broker-sync

viktor/broker-sync

Fork 0

Commit graph

Author	SHA1	Message	Date
Viktor Barzin	1d0769c9e6	Disable typer rich tracebacks to avoid secret leak in logs Context ------- Live run of `broker-sync trading212` hit a PermissionError and typer's rich traceback printed every local variable, including the cleartext WF_PASSWORD and the T212 api_key strings, into pod logs. Kubernetes pod logs are world-readable cluster-wide — that's a security incident. This change ----------- - Pass `pretty_exceptions_enable=False` to the typer.Typer constructor. Plain stdlib tracebacks don't dump frame locals. - Rich is still available for help text; only crash formatting changes. Follow-up in infra/stacks/broker-sync: add `security_context.fs_group = 10001` to every pod spec so the PVC is owned by the broker user (the original PermissionError that triggered the traceback was the broker user being unable to write /data/watermarks). Test plan --------- ## Automated - poetry run pytest -q → 70 passed - poetry run mypy broker_sync tests → clean - poetry run ruff check . → clean ## Manual Verification Re-run the backfill Job after the image is rebuilt + the infra fsGroup change is applied.	2026-04-17 20:22:30 +00:00
Viktor Barzin	6fc2ac5322	Add sync pipeline + trading212 CLI subcommand Some checks are pending CI / test (push) Waiting to run Details CI / build (push) Blocked by required conditions Details CI / deploy (push) Blocked by required conditions Details Context ------- Closes the gap between "Trading212 provider yields Activities" and "activities land in Wealthfolio with dedup". One generic pipeline function works for every provider (Phase 2 IMAP ingest and Phase 3 CSV drop will reuse it). This change ----------- - `broker_sync/pipeline.py` — sync_provider_to_wealthfolio(): ensure accounts exist in Wealthfolio, fetch, dedup against the local SQLite store, batch into Wealthfolio's CSV import at 200 rows each, record successful imports in the dedup store with the returned Wealthfolio activity id. Failed batches don't touch the dedup store so the next run retries. - Notes field stamped with `sync:<provider>:<external_id>` for human auditability — NOT used for dedup (the SQLite store owns that). - `broker_sync/cli.py` — new `trading212` subcommand driven by T212_API_KEYS_JSON + WF_* + BROKER_SYNC_DATA_DIR env vars. Two modes: `steady` fetches last 7 days; `backfill` pulls all history. Exits 0 on clean run, 1 if any batch failed, 2 on config errors. - Pipeline tests with MockTransport: dedup-skip-then-import happy path (verifies imported CSV contains only the unseen rows and all three are recorded after the run); import-rejected path (verifies the failed row is NOT recorded so the next run retries). Test plan --------- ## Automated - poetry run pytest -q → 70 passed - poetry run mypy broker_sync tests → Success: no issues found in 29 source files - poetry run ruff check . → All checks passed! - poetry run broker-sync trading212 --help → shows all env vars + mode flag ## Manual Verification Live smoke test blocked on: 1. Vault secret/broker-sync seeded (wf_base_url, wf_username, wf_password, trading212_api_keys). 2. Terraform stack applied (infra/stacks/broker-sync/ — staged, not yet applied). 3. Image pushed to viktorbarzin/broker-sync on DockerHub via GHA. Once those land: kubectl -n broker-sync create job t212-backfill \ --from=cronjob/broker-sync-trading212 -- \ broker-sync trading212 --mode=backfill	2026-04-17 19:45:43 +00:00
Viktor Barzin	0eb6feefa8	Add typer CLI + production Dockerfile Context ------- Closes Phase 0 scaffolding. Image must build and run so infra can schedule an initial no-op CronJob (the plan's Phase 0 exit criterion) while Phase 0.5 / 0.75 / 1 land. This change ----------- - broker_sync/cli.py: typer app with two commands. * `version` — prints __version__; used as the no-op CronJob liveness check. * `auth-spike` — Phase 0.5 end-to-end live probe: log in to Wealthfolio, list accounts, exit 0 on success. Credentials read from env (WF_BASE_URL/USERNAME/PASSWORD) so CronJob + ESO can inject them without CLI flags. - Dockerfile: multi-stage, Python 3.12-slim, non-root user 10001 with /data as the shared PVC mount. Poetry virtualenv baked into /app/.venv, entrypoint is `broker-sync`, default command `version`. - CLI test via typer.testing.CliRunner. Test plan --------- ## Automated - poetry run pytest -q → 32 passed - poetry run mypy broker_sync tests → Success: no issues found in 19 source files - poetry run ruff check . → All checks passed! - poetry run broker-sync version → broker-sync 0.1.0 ## Manual Verification Docker build + run deferred — image will be built via GHA after the repo is pushed to GitHub in a follow-up session; the pyproject install has already been verified locally.	2026-04-17 19:23:54 +00:00

Author

SHA1

Message

Date

Viktor Barzin

1d0769c9e6

Disable typer rich tracebacks to avoid secret leak in logs

Context
-------
Live run of `broker-sync trading212` hit a PermissionError and typer's
rich traceback printed every local variable, including the cleartext
WF_PASSWORD and the T212 api_key strings, into pod logs. Kubernetes
pod logs are world-readable cluster-wide — that's a security incident.

This change
-----------
- Pass `pretty_exceptions_enable=False` to the typer.Typer constructor.
  Plain stdlib tracebacks don't dump frame locals.
- Rich is still available for help text; only crash formatting changes.

Follow-up in infra/stacks/broker-sync: add `security_context.fs_group = 10001`
to every pod spec so the PVC is owned by the broker user (the original
PermissionError that triggered the traceback was the broker user being
unable to write /data/watermarks).

Test plan
---------
## Automated
- poetry run pytest -q  →  70 passed
- poetry run mypy broker_sync tests  →  clean
- poetry run ruff check .  →  clean

## Manual Verification
Re-run the backfill Job after the image is rebuilt + the infra
fsGroup change is applied.

2026-04-17 20:22:30 +00:00

Viktor Barzin

6fc2ac5322

Add sync pipeline + trading212 CLI subcommand

CI / test (push) Waiting to run

Details

CI / build (push) Blocked by required conditions

Details

CI / deploy (push) Blocked by required conditions

Details

Context
-------
Closes the gap between "Trading212 provider yields Activities" and
"activities land in Wealthfolio with dedup". One generic pipeline
function works for every provider (Phase 2 IMAP ingest and Phase 3
CSV drop will reuse it).

This change
-----------
- `broker_sync/pipeline.py` — sync_provider_to_wealthfolio():
  ensure accounts exist in Wealthfolio, fetch, dedup against the local
  SQLite store, batch into Wealthfolio's CSV import at 200 rows each,
  record successful imports in the dedup store with the returned
  Wealthfolio activity id. Failed batches don't touch the dedup store
  so the next run retries.
- Notes field stamped with `sync:<provider>:<external_id>` for human
  auditability — NOT used for dedup (the SQLite store owns that).
- `broker_sync/cli.py` — new `trading212` subcommand driven by
  T212_API_KEYS_JSON + WF_* + BROKER_SYNC_DATA_DIR env vars. Two modes:
  `steady` fetches last 7 days; `backfill` pulls all history. Exits 0
  on clean run, 1 if any batch failed, 2 on config errors.
- Pipeline tests with MockTransport: dedup-skip-then-import happy path
  (verifies imported CSV contains only the unseen rows and all three
  are recorded after the run); import-rejected path (verifies the
  failed row is NOT recorded so the next run retries).

Test plan
---------
## Automated
- poetry run pytest -q  →  70 passed
- poetry run mypy broker_sync tests  →  Success: no issues found in 29 source files
- poetry run ruff check .  →  All checks passed!
- poetry run broker-sync trading212 --help  →  shows all env vars + mode flag

## Manual Verification
Live smoke test blocked on:
1. Vault secret/broker-sync seeded (wf_base_url, wf_username, wf_password,
   trading212_api_keys).
2. Terraform stack applied (infra/stacks/broker-sync/ — staged, not yet applied).
3. Image pushed to viktorbarzin/broker-sync on DockerHub via GHA.

Once those land:
    kubectl -n broker-sync create job t212-backfill \
      --from=cronjob/broker-sync-trading212 -- \
      broker-sync trading212 --mode=backfill

2026-04-17 19:45:43 +00:00

Viktor Barzin

0eb6feefa8

Add typer CLI + production Dockerfile

Context
-------
Closes Phase 0 scaffolding. Image must build and run so infra can
schedule an initial no-op CronJob (the plan's Phase 0 exit criterion)
while Phase 0.5 / 0.75 / 1 land.

This change
-----------
- broker_sync/cli.py: typer app with two commands.
  * `version` — prints __version__; used as the no-op CronJob
    liveness check.
  * `auth-spike` — Phase 0.5 end-to-end live probe: log in to
    Wealthfolio, list accounts, exit 0 on success. Credentials read
    from env (WF_BASE_URL/USERNAME/PASSWORD) so CronJob + ESO can
    inject them without CLI flags.
- Dockerfile: multi-stage, Python 3.12-slim, non-root user 10001
  with /data as the shared PVC mount. Poetry virtualenv baked into
  /app/.venv, entrypoint is `broker-sync`, default command `version`.
- CLI test via typer.testing.CliRunner.

Test plan
---------
## Automated
- poetry run pytest -q  →  32 passed
- poetry run mypy broker_sync tests  →  Success: no issues found in 19 source files
- poetry run ruff check .  →  All checks passed!
- poetry run broker-sync version  →  broker-sync 0.1.0

## Manual Verification
Docker build + run deferred — image will be built via GHA after the
repo is pushed to GitHub in a follow-up session; the pyproject install
has already been verified locally.

2026-04-17 19:23:54 +00:00

3 commits