fix: Comprehensive test fixes after PYTHONPATH removal from Makefile

.github/workflows/01-lint.yml

@@ -1,6 +1,6 @@
 name: Lint & Static Analysis
 
-# This workflow uses tool versions and configurations from backend/pyproject.toml
+# This workflow uses tool versions and configurations from pyproject.toml (project root)
 # All linting tools (Ruff, MyPy, Pylint, Pydocstyle) reference pyproject.toml as single source of truth
 # Tool versions: Ruff ^0.14.0, MyPy ^1.15.0, Pylint ^3.3.8, Pydocstyle ^6.3.0
 
@@ -119,48 +119,44 @@
             blocking: true
             cmd: |
               pip install toml
-              python -c "import toml; toml.load(open('backend/pyproject.toml'))"
+              python -c "import toml; toml.load(open('pyproject.toml'))"
 
           # Python backend linting (blocking) - Check ALL backend Python files
           - id: ruff
             name: "Ruff (Lint + Format)"
-            working-directory: backend
             blocking: true
             cmd: |
               pip install poetry
               poetry install --only dev
               echo "Running Ruff linting..."
-              poetry run ruff check . --config pyproject.toml
+              poetry run ruff check backend --config pyproject.toml
               echo "Running Ruff formatting check..."
-              poetry run ruff format --check . --config pyproject.toml
+              poetry run ruff format --check backend --config pyproject.toml
 
           # Python type/quality checking (non-blocking / informational)
           - id: mypy
             name: "MyPy Type Check (Informational)"
-            working-directory: backend
             blocking: false
             cmd: |
               pip install poetry
               poetry install --only dev
-              poetry run mypy . --config-file pyproject.toml --ignore-missing-imports --show-error-codes || true
+              poetry run mypy backend --config-file pyproject.toml --ignore-missing-imports --show-error-codes || true
 
           - id: pylint
             name: "Pylint Quality (Informational)"
-            working-directory: backend
             blocking: false
             cmd: |
               pip install poetry
               poetry install --only dev
-              poetry run pylint rag_solution/ vectordbs/ core/ auth/ --rcfile=pyproject.toml || true
+              poetry run pylint backend/rag_solution/ backend/vectordbs/ backend/core/ backend/auth/ --rcfile=pyproject.toml || true
 
           - id: pydocstyle
             name: "Docstring Style (Informational)"
-            working-directory: backend
             blocking: false
             cmd: |
               pip install poetry
               poetry install --only dev
-              poetry run pydocstyle rag_solution/ vectordbs/ core/ auth/ --config=pyproject.toml --count || true
+              poetry run pydocstyle backend/rag_solution/ backend/vectordbs/ backend/core/ backend/auth/ --config=pyproject.toml --count || true
 
     name: ${{ matrix.name }}
 

.github/workflows/03-build-secure.yml

@@ -34,7 +34,7 @@ jobs:
         include:
           - service: backend
             dockerfile: backend/Dockerfile.backend
-            context: backend
+            context: .
             image_name: rag-modulo-backend
             ghcr_image: ghcr.io/manavgup/rag_modulo/backend
           - service: frontend

.github/workflows/04-pytest.yml

@@ -77,20 +77,20 @@ jobs:
         uses: actions/cache@v4
         with:
           path: ~/.cache/pypoetry
-          key: ${{ runner.os }}-poetry-${{ hashFiles('backend/poetry.lock') }}
+          key: ${{ runner.os }}-poetry-${{ hashFiles('poetry.lock') }}
           restore-keys: |
             ${{ runner.os }}-poetry-
 
       # 5️⃣ Install Python dependencies
       - name: 📥 Install dependencies
-        run: cd backend && poetry install --with dev,test
+        run: poetry install --with dev,test
 
       # 6️⃣ Run unit/atomic tests with coverage
       - name: 🧪 Run unit tests with coverage
         run: |
-          # Run from backend directory using poetry, but test from project root
-          cd backend && poetry run pytest ../tests/ -m "unit or atomic" \
-            --cov=rag_solution \
+          # Run from project root using poetry
+          poetry run pytest tests/unit/ \
+            --cov=backend/rag_solution \
             --cov-report=term-missing \
             --cov-report=html \
             --tb=short \

.github/workflows/05-ci.yml

@@ -49,7 +49,7 @@ jobs:
           timeout_minutes: 10
           max_attempts: 3
           retry_wait_seconds: 30
-          command: cd backend && poetry install --with dev,test
+          command: poetry install --with dev,test
 
       - name: Run test isolation checker
         run: |
@@ -72,10 +72,10 @@ jobs:
     env:
       # Essential environment variables for current atomic tests
       # TODO: Remove these once issue #172 (test isolation) is fixed
-      JWT_SECRET_KEY: test-secret-key-for-ci
+      JWT_SECRET_KEY: test-secret-key-for-ci  # pragma: allowlist secret
       RAG_LLM: openai
       WATSONX_INSTANCE_ID: test-instance-id
-      WATSONX_APIKEY: test-api-key
+      WATSONX_APIKEY: test-api-key  # pragma: allowlist secret
       WATSONX_URL: https://test.watsonx.com
       # Additional variables needed by tests
       VECTOR_DB: milvus
@@ -97,7 +97,7 @@ jobs:
           path: |
             ~/.cache/pypoetry
             backend/.venv
-          key: ${{ runner.os }}-poetry-${{ hashFiles('backend/poetry.lock') }}
+          key: ${{ runner.os }}-poetry-${{ hashFiles('poetry.lock') }}
           restore-keys: |
             ${{ runner.os }}-poetry-
 
@@ -108,7 +108,6 @@ jobs:
           max_attempts: 3
           retry_wait_seconds: 30
           command: |
-            cd backend
             pip install poetry
             poetry config virtualenvs.in-project true
             # Regenerate lock file to ensure sync

.github/workflows/makefile-testing.yml

@@ -32,7 +32,6 @@ jobs:
 
       - name: Install dependencies
         run: |
-          cd backend
           poetry install --with test
 
       - name: Set up Docker Buildx
@@ -41,7 +40,7 @@ jobs:
       - name: Test Makefile targets directly
         run: |
           echo "Running direct Makefile tests..."
-          cd backend && poetry run pytest ../tests/test_makefile_targets_direct.py -v
+          poetry run pytest tests/test_makefile_targets_direct.py -v
 
       - name: Test make help
         run: |

.github/workflows/poetry-lock-check.yml

@@ -6,13 +6,13 @@ name: Poetry Lock Validation
 on:
   pull_request:
     paths:
-      - 'backend/pyproject.toml'
-      - 'backend/poetry.lock'
+      - 'pyproject.toml'
+      - 'poetry.lock'
   push:
     branches: [main, develop]
     paths:
-      - 'backend/pyproject.toml'
-      - 'backend/poetry.lock'
+      - 'pyproject.toml'
+      - 'poetry.lock'
 
 permissions:
   contents: read
@@ -37,7 +37,6 @@ jobs:
 
       - name: Validate poetry.lock is in sync
         run: |
-          cd backend
           echo "🔍 Checking if poetry.lock is in sync with pyproject.toml..."
 
           if poetry check --lock; then
@@ -50,18 +49,16 @@ jobs:
             echo "but poetry.lock was not regenerated."
             echo ""
             echo "To fix this:"
-            echo "  1. cd backend"
-            echo "  2. poetry lock"
-            echo "  3. git add poetry.lock"
-            echo "  4. git commit -m 'chore: update poetry.lock'"
-            echo "  5. git push"
+            echo "  1. poetry lock"
+            echo "  2. git add poetry.lock"
+            echo "  3. git commit -m 'chore: update poetry.lock'"
+            echo "  4. git push"
             echo ""
             exit 1
           fi
 
       - name: Check for dependency conflicts
         run: |
-          cd backend
           echo "🔍 Checking for dependency conflicts..."
           poetry check
           echo "✅ No dependency conflicts detected"

.markdownlint.json

@@ -0,0 +1,15 @@
+{
+  "default": true,
+  "MD013": {
+    "line_length": 120,
+    "code_blocks": false,
+    "tables": false
+  },
+  "MD024": {
+    "siblings_only": true
+  },
+  "MD025": false,
+  "MD033": false,
+  "MD036": false,
+  "MD040": false
+}

.pre-commit-config.yaml

@@ -52,28 +52,31 @@ repos:
         args: [--baseline .secrets.baseline]
 
   # Python hooks - must match CI configuration exactly
-  # CI runs from backend/ with: poetry run ruff check . --config pyproject.toml
-  # CI runs from backend/ with: poetry run ruff format --check . --config pyproject.toml
+  # Poetry moved to root (October 2025) - pyproject.toml now at root level
+  # CI runs from root with: poetry run ruff check backend/ --config pyproject.toml
   - repo: https://github.com/astral-sh/ruff-pre-commit
     rev: v0.14.0
     hooks:
       - id: ruff
         name: Ruff linting (matches CI)
         files: ^backend/
-        args: [--fix, --config=backend/pyproject.toml]
+        args: [--fix, --config=pyproject.toml]
       - id: ruff-format
         name: Ruff formatting (matches CI)
         files: ^backend/
-        args: [--config=backend/pyproject.toml]
+        args: [--config=pyproject.toml]
 
-  # Poetry lock file validation
+  # Poetry lock file validation (Poetry moved to root in October 2025)
   - repo: local
     hooks:
       - id: poetry-lock-check
         name: Check poetry.lock is in sync with pyproject.toml
-        entry: bash -c 'cd backend && poetry check --lock || (echo "❌ poetry.lock is out of sync. Run - cd backend && poetry lock" && exit 1)'
+        entry: bash
+        args:
+          - -c
+          - "poetry check --lock || (echo 'poetry.lock is out of sync. Run: poetry lock' && exit 1)"
         language: system
-        files: ^backend/(pyproject\.toml|poetry\.lock)$
+        files: ^(pyproject\.toml|poetry\.lock)$
         pass_filenames: false
 
   # Python test hooks (run on push for velocity optimization)
@@ -110,7 +113,7 @@ repos:
     rev: v0.35.0
     hooks:
       - id: markdownlint
-        args: [--fix]
+        args: [--fix, --config, .markdownlint.json]
 
   # Commit message hooks
   - repo: https://github.com/commitizen-tools/commitizen