# Integration test runner Job # Namespace is substituted at runtime via envsubst # Runs pytest against the integration test suite inside the sandbox namespace # # NOTE: The image must include the tests/integration/ directory. # The pipeline script (run_pipeline.sh) is responsible for building a test image # that layers tests/ on top of the query-api image, or using kubectl cp to inject # test files before the Job starts. # # Usage: # export NAMESPACE=stonks-inttest- # envsubst < infra/inttest/runner.yaml | kubectl apply -f - --- apiVersion: batch/v1 kind: Job metadata: name: inttest-runner namespace: ${NAMESPACE} labels: app: inttest-runner tier: testing app.kubernetes.io/part-of: stonks-oracle spec: activeDeadlineSeconds: 600 backoffLimit: 0 template: metadata: labels: app: inttest-runner tier: testing app.kubernetes.io/part-of: stonks-oracle spec: automountServiceAccountToken: false securityContext: runAsNonRoot: true runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 seccompProfile: type: RuntimeDefault restartPolicy: Never containers: - name: inttest-runner image: registry.celestium.life/stonks-oracle/query-api:latest imagePullPolicy: Always command: ["python", "-m", "pytest"] args: - "tests/integration/" - "-v" - "--tb=short" - "--junitxml=/tmp/results.xml" securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: drop: ["ALL"] env: # ── Infrastructure connections ────────────────────────────── - name: POSTGRES_HOST value: "postgres" - name: POSTGRES_PORT value: "5432" - name: POSTGRES_DB value: "stonks" - name: POSTGRES_USER value: "stonks" - name: POSTGRES_PASSWORD value: "inttest" - name: REDIS_HOST value: "redis" - name: REDIS_PORT value: "6379" - name: REDIS_DB value: "0" - name: REDIS_PASSWORD value: "" - name: MINIO_ENDPOINT value: "minio:9000" - name: MINIO_SECURE value: "false" - name: MINIO_ACCESS_KEY value: "minioadmin" - name: MINIO_SECRET_KEY value: "minioadmin" # ── Service URLs for HTTP test requests ───────────────────── - name: QUERY_API_URL value: "http://query-api:8000" - name: REGISTRY_API_URL value: "http://symbol-registry:8000" - name: RISK_API_URL value: "http://risk:8000" - name: TRADING_API_URL value: "http://trading-engine:8000" # ── Misc ──────────────────────────────────────────────────── - name: BROKER_MODE value: "paper" - name: LOG_LEVEL value: "INFO" - name: JSON_LOGS value: "false" resources: requests: cpu: 200m memory: 256Mi limits: cpu: "1" memory: 512Mi volumeMounts: - name: tmp mountPath: /tmp volumes: - name: tmp emptyDir: sizeLimit: 50Mi