viktor/broker-sync
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
broker-sync/tests/sinks/test_wealthfolio.py

277 lines
8.7 KiB
Python
Raw Normal View History

Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
from __future__ import annotations
import json
from datetime import UTC, datetime
from decimal import Decimal
from pathlib import Path
from typing import Any
import httpx
import pytest
from broker_sync.models import Account, AccountType, Activity, ActivityType
from broker_sync.sinks.wealthfolio import (
ImportValidationError,
WealthfolioSink,
WealthfolioUnauthorizedError,
)
def _buy() -> Activity:
return Activity(
external_id="t212:1",
account_id="t212-isa",
account_type=AccountType.ISA,
date=datetime(2026, 4, 1, 10, 30, tzinfo=UTC),
activity_type=ActivityType.BUY,
symbol="VUAG",
quantity=Decimal("1"),
unit_price=Decimal("100"),
currency="GBP",
)
def _client(handler: httpx.MockTransport, session_path: Path) -> WealthfolioSink:
return WealthfolioSink(
base_url="https://wf.test",
username="viktor",
password="hunter2",
session_path=session_path,
transport=handler,
)
def _login_ok(req: httpx.Request) -> httpx.Response:
assert req.url.path == "/api/v1/auth/login"
body = json.loads(req.content)
Fix live Wealthfolio login + Dockerfile poetry path Context ------- Two live-integration bugs surfaced during the Phase 0.5 auth-spike run against the restored production Wealthfolio. 1. Wealthfolio 3.2's LoginRequest schema is `{ password: String }` — it rejects any request with an unknown `username` field as HTTP 400 (empty body, hard to debug). Upstream source: https://github.com/afadil/wealthfolio/blob/main/apps/server/src/auth.rs#L86-L88 2. Dockerfile referenced `/opt/poetry/bin/poetry` but pip install puts poetry on the normal PATH; POETRY_HOME only affects the self-installer, not `pip install`. Exit 127 in GHA build. This change ----------- - WealthfolioSink.login() sends `{password}` only; kept `username` constructor arg as a stub for the day Wealthfolio adds multi-user. - Dockerfile drops POETRY_HOME and uses `poetry` on PATH. - Test: `_login_ok` now asserts body == {"password": "hunter2"} ("hunter2" is the XKCD placeholder — not a real credential). Test plan --------- ## Automated - poetry run pytest -q → 70 passed - poetry run mypy broker_sync tests → Success: no issues found in 29 source files - poetry run ruff check . → All checks passed! ## Manual Verification (executed live) ``` kubectl -n wealthfolio port-forward svc/wealthfolio 18080:80 & WF_BASE_URL=http://localhost:18080 WF_USERNAME=admin \ WF_PASSWORD=<from-vault> \ poetry run broker-sync auth-spike → "Logged in. 1 account(s) visible." ```
2026-04-17 20:17:24 +00:00
# Wealthfolio 3.2 LoginRequest is password-only.
assert body == {"password": "hunter2"}
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
return httpx.Response(
200,
Add imap-ingest CLI + ImapProvider: route emails to IE/Schwab parsers Wires the IE + Schwab email parsers into an actual runnable sync. Walks the IMAP mailbox, routes each message by sender domain: - *@investengine.com → invest_engine.parse_invest_engine_email - *@schwab.com → schwab.parse_schwab_email then pushes the resulting Activities through the shared pipeline. broker-sync imap-ingest — new CLI command taking IMAP_HOST/USER/PASSWORD/ DIRECTORY (mirrors the old wealthfolio-sync image's env shape so the Terraform CronJob's existing env wiring works unchanged). Verified: poetry run pytest -q → 109 passed + 1 skipped; mypy strict clean (37 files); ruff + yapf clean.
2026-04-17 22:12:05 +00:00
json={
"authenticated": True,
"expiresIn": 604800
},
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
headers={"set-cookie": "wf_token=abc123; Path=/api; HttpOnly"},
)
# -- Login --
async def test_login_persists_cookie(tmp_path: Path) -> None:
async def handler(req: httpx.Request) -> httpx.Response:
return _login_ok(req)
sp = tmp_path / "session.json"
sink = _client(httpx.MockTransport(handler), sp)
await sink.login()
data = json.loads(sp.read_text())
assert "wf_token" in data["cookies"]
assert data["cookies"]["wf_token"] == "abc123"
async def test_login_raises_on_401(tmp_path: Path) -> None:
async def handler(req: httpx.Request) -> httpx.Response:
return httpx.Response(401, json={"error": "bad creds"})
sink = _client(httpx.MockTransport(handler), tmp_path / "s.json")
with pytest.raises(WealthfolioUnauthorizedError):
await sink.login()
# -- Session reuse --
async def test_session_reused_from_disk(tmp_path: Path) -> None:
sp = tmp_path / "s.json"
sp.write_text(json.dumps({"cookies": {"wf_token": "cached"}}))
calls: list[str] = []
async def handler(req: httpx.Request) -> httpx.Response:
calls.append(req.url.path)
assert "wf_token=cached" in req.headers.get("cookie", "")
return httpx.Response(200, json=[])
sink = _client(httpx.MockTransport(handler), sp)
await sink.list_accounts()
assert calls == ["/api/v1/accounts"]
async def test_401_triggers_single_reauth_and_retry(tmp_path: Path) -> None:
sp = tmp_path / "s.json"
sp.write_text(json.dumps({"cookies": {"wf_token": "stale"}}))
path_calls: list[tuple[str, str]] = []
async def handler(req: httpx.Request) -> httpx.Response:
path_calls.append((req.method, req.url.path))
if req.url.path == "/api/v1/accounts" and req.headers.get("cookie", "").endswith("stale"):
return httpx.Response(401)
if req.url.path == "/api/v1/auth/login":
return _login_ok(req)
# After login the stored cookie is fresh; second GET should succeed.
return httpx.Response(200, json=[{"id": "a1"}])
sink = _client(httpx.MockTransport(handler), sp)
out = await sink.list_accounts()
assert out == [{"id": "a1"}]
assert path_calls == [
("GET", "/api/v1/accounts"),
("POST", "/api/v1/auth/login"),
("GET", "/api/v1/accounts"),
]
# -- Account ensure --
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
async def test_ensure_account_returns_existing_wf_id(tmp_path: Path) -> None:
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
sp = tmp_path / "s.json"
sp.write_text(json.dumps({"cookies": {"wf_token": "fresh"}}))
posts: list[dict[str, Any]] = []
async def handler(req: httpx.Request) -> httpx.Response:
if req.method == "GET" and req.url.path == "/api/v1/accounts":
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
# Wealthfolio stores its own UUID for id; providerAccountId is
# what we gave it.
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
return httpx.Response(
200,
json=[{
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
"id": "uuid-wf-123",
"name": "Trading212 ISA",
"provider": "trading212",
"providerAccountId": "t212-isa",
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
}],
)
if req.method == "POST":
posts.append(json.loads(req.content))
return httpx.Response(500)
sink = _client(httpx.MockTransport(handler), sp)
acc = Account(
id="t212-isa",
name="Trading212 ISA",
account_type=AccountType.ISA,
currency="GBP",
provider="trading212",
)
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
wf_id = await sink.ensure_account(acc)
assert wf_id == "uuid-wf-123"
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
assert posts == [] # no create
async def test_ensure_account_creates_if_missing(tmp_path: Path) -> None:
sp = tmp_path / "s.json"
sp.write_text(json.dumps({"cookies": {"wf_token": "fresh"}}))
posted: list[dict[str, Any]] = []
async def handler(req: httpx.Request) -> httpx.Response:
if req.method == "GET" and req.url.path == "/api/v1/accounts":
return httpx.Response(200, json=[])
if req.method == "POST" and req.url.path == "/api/v1/accounts":
posted.append(json.loads(req.content))
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
return httpx.Response(
200,
json={
"id": "uuid-new-456",
"provider": "trading212",
"providerAccountId": "t212-isa",
},
)
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
return httpx.Response(500)
sink = _client(httpx.MockTransport(handler), sp)
acc = Account(
id="t212-isa",
name="Trading212 ISA",
account_type=AccountType.ISA,
currency="GBP",
provider="trading212",
)
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
wf_id = await sink.ensure_account(acc)
assert wf_id == "uuid-new-456"
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
assert len(posted) == 1
Match Wealthfolio accounts by providerAccountId, remap accountId on import Context: Wealthfolio 3.2 generates its own UUIDs on POST /accounts, ignoring any `id` we supply. Our logical Account.id lives on as `providerAccountId`, which WF preserves verbatim. Live run created six duplicate accounts because ensure_account looked up by our `id`, never found it, and POSTed a new account on every attempt. Deleted the duplicates manually via DELETE /accounts/{id}. This change: - ensure_account now returns Wealthfolio's UUID; matches existing via (provider, providerAccountId) - pipeline remaps activity.account_id to the WF UUID at submission time but keeps dedup keyed on our stable id (WF resets must not blow away the whole dedup history) - test updates to the new account-shape + dedup key expectations poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:44:32 +00:00
# We no longer send our logical id — Wealthfolio would ignore it. We
# DO send our id as providerAccountId so Wealthfolio preserves it for
# future matching.
assert "id" not in posted[0]
assert posted[0]["providerAccountId"] == "t212-isa"
sinks: match Wealthfolio NewAccount camelCase schema + required booleans Wealthfolio 3.2's POST /api/v1/accounts was 422ing on live traffic — its NewAccount struct uses camelCase field names and requires isDefault + isActive as booleans. Reference: https://github.com/afadil/wealthfolio/blob/main/apps/server/src/models.rs#L~145 Sends trackingMode=TRANSACTIONS so Wealthfolio computes holdings from our imported activities (vs HOLDINGS mode which requires periodic holdings snapshots). Populates providerAccountId so the broker account is traceable back to our sync's id scheme. Test plan: poetry run pytest -q → 70 passed poetry run mypy → clean poetry run ruff check → clean Live re-run of the backfill Job follows this commit's image rebuild.
2026-04-17 20:29:43 +00:00
assert posted[0]["accountType"] == "ISA"
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
assert posted[0]["currency"] == "GBP"
sinks: match Wealthfolio NewAccount camelCase schema + required booleans Wealthfolio 3.2's POST /api/v1/accounts was 422ing on live traffic — its NewAccount struct uses camelCase field names and requires isDefault + isActive as booleans. Reference: https://github.com/afadil/wealthfolio/blob/main/apps/server/src/models.rs#L~145 Sends trackingMode=TRANSACTIONS so Wealthfolio computes holdings from our imported activities (vs HOLDINGS mode which requires periodic holdings snapshots). Populates providerAccountId so the broker account is traceable back to our sync's id scheme. Test plan: poetry run pytest -q → 70 passed poetry run mypy → clean poetry run ruff check → clean Live re-run of the backfill Job follows this commit's image rebuild.
2026-04-17 20:29:43 +00:00
assert posted[0]["isActive"] is True
assert posted[0]["isDefault"] is False
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
# -- Activity import --
async def test_import_dry_run_then_real(tmp_path: Path) -> None:
sp = tmp_path / "s.json"
sp.write_text(json.dumps({"cookies": {"wf_token": "fresh"}}))
calls: list[str] = []
async def handler(req: httpx.Request) -> httpx.Response:
calls.append(req.url.path)
if req.url.path == "/api/v1/activities/import/check":
sinks: feed /import/check enrichment into /import body /import/check hydrates each ActivityImport with resolved assetId, exchangeMic, quoteCcy, instrumentType, quoteMode. The /import endpoint on Wealthfolio 3.2 does NOT re-resolve — passing an un-enriched row returns 200 OK but silently drops the activity (activities=[] in the response). The first live run returned `imported=63 failed=0` but nothing reached the database. Fixed by posting the hydrated rows from the check response to /import instead of the original. Requires the test to also return list-shaped check responses (matches the upstream Json<Vec<ActivityImport>> signature on the Rust side). poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:54:17 +00:00
# /import/check hydrates and returns a list of ActivityImport.
Add imap-ingest CLI + ImapProvider: route emails to IE/Schwab parsers Wires the IE + Schwab email parsers into an actual runnable sync. Walks the IMAP mailbox, routes each message by sender domain: - *@investengine.com → invest_engine.parse_invest_engine_email - *@schwab.com → schwab.parse_schwab_email then pushes the resulting Activities through the shared pipeline. broker-sync imap-ingest — new CLI command taking IMAP_HOST/USER/PASSWORD/ DIRECTORY (mirrors the old wealthfolio-sync image's env shape so the Terraform CronJob's existing env wiring works unchanged). Verified: poetry run pytest -q → 109 passed + 1 skipped; mypy strict clean (37 files); ruff + yapf clean.
2026-04-17 22:12:05 +00:00
return httpx.Response(200,
json=[
{
"symbol": "VUAG",
"isValid": True,
"errors": None,
"assetId": "enriched-asset-uuid",
"exchangeMic": "XLON",
},
])
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
if req.url.path == "/api/v1/activities/import":
return httpx.Response(
200,
sinks: feed /import/check enrichment into /import body /import/check hydrates each ActivityImport with resolved assetId, exchangeMic, quoteCcy, instrumentType, quoteMode. The /import endpoint on Wealthfolio 3.2 does NOT re-resolve — passing an un-enriched row returns 200 OK but silently drops the activity (activities=[] in the response). The first live run returned `imported=63 failed=0` but nothing reached the database. Fixed by posting the hydrated rows from the check response to /import instead of the original. Requires the test to also return list-shaped check responses (matches the upstream Json<Vec<ActivityImport>> signature on the Rust side). poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:54:17 +00:00
json={
"activities": [
Add imap-ingest CLI + ImapProvider: route emails to IE/Schwab parsers Wires the IE + Schwab email parsers into an actual runnable sync. Walks the IMAP mailbox, routes each message by sender domain: - *@investengine.com → invest_engine.parse_invest_engine_email - *@schwab.com → schwab.parse_schwab_email then pushes the resulting Activities through the shared pipeline. broker-sync imap-ingest — new CLI command taking IMAP_HOST/USER/PASSWORD/ DIRECTORY (mirrors the old wealthfolio-sync image's env shape so the Terraform CronJob's existing env wiring works unchanged). Verified: poetry run pytest -q → 109 passed + 1 skipped; mypy strict clean (37 files); ruff + yapf clean.
2026-04-17 22:12:05 +00:00
{
"id": "wf-1",
"external_id": "t212:1"
},
sinks: feed /import/check enrichment into /import body /import/check hydrates each ActivityImport with resolved assetId, exchangeMic, quoteCcy, instrumentType, quoteMode. The /import endpoint on Wealthfolio 3.2 does NOT re-resolve — passing an un-enriched row returns 200 OK but silently drops the activity (activities=[] in the response). The first live run returned `imported=63 failed=0` but nothing reached the database. Fixed by posting the hydrated rows from the check response to /import instead of the original. Requires the test to also return list-shaped check responses (matches the upstream Json<Vec<ActivityImport>> signature on the Rust side). poetry run pytest -q 70 passed poetry run mypy clean poetry run ruff check clean
2026-04-17 20:54:17 +00:00
],
},
Add WealthfolioSink with CSV import + cookie reuse Context ------- This is the Phase 0.5 deliverable — the hardest-to-validate unknown in the plan. Wealthfolio auth is JWT HttpOnly cookie with a 5-req/min login rate limit. CronJob pods are ephemeral, so we persist cookies to disk between runs (shared PVC in production). Plan stress-test also flagged: use the CSV import path, not per-row JSON POST. Wealthfolio's UI uses /activities/import and its dedup logic is battle-tested; CSVs double as audit artefacts we can replay. This change ----------- - WealthfolioSink (httpx async): login with username/password, persists cookie dict to session_path on disk, attaches it as a Cookie header on subsequent calls. - 401 on a non-login endpoint triggers a single re-login + retry. - ensure_account() is idempotent — GETs the account list first, only POSTs /accounts if id is missing. - import_activities() always runs /activities/import/check first; any non-2xx there raises ImportValidationError and we never touch the real import endpoint. Protects against half-written state when the broker emits a symbol Wealthfolio doesn't know. - httpx.MockTransport-based tests cover: login persistence, 401 on login raises UnauthorizedError, session reuse from disk, 401 retry path, ensure_account idempotency + creation, import dry-run-then-real sequencing, halt on check failure. Not yet covered (deferred): - Multi-process file lock on session_path (single-process enough for now; Phase 1 adds it when multiple CronJobs run concurrently). - 429 jittered backoff (TBD when Wealthfolio actually rate-limits us). Test plan --------- ## Automated - poetry run pytest -q → 31 passed - poetry run mypy broker_sync tests → Success: no issues found in 17 source files - poetry run ruff check . → All checks passed! ## Manual Verification Live auth spike against https://wealthfolio.viktorbarzin.me deferred until the password is seeded into Vault at secret/broker-sync/wealthfolio in a follow-up commit (needs Viktor's Vault session).
2026-04-17 19:22:34 +00:00
)
return httpx.Response(500)
sink = _client(httpx.MockTransport(handler), sp)
out = await sink.import_activities([_buy()])
assert calls == [
"/api/v1/activities/import/check",
"/api/v1/activities/import",
]
assert out == [{"id": "wf-1", "external_id": "t212:1"}]
async def test_import_halts_on_validation_failure(tmp_path: Path) -> None:
sp = tmp_path / "s.json"
sp.write_text(json.dumps({"cookies": {"wf_token": "fresh"}}))
calls: list[str] = []
async def handler(req: httpx.Request) -> httpx.Response:
calls.append(req.url.path)
if req.url.path == "/api/v1/activities/import/check":
return httpx.Response(
400,
json={"errors": ["row 1: unknown symbol"]},
)
return httpx.Response(500)
sink = _client(httpx.MockTransport(handler), sp)
with pytest.raises(ImportValidationError, match="unknown symbol"):
await sink.import_activities([_buy()])
assert calls == ["/api/v1/activities/import/check"] # real import never hit
Reference in a new issue Copy permalink