feat: wire Gmail SMTP notifications with app password

Replaced the Gmail API (OAuth2) notification delivery with plain SMTP using a Gmail app password. Much simpler setup — no Google Cloud project, no OAuth2 flow, no extra dependencies. - Rewrote _send_gmail() to use smtplib with smtp.gmail.com:587 TLS - Added stonks-gmail-secrets to Helm chart (GMAIL_SENDER, GMAIL_RECIPIENT, GMAIL_APP_PASSWORD) - Added gmail secret to trading-engine deployment - Updated runmefirst.sh to read gmail.app from kube dir - Sender/recipient: celes@celestium.life
2026-04-16 02:37:40 +00:00
parent 9aae57f3e1
commit c4666c071b
4 changed files with 90 additions and 61 deletions
@@ -49,3 +49,16 @@ stringData:
  {{- range $key, $val := .Values.secrets.dashboard }}
  {{ $key }}: {{ $val | quote }}
  {{- end }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: stonks-gmail-secrets
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "stonks.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+  {{- range $key, $val := .Values.secrets.gmail }}
+  {{ $key }}: {{ $val | quote }}
+  {{- end }}
@@ -97,7 +97,7 @@ services:
    command: "uvicorn services.trading.app:app --host 0.0.0.0 --port 8000"
    tier: trading
    port: 8000
-    secrets: [stonks-core-secrets, stonks-broker-secrets]
+    secrets: [stonks-core-secrets, stonks-broker-secrets, stonks-gmail-secrets]
    resources:
      requests: { cpu: 100m, memory: 256Mi }
      limits: { cpu: 500m, memory: 512Mi }
@@ -226,6 +226,10 @@ secrets:
    BROKER_BASE_URL: "https://paper-api.alpaca.markets"
  market:
    MARKET_DATA_API_KEY: ""
+  gmail:
+    GMAIL_SENDER: "celes@celestium.life"
+    GMAIL_RECIPIENT: "celes@celestium.life"
+    GMAIL_APP_PASSWORD: ""
  dashboard:
    SUPERSET_SECRET_KEY: ""
    SUPERSET_ADMIN_PASSWORD: ""