Forbidden Error (403) in Django Test Cases on GitHub Actions

I have a Django REST framework API application hosted on AWS ECS, using RDS. I am working on implementing CI/CD using GitHub Actions, where we need to include a test suite. The corresponding CI/CD implementation is as follows:

unit-tests:
runs-on: ubuntu-latest
environment: ${{ inputs.build_env }}
env:
  ENVIRON: ${{ secrets.ENVIRON }}
  PG_DB_NAME: ${{ secrets.POSTGRES_DB }}
  PG_DB_USER: ${{ secrets.POSTGRES_USER }}
  PG_DB_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
  PG_DB_HOST: ${{ secrets.POSTGRES_HOST }}
  PG_DB_PORT: ${{ secrets.POSTGRES_PORT }}
  SECRET_KEY: ${{ secrets.SECRET_KEY }}
steps:
  - name: Checkout repo
    uses: actions/checkout@v3
  - name: Setup Python
    uses: actions/setup-python@v2
    with:
      python-version: ${{ env.PYTHON_VERSION }}
  - name: Install dependencies
    run: |
      python3 -m pip install --upgrade -r requirements.txt
  - name: Configure AWS credentials
    uses: aws-actions/configure-aws-credentials@v1
    with:
      aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
      aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      aws-region: ${{ secrets.AWS_REGION }}
  - name: Run tests
    run: |
      cd ./myapp
      python3 manage.py test
      cd ..

And the unit test case is

class TestFirstEndpoint(SimpleTestCase):
    def setUp(self):
       self.client = APIClient(enforce_csrf_checks=False)

    def test_endpoint_no_valid_user(self):

        url = reverse('myapp:firstendpoint')
        response = self.client.post(url, {'userid':'testuser'}, format='json')
        `self.assertEqual(response.status_code, 404)

the corresponding endpoint view is

@api_view(["POST"])
@authentication_classes(
([utils_security.CsrfExemptSessionAuthentication, BasicAuthentication])
def first_endpoint_view(request):
    userid = request.data.get("userid", 'USER1')
    user = Mymodel.objects.filter(userid=userid)
    if user.exists():
        # do my job
        return Response({"message": "Work is done"}, status=status.HTTP_200_OK)
    else:
        return Response({"message": "User not found"}, status=status.HTTP_404_NOT_FOUND)

I can run the test suite locally successfully, but in the CI environment, I always get a 403 Forbidden error.

<HttpResponseForbidden status_code=403, "text/html; charset=utf-8">

I have tried disabling CSRF protection both in the middleware and at the unittest level, and I have allowed all hosts, but I am still facing the same issue. Can you suggest any troubleshooting steps

Вернуться на верх