[NX-501 Issue] Replace GitHub Actions postgres service with Docker container.

The PostgreSQL service in the GitHub Actions workflow was replaced by a Docker container for better control and flexibility. Additional steps were added to manage the container lifecycle, including starting, logging, and cleaning up. Also, updated the app version from 0.2.4 to 0.2.5.

.github/workflows/container-cve-scan-development.yml

@@ -55,50 +55,6 @@ jobs:
           provenance: false
           sbom: false
 
-      - name: Trivy scan (backend)
-        uses: aquasecurity/trivy-action@0.24.0
-        with:
-          image-ref: nexapg-backend:dev-scan
-          format: json
-          output: trivy-backend.json
-          severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
-          ignore-unfixed: false
-          exit-code: 0
-
-      - name: Trivy scan (frontend)
-        uses: aquasecurity/trivy-action@0.24.0
-        with:
-          image-ref: nexapg-frontend:dev-scan
-          format: json
-          output: trivy-frontend.json
-          severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
-          ignore-unfixed: false
-          exit-code: 0
-
-      - name: Summarize Trivy severities
-        run: |
-          python - <<'PY'
-          import json
-          from collections import Counter
-          
-          def summarize(path):
-              c = Counter()
-              with open(path, "r", encoding="utf-8") as f:
-                  data = json.load(f)
-              for result in data.get("Results", []):
-                  for v in result.get("Vulnerabilities", []) or []:
-                      c[v.get("Severity", "UNKNOWN")] += 1
-              for sev in ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]:
-                  c.setdefault(sev, 0)
-              return c
-          
-          for label, path in [("backend", "trivy-backend.json"), ("frontend", "trivy-frontend.json")]:
-              s = summarize(path)
-              print(f"===== Trivy {label} =====")
-              print(f"CRITICAL={s['CRITICAL']} HIGH={s['HIGH']} MEDIUM={s['MEDIUM']} LOW={s['LOW']} UNKNOWN={s['UNKNOWN']}")
-              print()
-          PY
-
       - name: Docker Scout scan (backend)
         continue-on-error: true
         run: |
@@ -152,7 +108,5 @@ jobs:
         with:
           name: container-cve-scan-reports
           path: |
-            trivy-backend.json
-            trivy-frontend.json
             scout-backend.txt
             scout-frontend.txt

.github/workflows/e2e-api-smoke.yml

@@ -17,21 +17,6 @@ jobs:
     name: Core API E2E Smoke
     runs-on: ubuntu-latest
 
-    services:
-      postgres:
-        image: postgres:16
-        env:
-          POSTGRES_DB: nexapg
-          POSTGRES_USER: nexapg
-          POSTGRES_PASSWORD: nexapg
-        ports:
-          - 5432:5432
-        options: >-
-          --health-cmd "pg_isready -U nexapg -d nexapg"
-          --health-interval 5s
-          --health-timeout 5s
-          --health-retries 20
-
     env:
       APP_NAME: NexaPG Monitor
       ENVIRONMENT: test
@@ -62,12 +47,55 @@ jobs:
         with:
           python-version: "3.13"
 
+      - name: Start PostgreSQL container
+        run: |
+          docker rm -f nexapg-e2e-pg >/dev/null 2>&1 || true
+          docker run -d \
+            --name nexapg-e2e-pg \
+            -e POSTGRES_DB=nexapg \
+            -e POSTGRES_USER=nexapg \
+            -e POSTGRES_PASSWORD=nexapg \
+            -p 5432:5432 \
+            postgres:16
+
       - name: Install backend dependencies + test tooling
         run: |
           python -m pip install --upgrade pip
           pip install -r backend/requirements.txt
           pip install pytest
 
+      - name: Wait for PostgreSQL service
+        run: |
+          python - <<'PY'
+          import asyncio
+          import asyncpg
+
+          async def wait_for_db():
+              dsn = "postgresql://nexapg:nexapg@127.0.0.1:5432/nexapg?sslmode=disable"
+              last_err = None
+              for attempt in range(1, 61):
+                  try:
+                      conn = await asyncpg.connect(dsn=dsn, timeout=3)
+                      try:
+                          await conn.execute("SELECT 1")
+                      finally:
+                          await conn.close()
+                      print(f"PostgreSQL ready after {attempt} attempt(s).")
+                      return
+                  except Exception as exc:
+                      last_err = exc
+                      await asyncio.sleep(2)
+              raise RuntimeError(f"PostgreSQL not ready after retries: {last_err}")
+
+          asyncio.run(wait_for_db())
+          PY
+
+      - name: Show PostgreSQL container status
+        if: ${{ always() }}
+        run: |
+          docker ps -a --filter "name=nexapg-e2e-pg"
+          docker logs --tail=80 nexapg-e2e-pg || true
+
       - name: Run Alembic migrations
         working-directory: backend
         run: alembic upgrade head
@@ -76,3 +104,7 @@ jobs:
         env:
           PYTHONPATH: backend
         run: pytest -q backend/tests/e2e/test_api_smoke.py
+
+      - name: Cleanup PostgreSQL container
+        if: ${{ always() }}
+        run: docker rm -f nexapg-e2e-pg >/dev/null 2>&1 || true

backend/app/core/config.py

@@ -2,7 +2,7 @@ from functools import lru_cache
 from pydantic import field_validator
 from pydantic_settings import BaseSettings, SettingsConfigDict
 
-NEXAPG_VERSION = "0.2.4"
+NEXAPG_VERSION = "0.2.5"
 
 
 class Settings(BaseSettings):