Security:
- .dockerignore + Dockerfile: stop baking .env / the 346MB OSM pbf into image
layers; install pinned from uv.lock (reproducible builds) (SEC-04/05).
- docker-compose: DB port binds ${DB_BIND_ADDR:-127.0.0.1} — loopback-only by
default; remote tooling moves to an SSH tunnel (SEC-01).
- webhook_receiver: CRITICAL startup warning + WEBHOOK_REQUIRE_TOKEN=1 fail-closed
when JIMI_WEBHOOK_TOKEN is empty (SEC-02 / FIX-W01).
Correctness:
- FIX-M22/E07: capture cur.rowcount BEFORE RELEASE SAVEPOINT in poll_alarms/
poll_trips/poll_parking — the RELEASE reported -1, producing "Alarms: -4 new
events inserted" logs and negative ingestion_log.rows_inserted.
- FIX-W02: parse application/json push bodies (were silently dropped).
- FIX-W03: move webhook DB work off the event loop via asyncio.to_thread.
- FIX-M23: poll_trips phased so no txn/connection is held across Tracksolid +
Nominatim (1 req/s) network calls.
- FIX-M24: sync_devices disables devices absent from every target (guarded).
- FIX-W04: reject device-clock-garbage alarm_time (2019 timestamps observed).
- get_token(): don't relabel already-aware timestamptz expiries (BUG-P9).
Observability/lifecycle:
- migration 21: v_ingest_health restricted to active pipeline endpoints so
one-shot tools stop wedging /health/ingest at 'stale' (dry-run verified).
- FIX-M25: daily purge_audit_logs() trims ingestion_log (90d) + refresh_log (180d).
- remove orphaned duplicate migrations/10_driver_clock_views.sql; ruff lint config.
+5 webhook tests (82 pass). Report/plan/work-log in docs/reports/260702_*.
Local only; not deployed. CLAUDE.md fix-history edits left uncommitted (that file
also carries unrelated in-progress edits).
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
52 lines
No EOL
1.4 KiB
TOML
52 lines
No EOL
1.4 KiB
TOML
[project]
|
|
name = "fireside-tracksolid-ingest"
|
|
version = "1.0.0"
|
|
description = "Fireside Communications — Tracksolid Pro Telemetry Ingestion"
|
|
readme = "README.md"
|
|
requires-python = ">=3.12"
|
|
authors = [
|
|
{ name = "Fireside DevOps", email = "devops@firesideafrica.cloud" }
|
|
]
|
|
# Define your dependencies here
|
|
dependencies = [
|
|
"psycopg2-binary>=2.9.9", # Database driver (binary version is easier for Docker)
|
|
"requests>=2.32.3", # API requests
|
|
"schedule>=1.2.2", # Polling loops/scheduler
|
|
"urllib3>=2.2.2", # HTTP connection pooling/retries
|
|
"fastapi>=0.115.0", # Webhook receiver framework
|
|
"uvicorn[standard]>=0.30.0", # ASGI server for FastAPI
|
|
"python-multipart>=0.0.9", # Required for FastAPI Form() parsing
|
|
]
|
|
|
|
[build-system]
|
|
requires = ["hatchling"]
|
|
build-backend = "hatchling.build"
|
|
|
|
[tool.uv]
|
|
# Tells uv to manage a virtual environment automatically
|
|
managed = true
|
|
|
|
[tool.uv.sources]
|
|
# Optional: If you ever have custom local modules or git-based private libs
|
|
|
|
[project.optional-dependencies]
|
|
dev = [
|
|
"ruff>=0.4",
|
|
"mypy>=1.10",
|
|
"pytest>=8",
|
|
"pytest-asyncio>=0.23",
|
|
"httpx>=0.27",
|
|
]
|
|
|
|
[tool.ruff]
|
|
target-version = "py312"
|
|
line-length = 100
|
|
|
|
[tool.ruff.lint]
|
|
select = ["E", "W", "F", "B", "UP", "SIM"]
|
|
|
|
[tool.mypy]
|
|
python_version = "3.12"
|
|
warn_return_any = true
|
|
warn_unused_ignores = true
|
|
ignore_missing_imports = true |