Adriano/Cerbero-Bite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 2: persistence + safety controls

Browse Source 
Aggiunge la persistenza SQLite, l'audit log a hash chain, il kill
switch coordinato e i CLI di gestione documentati in
docs/05-data-model.md e docs/07-risk-controls.md. 197 test pass,
1 skipped (sqlite3 CLI mancante), copertura totale 97%.

State (`state/`):
- 0001_init.sql con positions, instructions, decisions, dvol_history,
  manual_actions, system_state.
- db.py: connect con WAL + foreign_keys + transaction ctx, runner
  forward-only basato su PRAGMA user_version.
- models.py: record Pydantic, Decimal preservato come TEXT.
- repository.py: CRUD typed con singola connessione passata, cache
  aware, posizioni concorrenti.

Safety (`safety/`):
- audit_log.py: AuditLog append-only con SHA-256 chain e fsync,
  verify_chain riconosce ogni manomissione (payload, prev_hash,
  hash, JSON, separatori).
- kill_switch.py: arm/disarm transazionali, idempotenti, accoppiati
  all'audit chain.

Config (`config/loader.py` + `strategy.yaml`):
- Loader YAML con deep-merge di strategy.local.yaml.
- Verifica config_hash SHA-256 (riga config_hash esclusa).
- File golden strategy.yaml + esempio override.

Scripts:
- dead_man.sh: watchdog shell indipendente da Python.
- backup.py: VACUUM INTO orario con retention 30 giorni.

CLI:
- audit verify (exit 2 su tampering).
- kill-switch arm/disarm/status su SQLite reale.
- state inspect con tabella posizioni aperte.
- config hash, config validate.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
AdrianoDev
2026-04-27 13:35:35 +02:00
parent fbb7753cc6
commit 263470786d
25 changed files with 3669 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/unit/test_smoke.py
+19 -4
View File
@@ -38,14 +38,29 @@ def test_cli_status_runs(tmp_data_dir: Path) -> None:
assert "phase: 0" in result.output
def test_cli_kill_switch_arm_placeholder(tmp_data_dir: Path) -> None:
def test_cli_kill_switch_arm_persists_state(tmp_data_dir: Path) -> None:
runner = CliRunner()
db_path = tmp_data_dir / "state.sqlite"
audit_path = tmp_data_dir / "audit.log"
result = runner.invoke(
cli_main,
["--log-dir", str(tmp_data_dir / "log"), "kill-switch", "arm", "--reason", "test"],
[
"--log-dir",
str(tmp_data_dir / "log"),
"kill-switch",
"arm",
"--reason",
"smoke",
"--db",
str(db_path),
"--audit",
str(audit_path),
],
)
assert result.exit_code == 0
assert "phase 0 placeholder" in result.output
assert result.exit_code == 0, result.output
assert "ARMED" in result.output
assert db_path.exists()
assert audit_path.exists()
def test_cli_version_flag() -> None: