Feature/pin spiff in ci (#428)

* attempt to use the locked version of SpiffWorkflow in ci w/ burnettk * fixed regex for spiffworkflow revision replacement * make sure we also update the lockfile when getting new spiff * install poetry before we attempt to update hte pyproject * hardcoding spiffworkflow revision as a test w/ burnettk * try running tests in ci from bash script w/ burnettk * print working dir in ci w/ burnettk * fixed location of instance dir w/ burnettk * run with mysql in ci * run typeguard with bash script as well w/ burnettk * fixed postgres test w/ burnettk * clean up github action file w/ burnettk * fixed postgres test again w/ burnettk * pyl * attempt to remove nox from ci completely * omit safety for now to test coverage * fixed how coverage is being called from not nox * allow running safety and macos again * renamed run_not_nox to run_ci_session w/ burnettk * attempt to only upload if matrix says to w/ burnettk * attempt to install mysqlclient prereqs for mac and remove noxfile stuff w/ burnettk * added back the constraints file w/ burnettk * moved the contributing file to the root of arena w/ burnettk --------- Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-08-03 11:49:30 -04:00 · 2023-08-03 11:49:30 -04:00 · 3f6fb4d9f5
parent 9c1eedee91
commit 3f6fb4d9f5
21 changed files with 12213 additions and 903 deletions
--- a/.github/workflows/backend_tests.yml
+++ b/.github/workflows/backend_tests.yml
@ -24,6 +24,7 @@ jobs:
              os: "ubuntu-latest",
              session: "tests",
              database: "mysql",
              upload_coverage: true,
            }
          - {
              python: "3.11",
@ -90,7 +91,7 @@ jobs:
      - name: Upgrade pip
        run: |
-          pip install --constraint=.github/workflows/constraints.txt pip
+          pip install --constraint=../.github/workflows/constraints.txt pip
          pip --version
      - name: Upgrade pip in virtual environments
@ -104,15 +105,9 @@ jobs:
      - name: Install Poetry
        run: |
-          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
+          pipx install --pip-args=--constraint=../.github/workflows/constraints.txt poetry
          poetry --version
      - name: Install Nox
        run: |
          pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
          pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
          nox --version
      # when we get an imcompatible sqlite migration again and need to combine all migrations into one for the benefit of sqlite
      # see if we can get the sqlite-specific block in the noxfile.py to work instead of this block in the github workflow,
      # which annoyingly runs python setup outside of the nox environment (which seems to be flakier on poetry install).
@ -146,13 +141,18 @@ jobs:
        run: docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_unit_testing -d postgres
        if: matrix.database == 'postgres'
-      - name: Run Nox
+      - name: Install mysqlclient lib dependencies
        if: matrix.os == 'macos-latest'
        run: |
-          nox --force-color --python=${{ matrix.python }}
+          brew install mysql pkg-config
      - name: Run Session
        run: |
          ./bin/run_ci_session ${{ matrix.session }}
      - name: Upload coverage data
        # pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
-        if: always() && matrix.session == 'tests' && matrix.python == '3.11' && matrix.os == 'ubuntu-latest' && matrix.database == 'mysql'
+        if: matrix.upload_coverage
        uses: "actions/upload-artifact@v3"
        # this action doesn't seem to respect working-directory so include working-directory value in path
        with:
@ -200,7 +200,7 @@ jobs:
          python-version: "3.11"
      - name: Install Poetry
        run: |
-          pipx install --pip-args=--constraint=spiffworkflow-backend/.github/workflows/constraints.txt poetry
+          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
          poetry --version
      - name: Poetry Install
        run: poetry install
@ -242,20 +242,14 @@ jobs:
      - name: Upgrade pip
        run: |
-          pip install --constraint=.github/workflows/constraints.txt pip
+          pip install --constraint=../.github/workflows/constraints.txt pip
          pip --version
      - name: Install Poetry
        run: |
-          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
+          pipx install --pip-args=--constraint=../.github/workflows/constraints.txt poetry
          poetry --version
      - name: Install Nox
        run: |
          pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
          pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
          nox --version
      - name: Download coverage data
        uses: actions/download-artifact@v3.0.2
        with:
@ -263,14 +257,9 @@ jobs:
          # this action doesn't seem to respect working-directory so include working-directory value in path
          path: spiffworkflow-backend
-      - name: Combine coverage data and display human readable report
+      - name: Run Coverage
        run: |
-          find . -name \*.pyc -delete
+          ./bin/run_ci_session coverage
          nox --force-color --session=coverage
      - name: Create coverage report
        run: |
          nox --force-color --session=coverage -- xml
      - name: Upload coverage report
        uses: codecov/codecov-action@v3.1.4
--- a/.github/workflows/constraints.txt
+++ b/.github/workflows/constraints.txt
@ -0,0 +1,2 @@
 pip==23.2.1
 poetry==1.5.1
--- a/spiffworkflow-backend/CONTRIBUTING.rst
+++ b/spiffworkflow-backend/CONTRIBUTING.rst
@ -46,8 +46,6 @@ How to set up your development environment
 You need Python 3.10+ and the following tools:
 - Poetry_
 - Nox_
 - nox-poetry_
 Install the package with development requirements:
@ -64,31 +62,24 @@ or the command-line interface:
   $ poetry run spiffworkflow-backend
 .. _Poetry: https://python-poetry.org/
 .. _Nox: https://nox.thea.codes/
 .. _nox-poetry: https://nox-poetry.readthedocs.io/
 How to test the project
 -----------------------
-Run the full test suite:
+Run the full test suite from the root of arena:
 .. code:: console
-   $ nox
+   $ ./bin/run_pyl
 List the available Nox sessions:
-.. code:: console
+You can also run a specific ci session.
   $ nox --list-sessions
 You can also run a specific Nox session.
 For example, invoke the unit test suite like this:
 .. code:: console
-   $ nox --session=tests
+   $ ./bin/run_ci_session tests
 Unit tests are located in the ``tests`` directory,
 and are written using the pytest_ testing framework.
@ -103,21 +94,13 @@ Open a `pull request`_ to submit changes to this project.
 Your pull request needs to meet the following guidelines for acceptance:
- The Nox test suite must pass without errors and warnings.
+- ./bin/run_pyl must pass without errors and warnings.
- Include unit tests. This project maintains 100% code coverage.
+- Include unit tests if practical.
 - If your changes add functionality, update the documentation accordingly.
 Feel free to submit early, though—we can always iterate on this.
 To run linting and code formatting checks before committing your change, you can install pre-commit as a Git hook by running the following command:
 .. code:: console
   $ nox --session=pre-commit -- install
 It is recommended to open an issue before starting work on anything.
 This will allow a chance to talk it over with the owners and validate your approach.
-.. _pull request: https://github.com/sartography/spiffworkflow-backend/pulls
+.. _pull request: https://github.com/sartography/spiff-arena/pulls
 .. github-only
 .. _Code of Conduct: CODE_OF_CONDUCT.rst
--- a/spiffworkflow-backend/.github/dependabot.yml
+++ b/spiffworkflow-backend/.github/dependabot.yml
@ -1,18 +0,0 @@
 version: 2
 updates:
  - package-ecosystem: github-actions
    directory: "/"
    schedule:
      interval: daily
  - package-ecosystem: pip
    directory: "/.github/workflows"
    schedule:
      interval: daily
  - package-ecosystem: pip
    directory: "/docs"
    schedule:
      interval: daily
  - package-ecosystem: pip
    directory: "/"
    schedule:
      interval: daily
--- a/spiffworkflow-backend/.github/labels.yml
+++ b/spiffworkflow-backend/.github/labels.yml
@ -1,66 +0,0 @@
 ---
 # Labels names are important as they are used by Release Drafter to decide
 # regarding where to record them in changelog or if to skip them.
 #
 # The repository labels will be automatically configured using this file and
 # the GitHub Action https://github.com/marketplace/actions/github-labeler.
 - name: breaking
  description: Breaking Changes
  color: bfd4f2
 - name: bug
  description: Something isn't working
  color: d73a4a
 - name: build
  description: Build System and Dependencies
  color: bfdadc
 - name: ci
  description: Continuous Integration
  color: 4a97d6
 - name: dependencies
  description: Pull requests that update a dependency file
  color: 0366d6
 - name: documentation
  description: Improvements or additions to documentation
  color: 0075ca
 - name: duplicate
  description: This issue or pull request already exists
  color: cfd3d7
 - name: enhancement
  description: New feature or request
  color: a2eeef
 - name: github_actions
  description: Pull requests that update Github_actions code
  color: "000000"
 - name: good first issue
  description: Good for newcomers
  color: 7057ff
 - name: help wanted
  description: Extra attention is needed
  color: 008672
 - name: invalid
  description: This doesn't seem right
  color: e4e669
 - name: performance
  description: Performance
  color: "016175"
 - name: python
  description: Pull requests that update Python code
  color: 2b67c6
 - name: question
  description: Further information is requested
  color: d876e3
 - name: refactoring
  description: Refactoring
  color: ef67c4
 - name: removal
  description: Removals and Deprecations
  color: 9ae7ea
 - name: style
  description: Style
  color: c120e5
 - name: testing
  description: Testing
  color: b1fc6f
 - name: wontfix
  description: This will not be worked on
  color: ffffff
--- a/spiffworkflow-backend/.github/release-drafter.yml
+++ b/spiffworkflow-backend/.github/release-drafter.yml
@ -1,29 +0,0 @@
 categories:
  - title: ":boom: Breaking Changes"
    label: "breaking"
  - title: ":rocket: Features"
    label: "enhancement"
  - title: ":fire: Removals and Deprecations"
    label: "removal"
  - title: ":beetle: Fixes"
    label: "bug"
  - title: ":racehorse: Performance"
    label: "performance"
  - title: ":rotating_light: Testing"
    label: "testing"
  - title: ":construction_worker: Continuous Integration"
    label: "ci"
  - title: ":books: Documentation"
    label: "documentation"
  - title: ":hammer: Refactoring"
    label: "refactoring"
  - title: ":lipstick: Style"
    label: "style"
  - title: ":package: Dependencies"
    labels:
      - "dependencies"
      - "build"
 template: |
  ## Changes
  $CHANGES
--- a/spiffworkflow-backend/.github/workflows/auto-merge-dependabot-prs.yml
+++ b/spiffworkflow-backend/.github/workflows/auto-merge-dependabot-prs.yml
@ -1,72 +0,0 @@
 name: Dependabot auto-merge
 on:
  workflow_run:
    workflows: ["Tests"]
    # completed does not mean success of Tests workflow. see below checking github.event.workflow_run.conclusion
    types:
      - completed
 # workflow_call is used to indicate that a workflow can be called by another workflow. When a workflow is triggered with the workflow_call event, the event payload in the called workflow is the same event payload from the calling workflow. For more information see, "Reusing workflows."
 # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request
 # maybe hook into this instead of workflow_run:
 # on:
 #   pull_request:
 #   pull_request_target:
 #     types: [labeled]
 permissions:
  contents: write
 jobs:
  # print the context for debugging in case a job gets skipped
  printJob:
    name: Print event
    runs-on: ubuntu-latest
    steps:
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: |
          echo "$GITHUB_CONTEXT"
  dependabot:
    runs-on: ubuntu-latest
    if: ${{ github.actor == 'dependabot[bot]' && github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' }}
    steps:
      - name: Development Code
        uses: actions/checkout@v3
      ###### GET PR NUMBER
      # we saved the pr_number in tests.yml. fetch it so we can merge the correct PR.
      # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
      - name: "Download artifact"
        uses: actions/github-script@v6
        with:
          script: |
            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
              owner: context.repo.owner,
              repo: context.repo.repo,
              run_id: context.payload.workflow_run.id,
            });
            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
              return artifact.name == "pr_number"
            })[0];
            let download = await github.rest.actions.downloadArtifact({
              owner: context.repo.owner,
              repo: context.repo.repo,
              artifact_id: matchArtifact.id,
              archive_format: 'zip',
            });
            let fs = require('fs');
            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_number.zip`, Buffer.from(download.data));
      - name: "Unzip artifact"
        run: unzip pr_number.zip
      ###########
      - name: print pr number
        run: cat pr_number
      - name: actually merge it
        run: gh pr merge --auto --merge "$(cat pr_number)"
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
--- a/spiffworkflow-backend/.github/workflows/constraints.txt
+++ b/spiffworkflow-backend/.github/workflows/constraints.txt
@ -1,5 +0,0 @@
 pip==23.2.1
 nox==2023.4.22
 nox-poetry==1.0.3
 poetry==1.5.1
 virtualenv==20.24.2
--- a/spiffworkflow-backend/.github/workflows/labeler.yml
+++ b/spiffworkflow-backend/.github/workflows/labeler.yml
@ -1,18 +0,0 @@
 name: Labeler
 on:
  push:
    branches:
      - main
 jobs:
  labeler:
    runs-on: ubuntu-latest
    steps:
      - name: Check out the repository
        uses: actions/checkout@v3.0.2
      - name: Run Labeler
        uses: crazy-max/ghaction-github-labeler@v3.1.1
        with:
          skip-delete: true
--- a/spiffworkflow-backend/.github/workflows/tests.yml
+++ b/spiffworkflow-backend/.github/workflows/tests.yml
@ -1,267 +0,0 @@
 name: Tests
 on:
  - push
  - pull_request
 jobs:
  tests:
    name: ${{ matrix.session }} ${{ matrix.python }} / ${{ matrix.os }} ${{ matrix.database }}
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        include:
          - { python: "3.11", os: "ubuntu-latest", session: "pre-commit" }
          - { python: "3.11", os: "ubuntu-latest", session: "safety" }
          - { python: "3.11", os: "ubuntu-latest", session: "mypy" }
          - { python: "3.10", os: "ubuntu-latest", session: "mypy" }
          - { python: "3.9", os: "ubuntu-latest", session: "mypy" }
          - {
              python: "3.11",
              os: "ubuntu-latest",
              session: "tests",
              database: "mysql",
            }
          - {
              python: "3.11",
              os: "ubuntu-latest",
              session: "tests",
              database: "postgres",
            }
          - {
              python: "3.11",
              os: "ubuntu-latest",
              session: "tests",
              database: "sqlite",
            }
          - {
              python: "3.10",
              os: "ubuntu-latest",
              session: "tests",
              database: "sqlite",
            }
          - {
              python: "3.9",
              os: "ubuntu-latest",
              session: "tests",
              database: "sqlite",
            }
          - {
              python: "3.10",
              os: "windows-latest",
              session: "tests",
              database: "sqlite",
            }
          - {
              python: "3.11",
              os: "macos-latest",
              session: "tests",
              database: "sqlite",
            }
          - {
              # typeguard 2.13.3 is broken with TypeDict in 3.11.
              # probably the next release fixes it.
              # https://github.com/agronholm/typeguard/issues/242
              python: "3.11",
              os: "ubuntu-latest",
              session: "typeguard",
              database: "sqlite",
            }
          - { python: "3.11", os: "ubuntu-latest", session: "xdoctest" }
          - { python: "3.11", os: "ubuntu-latest", session: "docs-build" }
    env:
      NOXSESSION: ${{ matrix.session }}
      SPIFF_DATABASE_TYPE: ${{ matrix.database }}
      FORCE_COLOR: "1"
      PRE_COMMIT_COLOR: "always"
      DB_PASSWORD: password
      FLASK_SESSION_SECRET_KEY: super_secret_key
    steps:
      - name: Check out the repository
        uses: actions/checkout@v3.0.2
      - name: Set up Python ${{ matrix.python }}
        uses: actions/setup-python@v4.2.0
        with:
          python-version: ${{ matrix.python }}
      - name: Upgrade pip
        run: |
          pip install --constraint=.github/workflows/constraints.txt pip
          pip --version
      - name: Upgrade pip in virtual environments
        shell: python
        run: |
          import os
          import pip
          with open(os.environ["GITHUB_ENV"], mode="a") as io:
              print(f"VIRTUALENV_PIP={pip.__version__}", file=io)
      - name: Install Poetry
        run: |
          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
          poetry --version
      - name: Install Nox
        run: |
          pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
          pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
          nox --version
      - name: Compute pre-commit cache key
        if: matrix.session == 'pre-commit'
        id: pre-commit-cache
        shell: python
        run: |
          import hashlib
          import sys
          python = "py{}.{}".format(*sys.version_info[:2])
          payload = sys.version.encode() + sys.executable.encode()
          digest = hashlib.sha256(payload).hexdigest()
          result = "${{ runner.os }}-{}-{}-pre-commit".format(python, digest[:8])
          print("::set-output name=result::{}".format(result))
      - name: Restore pre-commit cache
        uses: actions/cache@v3.0.11
        if: matrix.session == 'pre-commit'
        with:
          path: ~/.cache/pre-commit
          key: ${{ steps.pre-commit-cache.outputs.result }}-${{ hashFiles('.pre-commit-config.yaml') }}
          restore-keys: |
            ${{ steps.pre-commit-cache.outputs.result }}-
      - name: Setup Mysql
        uses: mirromutth/mysql-action@v1.1
        with:
          host port: 3306
          container port: 3306
          mysql version: "8.0"
          mysql database: "spiffworkflow_backend_unit_testing"
          mysql root password: password
        if: matrix.database == 'mysql'
      - name: Setup Postgres
        run: docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_unit_testing -d postgres
        if: matrix.database == 'postgres'
      - name: Run Nox
        run: |
          nox --force-color --python=${{ matrix.python }}
      - name: Upload coverage data
        # pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
        if: always() && matrix.session == 'tests' && matrix.python == '3.11' && matrix.os == 'ubuntu-latest' && matrix.database == 'mysql'
        uses: "actions/upload-artifact@v3.0.0"
        with:
          name: coverage-data
          path: ".coverage.*"
      - name: Upload documentation
        if: matrix.session == 'docs-build'
        uses: actions/upload-artifact@v3.0.0
        with:
          name: docs
          path: docs/_build
      - name: Upload logs
        if: failure() && matrix.session == 'tests'
        uses: "actions/upload-artifact@v3.0.0"
        with:
          name: logs-${{matrix.python}}-${{matrix.os}}-${{matrix.database}}
          path: "./log/*.log"
  check_docker_start_script:
    runs-on: ubuntu-latest
    steps:
      - name: Check out the repository
        uses: actions/checkout@v3.0.2
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
          fetch-depth: 0
      - name: start_backend
        run: ./bin/build_and_run_with_docker_compose
        timeout-minutes: 20
        env:
          SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA: "true"
      - name: wait_for_backend
        run: ./bin/wait_for_server_to_be_up 5
  coverage:
    runs-on: ubuntu-latest
    needs: tests
    steps:
      - name: Check out the repository
        uses: actions/checkout@v3.0.2
        with:
          # Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
          fetch-depth: 0
      - name: Set up Python
        uses: actions/setup-python@v4.2.0
        with:
          python-version: "3.11"
      - name: Upgrade pip
        run: |
          pip install --constraint=.github/workflows/constraints.txt pip
          pip --version
      - name: Install Poetry
        run: |
          pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
          poetry --version
      - name: Install Nox
        run: |
          pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
          pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
          nox --version
      - name: Download coverage data
        uses: actions/download-artifact@v3.0.1
        with:
          name: coverage-data
      - name: Combine coverage data and display human readable report
        run: |
          find . -name \*.pyc -delete
          nox --force-color --session=coverage
      - name: Create coverage report
        run: |
          nox --force-color --session=coverage -- xml
      - name: Upload coverage report
        uses: codecov/codecov-action@v3.1.0
      - name: SonarCloud Scan
        uses: sonarsource/sonarcloud-github-action@master
        # thought about just skipping dependabot
        # if: ${{ github.actor != 'dependabot[bot]' }}
        # but figured all pull requests seems better, since none of them will have access to sonarcloud.
        # however, with just skipping pull requests, the build associated with "Triggered via push" is also associated with the pull request and also fails hitting sonarcloud
        # if: ${{ github.event_name != 'pull_request' }}
        # so just skip everything but main
        if: github.ref_name == 'main'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      # part about saving PR number and then using it from auto-merge-dependabot-prs from:
      # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
      - name: Save PR number
        if: ${{ github.event_name == 'pull_request' }}
        env:
          PR_NUMBER: ${{ github.event.number }}
        run: |
          mkdir -p ./pr
          echo "$PR_NUMBER" > ./pr/pr_number
      - uses: actions/upload-artifact@v3
        with:
          name: pr_number
          path: pr/
--- a/spiffworkflow-backend/.gitignore
+++ b/spiffworkflow-backend/.gitignore
@ -2,7 +2,6 @@
 /.idea/
 /.coverage
 .coverage.*
 /.nox/
 /.python-version
 /.pytype/
 /dist/
--- a/spiffworkflow-backend/bin/codemod/remove_all_unused_functions
+++ b/spiffworkflow-backend/bin/codemod/remove_all_unused_functions
@ -16,7 +16,7 @@ fi
 list_of_unused_things="$(dead | grep -E '^[a-z].*is never read')"
-filename_patterns_to_ignore="(codemod|migrations/versions|conftest.py|noxfile.py)"
+filename_patterns_to_ignore="(codemod|migrations/versions|conftest.py)"
 while read -r line; do
  function_name="$(echo "$line" | awk '{print $1}')"
--- a/spiffworkflow-backend/bin/run_ci_session
+++ b/spiffworkflow-backend/bin/run_ci_session
@ -0,0 +1,78 @@
 #!/usr/bin/env bash
 function error_handler() {
  >&2 echo "Exited with BAD EXIT CODE '${2}' in ${0} script at line: ${1}."
  exit "$2"
 }
 trap 'error_handler ${LINENO} $?' ERR
 set -o errtrace -o errexit -o nounset -o pipefail
 script_dir="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
 supported_session_types=$(grep -E '^(el)?if.*\<session_type\>.*==' "$0" | sed -E 's/.*== "([^"]+)".*/\1/' | tr '\n' ' ')
 session_type="${1:-}"
 if [[ -z "${session_type}" ]] || ! grep -qE "\<${session_type}\>" <<<"$supported_session_types"; then
  if [[ -n "$session_type" ]]; then
    >&2 echo "ERROR: Given session typeis not supported - ${session_type}"
  fi
  >&2 echo "usage: $(basename "$0") [session_type]"
  >&2 echo -e "\tsupported session types: ${supported_session_types}"
  exit 1
 fi
 if [[ -z "${SPIFFWORKFLOW_BACKEND_RUNNING_IN_CI:-}" ]]; then
  export FLASK_SESSION_SECRET_KEY=super_secret_key
  export FORCE_COLOR="1"
  export PRE_COMMIT_COLOR="always"
  export SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD=
  export SPIFFWORKFLOW_BACKEND_DATABASE_TYPE=mysql
  export SPIFFWORKFLOW_BACKEND_RUNNING_IN_CI='true'
 fi
 function setup_db_for_ci() {
  # Set environment variables
  export FLASK_INSTANCE_PATH="${script_dir}/../src/instance"
  export FLASK_SESSION_SECRET_KEY="e7711a3ba96c46c68e084a86952de16f"
  export FLASK_APP="src/spiffworkflow_backend"
  export SPIFFWORKFLOW_BACKEND_ENV="unit_testing"
  # Check if SPIFFWORKFLOW_BACKEND_DATABASE_TYPE is set to "sqlite"
  if [[ "$SPIFFWORKFLOW_BACKEND_DATABASE_TYPE" == "sqlite" ]]; then
    # Remove existing migrations folder if it exists
    if [[ -d "migrations" ]]; then
      rm -rf "migrations"
    fi
      # Run the 'init' and 'migrate' tasks using flask
      poetry run flask db init
      poetry run flask db migrate
    fi
  # Run the 'upgrade' task using flask
  poetry run flask db upgrade
 }
 poetry install
 if [[ "${session_type}" == "tests" ]]; then
  setup_db_for_ci
  poetry run coverage run --parallel -m pytest
 elif [[ "${session_type}" == "typeguard" ]]; then
  setup_db_for_ci
  RUN_TYPEGUARD=true poetry run pytest
 elif [[ "${session_type}" == "mypy" ]]; then
  poetry run mypy src tests
 elif [[ "${session_type}" == "safety" ]]; then
  poetry run safety check --full-report
 elif [[ "${session_type}" == "coverage" ]]; then
  if ls .coverage.* 1> /dev/null 2>&1; then
      poetry run coverage combine
  fi
  poetry run coverage report
  poetry run coverage xml
 fi
--- a/spiffworkflow-backend/coverage.xml
+++ b/spiffworkflow-backend/coverage.xml
--- a/spiffworkflow-backend/noxfile.py
+++ b/spiffworkflow-backend/noxfile.py
@ -1,228 +0,0 @@
 """Nox sessions."""
 import os
 import shutil
 import sys
 from pathlib import Path
 from textwrap import dedent
 import nox
 try:
    from nox_poetry import Session
    from nox_poetry import session
 except ImportError:
    message = f"""\
    Nox failed to import the 'nox-poetry' package.
    Please install it using the following command:
    {sys.executable} -m pip install nox-poetry"""
    raise SystemExit(dedent(message)) from None
 package = "spiffworkflow_backend"
 python_versions = ["3.11", "3.10"]
 nox.needs_version = ">= 2021.6.6"
 nox.options.sessions = (
    "pre-commit",
    "safety",
    "mypy",
    "tests",
    "typeguard",
    "xdoctest",
    "docs-build",
 )
 def setup_database(session: Session) -> None:
    """Run database migrations against the database."""
    session.env["FLASK_INSTANCE_PATH"] = os.path.join(os.getcwd(), "instance", "testing")
    flask_env_key = "FLASK_SESSION_SECRET_KEY"
    session.env[flask_env_key] = "e7711a3ba96c46c68e084a86952de16f"
    session.env["FLASK_APP"] = "src/spiffworkflow_backend"
    session.env["SPIFFWORKFLOW_BACKEND_ENV"] = "unit_testing"
    if os.environ.get("SPIFFWORKFLOW_BACKEND_DATABASE_TYPE") == "sqlite":
        # maybe replace this sqlite-specific block with ./bin/recreate_db clean rmall
        # (if we can make it work, since it uses poetry),
        # which would also remove the migrations folder and re-create things as a single migration
        if os.path.exists("migrations"):
            import shutil
            shutil.rmtree("migrations")
        for task in ["init", "migrate"]:
            session.run("flask", "db", task)
    session.run("flask", "db", "upgrade")
 def activate_virtualenv_in_precommit_hooks(session: Session) -> None:
    """Activate virtualenv in hooks installed by pre-commit.
    This function patches git hooks installed by pre-commit to activate the
    session's virtual environment. This allows pre-commit to locate hooks in
    that environment when invoked from git.
    Args:
        session: The Session object.
    """
    assert session.bin is not None  # noqa: S101
    virtualenv = session.env.get("VIRTUAL_ENV")
    if virtualenv is None:
        return
    hookdir = Path(".git") / "hooks"
    if not hookdir.is_dir():
        return
    for hook in hookdir.iterdir():
        if hook.name.endswith(".sample") or not hook.is_file():
            continue
        text = hook.read_text()
        bindir = repr(session.bin)[1:-1]  # strip quotes
        if not (Path("A") == Path("a") and bindir.lower() in text.lower() or bindir in text):
            continue
        lines = text.splitlines()
        if not (lines[0].startswith("#!") and "python" in lines[0].lower()):
            continue
        header = dedent(
            f"""\
            import os
            os.environ["VIRTUAL_ENV"] = {virtualenv!r}
            os.environ["PATH"] = os.pathsep.join((
                {session.bin!r},
                os.environ.get("PATH", ""),
            ))
            """
        )
        lines.insert(1, header)
        hook.write_text("\n".join(lines))
@session(name="pre-commit", python="3.11")
 def precommit(session: Session) -> None:
    """Lint using pre-commit."""
    args = session.posargs or ["run", "--all-files", "--show-diff-on-failure"]
    session.install(
        "black",
        "darglint",
        "flake8",
        "flake8-bandit",
        "flake8-bugbear",
        "flake8-docstrings",
        "flake8-rst-docstrings",
        "pep8-naming",
        "pre-commit",
        "pre-commit-hooks",
        "pyupgrade",
        "reorder-python-imports",
    )
    session.run("pre-commit", *args)
    if args and args[0] == "install":
        activate_virtualenv_in_precommit_hooks(session)
@session(python="3.11")
 def safety(session: Session) -> None:
    """Scan dependencies for insecure packages."""
    requirements = session.poetry.export_requirements()
    session.install("safety")
    session.run("safety", "check", "--full-report", f"--file={requirements}")
@session(python=python_versions)
 def mypy(session: Session) -> None:
    """Type-check using mypy."""
    args = session.posargs or ["src", "tests"]
    session.install(".")
    session.install("mypy", "pytest")
    session.run("mypy", *args)
    if not session.posargs:
        session.run("mypy", f"--python-executable={sys.executable}", "noxfile.py")
@session(python=python_versions)
 def tests(session: Session) -> None:
    """Run the test suite."""
    session.install(".")
    session.install("coverage[toml]", "pytest", "pygments")
    try:
        setup_database(session)
        session.run("coverage", "run", "--parallel", "-m", "pytest", *session.posargs)
    finally:
        if session.interactive:
            session.notify("coverage", posargs=[])
@session
 def coverage(session: Session) -> None:
    """Produce the coverage report."""
    args = session.posargs or ["report"]
    session.install("coverage[toml]")
    if not session.posargs and any(Path().glob(".coverage.*")):
        session.run("coverage", "combine")
    session.run("coverage", *args)
@session(python=python_versions)
 def typeguard(session: Session) -> None:
    """Runtime type checking using Typeguard."""
    session.install(".")
    session.install("pytest", "typeguard", "pygments")
    setup_database(session)
    session.env["RUN_TYPEGUARD"] = "true"
    session.run("pytest", *session.posargs)
@session(python=python_versions)
 def xdoctest(session: Session) -> None:
    """Run examples with xdoctest."""
    if session.posargs:
        args = [package, *session.posargs]
    else:
        args = [f"--modname={package}", "--command=all"]
        if "FORCE_COLOR" in os.environ:
            args.append("--colored=1")
    session.install(".")
    session.install("xdoctest[colors]")
    session.run("python", "-m", "xdoctest", *args)
@session(name="docs-build", python="3.11")
 def docs_build(session: Session) -> None:
    """Build the documentation."""
    args = session.posargs or ["docs", "docs/_build"]
    if not session.posargs and "FORCE_COLOR" in os.environ:
        args.insert(0, "--color")
    session.install(".")
    session.install("sphinx", "sphinx-click", "furo")
    build_dir = Path("docs", "_build")
    if build_dir.exists():
        shutil.rmtree(build_dir)
    session.run("sphinx-build", *args)
@session(python="3.11")
 def docs(session: Session) -> None:
    """Build and serve the documentation with live reloading on file changes."""
    args = session.posargs or ["--open-browser", "docs", "docs/_build"]
    session.install(".")
    session.install("sphinx", "sphinx-autobuild", "sphinx-click", "furo")
    build_dir = Path("docs", "_build")
    if build_dir.exists():
        shutil.rmtree(build_dir)
    session.run("sphinx-autobuild", *args)
--- a/spiffworkflow-backend/poetry.lock
+++ b/spiffworkflow-backend/poetry.lock
@ -1,10 +1,9 @@
-# This file is automatically @generated by Poetry 1.4.2 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.5.1 and should not be changed by hand.
 [[package]]
 name = "alembic"
 version = "1.10.3"
 description = "A database migration tool for SQLAlchemy."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -24,7 +23,6 @@ tz = ["python-dateutil"]
 name = "aniso8601"
 version = "9.0.1"
 description = "A library for parsing ISO 8601 strings."
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -39,7 +37,6 @@ dev = ["black", "coverage", "isort", "pre-commit", "pyenchant", "pylint"]
 name = "apscheduler"
 version = "3.10.1"
 description = "In-process task scheduler with Cron-like capabilities"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -51,7 +48,7 @@ files = [
 pytz = "*"
 setuptools = ">=0.7"
 six = ">=1.4.0"
-tzlocal = ">=2.0,<3.0.0 || >=4.0.0"
+tzlocal = ">=2.0,<3.dev0 || >=4.dev0"
 [package.extras]
 doc = ["sphinx", "sphinx-rtd-theme"]
@ -69,7 +66,6 @@ zookeeper = ["kazoo"]
 name = "attrs"
 version = "22.2.0"
 description = "Classes Without Boilerplate"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -88,7 +84,6 @@ tests-no-zope = ["cloudpickle", "cloudpickle", "hypothesis", "hypothesis", "mypy
 name = "bandit"
 version = "1.7.2"
 description = "Security oriented static analyser for python code."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -111,7 +106,6 @@ yaml = ["PyYAML"]
 name = "bcrypt"
 version = "4.0.1"
 description = "Modern password hashing for your software and your servers"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -146,7 +140,6 @@ typecheck = ["mypy"]
 name = "black"
 version = "22.12.0"
 description = "The uncompromising code formatter."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -181,7 +174,6 @@ uvloop = ["uvloop (>=0.15.2)"]
 name = "blinker"
 version = "1.6.2"
 description = "Fast, simple object-to-object and broadcast signaling"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -193,7 +185,6 @@ files = [
 name = "certifi"
 version = "2023.7.22"
 description = "Python package for providing Mozilla's CA Bundle."
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -205,7 +196,6 @@ files = [
 name = "cffi"
 version = "1.15.1"
 description = "Foreign Function Interface for Python calling C code."
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -282,7 +272,6 @@ pycparser = "*"
 name = "cfgv"
 version = "3.3.1"
 description = "Validate configuration and produce human readable error messages."
 category = "dev"
 optional = false
 python-versions = ">=3.6.1"
 files = [
@ -294,7 +283,6 @@ files = [
 name = "charset-normalizer"
 version = "3.1.0"
 description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet."
 category = "main"
 optional = false
 python-versions = ">=3.7.0"
 files = [
@ -379,7 +367,6 @@ files = [
 name = "click"
 version = "8.1.3"
 description = "Composable command line interface toolkit"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -394,7 +381,6 @@ colorama = {version = "*", markers = "platform_system == \"Windows\""}
 name = "clickclick"
 version = "20.10.2"
 description = "Click utility functions"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -410,7 +396,6 @@ PyYAML = ">=3.11"
 name = "colorama"
 version = "0.4.6"
 description = "Cross-platform colored terminal text."
 category = "main"
 optional = false
 python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7"
 files = [
@ -422,7 +407,6 @@ files = [
 name = "configparser"
 version = "5.3.0"
 description = "Updated configparser from stdlib for earlier Pythons."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -438,7 +422,6 @@ testing = ["flake8 (<5)", "pytest (>=6)", "pytest-black (>=0.3.7)", "pytest-chec
 name = "connexion"
 version = "2.14.1"
 description = "Connexion - API first applications with OpenAPI/Swagger and Flask"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -469,7 +452,6 @@ tests = ["MarkupSafe (>=0.23)", "aiohttp (>=2.3.10,<4)", "aiohttp-jinja2 (>=0.14
 name = "coverage"
 version = "6.5.0"
 description = "Code coverage measurement for Python"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -535,7 +517,6 @@ toml = ["tomli"]
 name = "cryptography"
 version = "41.0.3"
 description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -581,7 +562,6 @@ test-randomorder = ["pytest-randomly"]
 name = "dateparser"
 version = "1.1.8"
 description = "Date parsing library designed to parse dates from HTML pages"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -604,7 +584,6 @@ langdetect = ["langdetect"]
 name = "distlib"
 version = "0.3.6"
 description = "Distribution utilities"
 category = "dev"
 optional = false
 python-versions = "*"
 files = [
@ -616,7 +595,6 @@ files = [
 name = "dparse"
 version = "0.6.2"
 description = "A parser for Python dependency files"
 category = "dev"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -636,7 +614,6 @@ pipenv = ["pipenv"]
 name = "exceptiongroup"
 version = "1.1.1"
 description = "Backport of PEP 654 (exception groups)"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -651,7 +628,6 @@ test = ["pytest (>=6)"]
 name = "execnet"
 version = "1.9.0"
 description = "execnet: rapid multi-Python deployment"
 category = "dev"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
 files = [
@ -666,7 +642,6 @@ testing = ["pre-commit"]
 name = "filelock"
 version = "3.11.0"
 description = "A platform independent file lock."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -682,7 +657,6 @@ testing = ["covdefaults (>=2.3)", "coverage (>=7.2.2)", "diff-cover (>=7.5)", "p
 name = "flask"
 version = "2.2.5"
 description = "A simple framework for building complex web applications."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -704,7 +678,6 @@ dotenv = ["python-dotenv"]
 name = "flask-admin"
 version = "1.6.1"
 description = "Simple and extensible admin interface framework for Flask"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -724,7 +697,6 @@ azure = ["azure-storage-blob"]
 name = "flask-bcrypt"
 version = "1.0.1"
 description = "Brcrypt hashing for Flask."
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -740,7 +712,6 @@ Flask = "*"
 name = "flask-cors"
 version = "3.0.10"
 description = "A Flask extension adding a decorator for CORS support"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -756,7 +727,6 @@ Six = "*"
 name = "flask-jwt-extended"
 version = "4.4.4"
 description = "Extended JWT integration with Flask"
 category = "main"
 optional = false
 python-versions = ">=3.7,<4"
 files = [
@ -776,7 +746,6 @@ asymmetric-crypto = ["cryptography (>=3.3.1)"]
 name = "flask-mail"
 version = "0.9.1"
 description = "Flask extension for sending email"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -791,7 +760,6 @@ Flask = "*"
 name = "flask-marshmallow"
 version = "0.15.0"
 description = "Flask + marshmallow for beautiful APIs"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -814,7 +782,6 @@ tests = ["flask-sqlalchemy (>=3.0.0)", "marshmallow-sqlalchemy (>=0.28.2)", "moc
 name = "flask-migrate"
 version = "4.0.4"
 description = "SQLAlchemy database migrations for Flask applications using Alembic."
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -831,7 +798,6 @@ Flask-SQLAlchemy = ">=1.0"
 name = "flask-restful"
 version = "0.3.9"
 description = "Simple framework for creating REST APIs"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -852,7 +818,6 @@ docs = ["sphinx"]
 name = "flask-simple-crypt"
 version = "0.3.3"
 description = "Flask extension based on simple-crypt that allows simple, secure encryption and decryption for Python."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -868,7 +833,6 @@ pycryptodome = "*"
 name = "flask-sqlalchemy"
 version = "3.0.3"
 description = "Add SQLAlchemy support to your Flask application."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -884,7 +848,6 @@ SQLAlchemy = ">=1.4.18"
 name = "gitdb"
 version = "4.0.10"
 description = "Git Object Database"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -899,7 +862,6 @@ smmap = ">=3.0.1,<6"
 name = "gitpython"
 version = "3.1.31"
 description = "GitPython is a Python library used to interact with Git repositories"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -914,7 +876,6 @@ gitdb = ">=4.0.1,<5"
 name = "greenlet"
 version = "2.0.2"
 description = "Lightweight in-process concurrent programming"
 category = "main"
 optional = false
 python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*"
 files = [
@ -988,7 +949,6 @@ test = ["objgraph", "psutil"]
 name = "gunicorn"
 version = "20.1.0"
 description = "WSGI HTTP Server for UNIX"
 category = "main"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -1009,7 +969,6 @@ tornado = ["tornado (>=0.2)"]
 name = "identify"
 version = "2.5.22"
 description = "File identification library for Python"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1024,7 +983,6 @@ license = ["ukkonen"]
 name = "idna"
 version = "3.4"
 description = "Internationalized Domain Names in Applications (IDNA)"
 category = "main"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -1036,7 +994,6 @@ files = [
 name = "inflection"
 version = "0.5.1"
 description = "A port of Ruby on Rails inflector to Python"
 category = "main"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -1048,7 +1005,6 @@ files = [
 name = "iniconfig"
 version = "2.0.0"
 description = "brain-dead simple config-ini parsing"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1060,7 +1016,6 @@ files = [
 name = "itsdangerous"
 version = "2.1.2"
 description = "Safely pass data to untrusted environments and back."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1072,7 +1027,6 @@ files = [
 name = "jinja2"
 version = "3.1.2"
 description = "A very fast and expressive template engine."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1090,7 +1044,6 @@ i18n = ["Babel (>=2.7)"]
 name = "jsonschema"
 version = "4.17.3"
 description = "An implementation of JSON Schema validation for Python"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1110,7 +1063,6 @@ format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339-
 name = "lxml"
 version = "4.9.2"
 description = "Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API."
 category = "main"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, != 3.4.*"
 files = [
@ -1203,7 +1155,6 @@ source = ["Cython (>=0.29.7)"]
 name = "mako"
 version = "1.2.4"
 description = "A super-fast templating language that borrows the best ideas from the existing templating languages."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1223,7 +1174,6 @@ testing = ["pytest"]
 name = "markupsafe"
 version = "2.1.2"
 description = "Safely add untrusted strings to HTML/XML markup."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1283,7 +1233,6 @@ files = [
 name = "marshmallow"
 version = "3.19.0"
 description = "A lightweight library for converting complex datatypes to and from native Python datatypes."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1304,7 +1253,6 @@ tests = ["pytest", "pytz", "simplejson"]
 name = "marshmallow-enum"
 version = "1.5.1"
 description = "Enum field for Marshmallow"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -1319,7 +1267,6 @@ marshmallow = ">=2.0.0"
 name = "marshmallow-sqlalchemy"
 version = "0.29.0"
 description = "SQLAlchemy integration with the marshmallow (de)serialization library"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1342,7 +1289,6 @@ tests = ["pytest", "pytest-lazy-fixture (>=0.6.2)"]
 name = "mypy"
 version = "1.2.0"
 description = "Optional static typing for Python"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1389,7 +1335,6 @@ reports = ["lxml"]
 name = "mypy-extensions"
 version = "1.0.0"
 description = "Type system extensions for programs checked with the mypy type checker."
 category = "main"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -1401,7 +1346,6 @@ files = [
 name = "mysqlclient"
 version = "2.2.0"
 description = "Python interface to MySQL"
 category = "main"
 optional = false
 python-versions = ">=3.8"
 files = [
@ -1418,7 +1362,6 @@ files = [
 name = "nodeenv"
 version = "1.7.0"
 description = "Node.js virtual environment builder"
 category = "dev"
 optional = false
 python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*"
 files = [
@ -1433,7 +1376,6 @@ setuptools = "*"
 name = "packaging"
 version = "21.3"
 description = "Core utilities for Python packages"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -1448,7 +1390,6 @@ pyparsing = ">=2.0.2,<3.0.5 || >3.0.5"
 name = "pathspec"
 version = "0.11.1"
 description = "Utility library for gitignore style pattern matching of file paths."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1460,7 +1401,6 @@ files = [
 name = "pbr"
 version = "5.11.1"
 description = "Python Build Reasonableness"
 category = "dev"
 optional = false
 python-versions = ">=2.6"
 files = [
@ -1472,7 +1412,6 @@ files = [
 name = "platformdirs"
 version = "3.2.0"
 description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1488,7 +1427,6 @@ test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest (>=7.2.2)", "pytest-
 name = "pluggy"
 version = "1.0.0"
 description = "plugin and hook calling mechanisms for python"
 category = "dev"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -1504,7 +1442,6 @@ testing = ["pytest", "pytest-benchmark"]
 name = "pre-commit"
 version = "2.21.0"
 description = "A framework for managing and maintaining multi-language pre-commit hooks."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1523,7 +1460,6 @@ virtualenv = ">=20.10.0"
 name = "pre-commit-hooks"
 version = "4.4.0"
 description = "Some out-of-the-box hooks for pre-commit."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1539,7 +1475,6 @@ tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""}
 name = "prometheus-client"
 version = "0.16.0"
 description = "Python client for the Prometheus monitoring system."
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -1554,7 +1489,6 @@ twisted = ["twisted"]
 name = "prometheus-flask-exporter"
 version = "0.22.3"
 description = "Prometheus metrics exporter for Flask"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -1570,7 +1504,6 @@ prometheus-client = "*"
 name = "psycopg2"
 version = "2.9.6"
 description = "psycopg2 - Python-PostgreSQL Database Adapter"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -1593,7 +1526,6 @@ files = [
 name = "pycparser"
 version = "2.21"
 description = "C parser in Python"
 category = "main"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
 files = [
@ -1605,7 +1537,6 @@ files = [
 name = "pycryptodome"
 version = "3.17"
 description = "Cryptographic library for Python"
 category = "main"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
 files = [
@ -1648,7 +1579,6 @@ files = [
 name = "pygments"
 version = "2.15.1"
 description = "Pygments is a syntax highlighting package written in Python."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1663,7 +1593,6 @@ plugins = ["importlib-metadata"]
 name = "pyjwt"
 version = "2.6.0"
 description = "JSON Web Token implementation in Python"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1681,7 +1610,6 @@ tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"]
 name = "pyparsing"
 version = "3.0.9"
 description = "pyparsing module - Classes and methods to define and execute parsing grammars"
 category = "main"
 optional = false
 python-versions = ">=3.6.8"
 files = [
@ -1696,7 +1624,6 @@ diagrams = ["jinja2", "railroad-diagrams"]
 name = "pyrsistent"
 version = "0.19.3"
 description = "Persistent/Functional/Immutable data structures"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1733,7 +1660,6 @@ files = [
 name = "pytest"
 version = "7.4.0"
 description = "pytest: simple powerful testing with Python"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1756,7 +1682,6 @@ testing = ["argcomplete", "attrs (>=19.2.0)", "hypothesis (>=3.56)", "mock", "no
 name = "pytest-flask"
 version = "1.2.0"
 description = "A set of py.test fixtures to test Flask applications."
 category = "dev"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -1776,7 +1701,6 @@ docs = ["Sphinx", "sphinx-rtd-theme"]
 name = "pytest-flask-sqlalchemy"
 version = "1.1.0"
 description = "A pytest plugin for preserving test isolation in Flask-SQlAlchemy using database transactions."
 category = "dev"
 optional = false
 python-versions = "*"
 files = [
@ -1798,7 +1722,6 @@ tests = ["psycopg2-binary", "pytest (>=6.0.1)", "pytest-postgresql (>=2.4.0,<4.0
 name = "pytest-mock"
 version = "3.10.0"
 description = "Thin-wrapper around the mock package for easier use with pytest"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1816,7 +1739,6 @@ dev = ["pre-commit", "pytest-asyncio", "tox"]
 name = "pytest-random-order"
 version = "1.1.0"
 description = "Randomise the order in which pytest tests are run with some control over the randomness"
 category = "dev"
 optional = false
 python-versions = ">=3.5.0"
 files = [
@ -1831,7 +1753,6 @@ pytest = ">=3.0.0"
 name = "pytest-xdist"
 version = "3.3.1"
 description = "pytest xdist plugin for distributed testing, most importantly across multiple CPUs"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -1852,7 +1773,6 @@ testing = ["filelock"]
 name = "python-dateutil"
 version = "2.8.2"
 description = "Extensions to the standard Python datetime module"
 category = "main"
 optional = false
 python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7"
 files = [
@ -1867,7 +1787,6 @@ six = ">=1.5"
 name = "pytz"
 version = "2022.7.1"
 description = "World timezone definitions, modern and historical"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -1879,7 +1798,6 @@ files = [
 name = "pytz-deprecation-shim"
 version = "0.1.0.post0"
 description = "Shims to make deprecation of pytz easier"
 category = "main"
 optional = false
 python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,>=2.7"
 files = [
@ -1894,7 +1812,6 @@ tzdata = {version = "*", markers = "python_version >= \"3.6\""}
 name = "pyyaml"
 version = "6.0"
 description = "YAML parser and emitter for Python"
 category = "main"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -1944,7 +1861,6 @@ files = [
 name = "regex"
 version = "2023.3.23"
 description = "Alternative regular expression module, to replace re."
 category = "main"
 optional = false
 python-versions = ">=3.8"
 files = [
@ -2014,7 +1930,6 @@ files = [
 name = "requests"
 version = "2.31.0"
 description = "Python HTTP for Humans."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2036,7 +1951,6 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"]
 name = "restrictedpython"
 version = "6.1"
 description = "RestrictedPython is a defined subset of the Python language which allows to provide a program input into a trusted environment."
 category = "main"
 optional = false
 python-versions = ">=3.6, <3.12"
 files = [
@ -2052,7 +1966,6 @@ test = ["pytest", "pytest-mock"]
 name = "ruamel-yaml"
 version = "0.17.21"
 description = "ruamel.yaml is a YAML parser/emitter that supports roundtrip preservation of comments, seq/map flow style, and map key order"
 category = "dev"
 optional = false
 python-versions = ">=3"
 files = [
@ -2071,7 +1984,6 @@ jinja2 = ["ruamel.yaml.jinja2 (>=0.2)"]
 name = "ruamel-yaml-clib"
 version = "0.2.7"
 description = "C version of reader, parser and emitter for ruamel.yaml derived from libyaml"
 category = "dev"
 optional = false
 python-versions = ">=3.5"
 files = [
@ -2118,7 +2030,6 @@ files = [
 name = "ruff"
 version = "0.0.270"
 description = "An extremely fast Python linter, written in Rust."
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2145,7 +2056,6 @@ files = [
 name = "safety"
 version = "2.3.5"
 description = "Checks installed dependencies for known vulnerabilities and licenses."
 category = "dev"
 optional = false
 python-versions = "*"
 files = [
@ -2169,7 +2079,6 @@ gitlab = ["python-gitlab (>=1.3.0)"]
 name = "sentry-sdk"
 version = "1.19.1"
 description = "Python client for Sentry (https://sentry.io)"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2211,7 +2120,6 @@ tornado = ["tornado (>=5)"]
 name = "setuptools"
 version = "65.7.0"
 description = "Easily download, build, install, upgrade, and uninstall Python packages"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2228,7 +2136,6 @@ testing-integration = ["build[virtualenv]", "filelock (>=3.4.0)", "jaraco.envs (
 name = "simplejson"
 version = "3.19.1"
 description = "Simple, fast, extensible JSON encoder/decoder for Python"
 category = "main"
 optional = false
 python-versions = ">=2.5, !=3.0.*, !=3.1.*, !=3.2.*"
 files = [
@ -2323,7 +2230,6 @@ files = [
 name = "six"
 version = "1.16.0"
 description = "Python 2 and 3 compatibility utilities"
 category = "main"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*"
 files = [
@ -2335,7 +2241,6 @@ files = [
 name = "smmap"
 version = "5.0.0"
 description = "A pure Python implementation of a sliding window memory map manager"
 category = "dev"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -2347,7 +2252,6 @@ files = [
 name = "spiff-element-units"
 version = "0.3.0"
 description = ""
 category = "main"
 optional = false
 python-versions = ">=3.9"
 files = [
@ -2368,7 +2272,6 @@ files = [
 name = "SpiffWorkflow"
 version = "2.0.0rc0"
 description = "A workflow framework and BPMN/DMN Processor"
 category = "main"
 optional = false
 python-versions = "*"
 files = []
@ -2388,7 +2291,6 @@ resolved_reference = "9bd018e596d42b897da67ff894f458d6bc40bdf9"
 name = "sqlalchemy"
 version = "2.0.9"
 description = "Database Abstraction Library"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2436,7 +2338,7 @@ files = [
 ]
 [package.dependencies]
-greenlet = {version = "!=0.4.17", markers = "platform_machine == \"aarch64\" or platform_machine == \"ppc64le\" or platform_machine == \"x86_64\" or platform_machine == \"amd64\" or platform_machine == \"AMD64\" or platform_machine == \"win32\" or platform_machine == \"WIN32\""}
+greenlet = {version = "!=0.4.17", markers = "platform_machine == \"win32\" or platform_machine == \"WIN32\" or platform_machine == \"AMD64\" or platform_machine == \"amd64\" or platform_machine == \"x86_64\" or platform_machine == \"ppc64le\" or platform_machine == \"aarch64\""}
 typing-extensions = ">=4.2.0"
 [package.extras]
@ -2466,7 +2368,6 @@ sqlcipher = ["sqlcipher3-binary"]
 name = "sqlalchemy-stubs"
 version = "0.4"
 description = "SQLAlchemy stubs and mypy plugin"
 category = "main"
 optional = false
 python-versions = "*"
 files = []
@ -2486,7 +2387,6 @@ resolved_reference = "d1176931684ce5b327539cc9567d4a1cd8ef1efd"
 name = "stevedore"
 version = "5.0.0"
 description = "Manage dynamic plugins for Python applications"
 category = "dev"
 optional = false
 python-versions = ">=3.8"
 files = [
@ -2501,7 +2401,6 @@ pbr = ">=2.0.0,<2.1.0 || >2.1.0"
 name = "swagger-ui-bundle"
 version = "0.0.9"
 description = "swagger_ui_bundle - swagger-ui files in a pip package"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2516,7 +2415,6 @@ Jinja2 = ">=2.0"
 name = "toml"
 version = "0.10.2"
 description = "Python Library for Tom's Obvious, Minimal Language"
 category = "dev"
 optional = false
 python-versions = ">=2.6, !=3.0.*, !=3.1.*, !=3.2.*"
 files = [
@ -2528,7 +2426,6 @@ files = [
 name = "tomli"
 version = "2.0.1"
 description = "A lil' TOML parser"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2540,7 +2437,6 @@ files = [
 name = "typeguard"
 version = "3.0.2"
 description = "Run-time type checker for Python"
 category = "dev"
 optional = false
 python-versions = ">=3.7.4"
 files = [
@ -2559,7 +2455,6 @@ test = ["mypy (>=0.991)", "pytest (>=7)"]
 name = "types-click"
 version = "7.1.8"
 description = "Typing stubs for click"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2571,7 +2466,6 @@ files = [
 name = "types-dateparser"
 version = "1.1.4.9"
 description = "Typing stubs for dateparser"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2583,7 +2477,6 @@ files = [
 name = "types-flask"
 version = "1.1.6"
 description = "Typing stubs for Flask"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2600,7 +2493,6 @@ types-Werkzeug = "*"
 name = "types-jinja2"
 version = "2.11.9"
 description = "Typing stubs for Jinja2"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2615,7 +2507,6 @@ types-MarkupSafe = "*"
 name = "types-markupsafe"
 version = "1.1.10"
 description = "Typing stubs for MarkupSafe"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2627,7 +2518,6 @@ files = [
 name = "types-pytz"
 version = "2022.7.1.2"
 description = "Typing stubs for pytz"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2639,7 +2529,6 @@ files = [
 name = "types-pyyaml"
 version = "6.0.12.9"
 description = "Typing stubs for PyYAML"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2651,7 +2540,6 @@ files = [
 name = "types-requests"
 version = "2.28.11.17"
 description = "Typing stubs for requests"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2666,7 +2554,6 @@ types-urllib3 = "<1.27"
 name = "types-urllib3"
 version = "1.26.25.10"
 description = "Typing stubs for urllib3"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2678,7 +2565,6 @@ files = [
 name = "types-werkzeug"
 version = "1.0.9"
 description = "Typing stubs for Werkzeug"
 category = "main"
 optional = false
 python-versions = "*"
 files = [
@ -2690,7 +2576,6 @@ files = [
 name = "typing-extensions"
 version = "4.5.0"
 description = "Backported and Experimental Type Hints for Python 3.7+"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2702,7 +2587,6 @@ files = [
 name = "tzdata"
 version = "2023.3"
 description = "Provider of IANA time zone data"
 category = "main"
 optional = false
 python-versions = ">=2"
 files = [
@ -2714,7 +2598,6 @@ files = [
 name = "tzlocal"
 version = "4.3"
 description = "tzinfo object for the local timezone"
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2733,7 +2616,6 @@ devenv = ["black", "check-manifest", "flake8", "pyroma", "pytest (>=4.3)", "pyte
 name = "urllib3"
 version = "1.26.15"
 description = "HTTP library with thread-safe connection pooling, file post, and more."
 category = "main"
 optional = false
 python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*"
 files = [
@ -2750,7 +2632,6 @@ socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"]
 name = "virtualenv"
 version = "20.21.0"
 description = "Virtual Python Environment builder"
 category = "dev"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2771,7 +2652,6 @@ test = ["covdefaults (>=2.2.2)", "coverage (>=7.1)", "coverage-enable-subprocess
 name = "werkzeug"
 version = "2.3.4"
 description = "The comprehensive WSGI web application library."
 category = "main"
 optional = false
 python-versions = ">=3.8"
 files = [
@ -2789,7 +2669,6 @@ watchdog = ["watchdog (>=2.3)"]
 name = "wtforms"
 version = "3.0.1"
 description = "Form validation and rendering for Python web development."
 category = "main"
 optional = false
 python-versions = ">=3.7"
 files = [
@ -2807,7 +2686,6 @@ email = ["email-validator"]
 name = "xdoctest"
 version = "1.1.1"
 description = "A rewrite of the builtin doctest module"
 category = "dev"
 optional = false
 python-versions = ">=3.6"
 files = [
@ -2836,4 +2714,4 @@ tests-strict = ["codecov (==2.0.15)", "pytest (==4.6.0)", "pytest (==4.6.0)", "p
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.10,<3.12"
-content-hash = "54f8f812dac1e3ce391b5e0a5b9505862cd55507eb017cfb5c58dab48614ffe5"
+content-hash = "43d6e84c8ef9e0ea48876bb490f8486b6e25bff2ada6981c739e03b35ea3da6c"
--- a/spiffworkflow-backend/pyproject.toml
+++ b/spiffworkflow-backend/pyproject.toml
@ -53,17 +53,6 @@ Jinja2 = "^3.1.2"
 RestrictedPython = "^6.0"
 Flask-SQLAlchemy = "^3"
 # type hinting stuff
 # these need to be in the normal (non dev-dependencies) section
 # because if not then poetry export won't have them and nox -s mypy --pythons 3.10
 # will fail
 types-dateparser = "^1.1.4.1"
 types-Werkzeug = "^1.0.9"
 types-PyYAML = "^6.0.12"
 types-Flask = "^1.1.6"
 types-requests = "^2.28.6"
 types-pytz = "^2022.1.1"
 # https://github.com/dropbox/sqlalchemy-stubs/pull/251
 # someday get off github
 # sqlalchemy-stubs = "^0.4"
@ -108,6 +97,14 @@ bandit = "1.7.2"
 pre-commit-hooks = "^4.0.1"
 Pygments = "^2.10.0"
 # type hinting stuff
 types-dateparser = "^1.1.4.1"
 types-Werkzeug = "^1.0.9"
 types-PyYAML = "^6.0.12"
 types-Flask = "^1.1.6"
 types-requests = "^2.28.6"
 types-pytz = "^2022.1.1"
 [tool.poetry.scripts]
 spiffworkflow-backend = "spiffworkflow_backend.__main__:main"
--- a/spiffworkflow-backend/sonar-project.properties
+++ b/spiffworkflow-backend/sonar-project.properties
@ -8,6 +8,6 @@ sonar.test.inclusions=tests
 # it's finding "bugs" we don't care about in the deprecated UI
 sonar.exclusions=migrations/**,bin/keycloak_test_server.py,src/spiffworkflow_backend/routes/admin_blueprint/templates/*.html
-sonar.coverage.exclusions=noxfile.py,conftest.py
+sonar.coverage.exclusions=conftest.py
 # sonar.exclusions=crc/templates/*.html,docs/**,config/**,instance/**,migrations/**,postgres/**,readme_images/**,schema/**,templates/**
 # sonar.sources=crc
--- a/spiffworkflow-backend/src/spiffworkflow_backend/routes/data_store_controller.py
+++ b/spiffworkflow-backend/src/spiffworkflow_backend/routes/data_store_controller.py
@ -15,7 +15,7 @@ def data_store_list() -> flask.wrappers.Response:
    # Right now the only data store we support is type ahead
-    for cat in db.session.query(TypeaheadModel.category).distinct():  # type: ignore
+    for cat in db.session.query(TypeaheadModel.category).distinct().order_by(TypeaheadModel.category):  # type: ignore
        data_stores.append({"name": cat[0], "type": "typeahead"})
    return make_response(jsonify(data_stores), 200)
@ -26,7 +26,9 @@ def data_store_item_list(
 ) -> flask.wrappers.Response:
    """Returns a list of the items in a data store."""
    if data_store_type == "typeahead":
-        data_store_query = TypeaheadModel.query.filter_by(category=name)
+        data_store_query = TypeaheadModel.query.filter_by(category=name).order_by(
            TypeaheadModel.category, TypeaheadModel.search_term
        )
        data = data_store_query.paginate(page=page, per_page=per_page, error_out=False)
        results = []
        for typeahead in data.items:
--- a/spiffworkflow-backend/tests/spiffworkflow_backend/helpers/example_data.py
+++ b/spiffworkflow-backend/tests/spiffworkflow_backend/helpers/example_data.py
@ -49,7 +49,6 @@ class ExampleDataLoader:
        if bpmn_file_name:
            file_name_matcher = bpmn_file_name_with_extension
        # we need instance_path here for nox tests
        file_glob = os.path.join(
            current_app.instance_path,
            "..",
--- a/spiffworkflow-backend/tests/spiffworkflow_backend/integration/test_data_stores.py
+++ b/spiffworkflow-backend/tests/spiffworkflow_backend/integration/test_data_stores.py
@ -80,14 +80,17 @@ class TestDataStores(BaseTest):
            "/v1.0/data-stores/typeahead/albums?per_page=10", headers=self.logged_in_headers(with_super_admin_user)
        )
        expected_item_in_response = {
            "search_term": "A Vulgar Display Of Power",
            "year": 1992,
            "album": "A Vulgar Display Of Power",
            "artist": "Pantera",
        }
        assert response.json is not None
        assert len(response.json["results"]) == 10
        assert response.json["pagination"]["count"] == 10
        assert response.json["pagination"]["total"] == 76
        assert response.json["pagination"]["pages"] == 8
-        assert response.json["results"][0] == {
+
-            "search_term": "Mama Said Knock You Out",
+        assert expected_item_in_response in response.json["results"]
            "year": 1990,
            "album": "Mama Said Knock You Out",
            "artist": "LL Cool J",
        }