using with TestClient(app) as client?

💡 Result:

No, lifespan startup and shutdown events are not guaranteed to run if you instantiate TestClient without using the context manager (the with statement) [1][2][3]. When you use TestClient(app) as a standalone object without the with block, the application's lifespan lifecycle events (such as database connection initialization or cleanup) are skipped [1][3]. The TestClient is specifically designed to trigger these events only when entered as a context manager (e.g., with TestClient(app) as client:), which ensures the ASGI lifespan cycle is properly managed [4][2]. If your application relies on lifespan events for configuration, state setup, or resource management, failing to use the context manager will result in these resources not being initialized, frequently causing tests to fail with errors like KeyErrors or missing database connections [1][5][3]. To ensure correct behavior, you should always wrap the TestClient in a with statement or use it within a pytest fixture [1][3].

Citations:

• 1: https://openillumi.com/en/en-fastapi-lifespan-test-client-fix/
• 2: https://starlette.dev/testclient/
• 3: https://thecodeforge.io/python/fastapi-testing-pytest/
• 4: https://fastapi.tiangolo.com/advanced/testing-events/
• 5: https://stackoverflow.com/questions/78845218/fastapi-testclient-not-starting-lifetime-in-test

---

Use a per-test TestClient context to ensure ASGI lifespan runs.

Instantiating TestClient(app) at module scope can skip application startup/shutdown lifespan events; Starlette runs lifespan reliably only when TestClient is used via a context manager. Instantiate it inside the test for isolation.

Suggested change

-client = TestClient(app)
-
-
 def test_health():
-    resp = client.get("/health")
-    assert resp.status_code == 200
-    data = resp.json()
-    assert isinstance(data, dict)
-    assert data.get("status") == "healthy"
+    with TestClient(app) as client:
+        resp = client.get("/health")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert isinstance(data, dict)
+        assert data.get("status") == "healthy"

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@backend/tests/test_smoke.py` around lines 4 - 12, The TestClient is created
at module scope which can skip ASGI lifespan events; update the test_health
function to instantiate TestClient(app) inside a context manager (use with
TestClient(app) as client:) so startup/shutdown lifespans run and the test is
isolated; modify references to the module-level client to use the local client
variable within test_health (function name: test_health, symbol: TestClient and
client).

[divgunjan]

@Abhash-Chakraborty can u look into this pr and check for any conflicts that have not been resolved?

[Abhash-Chakraborty]

can you link this pr to issue. @divgunjan

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/ci.yml (1)

97-100: ⚡ Quick win

Add a timeout to backend-check to prevent stuck CI runs.

Now that full pytest runs in CI, set timeout-minutes on the job to cap hangs from stalled tests/network calls.

⏱️ Suggested tweak

   backend-check:
     needs: detect-changes
     if: needs.detect-changes.outputs.backend == 'true' || needs.detect-changes.outputs.shared == 'true' || needs.detect-changes.outputs.uncategorized == 'true'
     runs-on: ubuntu-latest
+    timeout-minutes: 20
     defaults:
       run:
         working-directory: ./backend

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 97 - 100, The backend-check GitHub
Actions job lacks a timeout and can hang; add a timeout-minutes key to the
backend-check job definition (the job named "backend-check") to cap CI run time
(e.g., timeout-minutes: 60) directly under the job-level keys so the workflow
aborts stalled pytest/test-network hangs; ensure the new key is aligned with
other job keys (alongside needs and runs-on) in the backend-check job block.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 1-20: The workflow uses default GITHUB_TOKEN permissions; add an
explicit top-level permissions block with least privilege (e.g., permissions:
contents: read) and then raise permissions only in jobs that need more (for
example in jobs like frontend-check, backend-check, compose-check) by adding a
job-level permissions override; modify the workflow YAML to include the
top-level permissions key and adjust individual job permissions where necessary
to avoid broad default token scope.

---

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 97-100: The backend-check GitHub Actions job lacks a timeout and
can hang; add a timeout-minutes key to the backend-check job definition (the job
named "backend-check") to cap CI run time (e.g., timeout-minutes: 60) directly
under the job-level keys so the workflow aborts stalled pytest/test-network
hangs; ensure the new key is aligned with other job keys (alongside needs and
runs-on) in the backend-check job block.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4ed773d3-2a26-43bd-acb6-0dd996392170

📥 Commits

Reviewing files that changed from the base of the PR and between dd7d972 and 4345aa0.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's internal server error or limits when posting large numbers of comments. If you are seeing this consistently it is likely a permissions issue. Please check "Moderation" -> "Code review limits" under your organization settings.

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/ci.yml (1)

97-100: ⚡ Quick win

Add a timeout to backend-check to prevent stuck CI runs.

Now that full pytest runs in CI, set timeout-minutes on the job to cap hangs from stalled tests/network calls.

⏱️ Suggested tweak

   backend-check:
     needs: detect-changes
     if: needs.detect-changes.outputs.backend == 'true' || needs.detect-changes.outputs.shared == 'true' || needs.detect-changes.outputs.uncategorized == 'true'
     runs-on: ubuntu-latest
+    timeout-minutes: 20
     defaults:
       run:
         working-directory: ./backend

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 97 - 100, The backend-check GitHub
Actions job lacks a timeout and can hang; add a timeout-minutes key to the
backend-check job definition (the job named "backend-check") to cap CI run time
(e.g., timeout-minutes: 60) directly under the job-level keys so the workflow
aborts stalled pytest/test-network hangs; ensure the new key is aligned with
other job keys (alongside needs and runs-on) in the backend-check job block.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 1-20: The workflow uses default GITHUB_TOKEN permissions; add an
explicit top-level permissions block with least privilege (e.g., permissions:
contents: read) and then raise permissions only in jobs that need more (for
example in jobs like frontend-check, backend-check, compose-check) by adding a
job-level permissions override; modify the workflow YAML to include the
top-level permissions key and adjust individual job permissions where necessary
to avoid broad default token scope.

---

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 97-100: The backend-check GitHub Actions job lacks a timeout and
can hang; add a timeout-minutes key to the backend-check job definition (the job
named "backend-check") to cap CI run time (e.g., timeout-minutes: 60) directly
under the job-level keys so the workflow aborts stalled pytest/test-network
hangs; ensure the new key is aligned with other job keys (alongside needs and
runs-on) in the backend-check job block.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4ed773d3-2a26-43bd-acb6-0dd996392170

📥 Commits

Reviewing files that changed from the base of the PR and between dd7d972 and 4345aa0.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

🛑 Comments failed to post (1)

.github/workflows/ci.yml (1)

1-20: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Set explicit least-privilege GitHub token permissions.

This workflow relies on default token permissions, which are broader than needed. Add an explicit permissions block (for example, contents: read) at workflow level, then elevate per-job only if required.

🔐 Minimal hardening patch

 name: CI
 
+permissions:
+  contents: read
+
 on:
   push:
     branches: ["main"]

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

name: CI

permissions:
  contents: read

# Trigger matrix (which paths wake which jobs):
#
#   Path pattern                    | frontend-check | backend-check | compose-check
#   --------------------------------|----------------|---------------|--------------
#   frontend/**                     |      yes       |      no       |      no
#   backend/**                      |      no        |      yes      |      no
#   .github/workflows/**            |      yes       |      yes      |      yes
#   docker-compose*.yml             |      yes       |      yes      |      yes
#   root/shared non-doc config      |      yes       |      yes      |      no
#   docs/**, *.md, ISSUE_TEMPLATE   |      no        |      no       |      no

on:
  push:
    branches: ["main"]
  pull_request:
    branches: ["main"]

jobs:

🧰 Tools

🪛 zizmor (1.25.2)

[warning] 1-150: overly broad permissions (excessive-permissions): default permissions used due to no permissions: block

(excessive-permissions)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 1 - 20, The workflow uses default
GITHUB_TOKEN permissions; add an explicit top-level permissions block with least
privilege (e.g., permissions: contents: read) and then raise permissions only in
jobs that need more (for example in jobs like frontend-check, backend-check,
compose-check) by adding a job-level permissions override; modify the workflow
YAML to include the top-level permissions key and adjust individual job
permissions where necessary to avoid broad default token scope.

Source: Linters/SAST tools

[Abhash-Chakraborty]

I cleaned this PR up so it is now scoped to the backend pytest CI step plus a small /health smoke test.

Validated locally:

• uv run ruff check tests/test_smoke.py
• uv run pytest tests/test_smoke.py -q

Keeping this as do-not-merge for now because the PR still does not link a valid issue and the PR body is still the template text. Please link/create the proper CI/testing issue and update the description before final approval.