viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

trading-bot: add kevin_signal_bridge container (kill-switch OFF for Phase 1)

Browse source 
5th worker container running in audit-only mode. Writes
kevin_signal_bridge_state rows showing what it WOULD trade but never
publishes to signals:generated. Kill-switch flipped in Phase 2.
This commit is contained in:
Viktor Barzin 2026-05-24 01:22:53 +00:00
parent 6218868ea5
commit 67f8be4598
1 changed files with 44 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

45
stacks/trading-bot/main.tf
View file

@ -510,16 +510,59 @@ resource "kubernetes_deployment" "trading-bot-workers" {
}
}
}
container {
name = "kevin-signal-bridge"
image = "viktorbarzin/trading-bot-service:latest"
image_pull_policy = "Always"
command = ["python", "-m", "services.kevin_signal_bridge.main"]
dynamic "env" {
for_each = local.common_env
content {
name = env.key
value = env.value
}
}
env {
name = "TRADING_OTEL_METRICS_PORT"
value = "9098"
}
# Kill-switch off in Phase 1 bridge writes audit rows only,
# never publishes to signals:generated.
env {
name = "TRADING_KEVIN_ENABLE_TRADING"
value = "false"
}
env_from {
secret_ref {
name = "trading-bot-secrets"
}
}
env_from {
secret_ref {
name = "trading-bot-db-creds"
}
}
resources {
requests = {
cpu = "10m"
memory = "128Mi"
}
limits = {
memory = "256Mi"
}
}
}
}
}
}
lifecycle {
# DRIFT_WORKAROUND: CI pipeline owns image tags for all 4 worker containers. Reviewed 2026-05-22.
# DRIFT_WORKAROUND: CI pipeline owns image tags for all 5 worker containers. Reviewed 2026-05-24.
ignore_changes = [
spec[0].template[0].spec[0].container[0].image,
spec[0].template[0].spec[0].container[1].image,
spec[0].template[0].spec[0].container[2].image,
spec[0].template[0].spec[0].container[3].image,
spec[0].template[0].spec[0].container[4].image,
spec[0].template[0].spec[0].dns_config, # KYVERNO_LIFECYCLE_V1: Kyverno admission webhook mutates dns_config with ndots=2
]
}