viktor/trading
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
trading/.woodpecker.yml
Viktor Barzin 065b634b99
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
feat(trade-executor): Slack bot-token transport + semver image tags 
Two changes that ship together so a single CI run lands both:

1) SlackNotifier — support bot-token + channel transport
   - Previous version only supported a pinned webhook URL.
   - New mode uses chat.postMessage with bot_token + channel.
   - Channel can be changed via env var without rotating webhooks.
   - bot-token transport wins when both are set.
   - Fail-soft: ok=false (e.g. channel_not_found if the user
     hasn't created #trading-bot yet) is logged + skipped, not
     raised.
   - 5 new tests (10 total): bot-token wins, channel_not_found
     swallowed, headers/payload shape verified.

2) Image tags — switch from :${CI_PIPELINE_NUMBER} → :0.1.${N}
   - 3-part semver so Keel patch policy (cluster-wide default
     in inject-keel-annotations) is bounded to patch bumps
     within 0.1.x. Prior 1-part tags (:53) were technically
     parseable as major-only, which Keel patch wouldn't bump
     but could still resolve oddly under digest tracking.
   - Memory id=1935 documents Keel patch ≠ bulletproof for
     non-semver; semver tags are the safer mode.
   - update-deployment + verify-deploy steps updated to match.
   - :latest still pushed for cache-from + bootstrap.
2026-05-27 10:06:49 +00:00

198 lines
7.7 KiB
YAML
Raw Blame History

when:
- event: push
branch: master
clone:
git:
image: woodpeckerci/plugin-git
settings:
attempts: 5
backoff: 10s
steps:
- name: test
image: docker.io/library/python:3.12-slim
commands:
- pip install uv
- >-
uv pip install --system --quiet
".[api,news,sentiment,trading,backtester,meet_kevin,dev]"
- python -m pytest tests/ -v --tb=short -m "not integration"
- name: build-service-image
image: woodpeckerci/plugin-docker-buildx
depends_on:
- test
settings:
username: viktorbarzin
password:
from_secret: dockerhub-token
repo: viktorbarzin/trading-bot-service
dockerfile: docker/Dockerfile.service
context: .
build_args:
- SERVICE_MODULE=api_gateway
cache_from: viktorbarzin/trading-bot-service:latest
# Semver tags: 0.1.${CI_PIPELINE_NUMBER}. Keel policy:patch is bounded
# to patch-level bumps within 0.1.x, no surprise tag rewrites to
# different major/minor. :latest kept for cache + bootstrap.
tags:
- "0.1.${CI_PIPELINE_NUMBER}"
- latest
- name: build-dashboard-image
image: woodpeckerci/plugin-docker-buildx
depends_on:
- test
settings:
username: viktorbarzin
password:
from_secret: dockerhub-token
repo: viktorbarzin/trading-bot-dashboard
dockerfile: docker/Dockerfile.dashboard
context: .
cache_from: viktorbarzin/trading-bot-dashboard:latest
tags:
- "0.1.${CI_PIPELINE_NUMBER}"
- latest
- name: update-deployment
image: docker.io/library/alpine
depends_on:
- build-service-image
- build-dashboard-image
commands:
- apk add --no-cache curl jq
- |
TOKEN=$$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
SERVICE_IMAGE="viktorbarzin/trading-bot-service:0.1.${CI_PIPELINE_NUMBER}"
DASHBOARD_IMAGE="viktorbarzin/trading-bot-dashboard:0.1.${CI_PIPELINE_NUMBER}"
RESTART_AT=$$(date -u +%Y-%m-%dT%H:%M:%SZ)
API="https://kubernetes:6443/apis/apps/v1/namespaces/trading-bot/deployments"
# --- trading-bot-frontend: 2 containers ---
echo "Patching trading-bot-frontend..."
curl -sf -X PATCH "$$API/trading-bot-frontend" \
-H "Authorization: Bearer $$TOKEN" \
-H "Content-Type: application/strategic-merge-patch+json" \
-k -d "{
\"spec\":{
\"paused\":null,
\"template\":{
\"metadata\":{\"annotations\":{\"kubectl.kubernetes.io/restartedAt\":\"$$RESTART_AT\"}},
\"spec\":{\"containers\":[
{\"name\":\"dashboard\",\"image\":\"$$DASHBOARD_IMAGE\"},
{\"name\":\"api-gateway\",\"image\":\"$$SERVICE_IMAGE\"}
]}
}
}
}" | jq '{name: .metadata.name, generation: .metadata.generation}'
# --- trading-bot-workers: 6 containers (matches infra/stacks/trading-bot/main.tf) ---
echo "Patching trading-bot-workers..."
curl -sf -X PATCH "$$API/trading-bot-workers" \
-H "Authorization: Bearer $$TOKEN" \
-H "Content-Type: application/strategic-merge-patch+json" \
-k -d "{
\"spec\":{
\"paused\":null,
\"template\":{
\"metadata\":{\"annotations\":{\"kubectl.kubernetes.io/restartedAt\":\"$$RESTART_AT\"}},
\"spec\":{\"containers\":[
{\"name\":\"signal-generator\",\"image\":\"$$SERVICE_IMAGE\"},
{\"name\":\"learning-engine\",\"image\":\"$$SERVICE_IMAGE\"},
{\"name\":\"market-data\",\"image\":\"$$SERVICE_IMAGE\"},
{\"name\":\"meet-kevin-watcher\",\"image\":\"$$SERVICE_IMAGE\"},
{\"name\":\"kevin-signal-bridge\",\"image\":\"$$SERVICE_IMAGE\"},
{\"name\":\"trade-executor\",\"image\":\"$$SERVICE_IMAGE\"}
]}
}
}
}" | jq '{name: .metadata.name, generation: .metadata.generation}'
- name: verify-deploy
image: docker.io/library/alpine
depends_on:
- update-deployment
commands:
- apk add --no-cache curl jq
- |
TOKEN=$$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
EXPECTED_SERVICE="viktorbarzin/trading-bot-service:0.1.${CI_PIPELINE_NUMBER}"
EXPECTED_DASHBOARD="viktorbarzin/trading-bot-dashboard:0.1.${CI_PIPELINE_NUMBER}"
BASE_API="https://kubernetes:6443/api/v1/namespaces/trading-bot/pods"
DEPLOY_API="https://kubernetes:6443/apis/apps/v1/namespaces/trading-bot/deployments"
for DEPLOY in trading-bot-frontend trading-bot-workers; do
echo "Verifying $$DEPLOY..."
PODS_API="$$BASE_API?labelSelector=app%3D$$DEPLOY"
if [ "$$DEPLOY" = "trading-bot-frontend" ]; then
EXPECTED_IMAGE="$$EXPECTED_DASHBOARD"
else
EXPECTED_IMAGE="$$EXPECTED_SERVICE"
fi
DEPLOY_STATUS=$$(curl -sfk "$$DEPLOY_API/$$DEPLOY" \
-H "Authorization: Bearer $$TOKEN" \
-H "Accept: application/json")
echo " Deployment status: replicas=$$(echo "$$DEPLOY_STATUS" | jq -r '.status.replicas // 0') updated=$$(echo "$$DEPLOY_STATUS" | jq -r '.status.updatedReplicas // 0') ready=$$(echo "$$DEPLOY_STATUS" | jq -r '.status.readyReplicas // 0')"
FOUND=0
for i in $$(seq 1 60); do
RAW=$$(curl -sfk "$$PODS_API" \
-H "Authorization: Bearer $$TOKEN" \
-H "Accept: application/json")
if [ "$$i" -eq 1 ] || [ "$$i" -eq 10 ] || [ "$$i" -eq 30 ]; then
echo " DEBUG (attempt $$i): All pods for $$DEPLOY:"
echo "$$RAW" | jq -r '[.items[] | {
name: .metadata.name,
ready: ([.status.containerStatuses[]? | .ready] | all),
phase: .status.phase,
restarts: ([.status.containerStatuses[]? | .restartCount] | add // 0)
}] | .[] | " \(.name) ready=\(.ready) phase=\(.phase) restarts=\(.restarts)"' 2>/dev/null || echo " (no pods or parse error)"
fi
RESULT=$$(echo "$$RAW" | \
jq --arg img "$$EXPECTED_IMAGE" '[.items[] | select(
([.status.containerStatuses[]? | .ready] | all) and
(.spec.containers[]? | .image | endswith($$img))
) | {name: .metadata.name, started: .status.startTime}]')
COUNT=$$(echo "$$RESULT" | jq 'length' 2>/dev/null || echo 0)
echo " Attempt $$i/60: $$COUNT pod(s) ready with image matching $$EXPECTED_IMAGE"
if [ "$$COUNT" -gt 0 ] 2>/dev/null; then
echo "$$RESULT" | jq -r '.[] | " \(.name) started=\(.started)"'
echo "$$DEPLOY is live!"
FOUND=1
break
fi
sleep 5
done
if [ "$$FOUND" -ne 1 ]; then
echo " FINAL DEBUG: All pods for $$DEPLOY:"
echo "$$RAW" | jq -r '[.items[] | {
name: .metadata.name,
ready: ([.status.containerStatuses[]? | .ready] | all),
phase: .status.phase,
restarts: ([.status.containerStatuses[]? | .restartCount] | add // 0)
}] | .[] | " \(.name) ready=\(.ready) phase=\(.phase) restarts=\(.restarts)"' 2>/dev/null || echo " (no pods or parse error)"
echo "ERROR: No new ready pod for $$DEPLOY with image $$EXPECTED_IMAGE appeared within 5 minutes"
exit 1
fi
done
- name: slack
image: plugins/slack
depends_on:
- verify-deploy
settings:
webhook:
from_secret: slack-webhook-url
channel: general
when:
- status: [success, failure]
Reference in a new issue View git blame Copy permalink