101 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
AdrianoDev	c0b4cb5d5c	refactor(V2): hyperliquid client da SDK a httpx + eth-account EIP-712 (parità V1) ... Riscritto interamente HyperliquidClient su httpx puro + eth-account per la firma EIP-712 L1 (chainId 1337, phantom agent source 'a'/'b' per mainnet/testnet). Bit-parity verificata contro hyperliquid.utils.signing in test_signing_parity_with_canonical_sdk. 16 metodi pubblici, 26 test passanti. Aggiunte deps: eth-account, msgpack, eth-utils. hyperliquid-python-sdk ancora presente nel pyproject; rimossa nel sweep finale. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 01:39:23 +02:00
AdrianoDev	44c7a18d3e	refactor(V2): alpaca client da alpaca-py a httpx puro (parità V1) ... Riscrive `AlpacaClient` su `httpx.AsyncClient` rimuovendo ogni dipendenza runtime da `alpaca-py`. 4 endpoint base distinti (trading paper/live, stock data, crypto data, options data) gestiti via helper `_request` con header `APCA-API-KEY-ID` / `APCA-API-SECRET-KEY`. Firma costruttore e attributi pubblici (`paper`, `base_url`) invariati; `base_url` override applica al solo trading endpoint. Nuovo `aclose()` per cleanup connessioni. Test riscritti su `pytest-httpx` (29 test alpaca + leverage cap). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 01:38:23 +02:00
AdrianoDev	6097dde4e4	refactor(V2): bybit client da pybit a httpx puro (parità V1)	2026-05-01 01:35:26 +02:00
AdrianoDev	95b8bcfe96	docs(V2): aggiorna README con override URL .env, layout src, quality gate ... - Aggiunte caratteristiche: override URL upstream da DERIBIT_URL_*, BYBIT_URL_*, ecc. - Aggiunto badge qualità: 259 test, mypy clean, ruff clean - Aggiunta sezione layout src/cerbero_mcp/ - Documentate quirk SDK su override URL (Bybit pybit endpoint, Alpaca trading-only) - Linkato anche il plan oltre alla spec Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-01 00:04:50 +02:00
AdrianoDev	697d118522	chore(V2): mypy clean — fix radice V2 nuovo + suppress mirato V1 legacy ... - settings.py: lambda factory + type:ignore[call-arg] per env-loaded models - routers/*.py (6 file): cast esplicito Environment / Client per request.state - __main__.py: cast Literal env in builder, type:ignore Settings() - server.py: type:ignore[method-assign] su app.openapi - deribit/tools.py: assert su validator-normalized fields, list return type - deribit/client.py: type:ignore mirato no-any-return / has-type, rinomina types→types_list - hyperliquid/{client,tools}.py: assert su validator-normalized fields, var-annotated - alpaca/client.py: type:ignore mirato per SDK quirks (assignment, no-any-return, arg-type, union-attr) - {macro,sentiment}/fetchers.py: type:ignore mirato no-any-return / operator / union-attr Mypy: 68 → 0 errors. Test: 259 passing. Ruff: clean.	2026-04-30 20:43:03 +02:00
AdrianoDev	436dfd6f5a	feat(V2): URL exchange configurabili da .env (DERIBIT_URL_*, BYBIT_URL_*, ecc.)	2026-04-30 20:36:31 +02:00
AdrianoDev	b71c66917c	chore(V2): cleanup quality gate ... - ruff: contextlib.suppress al posto di try/except/pass (client_registry, test_env_routing) - rimozione services/ legacy (residuo da git rm) - fix integration test fixture: rimosso sys.modules.pop che inquinava module references nei test successivi (test_audit, test_client_init_default_http) 254 test passano. Ruff: clean. Mypy: 68 warning preesistenti dal codice V1 migrato (strict=false). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 19:02:55 +02:00
AdrianoDev	b552127479	docs(V2): README riscritto per architettura V2.0.0 ... - Singola immagine Docker, routing testnet/mainnet via bearer token - Configurazione interamente in .env - Swagger /apidocs - Sezione migrazione V1 → V2 con tabella mapping campi - Riferimento alla spec di design Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 19:00:33 +02:00
AdrianoDev	50bc6b64b4	chore(V2): build-push.sh costruisce 1 sola immagine V2.0.0; rimosso deploy-noclone.sh ... Lo script ora pubblica un solo tag cerbero-mcp:2.0.0 + :latest + :sha-<short>. deploy-noclone.sh era specifico del workflow V1 multi-image. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:59:27 +02:00
AdrianoDev	ec42d141bd	chore(V2): rimuovi compose overlay V1 (prod, local, traefik) e DEPLOYMENT.md ... Contenuti utili di DEPLOYMENT.md saranno integrati nel nuovo README V2. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:58:51 +02:00
AdrianoDev	6d19165d9e	chore(V2): rimuovi services/, gateway/, secrets/, docker/ (legacy V1) ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:58:11 +02:00
AdrianoDev	1c1b3e1570	test(V2): smoke script con bearer testnet	2026-04-30 18:57:07 +02:00
AdrianoDev	cee7f7ca2f	feat(V2): docker-compose.yml minimo (1 servizio, env_file .env)	2026-04-30 18:55:23 +02:00
AdrianoDev	6148461ac1	feat(V2): Dockerfile unico multi-stage in root ... Build multi-stage builder/runtime, uv sync --frozen, utente non-root uid 1000, healthcheck su /health, CMD cerbero-mcp. Smoke test passato: /health 200 OK, immagine cerbero-mcp:2.0.0 229MB content size. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:54:38 +02:00
AdrianoDev	f34452b2dd	test(V2): integration env routing per ogni exchange (constructor spy) ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:51:30 +02:00
AdrianoDev	a53efb7a29	feat(V2): __main__ con lifespan + 6 router + integration test ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:48:56 +02:00
AdrianoDev	f56df197e1	feat(V2): migrazione sentiment completa (read-only, env ignored) ... - exchanges/sentiment/{client,fetchers,tools}.py: SentimentClient wrapper stateless (cryptopanic_key, lunarcrush_key) - routers/sentiment.py: 9 tool POST sotto /mcp-sentiment (news, social, funding, OI, liquidations, cointegration) - exchanges/__init__.py: branch builder per sentiment (env ignored) - tests/unit/exchanges/sentiment: migrato test_fetchers, scartato test_server_acl V1-only - tests/unit/test_exchanges_builder.py: aggiunto test_build_client_sentiment_no_env_distinction - fetchers.py: env var lookup allineato a LUNARCRUSH_KEY (con fallback LUNARCRUSH_API_KEY) 241 test passano. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:46:48 +02:00
AdrianoDev	88bd4e7bde	feat(V2): migrazione macro completa (read-only, env ignored) ... - exchanges/macro: cot.py + cot_contracts.py + fetchers.py copiati 1:1 con rewrite import mcp_common -> cerbero_mcp.common, mcp_macro -> cerbero_mcp.exchanges.macro - nuovo MacroClient stateless wrapper: trasporta solo fred_api_key/finnhub_api_key, niente HTTP session (i fetchers usano async_client ad-hoc) - tools.py: 11 tool (get_treasury_yields, get_yield_curve_slope, get_breakeven_inflation, get_economic_indicators, get_macro_calendar, get_market_overview, get_equity_futures, get_asset_price, get_cot_tff, get_cot_disaggregated, get_cot_extreme_positioning) — niente write, niente leverage_cap - routers/macro.py: prefix /mcp-macro, 11 route POST /tools/* - builder branch macro: stesse credenziali per testnet/mainnet (env ignorato); registry istanzia 2 entry, costo trascurabile (wrapper stateless) - test migrati: test_cot.py + test_fetchers.py (test_server_acl.py skippato V1-only) - nuovo test test_build_client_macro_no_env_distinction in test_exchanges_builder.py Suite: 224 passed. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:42:55 +02:00
AdrianoDev	1b8ba0ef9c	feat(V2): migrazione alpaca completa ... Task 6.7: porting alpaca da services/mcp-alpaca a src/cerbero_mcp. client.py + leverage_cap.py copiati 1:1 (default cap 1 cash). tools.py: 17 tool senza ACL/Principal/audit. Router /mcp-alpaca con 18 route (env_info + 17 tool). Builder branch alpaca: paper=(env=="testnet"), api_key viene da settings.alpaca.api_key_id. Test client + leverage_cap migrati (15 test alpaca pass). Test builder con stub SDK alpaca-py. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:39:25 +02:00
AdrianoDev	8dbaf3a0e4	feat(V2): migrazione hyperliquid completa ... - exchanges/hyperliquid/{client,leverage_cap,tools}.py - routers/hyperliquid.py con 16 endpoint /mcp-hyperliquid/tools/* - builder hyperliquid in exchanges/__init__.py - test migrati: test_client, test_leverage_cap (skip V1: server_acl, environment_info) - test builder hyperliquid (testnet vs mainnet base_url) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:35:46 +02:00
AdrianoDev	5e42ce9c69	feat(V2): migrazione bybit completa (client, tools, router, test, builder) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:31:51 +02:00
AdrianoDev	a8d970233e	feat(V2): builder client centralizzato (solo deribit per ora) ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:27:50 +02:00
AdrianoDev	d3ec2ee588	feat(V2): router deribit + test migrati ... Router /mcp-deribit/* monta 34 tool (28 read + 6 write) come endpoint POST /mcp-deribit/tools/{tool_name}, con DI per env (request.state) e client (ClientRegistry). Write tools costruiscono creds minimale {max_leverage, client_id} da settings per leverage cap enforcement. Test deribit migrati: test_client.py + test_leverage_cap.py riassegnati sotto tests/unit/exchanges/deribit/ con import rewrite mcp_* -> cerbero_mcp.*. Skip dei legacy V1-only test_environment_info / test_server_acl / test_env_validation (ACL e resolve_environment eliminati in V2). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:26:34 +02:00
AdrianoDev	daa4e02971	feat(V2): migrazione deribit (client, leverage_cap, tools) ... Task 6.1 V2.0.0: copia client.py + leverage_cap.py da services/mcp-deribit con import riscritti (mcp_common -> cerbero_mcp.common, mcp_deribit -> cerbero_mcp.exchanges.deribit). Estratte 34 tool async (28 endpoint + is_testnet/environment_info + helpers) in tools.py: pure logica senza FastAPI/ACL. Audit calls per ora rimossi (TODO: cabling via router su request.state.environment). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 18:23:44 +02:00
AdrianoDev	2a268b3a33	feat(V2): build_app con swagger /apidocs + middleware + handlers ... Aggiunge /docs e /redoc alla whitelist auth (path disabilitati, nessun rischio sicurezza). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:20:17 +02:00
AdrianoDev	73f880e7f2	feat(V2): ClientRegistry lazy con lock per chiave ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:18:18 +02:00
AdrianoDev	80a4a88cb1	feat(V2): error envelope module estratto da server.py	2026-04-30 18:17:15 +02:00
AdrianoDev	993326136b	test(V2): migrazione test common/ ... Copiati e aggiornati i test da services/common/tests/ a tests/unit/common/. Import aggiornati da mcp_common a cerbero_mcp.common. Eliminati test di funzionalità V1-only (app_factory, environment, auth/Principal, server_base). Refactored test_audit.py (principal→actor str) e test_mcp_bridge.py (TokenStore→valid_tokens set). 71/71 test passano. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:16:26 +02:00
AdrianoDev	1a1f9c43ba	refactor(V2): audit.py usa actor:str invece di Principal, rimuovi legacy common/auth.py ... - Eliminato src/cerbero_mcp/common/auth.py (V1 Principal/TokenStore/ACL) - audit_write_op: parametro principal:Principal → actor:str|None - mcp_bridge.py: TokenStore → valid_tokens:set[str] (V2 bearer model) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:14:10 +02:00
AdrianoDev	3868ba60ce	feat(V2): migrazione common/ (indicators, options, microstructure, stats, http, audit, logging, mcp_bridge + auth)	2026-04-30 18:12:11 +02:00
AdrianoDev	04a34fc179	fix(V2): hoist fastapi Request import, ripristina importlib mode	2026-04-30 18:10:41 +02:00
AdrianoDev	2934a2d26a	feat(V2): bearer auth middleware con compare_digest ... Implementa install_auth_middleware con whitelist /health /apidocs /openapi.json, token timing-safe via secrets.compare_digest, request.state.environment injection. Fix pyproject: --import-mode=prepend (importlib + PEP563 rompe FastAPI Request injection). Rimosso from __future__ import annotations da test_auth.py per stesso motivo. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:09:21 +02:00
AdrianoDev	97d93a5139	feat(V2): pydantic settings con secret str + test ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:04:40 +02:00
AdrianoDev	005300205b	chore(V2): .env.example consolidato, .env gitignored	2026-04-30 18:03:22 +02:00
AdrianoDev	8df64b5176	chore(V2): scheletro src/cerbero_mcp + tests/ ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:02:22 +02:00
AdrianoDev	8fd182e295	chore(V2): pyproject singolo package cerbero-mcp, rimosso workspace ... Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-30 18:01:16 +02:00
AdrianoDev	b8753afad2	docs(plan): V2.0.0 implementation plan task-by-task ... Plan a 12 phase per implementare V2.0.0: - Phase 0: bootstrap struttura nuova - Phase 1: settings + .env consolidato - Phase 2: auth bearer middleware - Phase 3: migrazione common/ - Phase 4: client_registry lazy - Phase 5: build_app + swagger /apidocs - Phase 6: migrazione 6 exchange (deribit template + 5 ripetizioni) - Phase 7: __main__ entrypoint con lifespan - Phase 8: integration test env routing - Phase 9: Dockerfile + docker-compose minimo - Phase 10: pulizia V1 (services/, gateway/, secrets/, docker/) - Phase 11: README riscritto, DEPLOYMENT eliminato - Phase 12: quality gate finale Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 17:58:13 +02:00
AdrianoDev	9a137563e8	docs(spec): V2.0.0 unified image + token-based env routing ... Spec architetturale per V2.0.0: collassa 7 immagini Docker (gateway Caddy + 6 servizi MCP) in una singola immagine multi-router. Switch testnet/mainnet diventa runtime per-request via bearer token (TESTNET_TOKEN / MAINNET_TOKEN). Configurazione consolidata in singolo .env, secret JSON eliminati. Swagger UI esposto a /apidocs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-30 17:45:26 +02:00
AdrianoDev	7fa269de14	feat(deploy): auto-include docker-compose.local.yml override ... Lo script deploy-noclone.sh ora carica automaticamente come ultimo -f un eventuale $DEPLOY_DIR/docker-compose.local.yml se esiste. Utile per fix specifici macchina (es. DOCKER_API_VERSION watchtower su daemon vecchi). Gitignored per design — non versionato nel repo. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 22:44:01 +02:00
AdrianoDev	c9ab211c38	chore(build-push): riusa docker login persistente ... Skip login se ~/.docker/config.json contiene già auth per il registry. Permette di fare 'docker login' una volta e poi lanciare lo script senza dover esportare GITEA_PAT ad ogni run. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 21:40:56 +02:00
AdrianoDev	287c4b5372	chore: rimuovi deploy.sh e cache registry buildx ... - scripts/deploy.sh eliminato (sostituito da deploy-noclone.sh) - build-push.sh: rimossa cache-from/cache-to registry (cache buildx locale del laptop sufficiente, niente più image buildcache:* sul registry Gitea) - doc cleanup riferimenti orfani Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 21:25:38 +02:00
AdrianoDev	ba29572e93	chore(deploy): build locale + deploy no-clone, rimuovi CI Gitea ... - scripts/build-push.sh: replica job CI in locale (8 image, cache buildx, tag :latest + :sha-X) - scripts/deploy-noclone.sh: deploy VPS senza clone (curl raw config + image pull) - rimossa .gitea/workflows/ci.yml - README + DEPLOYMENT aggiornati: laptop -> registry -> VPS, paths /docker/cerbero_mcp - ruff fix su 3 test (I001, SIM117, UP037, F821) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 20:37:06 +02:00
AdrianoDev	4f3e959805	feat(deploy): docker-compose.traefik.yml overlay per behind-Traefik ... Per VPS condiviso (es. con Gitea) dove Traefik gestisce già 80/443. - gateway/Caddyfile: env-aware listen + auto_https + trusted_proxies (defaults invariati per modalità standalone). - docker-compose.traefik.yml: overlay che rimuove ports binding host, attacca gateway alla network esterna di Traefik, set labels per routing Host(cerbero-mcp.tielogic.xyz) + TLS via certresolver Traefik. Caddy ascolta plain HTTP :80 interno. - scripts/deploy.sh: rileva BEHIND_TRAEFIK=true → aggiunge -f docker-compose.traefik.yml a tutti i docker compose call. - DEPLOYMENT.md: nuova sezione 2a (topologia standalone vs behind-traefik) + sotto-sezione modalità behind-Traefik con env vars richieste. Uso: docker compose -f docker-compose.prod.yml -f docker-compose.traefik.yml \ --env-file .env up -d Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 09:56:07 +02:00
AdrianoDev	a1110c8ecb	feat(safety+audit+deploy): consistency_check + audit log file sink + deploy script ... #2 Env switch safety: - mcp_common/environment.py: nuova consistency_check() che previene switch accidentali a mainnet. Solleva EnvironmentMismatchError se resolved=mainnet senza creds["environment"]="mainnet" esplicito, o se declared/resolved mismatch. Override via STRICT_MAINNET=false. - Wirato in app_factory.run_exchange_main al boot. - 6 nuovi test consistency. #3 Audit log persistence: - mcp_common/audit.py: TimedRotatingFileHandler aggiuntivo se env AUDIT_LOG_FILE settato. Rotation midnight UTC, retention 30gg default (AUDIT_LOG_BACKUP_DAYS). Format JSONL con SecretsFilter. - docker-compose.prod.yml: bind mount /var/log/cerbero-mcp + env AUDIT_LOG_FILE per i 4 servizi exchange (write endpoints). - 2 nuovi test file sink. #1 Deploy script: - scripts/deploy.sh: idempotente, fa docker login + clone/pull repo + copia secrets chmod 600 + crea .env + setup audit dir + pull image + up + smoke test pubblico HTTPS. - DEPLOYMENT.md aggiornato: sezioni 2 (script), 3 (safety mainnet), 4 (audit log query), renumber sezioni successive. Test: 488/488 verdi. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 09:29:04 +02:00
AdrianoDev	019b7e3298	docs: README + DEPLOYMENT con stato CI/CD funzionante ... README aggiunge sezione 'CI/CD pipeline' che descrive i 5 job e i tag image. DEPLOYMENT espande sez. 1 con dettagli runner Gitea (network gitea_gitea-internal, image runner-images, label ubuntu-latest) e configurazione secret user-level REGISTRY_TOKEN con scope write:package.	2026-04-29 09:18:30 +02:00
AdrianoDev	2fb7043790	ci: push base image al registry + parametrizza BASE_IMAGE nei service Dockerfile ... Buildx con driver docker-container non vede image caricate nel daemon locale. Soluzione: push base come git.tielogic.xyz/adriano/cerbero-mcp/ base:latest e i 6 service Dockerfile usano ${BASE_IMAGE}:${BASE_TAG} con default "cerbero-base" per dev locale, override CI a path registry.	2026-04-29 09:09:47 +02:00
AdrianoDev	38fd7db259	ci: usa secrets.REGISTRY_TOKEN per docker login (scope write:package) ... GITEA_TOKEN auto-iniettato non include write:package scope necessario per push al registry. Serve PAT manuale creato in User Settings → Applications con scope write:package, salvato come secret repo REGISTRY_TOKEN.	2026-04-29 08:53:31 +02:00
AdrianoDev	9da2e12473	lint: ruff clean services/ (autofix + manual + ignore E741) ... - 24 autofix safe (SIM105 contextlib.suppress, F401 unused imports, I001 import order, B007 unused loop var, F811 redef, F841 unused). - 15 unsafe-fix (UP038 X|Y in isinstance, SIM108 ternary, ecc.). - Manual fix: SIM102 nested if in deribit term_structure, E402 imports in test_cot.py + sentiment server.py. - Ignore E741 (variabili 'l' in list comprehensions deribit/client.py — stilistico, non bug). Tests: 478/478 verdi.	2026-04-29 08:44:12 +02:00
AdrianoDev	910f80c99b	ci: setup-python@v5 con 3.13 + curl uv install (setup-uv@v5 non applicava python-version)	2026-04-29 08:29:24 +02:00
AdrianoDev	fe7a9dd9c0	ci: usa astral-sh/setup-uv@v5 con python-version 3.13 (gestisce uv + Python + cache)	2026-04-29 08:23:50 +02:00