trading-bot: revive K8s stack + add meet-kevin-watcher
Uncomment the trading-bot stack (disabled 2026-04-06 due to resource consumption) and add the new meet_kevin_watcher service container. Changes: - Uncomment the /* ... */ block enclosing the entire stack - Fix db_init job: add -d postgres to psql commands (root user has no root-named database — matches pattern used in claude-memory + others) - Remove 3 disabled containers from trading-bot-workers Pod spec: news-fetcher, sentiment-analyzer, trade-executor - Add new meet-kevin-watcher container (image viktorbarzin/trading-bot-service:latest, command python -m services.meet_kevin_watcher.main, mem 128Mi/256Mi) - Extend ExternalSecret with TRADING_OPENROUTER_API_KEY and TRADING_MEET_KEVIN_CHANNEL_ID keys (sourced from Vault secret/trading-bot) - Add 4 common_env entries for the Meet Kevin pipeline (poll interval, daily cost cap, model slug, prompt version) - Update lifecycle.ignore_changes to 4 image indices vault: re-enable pg-trading static role - Add pg-trading to vault_database_secret_backend_connection allowed_roles - Uncomment vault_database_secret_backend_static_role.pg_trading (was disabled 2026-04-06 with the rest of trading-bot stack) kyverno: add postgres* to trusted-registries allowlist - trading-bot db_init uses postgres:16-alpine (Docker Hub library image) - postgres* was not in the DockerHub bare-name allowlist (unlike mysql*, alpine*, nginx*, python* which were already there) Final workers Pod containers (in order): [0] signal-generator [1] learning-engine [2] market-data [3] meet-kevin-watcher (NEW) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
60d8d54d6e
commit
66ca8b9e9c
5 changed files with 84 additions and 145 deletions
|
|
@ -610,7 +610,7 @@ resource "vault_database_secret_backend_connection" "postgresql" {
|
|||
backend = vault_mount.database.path
|
||||
name = "postgresql"
|
||||
allowed_roles = [
|
||||
# "pg-trading", # Commented out 2026-04-06 - trading-bot disabled
|
||||
"pg-trading",
|
||||
"pg-health", "pg-linkwarden",
|
||||
"pg-affine", "pg-woodpecker", "pg-claude-memory",
|
||||
"pg-terraform-state", "pg-payslip-ingest", "pg-job-hunter",
|
||||
|
|
@ -696,8 +696,6 @@ resource "vault_database_secret_backend_static_role" "mysql_phpipam" {
|
|||
|
||||
# --- PostgreSQL Static Roles ---
|
||||
|
||||
/*
|
||||
# Commented out 2026-04-06 - trading-bot disabled
|
||||
resource "vault_database_secret_backend_static_role" "pg_trading" {
|
||||
backend = vault_mount.database.path
|
||||
db_name = vault_database_secret_backend_connection.postgresql.name
|
||||
|
|
@ -705,7 +703,6 @@ resource "vault_database_secret_backend_static_role" "pg_trading" {
|
|||
username = "trading"
|
||||
rotation_period = 604800
|
||||
}
|
||||
*/
|
||||
|
||||
resource "vault_database_secret_backend_static_role" "pg_health" {
|
||||
backend = vault_mount.database.path
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue