Refac NASA service and test impl

[simlal]

No description provided.

[qodo-code-review]

Review Summary by Qodo

Refactor Lambda handler into modular architecture with service layer extraction

✨ Enhancement 🧪 Tests

Walkthroughs

Description

• Refactored Lambda handler into modular LambdaManager class
  - Separated concerns: initialization, validation, data fetching, cleanup
  - Improved error handling with custom exception classes
• Extracted custom exceptions to dedicated models/exceptions.py module
• Created NasaService for NASA API interactions
• Created MigrationRepository for database migration queries
• Improved response formatting with LambdaResponseFormatter utility class
• Added unit tests for Lambda handler and manager initialization
• Updated documentation with testing instructions and code review guidelines

Diagram

flowchart LR
  A["lambda_handler"] -->|creates| B["LambdaManager"]
  B -->|uses| C["SecretsManagerWrapper"]
  B -->|uses| D["NasaService"]
  B -->|uses| E["MigrationRepository"]
  D -->|calls| F["ExternalApiService"]
  E -->|queries| G["MysqlDriver"]
  B -->|formats response| H["LambdaResponseFormatter"]
  I["Custom Exceptions"] -->|imported by| B

Loading

File Changes

1. lambda_function.py ✨ Enhancement +170/-393

Refactored handler into modular LambdaManager class

lambda_function.py

---

2. models/exceptions.py ✨ Enhancement +40/-0

Extracted custom exceptions to dedicated module

models/exceptions.py

---

3. services/nasa.py ✨ Enhancement +47/-0

Created NASA API service wrapper

services/nasa.py

---

View more (11)

4. services/migrations.py ✨ Enhancement +41/-0

Created migration repository for database queries

services/migrations.py

---

5. tests/test_lambda_function.py 🧪 Tests +52/-0

Added unit tests for Lambda handler

tests/test_lambda_function.py

---

6. README.md 📝 Documentation +43/-0

Added testing and code review documentation

README.md

---

7. pyproject.toml Dependencies +1/-0

Added pytest dependency for testing

pyproject.toml

---

8. .coderabbit.yaml ⚙️ Configuration changes +4/-0

Added CodeRabbit configuration file

.coderabbit.yaml

---

9. .idea/aws-lambda-python-template.iml ⚙️ Configuration changes +9/-0

Added IntelliJ IDEA module configuration

.idea/aws-lambda-python-template.iml

---

10. .idea/misc.xml ⚙️ Configuration changes +9/-0

Added IntelliJ IDEA project settings

.idea/misc.xml

---

11. .idea/modules.xml ⚙️ Configuration changes +8/-0

Added IntelliJ IDEA modules configuration

.idea/modules.xml

---

12. .idea/vcs.xml ⚙️ Configuration changes +7/-0

Added IntelliJ IDEA version control configuration

.idea/vcs.xml

---

13. .pr_agent.toml ⚙️ Configuration changes +2/-0

Added PR Agent configuration file

.pr_agent.toml

---

14. tests/__init__.py Additional files +0/-0

...

tests/init.py

---

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 81a39122-0fe7-4820-b292-be4fd702ff65

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch gemini-improvements-test-ide-plugins-graphite-2

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (3) 📘 Rule violations (0) 📎 Requirement gaps (0)

1. Stacktrace leaked to clients 🐞 Bug ⛨ Security

Description

Error responses include a stacktrace based on settings.lambda_log_level, which defaults to DEBUG;
_configure_logging_from_secrets() updates only the logger, not settings, so stacktraces can be
exposed even when secrets set INFO. This is an information disclosure risk and also makes stacktrace
exposure hard to control at runtime.

Code

lambda_function.py[R80-82]

+        if settings.lambda_log_level == "DEBUG":
+            error_body["error"]["stacktrace"] = traceback.format_exc()

Evidence

LambdaResponseFormatter.error() adds traceback.format_exc() to the HTTP response when
settings.lambda_log_level is DEBUG. The settings default is DEBUG, and although the logger level
is updated from Secrets Manager, the settings.lambda_log_level value is never updated—so response
behavior can remain DEBUG even when runtime log level is set to INFO.

lambda_function.py[60-92]
utils/config.py[12-23]
lambda_function.py[156-162]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`LambdaResponseFormatter.error()` conditionally injects a stacktrace into the HTTP response using `settings.lambda_log_level == "DEBUG"`. Because `Settings.lambda_log_level` defaults to DEBUG and `_configure_logging_from_secrets()` only updates the logger (not `settings`), stacktraces can leak to clients even when Secrets Manager sets the runtime log level to INFO.

### Issue Context
This is both a security problem (information disclosure) and a runtime-control problem (response debug behavior does not follow secrets-driven logging configuration).

### Fix Focus Areas
- lambda_function.py[60-92]
- lambda_function.py[156-162]
- utils/config.py[12-23]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Unittest not in test mode 🐞 Bug ⛯ Reliability

Description

README recommends running tests via python -m unittest discover, but utils.config.is_testing
only detects pytest or TESTING=1. This mismatch can cause future unittest-based tests to run with
production-like settings (e.g., attempting real AWS/DB calls) unless every new code path is mocked.

Code

README.md[R46-62]

+## Testing
+
+This template uses `pytest` and `unittest` for testing.
+
+### Running Tests
+
+To run the unit tests:
+
+```bash
+uv run python -m unittest discover tests
+```
+
+Or if you prefer `pytest`:
+
+```bash
+uv run pytest
+```

Evidence

The repo’s documented unittest command does not set TESTING=1, and is_testing does not detect
unittest modules. As a result, unittest runs will use Settings() rather than
Settings(use_local_db=True), which increases the chance of non-hermetic tests (AWS/RDS access) as
the test suite grows.

README.md[46-62]
utils/config.py[8-23]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`utils/config.py` does not recognize `unittest` runs as a test environment, but README instructs running tests using `python -m unittest discover`. This can lead to tests running with production-like settings and accidentally attempting AWS Secrets Manager / RDS connections as the suite expands.

### Issue Context
Current tests mock the critical integrations, but the configuration mismatch is a footgun for future tests.

### Fix Focus Areas
- utils/config.py[8-23]
- README.md[46-62]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. Committed IDE project files 🐞 Bug ⛯ Reliability

Description

JetBrains .idea/* files were added to the repo, but .gitignore does not ignore .idea/, leading
to noisy diffs and frequent merge conflicts across environments. This reduces maintainability and
signal-to-noise in PRs.

Code

.idea/vcs.xml[R1-7]

+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="" vcs="Git" />
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>

Evidence

The PR adds IDE-specific project configuration under .idea/. The repo-level .gitignore has no
.idea/ rule, so these files will continue to be tracked and churn with local IDE changes.

.idea/vcs.xml[1-7]
.gitignore[1-20]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
IDE-specific `.idea/*` files are committed, but the repository `.gitignore` does not ignore `.idea/`. This commonly causes noisy diffs and merge conflicts.

### Issue Context
The PR introduces `.idea` project metadata files.

### Fix Focus Areas
- .gitignore[1-20]
- .idea/vcs.xml[1-7]
- .idea/modules.xml[1-8]
- .idea/misc.xml[1-9]
- .idea/aws-lambda-python-template.iml[1-9]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

[qodo-code-review]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Validate repo secrets

Failed stage: Preflight Check for Secrets [❌]

Failed test name: ""

Failure summary: The workflow failed during the “Secret validation check” step because required GitHub Actions secrets were not set in the repository aws-lambda-python-template. - Missing secrets: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION_NAME - The validation script detected these in MISSING_SECRETS and exited with code 1, stopping the job.

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 136: �[36;1m�[0m 137: �[36;1m# Secret validation check�[0m 138: �[36;1mif [ ${#MISSING_SECRETS[@]} -ne 0 ]; then�[0m 139: �[36;1m echo "One or more required secrets are missing: ${MISSING_SECRETS[@]}. Please set them before running the workflow."�[0m 140: �[36;1m exit 1�[0m 141: �[36;1melse�[0m 142: �[36;1m echo "✅ All required secrets are set. Proceeding..."�[0m 143: �[36;1mfi�[0m 144: shell: /usr/bin/bash -e {0} 145: ##[endgroup] 146: Validating GitHub Actions secrets in repo=aws-lambda-python-template 147: ❌ AWS_ACCESS_KEY_ID is missing 148: ❌ AWS_SECRET_ACCESS_KEY is missing 149: ❌ AWS_REGION_NAME is missing 150: One or more required secrets are missing: AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_REGION_NAME. Please set them before running the workflow. 151: ##[error]Process completed with exit code 1. 152: Post job cleanup.

[qodo-code-review]

1. Stacktrace leaked to clients 🐞 Bug ⛨ Security

Error responses include a stacktrace based on settings.lambda_log_level, which defaults to DEBUG;
_configure_logging_from_secrets() updates only the logger, not settings, so stacktraces can be
exposed even when secrets set INFO. This is an information disclosure risk and also makes stacktrace
exposure hard to control at runtime.

Agent Prompt

### Issue description
`LambdaResponseFormatter.error()` conditionally injects a stacktrace into the HTTP response using `settings.lambda_log_level == "DEBUG"`. Because `Settings.lambda_log_level` defaults to DEBUG and `_configure_logging_from_secrets()` only updates the logger (not `settings`), stacktraces can leak to clients even when Secrets Manager sets the runtime log level to INFO.

### Issue Context
This is both a security problem (information disclosure) and a runtime-control problem (response debug behavior does not follow secrets-driven logging configuration).

### Fix Focus Areas
- lambda_function.py[60-92]
- lambda_function.py[156-162]
- utils/config.py[12-23]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools