Adriano
b5b96f959c
Sei interventi MEDIA priorità sul sistema. 323 test pass, mypy strict
pulito, ruff clean.
1. Docker HEALTHCHECK + cerbero-bite healthcheck:
- nuovo subcommand che esce 0 se kill_switch=0 e last_health_check
entro --max-staleness-s (default 600s);
- HEALTHCHECK direttiva nel Dockerfile (60s interval, 5s timeout,
start_period 120s, retries 3);
- healthcheck definition nel docker-compose.yml.
2. Audit hash chain anti-truncation:
- migration 0002: nuova colonna system_state.last_audit_hash;
- AuditLog accetta callback on_append, dependencies.py la wire al
repository.set_last_audit_hash;
- Orchestrator.boot verifica che il tail file matcha l'anchor
persistito; mismatch → kill switch CRITICAL.
3. return_4h bootstrap da deribit get_historical:
- quando dvol_history è vuoto _fetch_return_4h cade su
deribit.historical_close (1h candle 4h fa);
- alert LOW se anche il fallback fallisce.
4. execution.environment + execution.eur_to_usd in strategy.yaml:
- ExecutionConfig promosso a typed schema con i due campi
consumati al boot;
- CLI start preferisce i valori da config; CLI flag overridano
solo quando differenti dai default.
5. Cycle correlation ID:
- structlog.contextvars.bind_contextvars in run_entry/run_monitor/
run_health propaga cycle_id e cycle nei log strutturati.
6. SIGTERM/SIGINT clean shutdown:
- run_forever installa loop.add_signal_handler per SIGTERM e
SIGINT; il segnale set()ta un asyncio.Event che termina il
blocco principale, scheduler.shutdown e ctx.aclose finalizzano.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
61 lines
1.9 KiB
YAML
61 lines
1.9 KiB
YAML
# docker-compose.yml — Cerbero Bite
|
|
#
|
|
# Bite runs in its own Compose project but joins the same Docker
|
|
# network used by Cerbero_mcp so it can resolve `mcp-deribit`,
|
|
# `mcp-macro` and friends by their service name (see the gateway
|
|
# Caddyfile in Cerbero_mcp).
|
|
#
|
|
# The shared network is declared as external here. Create it once on
|
|
# the host with `docker network create cerbero-suite` (or rename the
|
|
# Cerbero_mcp network to `cerbero-suite` and mark it external).
|
|
#
|
|
# Secrets are read from ./secrets/, which is .gitignore'd.
|
|
|
|
networks:
|
|
cerbero-suite:
|
|
external: true
|
|
|
|
secrets:
|
|
core_token:
|
|
file: ./secrets/core.token
|
|
|
|
volumes:
|
|
bite-data:
|
|
|
|
services:
|
|
cerbero-bite:
|
|
build:
|
|
context: .
|
|
dockerfile: Dockerfile
|
|
image: cerbero-bite:dev
|
|
restart: unless-stopped
|
|
networks: [cerbero-suite]
|
|
cap_drop: [ALL]
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
secrets:
|
|
- core_token
|
|
environment:
|
|
CERBERO_BITE_CORE_TOKEN_FILE: /run/secrets/core_token
|
|
# Service URLs — the defaults below match the cerbero-suite
|
|
# network DNS. Override per service if you need to point at a
|
|
# different host (dev only).
|
|
CERBERO_BITE_MCP_DERIBIT_URL: http://mcp-deribit:9011
|
|
CERBERO_BITE_MCP_HYPERLIQUID_URL: http://mcp-hyperliquid:9012
|
|
CERBERO_BITE_MCP_MACRO_URL: http://mcp-macro:9013
|
|
CERBERO_BITE_MCP_SENTIMENT_URL: http://mcp-sentiment:9014
|
|
CERBERO_BITE_MCP_TELEGRAM_URL: http://mcp-telegram:9017
|
|
CERBERO_BITE_MCP_PORTFOLIO_URL: http://mcp-portfolio:9018
|
|
volumes:
|
|
- bite-data:/app/data
|
|
healthcheck:
|
|
test:
|
|
["CMD", "cerbero-bite", "healthcheck", "--db", "/app/data/state.sqlite"]
|
|
interval: 60s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 120s
|
|
# Default command runs the engine status check; override with the
|
|
# CLI subcommand of choice (start, ping, dry-run, ...).
|
|
command: ["status"]
|