ci: Added ci/cd pipelines

Overview

This MR implements comprehensive CI/CD pipelines and automated pre-commit hooks to align this project with the engineering standards of ehrs-fastapi. The integration ensures code quality, security, and consistent developer workflow through automated linting, type-checking, and testing.

Changes

1. CI/CD Pipeline Configuration (.gitlab-ci.yml)

Implemented a multi-stage GitLab CI pipeline using uv for high-performance dependency management:

• Linting: Automated checks using Ruff, Vulture (Dead Code detection with 85% confidence), and Pyupgrade.
• Formatting: Enforces consistent code style with Ruff Format.
• Type Checking: Project-wide static analysis using Mypy (including app/ and tests/).
• Testing: Automated Pytest execution with coverage reporting (60% threshold).
• Security: Integrated GitLab Security templates for SAST, Secret Detection, and Dependency Scanning.

2. Pre-commit Hooks Configuration (.pre-commit-config.yaml)

Enforced local developer standards to prevent "broken" code from being committed:

• Semantic Commits: Integrated Commitizen to enforce the Conventional Commits (Angular) pattern.
• Static Analysis: Local triggers for Ruff, Mypy, and Bandit (Security).
• Local Validation: Local execution of Vulture and Pytest-cov to ensure quality before pushing.

3. Project Configuration Updates

• pyproject.toml: Updated Mypy settings to include the tests/ directory and refined exclusion patterns.
• requirements.txt: Added necessary development dependencies including vulture, pyupgrade, pytest-cov, and pytest-xdist.

How to use locally

To activate the new standards on your local machine, please run: Install new dev dependencies pip install -r requirements.txt

• Install the pre-commit hooks
• pre-commit install
• pre-commit install --hook-type commit-msg