Two changes that ship together so a single CI run lands both:
1) SlackNotifier — support bot-token + channel transport
- Previous version only supported a pinned webhook URL.
- New mode uses chat.postMessage with bot_token + channel.
- Channel can be changed via env var without rotating webhooks.
- bot-token transport wins when both are set.
- Fail-soft: ok=false (e.g. channel_not_found if the user
hasn't created #trading-bot yet) is logged + skipped, not
raised.
- 5 new tests (10 total): bot-token wins, channel_not_found
swallowed, headers/payload shape verified.
2) Image tags — switch from :${CI_PIPELINE_NUMBER} → :0.1.${N}
- 3-part semver so Keel patch policy (cluster-wide default
in inject-keel-annotations) is bounded to patch bumps
within 0.1.x. Prior 1-part tags (:53) were technically
parseable as major-only, which Keel patch wouldn't bump
but could still resolve oddly under digest tracking.
- Memory id=1935 documents Keel patch ≠ bulletproof for
non-semver; semver tags are the safer mode.
- update-deployment + verify-deploy steps updated to match.
- :latest still pushed for cache-from + bootstrap.
SlackNotifier posts a short message to a Slack incoming webhook on:
- trade-executor submits an order (filled or pending)
- RiskManager rejects a signal (except outside_market_hours, which
spams every poll when the bot tries to trade after-hours)
Key properties:
- No-op when slack_webhook_url is empty (fail-soft default).
- HTTP errors are swallowed — a Slack outage MUST NOT crash the
consumer loop; the trade already happened on Alpaca.
- Kevin-strategy signals tagged "Meet Kevin" in the message so I can
tell which strategy fired.
Wiring:
- TradeExecutorConfig.slack_webhook_url + TRADING_SLACK_WEBHOOK_URL
env var, sourced from Vault secret/trading-bot/slack_webhook_url
via existing ExternalSecret.
- SlackNotifier passed to process_signal; both rejection + post-trade
paths call it.
Tests: 7 new (no-op when disabled, post calls webhook with correct
text, Kevin strategy tag, swallows HTTP errors, suppresses noisy
rejections).
- Learning engine: expand default weights from 3 to all 9 strategies
- Learning engine: resolve placeholder strategy_id with DB lookup
- Learning engine: pass strategy_sources from trade execution
- Trade executor: respect trading:paused Redis flag in RiskManager
- Portfolio sync: compute actual daily P&L from day-start snapshot
- Portfolio API: cumulative P&L from first snapshot, read pause flag
- Portfolio metrics: compute max drawdown and avg hold duration
- Add strategy_sources field to TradeExecution schema
- Add dev_mode config (TRADING_DEV_MODE) to bypass auth for local dev
- Dashboard: VITE_DEV_MODE bypasses ProtectedRoute and 401 redirects
- Vite proxy target configurable via VITE_API_TARGET
- Add top-level README.md and remaining-work-plan.md
- Update CLAUDE.md with correct counts and remove stale TODOs
- 404 tests passing
Made-with: Cursor
Wire the trading bot to real Alpaca market data and persist pipeline
state to the database so the dashboard displays live information.
- Add market-data service fetching OHLCV bars from Alpaca, publishing
to market:bars Redis Stream; signal generator consumes bars and
injects current_price into signals for position sizing
- Sentiment analyzer now persists Article + ArticleSentiment rows to
DB after scoring, with duplicate and error handling
- API gateway runs a background portfolio sync task that snapshots
Alpaca account state into PortfolioSnapshot/Position DB tables
during market hours
- TradeSignal carries a signal_id UUID; signal generator and trade
executor both persist their records to DB with cross-references
- 303 unit tests pass (57 new tests added)
I1: Add graceful shutdown (SIGTERM/SIGINT) to all 5 background services
I2: Fix Dockerfile healthcheck to use curl on /metrics endpoint
I3: Fix StreamConsumer.ensure_group() to only catch BUSYGROUP errors
I4: Fix SimulatedBroker to reject orders with insufficient cash/shares
I5: Move ORM attribute access inside DB session context in trades routes
I6: Add Redis-based rate limiting (10 req/min/IP) on all auth endpoints
I8: Prevent backtest background task garbage collection
I9: Use Numeric(16,6) instead of Float for financial columns in migration
I10: Add index on trades.created_at for time-range queries
I11: Bind infrastructure ports to 127.0.0.1 in docker-compose
I12: Add migrations init service; all app services depend on it
I13: Fix user enumeration in login_begin (return options for non-existent users)
