admin/stonks-oracle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
395 Commits 1 Branch 1 Tag
2ab52afc73a104e428a3d27b4d41391d99ce2537
Commit Graph

33 Commits

Author SHA1 Message Date
Celes Renata 1aae36382c fix: point WOODPECKER_GITEA_URL to external https://git.celestium.life
Build and Push / lint-and-test (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.adapters.broker_adapter name:broker-adapter]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.aggregation.worker name:aggregation]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.extractor.worker name:extractor]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.ingestion.worker name:ingestion]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.lake_publisher.worker name:lake-publisher]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.parser.worker name:parser]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.recommendation.worker name:recommendation]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.scheduler.app name:scheduler]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.api.app:app --host 0.0.0.0 --port 8000 name:query-api]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.risk.app:app --host 0.0.0.0 --port 8000 name:risk]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.symbol_registry.app:app --host 0.0.0.0 --port 8000 name:symbol-registry]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.trading.app:app --host 0.0.0.0 --port 8000 name:trading-engine]) (push) Has been cancelled
Details
Build and Push / build-dashboard (push) Has been cancelled
Details
Build and Push / build-superset (push) Has been cancelled
Details
Build and Push / integration-test (push) Has been cancelled
Details
Build and Push / beta-gate (push) Has been cancelled
Details
2026-04-28 14:36:48 +00:00
Celes Renata 98bbec9b8d fix: set Gitea ROOT_URL to external domain, update Woodpecker OAuth2 credentials
Build and Push / lint-and-test (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.adapters.broker_adapter name:broker-adapter]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.aggregation.worker name:aggregation]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.extractor.worker name:extractor]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.ingestion.worker name:ingestion]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.lake_publisher.worker name:lake-publisher]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.parser.worker name:parser]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.recommendation.worker name:recommendation]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.scheduler.app name:scheduler]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.api.app:app --host 0.0.0.0 --port 8000 name:query-api]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.risk.app:app --host 0.0.0.0 --port 8000 name:risk]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.symbol_registry.app:app --host 0.0.0.0 --port 8000 name:symbol-registry]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.trading.app:app --host 0.0.0.0 --port 8000 name:trading-engine]) (push) Has been cancelled
Details
Build and Push / build-dashboard (push) Has been cancelled
Details
Build and Push / build-superset (push) Has been cancelled
Details
Build and Push / integration-test (push) Has been cancelled
Details
Build and Push / beta-gate (push) Has been cancelled
Details
2026-04-28 14:34:43 +00:00
Celes Renata 24db0e97f6 feat: add Gitea NFS PV, declarative deployment, and wire into runmefirst.sh
Build and Push / lint-and-test (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.adapters.broker_adapter name:broker-adapter]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.aggregation.worker name:aggregation]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.extractor.worker name:extractor]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.ingestion.worker name:ingestion]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.lake_publisher.worker name:lake-publisher]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.parser.worker name:parser]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.recommendation.worker name:recommendation]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:python -m services.scheduler.app name:scheduler]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.api.app:app --host 0.0.0.0 --port 8000 name:query-api]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.risk.app:app --host 0.0.0.0 --port 8000 name:risk]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.symbol_registry.app:app --host 0.0.0.0 --port 8000 name:symbol-registry]) (push) Has been cancelled
Details
Build and Push / build-services (map[cmd:uvicorn services.trading.app:app --host 0.0.0.0 --port 8000 name:trading-engine]) (push) Has been cancelled
Details
Build and Push / build-dashboard (push) Has been cancelled
Details
Build and Push / build-superset (push) Has been cancelled
Details
Build and Push / integration-test (push) Has been cancelled
Details
Build and Push / beta-gate (push) Has been cancelled
Details
2026-04-28 14:29:58 +00:00
Celes Renata 88ad1e8d99 feat: comprehensive docs, unit tests, docker-compose app services 
- Add scheduler and ingestion unit tests (test_scheduler_unit.py, test_ingestion_unit.py)
- Add all 13 app services + dashboard to docker-compose.yml
- Add full documentation suite: API reference, Helm reference, Docker deployment guide,
  3 architecture diagrams (K8s, Docker Compose, data pipeline), AI agent guide,
  backup/restore guide, observability/metrics reference, per-service docs
- Add intelligence pipeline deep-dive docs with Mermaid diagrams
- Update README with documentation index and links
- Add specs for comprehensive-quality-docs, intelligence-pipeline-deep-dive,
  sanitized-pipeline-docs
 2026-04-22 02:56:41 +00:00
Celes Renata 68a675da3a fix: remove ignoreDifferences on Secrets for beta and paper ArgoCD apps 2026-04-21 06:29:43 +00:00
Celes Renata 390cb0b4bf fix: remove proxy injection from build pods 
SSL filtering is off on the proxy. The proxy env vars were causing
Docker login failures (proxy intercepting Harbor auth) and pip hash
mismatches (proxy caching stale packages). Keep only the CA cert
mount for any remaining TLS needs.
 2026-04-21 04:02:23 +00:00
Celes Renata b0e64bf90f fix: add .celestium.life to NO_PROXY in Kyverno build pod policy 
The Kyverno policy injected HTTP_PROXY into build pods but NO_PROXY
was missing .celestium.life. Docker login to registry.celestium.life
was going through the Squid proxy which does SSL interception,
causing auth failures.
 2026-04-21 02:55:46 +00:00
Celes Renata 7efdddd794 fix: bake Woodpecker OAuth2 + agent secret into Helm values 
Permanent fix for cluster rebuilds:
- OAuth2 client_id/secret baked into woodpecker/values.yaml
- WOODPECKER_AGENT_SECRET shared between server and agents
- runmefirst.sh uses baked creds if present, creates fresh ones only
  if values.yaml still has placeholders
- Agents survive DB wipes since they auth via shared secret
 2026-04-21 02:12:58 +00:00
Celes Renata be526ae614 feat: pipeline on/off toggle with per-stage Helm control 
- Added pipelineEnabled flag to Helm values (default: true)
- Worker services (scheduler, ingestion, parser, extractor, aggregation,
  recommendation, broker-adapter, lake-publisher) scale to 0 when disabled
- API services always run regardless of toggle
- Redis-based runtime toggle: POST /api/ops/pipeline/toggle
- Scheduler checks the flag before each cycle
- Frontend: green/red Pipeline ON/OFF button on the pipeline page
- Beta defaults to pipelineEnabled: false
- Base values.yaml: blanked external URLs (Ollama, Polygon, Alpaca)
  so stages only connect to what they explicitly configure
 2026-04-21 00:21:53 +00:00
Celes Renata 48fed18078 feat: per-stage PostgreSQL users for database isolation (stonks_beta, stonks_paper) 2026-04-19 23:17:22 +00:00
Celes Renata 021efba294 feat: auto-run migrations via psql init container on scheduler startup 2026-04-19 22:37:50 +00:00
Celes Renata 5c63264393 feat: stage-isolated infrastructure — separate Postgres DBs, Redis DBs, and MinIO bucket prefixes per stage 2026-04-19 22:20:03 +00:00
Celes Renata 651ef838ce fix: add Argo Rollouts install, secrets seeding, and Kargo admin password fix to runmefirst.sh 2026-04-19 21:58:48 +00:00
Celes Renata 4425a023d9 fix: use correct argocd-update sources schema to pin image SHA tags 2026-04-19 21:16:31 +00:00
Celes Renata e5ed2c21a3 fix: pin image SHA tags in Kargo promotions, 1min warehouse poll, auto-promote paper 2026-04-19 20:54:02 +00:00
Celes Renata dbd9e74784 fix: add ignoreDifferences for secrets in ArgoCD apps, fix warehouse strategy and Kargo auth annotations 2026-04-19 20:27:31 +00:00
Celes Renata 014ffa2fd2 fix: Kargo promotion pipeline — add AnalysisRun CRD, fix warehouse image strategy, add authorized-stage annotations, remove proxy from ArgoCD 2026-04-19 20:08:46 +00:00
Celes Renata 4ebf75134f ci: clear proxy env in minio-bucket-init, capture seed pod logs on failure 2026-04-19 08:55:52 +00:00
Celes Renata 911e42996b fix: use HARBOR_USERNAME secret in CI, add idempotent Harbor API setup to deploy script 
- GitHub Actions: login with secrets.HARBOR_USERNAME + HARBOR_PASSWORD
- deploy.sh step 7: creates stonks-oracle project, robot account, tag retention
- All API calls are idempotent (safe to re-run)
 2026-04-19 07:45:58 +00:00
Celes Renata 2d40d70975 ci: remove remaining ghcr-credentials from inttest seed/minio pod overrides 2026-04-19 06:45:46 +00:00
Celes Renata dad9b46fa2 ci: pre-create kargo-controller SA with Helm labels, fix JSON pod annotations, remove --wait from woodpecker helm 2026-04-19 05:28:09 +00:00
Celes Renata 00a6485e70 ci: sync esnixi changes - CA download, dockerhub auth, local-path storage, proxy exclusions, pod annotations 2026-04-19 05:14:13 +00:00
Celes Renata dba79b1dae ci: grant cluster-admin to default SA in woodpecker ns for inttest step pods 2026-04-19 04:52:24 +00:00
Celes Renata b38f4c4766 ci: use .local suffix in NO_PROXY to cover all cluster-internal traffic 2026-04-19 03:03:34 +00:00
Celes Renata 9e39d59afa ci: add woodpecker Kyverno proxy CA policy with NO_PROXY for gRPC 2026-04-19 03:00:06 +00:00
Celes Renata 76dd58c1dc ci: final pipeline fixes - kargo SA workaround, oauth2 flow, timeouts 2026-04-19 02:41:41 +00:00
Celes Renata 8bee515bd4 ci: fix runmelast hanging, add proxy CA injection, clean SA/CRD leftovers on redeploy 2026-04-19 02:01:18 +00:00
Celes Renata 1607baba90 ci: persist live fixes to pipeline scripts - grpc addr, storage, remove netpol, webhook config 2026-04-18 21:14:51 +00:00
Celes Renata 5f6d23888a ci: fix lint errors across project, update ruff.toml per-file ignores 2026-04-18 21:02:28 +00:00
Celes Renata afcfde0ac2 perf: custom DinD template with 4 CPU/4Gi per runner + anti-affinity to spread across nodes 2026-04-18 10:25:33 +00:00
Celes Renata 0ed7ecbd65 fix: add kubectl/helm install + RBAC for integration-test CI job 
- Install kubectl and helm in integration-test runner (DinD image lacks them)
- Configure kubectl with in-cluster service account credentials
- Add ClusterRoleBinding for runner SA to create inttest namespaces
- Add runner-rbac.yaml to runmefirst.sh install sequence
 2026-04-18 04:31:43 +00:00
Celes Renata 7a0e26c77b fix: remove template override from ARC runner-scaleset — let chart manage DinD pod spec 2026-04-18 04:17:25 +00:00
Celes Renata c85c0068a2 fix: clean up utcnow deprecation warnings, fix 12 failing tests, add CI/CD pipeline manifests 
- Replace all datetime.utcnow() with datetime.now(tz=timezone.utc) across 8 files
- Fix 12 failing tests to match current implementation behavior
- Fix pytest_plugins in non-top-level conftest (moved to root conftest.py)
- Auto-fix 189 lint issues (import sorting, unused imports)
- Add CI/CD pipeline infrastructure (ARC, ArgoCD, Kargo manifests)
- Add values-beta.yaml and values-paper.yaml for staged deployments
- Update GitHub Actions workflow to use self-hosted-gremlin runners
- Add integration-test job to CI pipeline

Result: 1596 passed, 0 failed, 0 warnings
 2026-04-18 03:59:28 +00:00