19 Commits

Author	SHA1	Message	Date
root	91aadaea6a	docs(V2): document /mcp-cross historical aggregator ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-10 21:42:20 +00:00
root	110ca7f5cf	docs(V2): update README for IBKR integration ... Add IBKR to the exchange list, endpoint table, audit filter values, and Tool disponibili. Bump test count to 366 and reorder IBKR Setup before Licenza. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-10 08:54:54 +00:00
root	cddf88afb4	feat(V2): IBKR OAuth setup script + docker secrets mount + docs ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 21:40:06 +00:00
AdrianoDev	9e7b98579b	chore(V2): branch V2.0.0 come default deploy (no merge in main) ... deploy-vps.sh: BRANCH default V2.0.0 invece di main. README: clone con -b V2.0.0, nota che il branch in produzione è V2.0.0. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 10:31:58 +02:00
AdrianoDev	51081f4e18	feat(V2): deploy-vps.sh per deploy via clone (no registry) ... Il deploy ora avviene clonando il repo direttamente sul VPS, costruendo l'immagine in loco e riavviando il container. Sostituisce il workflow build & push verso registry + Watchtower. Lo script automatizza: - git fetch + reset --hard origin/<branch> - docker compose build - restart graceful (down 15s + up -d) - attesa healthcheck con timeout configurabile - rollback automatico al SHA precedente se /health fallisce Variabili: BRANCH, PORT, HEALTH_TIMEOUT_SECONDS, FORCE, SKIP_ROLLBACK. Rimosso scripts/build-push.sh (workflow registry abbandonato). README aggiornato con la nuova procedura. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 09:05:26 +02:00
AdrianoDev	8ecc1a24a9	feat(V2): /health/ready con ping client + middleware request log strutturato + request_id correlation ... - /health/ready: ping di tutti i client (exchange, env) cached con timeout 2s, status ready|degraded|not_ready, opt-in 503 via READY_FAILS_ON_DEGRADED. - Middleware mcp.request: 1 riga JSON per HTTP request con request_id, method, path, status_code, duration_ms, actor, bot_tag, exchange, tool, client_ip, user_agent. - request_id propagato in request.state, audit log e error envelope per correlazione cross-cutting. - Aggiunto async health() come probe minimo a bybit/alpaca/macro/ sentiment/deribit (hyperliquid lo aveva già). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 09:03:28 +02:00
AdrianoDev	9afd087152	docs(V2): aggiorna conteggio test 259 → 310 nel README ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 08:52:11 +02:00
AdrianoDev	69ac878893	feat(V2): X-Bot-Tag header obbligatorio + endpoint /admin/audit con filtri ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 08:51:40 +02:00
AdrianoDev	95b8bcfe96	docs(V2): aggiorna README con override URL .env, layout src, quality gate ... - Aggiunte caratteristiche: override URL upstream da DERIBIT_URL_*, BYBIT_URL_*, ecc. - Aggiunto badge qualità: 259 test, mypy clean, ruff clean - Aggiunta sezione layout src/cerbero_mcp/ - Documentate quirk SDK su override URL (Bybit pybit endpoint, Alpaca trading-only) - Linkato anche il plan oltre alla spec Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 00:04:50 +02:00
AdrianoDev	b552127479	docs(V2): README riscritto per architettura V2.0.0 ... - Singola immagine Docker, routing testnet/mainnet via bearer token - Configurazione interamente in .env - Swagger /apidocs - Sezione migrazione V1 → V2 con tabella mapping campi - Riferimento alla spec di design Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 19:00:33 +02:00
AdrianoDev	ba29572e93	chore(deploy): build locale + deploy no-clone, rimuovi CI Gitea ... - scripts/build-push.sh: replica job CI in locale (8 image, cache buildx, tag :latest + :sha-X) - scripts/deploy-noclone.sh: deploy VPS senza clone (curl raw config + image pull) - rimossa .gitea/workflows/ci.yml - README + DEPLOYMENT aggiornati: laptop -> registry -> VPS, paths /docker/cerbero_mcp - ruff fix su 3 test (I001, SIM117, UP037, F821) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 20:37:06 +02:00
AdrianoDev	019b7e3298	docs: README + DEPLOYMENT con stato CI/CD funzionante ... README aggiunge sezione 'CI/CD pipeline' che descrive i 5 job e i tag image. DEPLOYMENT espande sez. 1 con dettagli runner Gitea (network gitea_gitea-internal, image runner-images, label ubuntu-latest) e configurazione secret user-level REGISTRY_TOKEN con scope write:package.	2026-04-29 09:18:30 +02:00
AdrianoDev	b1aea194ad	docs: add COT report tools to README macro section	2026-04-29 00:10:06 +02:00
AdrianoDev	c251fda886	feat(ci/cd): Gitea Actions + registry + Watchtower auto-update ... CI pipeline (.gitea/workflows/ci.yml): - Job lint (ruff), typecheck (mypy mcp_common gating + servizi warn-only), test (pytest 455). - Job build-and-push solo su main: builda gateway + 6 image MCP via docker/build-push-action@v6, login al registry Gitea con docker/login-action@v3 + secrets.GITEA_TOKEN auto-iniettato. - Cache distribuita type=gha per layer Docker → run successivi 5-10x più veloci. Tag :latest + :sha-XXXXXXX per ogni image. Deploy VPS (docker-compose.prod.yml): - Niente build locale: solo `image:` da git.tielogic.xyz/adriano/ cerbero-mcp/<service>:latest. Variabile IMAGE_TAG per pin a sha specifico. - Servizio Watchtower containerizzato che polla ogni 5min (configurabile via WATCHTOWER_POLL_INTERVAL) e auto-aggiorna i container con label com.centurylinklabs.watchtower.enable=true. Auth registry riusa ~/.docker/config.json bind-mounted readonly. DEPLOYMENT.md: runbook completo per setup VPS, login registry, secrets, .env, smoke test post-deploy, rollback (pin a sha), disable auto-update, nota Traefik upload limit. README aggiornato con link. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-28 22:52:40 +02:00
AdrianoDev	a13e3fe045	feat: 15 nuovi indicatori quant (common + deribit + bybit + macro + sentiment) ... Common (mcp_common): - indicators.py: vol_cone, hurst_exponent, half_life_mean_reversion, garch11_forecast, autocorrelation, rolling_sharpe, var_cvar - options.py (nuovo): oi_weighted_skew, smile_asymmetry, atm_vs_wings_vol, dealer_gamma_profile, vanna_charm_aggregate - microstructure.py (nuovo): orderbook_imbalance (ratio + microprice + slope) - stats.py (nuovo): cointegration_test Engle-Granger + ADF helper Deribit (+6 tool MCP): - get_dealer_gamma_profile (net dealer gamma + flip level) - get_vanna_charm (vanna/charm aggregati pesati OI) - get_oi_weighted_skew, get_smile_asymmetry, get_atm_vs_wings_vol - get_orderbook_imbalance Bybit (+2 tool MCP): - get_orderbook_imbalance, get_basis_term_structure (futures dated curve) Macro (+2 tool MCP): - get_yield_curve_slope (2y10y/5y30y + butterfly + regime) - get_breakeven_inflation (FRED T5YIE/T10YIE/T5YIFR) Sentiment (+3 tool MCP): - get_funding_arb_spread (opportunità arb compatte annualizzate) - get_liquidation_heatmap (heuristic da OI delta + funding extreme, no feed paid Coinglass) - get_cointegration_pairs (Engle-Granger su coppie crypto Binance hourly) Tutto in TDD pure-Python (no numpy/scipy in mcp_common). README aggiornato con elenco completo. 442 test totali verdi. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-27 23:58:07 +02:00
AdrianoDev	867180f4bf	feat(gateway): TLS auto + rate limit + IP allowlist su write endpoint ... Configura il gateway Caddy per il deploy su cerbero-mcp.tielogic.xyz: - Build custom Caddy con plugin mholt/caddy-ratelimit (Dockerfile + build via xcaddy). - TLS automatico via Let's Encrypt (richiede DNS A record + porte 80/443 raggiungibili), HSTS preload, header di sicurezza. - Rate limit per IP (60 req/min sui read, 10 req/min sui write, sliding window). - Allowlist IP sui write endpoint (place_*, cancel_*, set_*, close_*, transfer_*, amend_*, switch_*): IP non in WRITE_ALLOWLIST → 403. - Default WRITE_ALLOWLIST copre loopback + Docker bridge: bot sulla stessa macchina (host o container) funziona senza configurazione, IP pubblici esterni vanno aggiunti esplicitamente. - Smoke test e README aggiornati per il nuovo URL gateway. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-27 23:24:06 +02:00
AdrianoDev	c2fd8330ca	feat(mcp-deribit,mcp-bybit): add place_combo_order ... Deribit: private/create_combo + place_order sul combo instrument → una sola crociata di spread invece di N (slippage atteso ridotto su strutture liquide). ACL core + leverage cap su tutti i leg. Bybit: place_batch_order su category=option (atomic multi-leg, 1 round-trip API). Reject su category != option (perp/linear non supportano batch nativo). orderLinkId auto-generato per leg. Tutti i test: deribit 48/48, bybit 123/123. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-27 23:12:09 +02:00
AdrianoDev	bacd5aab33	docs: aggiornati README e smoke con live checks + resolver kwargs ... Documentata la precedenza di risoluzione environment e l'utilizzo dei nuovi kwargs default_base_url_live/testnet di resolve_environment. Smoke README estesa con i 6 live tool check read-only. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-27 22:29:46 +02:00
AdrianoDev	46986e2bae	chore: init Cerbero_mcp from Cerbero@pre-split-2026-04-27	2026-04-27 17:31:46 +02:00