encryption of data added

.github/workflows/tests_prod.yml

@@ -0,0 +1,35 @@
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.11"
+
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+        pip install pytest
+
+    - name: Update and encrypt-data for prod
+      run: python encryption.py  # or bash encrypt-data.sh
+
+    - name: Run tests
+      env:
+        PYTHONPATH: .
+        ENCRYPTION_KEY: ${{ secrets.TEST_ENCRYPTION_KEY }}
+      run: |
+        python -m pytest -v

README.md

@@ -14,4 +14,4 @@ short_description: a bot that answer questions about professional projets
 license: mit
 ---
 
-An example chatbot using [Gradio](https://gradio.app), [`huggingface_hub`](https://huggingface.co/docs/huggingface_hub/v0.22.2/en/index), and the [Hugging Face Inference API](https://huggingface.co/docs/api-inference/index).
+An chatbot with rag for curriculum vitae

data/encryption.py

@@ -0,0 +1,53 @@
+import os
+from cryptography.fernet import Fernet
+from tqdm import tqdm
+
+def get_key():
+    # Generate a key
+    key = Fernet.generate_key()
+
+    # Create a Fernet object using the key
+    fernet = Fernet(key)
+
+    return key, fernet
+
+def encrypt(fernet,paths:list):
+
+    for folder_data in paths:
+        print(os)
+
+        for file in os.listdir(folder_data):
+        
+            file_path = os.path.join(folder_data,file)
+                    
+            # Open the files to be encrypted in binary read mode
+            with open(file_path, 'rb') as f:
+                original = f.read()
+
+                # Encrypt the files content
+                encrypted = fernet.encrypt(original)
+
+                # Save the encrypted data
+                os.makedirs('data/encrypted_data', exist_ok=True)
+                with open(f'data/encrypted_data/{file}', 'wb') as f:
+                    f.write(encrypted)
+    return True
+
+def save_key(key):
+    # Load existing .env and save the key
+    with open(".env", "r") as f:
+        lines = f.readlines()
+        # insert secret at the end of existing doc
+        lines.insert(len(lines),f"\n\nsecret_key = '{key.decode()}'")
+
+    # Write back to file
+    with open(".env", "w") as f:
+        f.writelines(lines)
+
+    return True
+
+
+if __name__ == "__main__":
+    key, fernet = get_key()
+    encrypt(fernet,paths=["data/CV_competences","data/research_paper"])
+    save_key(key)

dockerfile

@@ -0,0 +1,25 @@
+FROM mcr.microsoft.com/devcontainers/python:1-3.11-bookworm
+
+WORKDIR /workspace
+
+COPY packages.txt* requirements.txt* ./
+
+RUN if [ -f packages.txt ]; then \
+    apt-get update && \
+    apt-get upgrade -y && \
+    xargs apt-get install -y < packages.txt && \
+    rm -rf /var/lib/apt/lists/*; \
+    fi
+
+RUN if [ -f requirements.txt ]; then \
+    pip3 install --user -r requirements.txt; \
+    fi && \
+    pip3 install --user streamlit
+
+COPY . .
+
+EXPOSE 8501
+
+HEALTHCHECK CMD curl --fail http://localhost:8501/_stcore/health || exit 1
+
+CMD ["streamlit", "run", "app/Welcome.py", "--server.enableCORS", "false", "--server.enableXsrfProtection", "false", "--server.port", "8501", "--server.address", "0.0.0.0"]

requirements.txt

@@ -1,2 +1,4 @@
 langchain-core
 gradio
+pytest-cov
+pytest

tests/test_encrypt_files.py

@@ -0,0 +1,399 @@
+import os
+import pytest
+import tempfile
+import shutil
+from pathlib import Path
+from cryptography.fernet import Fernet
+
+# Import the functions to test
+# Assuming the main file is named 'encryption.py'
+# from encryption import get_key, encrypt, save_key, decrypt, get_all_files
+
+
+# For testing purposes, include the functions here
+# In real scenario, import from the main module
+def get_key():
+    key = Fernet.generate_key()
+    fernet = Fernet(key)
+    return key, fernet
+
+
+def get_all_files(root_path: str = "./"):
+    files = []
+    for root, dirs, filenames in os.walk(root_path):
+        for filename in filenames:
+            file_path = os.path.join(root, filename)
+            files.append(file_path)
+    return files
+
+
+def encrypt(fernet, root_path: str = "./", output_dir: str = "./encrypted_data"):
+    try:
+        files = get_all_files(root_path)
+        if not files:
+            return False
+        
+        os.makedirs(output_dir, exist_ok=True)
+        
+        for file_path in files:
+            try:
+                with open(file_path, 'rb') as f:
+                    original = f.read()
+                encrypted = fernet.encrypt(original)
+                relative_path = os.path.relpath(file_path, root_path)
+                output_path = os.path.join(output_dir, relative_path)
+                os.makedirs(os.path.dirname(output_path), exist_ok=True)
+                with open(output_path, 'wb') as f:
+                    f.write(encrypted)
+            except Exception:
+                continue
+        return True
+    except Exception:
+        return False
+
+
+def save_key(key, env_path: str = ".env"):
+    try:
+        if os.path.exists(env_path):
+            with open(env_path, "r") as f:
+                lines = f.readlines()
+        else:
+            lines = []
+        
+        if lines and not lines[-1].endswith('\n'):
+            lines.append('\n')
+        lines.append(f"\nSECRET_KEY='{key.decode()}'\n")
+        
+        with open(env_path, "w") as f:
+            f.writelines(lines)
+        return True
+    except Exception:
+        return False
+
+
+def decrypt(fernet, encrypted_path: str, output_path: str):
+    try:
+        with open(encrypted_path, 'rb') as f:
+            encrypted = f.read()
+        decrypted = fernet.decrypt(encrypted)
+        os.makedirs(os.path.dirname(output_path), exist_ok=True)
+        with open(output_path, 'wb') as f:
+            f.write(decrypted)
+        return True
+    except Exception:
+        return False
+
+
+# ============================================================================
+# UNIT TESTS
+# ============================================================================
+
+class TestGetKey:
+    """Unit tests for get_key function"""
+    
+    def test_get_key_returns_tuple(self):
+        """Test that get_key returns a tuple"""
+        result = get_key()
+        assert isinstance(result, tuple)
+        assert len(result) == 2
+    
+    def test_get_key_returns_valid_key(self):
+        """Test that get_key returns valid Fernet key"""
+        key, fernet = get_key()
+        assert isinstance(key, bytes)
+        assert isinstance(fernet, Fernet)
+    
+    def test_key_can_encrypt_decrypt(self):
+        """Test that generated key can encrypt and decrypt"""
+        key, fernet = get_key()
+        message = b"Test message"
+        encrypted = fernet.encrypt(message)
+        decrypted = fernet.decrypt(encrypted)
+        assert decrypted == message
+    
+    def test_keys_are_unique(self):
+        """Test that each call generates a unique key"""
+        key1, _ = get_key()
+        key2, _ = get_key()
+        assert key1 != key2
+
+
+class TestGetAllFiles:
+    """Unit tests for get_all_files function"""
+    
+    @pytest.fixture
+    def temp_dir(self):
+        """Create temporary directory with test files"""
+        temp_dir = tempfile.mkdtemp()
+        
+        # Create test files
+        Path(temp_dir, "file1.txt").write_text("content1")
+        Path(temp_dir, "file2.txt").write_text("content2")
+        
+        # Create subdirectory with file
+        subdir = Path(temp_dir, "subdir")
+        subdir.mkdir()
+        Path(subdir, "file3.txt").write_text("content3")
+        
+        yield temp_dir
+        
+        # Cleanup
+        shutil.rmtree(temp_dir)
+    
+    def test_finds_all_files(self, temp_dir):
+        """Test that all files are found"""
+        files = get_all_files(temp_dir)
+        assert len(files) == 3
+    
+    def test_empty_directory(self):
+        """Test with empty directory"""
+        with tempfile.TemporaryDirectory() as temp_dir:
+            files = get_all_files(temp_dir)
+            assert files == []
+    
+    def test_returns_list(self, temp_dir):
+        """Test that function returns a list"""
+        files = get_all_files(temp_dir)
+        assert isinstance(files, list)
+
+
+class TestSaveKey:
+    """Unit tests for save_key function"""
+    
+    @pytest.fixture
+    def temp_env_file(self):
+        """Create temporary .env file"""
+        fd, path = tempfile.mkstemp(suffix=".env")
+        os.close(fd)
+        yield path
+        if os.path.exists(path):
+            os.remove(path)
+    
+    def test_save_key_creates_file(self, temp_env_file):
+        """Test that save_key creates .env file"""
+        os.remove(temp_env_file)  # Remove to test creation
+        key, _ = get_key()
+        result = save_key(key, temp_env_file)
+        assert result is True
+        assert os.path.exists(temp_env_file)
+    
+    def test_save_key_appends_to_existing(self, temp_env_file):
+        """Test that save_key appends to existing file"""
+        # Write initial content
+        with open(temp_env_file, "w") as f:
+            f.write("EXISTING_VAR=value\n")
+        
+        key, _ = get_key()
+        save_key(key, temp_env_file)
+        
+        with open(temp_env_file, "r") as f:
+            content = f.read()
+        
+        assert "EXISTING_VAR=value" in content
+        assert "SECRET_KEY=" in content
+    
+    def test_saved_key_format(self, temp_env_file):
+        """Test that saved key has correct format"""
+        key, _ = get_key()
+        save_key(key, temp_env_file)
+        
+        with open(temp_env_file, "r") as f:
+            content = f.read()
+        
+        assert f"SECRET_KEY='{key.decode()}'" in content
+
+
+class TestDecrypt:
+    """Unit tests for decrypt function"""
+    
+    @pytest.fixture
+    def encrypted_file(self):
+        """Create temporary encrypted file"""
+        key, fernet = get_key()
+        fd, path = tempfile.mkstemp()
+        
+        content = b"Test content to encrypt"
+        encrypted = fernet.encrypt(content)
+        
+        with os.fdopen(fd, 'wb') as f:
+            f.write(encrypted)
+        
+        yield path, fernet, content
+        
+        if os.path.exists(path):
+            os.remove(path)
+    
+    def test_decrypt_success(self, encrypted_file):
+        """Test successful decryption"""
+        encrypted_path, fernet, original_content = encrypted_file
+        
+        with tempfile.NamedTemporaryFile(delete=False) as output:
+            output_path = output.name
+        
+        try:
+            result = decrypt(fernet, encrypted_path, output_path)
+            assert result is True
+            
+            with open(output_path, 'rb') as f:
+                decrypted = f.read()
+            
+            assert decrypted == original_content
+        finally:
+            if os.path.exists(output_path):
+                os.remove(output_path)
+    
+    def test_decrypt_wrong_key(self, encrypted_file):
+        """Test decryption with wrong key fails"""
+        encrypted_path, _, _ = encrypted_file
+        _, wrong_fernet = get_key()  # Different key
+        
+        with tempfile.NamedTemporaryFile(delete=False) as output:
+            output_path = output.name
+        
+        try:
+            result = decrypt(wrong_fernet, encrypted_path, output_path)
+            assert result is False
+        finally:
+            if os.path.exists(output_path):
+                os.remove(output_path)
+
+
+# ============================================================================
+# INTEGRATION TESTS
+# ============================================================================
+
+class TestEncryptionWorkflow:
+    """Integration tests for complete encryption workflow"""
+    
+    @pytest.fixture
+    def test_environment(self):
+        """Create complete test environment"""
+        # Create temporary directories
+        source_dir = tempfile.mkdtemp()
+        output_dir = tempfile.mkdtemp()
+        env_file = tempfile.NamedTemporaryFile(delete=False, suffix=".env")
+        env_file.close()
+        
+        # Create test files
+        Path(source_dir, "test1.txt").write_text("Content 1")
+        Path(source_dir, "test2.csv").write_text("a,b,c\n1,2,3")
+        
+        subdir = Path(source_dir, "subdir")
+        subdir.mkdir()
+        Path(subdir, "test3.json").write_text('{"key": "value"}')
+        
+        yield source_dir, output_dir, env_file.name
+        
+        # Cleanup
+        shutil.rmtree(source_dir, ignore_errors=True)
+        shutil.rmtree(output_dir, ignore_errors=True)
+        if os.path.exists(env_file.name):
+            os.remove(env_file.name)
+    
+    def test_full_encryption_workflow(self, test_environment):
+        """Test complete encryption workflow"""
+        source_dir, output_dir, env_file = test_environment
+        
+        # Generate key
+        key, fernet = get_key()
+        
+        # Encrypt files
+        result = encrypt(fernet, source_dir, output_dir)
+        assert result is True
+        
+        # Verify encrypted files exist
+        encrypted_files = get_all_files(output_dir)
+        assert len(encrypted_files) == 3
+        
+        # Save key
+        result = save_key(key, env_file)
+        assert result is True
+        
+        # Verify key was saved
+        with open(env_file, "r") as f:
+            content = f.read()
+        assert "SECRET_KEY=" in content
+    
+    def test_encrypt_decrypt_roundtrip(self, test_environment):
+        """Test that files can be encrypted and then decrypted"""
+        source_dir, output_dir, _ = test_environment
+        
+        # Generate key
+        key, fernet = get_key()
+        
+        # Encrypt
+        encrypt(fernet, source_dir, output_dir)
+        
+        # Decrypt one file
+        encrypted_file = os.path.join(output_dir, "test1.txt")
+        decrypted_dir = tempfile.mkdtemp()
+        decrypted_file = os.path.join(decrypted_dir, "test1.txt")
+        
+        try:
+            decrypt(fernet, encrypted_file, decrypted_file)
+            
+            # Verify content matches original
+            with open(decrypted_file, 'r') as f:
+                content = f.read()
+            assert content == "Content 1"
+        finally:
+            shutil.rmtree(decrypted_dir, ignore_errors=True)
+    
+    def test_preserves_directory_structure(self, test_environment):
+        """Test that directory structure is preserved"""
+        source_dir, output_dir, _ = test_environment
+        
+        key, fernet = get_key()
+        encrypt(fernet, source_dir, output_dir)
+        
+        # Check that subdirectory exists
+        encrypted_subdir_file = os.path.join(output_dir, "subdir", "test3.json")
+        assert os.path.exists(encrypted_subdir_file)
+    
+    def test_empty_directory_handling(self):
+        """Test handling of empty directory"""
+        with tempfile.TemporaryDirectory() as source_dir:
+            with tempfile.TemporaryDirectory() as output_dir:
+                key, fernet = get_key()
+                result = encrypt(fernet, source_dir, output_dir)
+                assert result is False
+
+
+# ============================================================================
+# PARAMETRIZED TESTS
+# ============================================================================
+
+class TestEncryptionWithDifferentFileTypes:
+    """Test encryption with various file types"""
+    
+    @pytest.mark.parametrize("filename,content", [
+        ("test.txt", b"Plain text content"),
+        ("test.json", b'{"key": "value"}'),
+        ("test.csv", b"a,b,c\n1,2,3"),
+        ("test.bin", bytes(range(256))),
+        ("test.pdf", b"%PDF-1.4\n%\xe2\xe3\xcf\xd3"),
+    ])
+    def test_encrypt_different_file_types(self, filename, content):
+        """Test encryption of different file types"""
+        with tempfile.TemporaryDirectory() as source_dir:
+            with tempfile.TemporaryDirectory() as output_dir:
+                # Create test file
+                file_path = Path(source_dir, filename)
+                file_path.write_bytes(content)
+                
+                # Encrypt
+                key, fernet = get_key()
+                result = encrypt(fernet, source_dir, output_dir)
+                assert result is True
+                
+                # Verify encrypted file exists
+                encrypted_path = Path(output_dir, filename)
+                assert encrypted_path.exists()
+                
+                # Verify content is different (encrypted)
+                encrypted_content = encrypted_path.read_bytes()
+                assert encrypted_content != content
+
+
+if __name__ == "__main__":
+    pytest.main([__file__, "-v", "--tb=short"])