jihoson/The-Ouroboros
1
0
Fork 0
Code Issues Pull Requests Actions 10 Packages Projects Releases Wiki Activity

Merge pull request 'docs: feature-branch 팀 운영 규칙 및 모니터링 검증 게이트 반영 (#279)' (#280) from feature/issue-279-session-order-policy-guard into feature/v3-session-policy-stream

Browse Source
This commit was merged in pull request #280.
This commit is contained in:
agentson
2026-02-27 00:19:55 +09:00
parent 990f9696ab 3ffad58d57
commit 54d6cc3d7c
8 changed files with 334 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/ouroboros/40_acceptance_and_test_plan.md
View File

@@ -43,6 +43,11 @@ Updated: 2026-02-26
- 기존 `tests/` 스위트 전량 실행
- 신규 기능 플래그 ON/OFF 비교
4. 구동/모니터링 검증 (필수)
- 개발 완료 후 시스템을 실제 구동해 핵심 경로를 관찰
- 필수 관찰 항목: 주문 차단 정책, Kill Switch 동작, 경보/예외 로그, 세션 전환 로그
- Runtime Verifier 코멘트로 증적(실행 명령/요약 로그) 첨부
## 실행 명령
```bash
@@ -55,3 +60,4 @@ python3 scripts/validate_ouroboros_docs.py
- 문서 검증 실패 시 구현 PR 병합 금지
- `REQ-*` 변경 후 테스트 매핑 누락 시 병합 금지
- 회귀 실패 시 원인 모듈 분리 후 재검증
- 구동/모니터링 증적 누락 시 검증 승인 금지

16
docs/ouroboros/50_tpm_control_protocol.md
View File

@@ -150,6 +150,10 @@ TPM 티켓 운영 규칙:
- PR 본문에는 TPM이 지정한 우선순위와 범위가 그대로 반영되어야 한다.
- 우선순위 변경은 TPM 제안 + Main Agent 승인으로만 가능하다.
브랜치 운영 규칙:
- TPM은 각 티켓에 대해 `ticket temp branch -> program feature branch` PR 경로를 지정한다.
- 티켓 머지 대상은 항상 program feature branch이며, `main`은 최종 통합 단계에서만 사용한다.
## Runtime Verification Protocol
- Runtime Verifier는 테스트 통과 이후 실제 동작(스테이징/실운영)을 모니터링한다.
@@ -159,12 +163,16 @@ TPM 티켓 운영 규칙:
- 이슈 클로즈 규칙:
- Dev 수정 완료 + Verifier 재검증 통과 + Runtime Verifier 재관측 정상
- 최종 클로즈 승인자는 Main Agent
- 개발 완료 필수 절차:
- 시스템 실제 구동(스테이징/로컬 실운영 모드) 실행
- 모니터링 체크리스트(핵심 경보/주문 경로/예외 로그) 수행
- 결과를 티켓/PR 코멘트에 증적으로 첨부하지 않으면 완료로 간주하지 않음
## Server Reflection Rule (No-Merge by Default)
## Server Reflection Rule
- 서버 반영 기본 규칙은 `브랜치 푸시 + PR 생성/코멘트`까지로 제한한다.
- 기본 흐름에서 검증 승인 후 자동/수동 머지 실행은 금지한다.
- 예외는 사용자 명시 승인 시에만 허용되며, Main Agent가 예외 근거를 PR에 기록한다.
- `ticket temp branch -> program feature branch` 머지는 검증 승인 후 자동/수동 진행 가능하다.
- `program feature branch -> main` 머지는 사용자 명시 승인 시에만 허용한다.
- Main 병합 시 Main Agent가 승인 근거를 PR 코멘트에 기록한다.
## Acceptance Matrix (PM Scenario -> Dev Tasks -> Verifier Checks)

16
docs/ouroboros/60_repo_enforcement_checklist.md
View File

@@ -50,10 +50,12 @@ Updated: 2026-02-26
- PR 본문에 `REQ-*`, `TASK-*`, `TEST-*` 매핑 표 존재
- `src/core/risk_manager.py` 변경 없음
- 주요 의사결정 체크포인트(DCP-01~04) 중 해당 단계 Main Agent 확인 기록 존재
- 티켓 PR의 base가 `main`이 아닌 program feature branch인지 확인
자동 점검:
- 문서 검증 스크립트 통과
- 테스트 통과
- 개발 완료 시 시스템 구동/모니터링 증적 코멘트 존재
## 5) 감사 추적
@@ -87,8 +89,14 @@ Updated: 2026-02-26
- `REPLAN-REQUEST`는 Main Agent 승인 전 \"제안\" 상태로 유지
- 승인된 재계획은 `REQ/TASK/TEST` 문서를 동시 갱신해야 유효
## 9) 서버 반영 규칙 (No-Merge by Default)
## 9) 서버 반영 규칙
- 서버 반영은 `브랜치 푸시 + PR 코멘트(리뷰/논의/검증승인)`까지를 기본으로 한다.
- 기본 규칙에서 `tea pulls merge` 실행 금지한다.
- 사용자 명시 승인 시에만 예외적으로 머지를 허용한다(예외 근거를 PR 코멘트에 기록).
- 티켓 PR(`feature/issue-* -> feature/{stream}`)은 검증 승인 후 머지 가능하다.
- 최종 통합 PR(`feature/{stream} -> main`)은 사용자 명시 승인 전 `tea pulls merge` 실행 금지.
- Main 병합 시 승인 근거 코멘트 필수.
## 10) 최종 main 병합 조건
- 모든 티켓이 program feature branch로 병합 완료
- Runtime Verifier의 구동/모니터링 검증 완료
- 사용자 최종 승인 코멘트 확인 후에만 `feature -> main` PR 머지 허용

20
docs/workflow.md
View File

@@ -5,14 +5,24 @@
**CRITICAL: All code changes MUST follow this workflow. Direct pushes to `main` are ABSOLUTELY PROHIBITED.**
1. **Create Gitea Issue First** — All features, bug fixes, and policy changes require a Gitea issue before any code is written
2. **Create Feature Branch** — Branch from `main` using format `feature/issue-{N}-{short-description}`
- After creating the branch, run `git pull origin main` and rebase to ensure the branch is up to date
3. **Implement Changes** — Write code, tests, and documentation on the feature branch
4. **Create Pull Request** — Submit PR to `main` branch referencing the issue number
5. **Review & Merge** — After approval, merge via PR (squash or merge commit)
2. **Create Program Feature Branch** — Branch from `main` for the whole development stream
- Format: `feature/{epic-or-stream-name}`
3. **Create Ticket Temp Branch** — Branch from the program feature branch per ticket
- Format: `feature/issue-{N}-{short-description}`
4. **Implement Per Ticket** — Write code, tests, and documentation on the ticket temp branch
5. **Create Pull Request to Program Feature Branch**`feature/issue-N-* -> feature/{stream}`
6. **Review/Verify and Merge into Program Feature Branch** — user approval not required
7. **Final Integration PR to main** — Only after all ticket stages complete and explicit user approval
**Never commit directly to `main`.** This policy applies to all changes, no exceptions.
## Branch Strategy (Mandatory)
- Team operation default branch is the **program feature branch**, not `main`.
- Ticket-level development happens only on **ticket temp branches** cut from the program feature branch.
- Ticket PR merges into program feature branch are allowed after verifier approval.
- Until final user sign-off, `main` merge is prohibited.
## Gitea CLI Formatting Troubleshooting
Issue/PR 본문 작성 시 줄바꿈(`\n`)이 문자열 그대로 저장되는 문제가 반복될 수 있다. 원인은 `-d "...\n..."` 형태에서 쉘/CLI가 이스케이프를 실제 개행으로 해석하지 않기 때문이다.

93
src/core/order_policy.py Normal file
View File

@@ -0,0 +1,93 @@
"""Session-aware order policy guards.
Default policy:
- Low-liquidity sessions must reject market orders (price <= 0).
"""
from __future__ import annotations
from dataclasses import dataclass
from datetime import UTC, datetime, time
from zoneinfo import ZoneInfo
from src.markets.schedule import MarketInfo
_LOW_LIQUIDITY_SESSIONS = {"NXT_AFTER", "US_PRE", "US_DAY", "US_AFTER"}
class OrderPolicyRejected(Exception):
"""Raised when an order violates session policy."""
def __init__(self, message: str, *, session_id: str, market_code: str) -> None:
super().__init__(message)
self.session_id = session_id
self.market_code = market_code
@dataclass(frozen=True)
class SessionInfo:
session_id: str
is_low_liquidity: bool
def classify_session_id(market: MarketInfo, now: datetime | None = None) -> str:
"""Classify current session by KST schedule used in v3 docs."""
now = now or datetime.now(UTC)
# v3 session tables are explicitly defined in KST perspective.
kst_time = now.astimezone(ZoneInfo("Asia/Seoul")).timetz().replace(tzinfo=None)
if market.code == "KR":
if time(8, 0) <= kst_time < time(8, 50):
return "NXT_PRE"
if time(9, 0) <= kst_time < time(15, 30):
return "KRX_REG"
if time(15, 30) <= kst_time < time(20, 0):
return "NXT_AFTER"
return "KR_OFF"
if market.code.startswith("US"):
if time(10, 0) <= kst_time < time(18, 0):
return "US_DAY"
if time(18, 0) <= kst_time < time(23, 30):
return "US_PRE"
if time(23, 30) <= kst_time or kst_time < time(6, 0):
return "US_REG"
if time(6, 0) <= kst_time < time(7, 0):
return "US_AFTER"
return "US_OFF"
return "GENERIC_REG"
def get_session_info(market: MarketInfo, now: datetime | None = None) -> SessionInfo:
session_id = classify_session_id(market, now)
return SessionInfo(session_id=session_id, is_low_liquidity=session_id in _LOW_LIQUIDITY_SESSIONS)
def validate_order_policy(
*,
market: MarketInfo,
order_type: str,
price: float,
now: datetime | None = None,
) -> SessionInfo:
"""Validate order against session policy and return resolved session info."""
info = get_session_info(market, now)
is_market_order = price <= 0
if info.is_low_liquidity and is_market_order:
raise OrderPolicyRejected(
f"Market order is forbidden in low-liquidity session ({info.session_id})",
session_id=info.session_id,
market_code=market.code,
)
# Guard against accidental unsupported actions.
if order_type not in {"BUY", "SELL"}:
raise OrderPolicyRejected(
f"Unsupported order_type={order_type}",
session_id=info.session_id,
market_code=market.code,
)
return info

83
src/main.py
View File

@@ -28,6 +28,7 @@ from src.context.scheduler import ContextScheduler
from src.context.store import ContextStore
from src.core.criticality import CriticalityAssessor
from src.core.kill_switch import KillSwitchOrchestrator
from src.core.order_policy import OrderPolicyRejected, validate_order_policy
from src.core.priority_queue import PriorityTaskQueue
from src.core.risk_manager import CircuitBreakerTripped, FatFingerRejected, RiskManager
from src.db import (
@@ -1005,6 +1006,22 @@ async def trading_cycle(
order_price = kr_round_down(current_price * 1.002)
else:
order_price = kr_round_down(current_price * 0.998)
try:
validate_order_policy(
market=market,
order_type=decision.action,
price=float(order_price),
)
except OrderPolicyRejected as exc:
logger.warning(
"Order policy rejected %s %s (%s): %s [session=%s]",
decision.action,
stock_code,
market.name,
exc,
exc.session_id,
)
return
result = await broker.send_order(
stock_code=stock_code,
order_type=decision.action,
@@ -1027,6 +1044,22 @@ async def trading_cycle(
overseas_price = round(current_price * 1.002, _price_decimals)
else:
overseas_price = round(current_price * 0.998, _price_decimals)
try:
validate_order_policy(
market=market,
order_type=decision.action,
price=float(overseas_price),
)
except OrderPolicyRejected as exc:
logger.warning(
"Order policy rejected %s %s (%s): %s [session=%s]",
decision.action,
stock_code,
market.name,
exc,
exc.session_id,
)
return
result = await overseas_broker.send_overseas_order(
exchange_code=market.exchange_code,
stock_code=stock_code,
@@ -1271,6 +1304,11 @@ async def handle_domestic_pending_orders(
f"Invalid price ({last_price}) for {stock_code}"
)
new_price = kr_round_down(last_price * 0.996)
validate_order_policy(
market=MARKETS["KR"],
order_type="SELL",
price=float(new_price),
)
await broker.send_order(
stock_code=stock_code,
order_type="SELL",
@@ -1444,6 +1482,19 @@ async def handle_overseas_pending_orders(
f"Invalid price ({last_price}) for {stock_code}"
)
new_price = round(last_price * 0.996, 4)
market_info = next(
(
m for m in MARKETS.values()
if m.exchange_code == order_exchange and not m.is_domestic
),
None,
)
if market_info is not None:
validate_order_policy(
market=market_info,
order_type="SELL",
price=float(new_price),
)
await overseas_broker.send_overseas_order(
exchange_code=order_exchange,
stock_code=stock_code,
@@ -2012,6 +2063,22 @@ async def run_daily_session(
order_price = kr_round_down(
stock_data["current_price"] * 0.998
)
try:
validate_order_policy(
market=market,
order_type=decision.action,
price=float(order_price),
)
except OrderPolicyRejected as exc:
logger.warning(
"Order policy rejected %s %s (%s): %s [session=%s]",
decision.action,
stock_code,
market.name,
exc,
exc.session_id,
)
continue
result = await broker.send_order(
stock_code=stock_code,
order_type=decision.action,
@@ -2024,6 +2091,22 @@ async def run_daily_session(
order_price = round(stock_data["current_price"] * 1.005, 4)
else:
order_price = stock_data["current_price"]
try:
validate_order_policy(
market=market,
order_type=decision.action,
price=float(order_price),
)
except OrderPolicyRejected as exc:
logger.warning(
"Order policy rejected %s %s (%s): %s [session=%s]",
decision.action,
stock_code,
market.name,
exc,
exc.session_id,
)
continue
result = await overseas_broker.send_overseas_order(
exchange_code=market.exchange_code,
stock_code=stock_code,

73
tests/test_main.py
View File

@@ -8,6 +8,7 @@ import pytest
from src.config import Settings
from src.context.layer import ContextLayer
from src.context.scheduler import ScheduleResult
from src.core.order_policy import OrderPolicyRejected
from src.core.risk_manager import CircuitBreakerTripped, FatFingerRejected
from src.db import init_db, log_trade
from src.evolution.scorecard import DailyScorecard
@@ -5116,3 +5117,75 @@ async def test_kill_switch_block_skips_actionable_order_execution() -> None:
KILL_SWITCH.clear_block()
broker.send_order.assert_not_called()
@pytest.mark.asyncio
async def test_order_policy_rejection_skips_order_execution() -> None:
"""Order policy rejection must prevent order submission."""
db_conn = init_db(":memory:")
decision_logger = DecisionLogger(db_conn)
broker = MagicMock()
broker.get_current_price = AsyncMock(return_value=(100.0, 0.5, 0.0))
broker.get_balance = AsyncMock(
return_value={
"output1": [],
"output2": [
{
"tot_evlu_amt": "100000",
"dnca_tot_amt": "50000",
"pchs_amt_smtl_amt": "50000",
}
],
}
)
broker.send_order = AsyncMock(return_value={"msg1": "OK"})
market = MagicMock()
market.name = "Korea"
market.code = "KR"
market.exchange_code = "KRX"
market.is_domestic = True
telegram = MagicMock()
telegram.notify_trade_execution = AsyncMock()
telegram.notify_fat_finger = AsyncMock()
telegram.notify_circuit_breaker = AsyncMock()
telegram.notify_scenario_matched = AsyncMock()
settings = MagicMock()
settings.POSITION_SIZING_ENABLED = False
settings.CONFIDENCE_THRESHOLD = 80
with patch(
"src.main.validate_order_policy",
side_effect=OrderPolicyRejected(
"rejected",
session_id="NXT_AFTER",
market_code="KR",
),
):
await trading_cycle(
broker=broker,
overseas_broker=MagicMock(),
scenario_engine=MagicMock(evaluate=MagicMock(return_value=_make_buy_match())),
playbook=_make_playbook(),
risk=MagicMock(),
db_conn=db_conn,
decision_logger=decision_logger,
context_store=MagicMock(
get_latest_timeframe=MagicMock(return_value=None),
set_context=MagicMock(),
),
criticality_assessor=MagicMock(
assess_market_conditions=MagicMock(return_value=MagicMock(value="NORMAL")),
get_timeout=MagicMock(return_value=5.0),
),
telegram=telegram,
market=market,
stock_code="005930",
scan_candidates={},
settings=settings,
)
broker.send_order.assert_not_called()

40
tests/test_order_policy.py Normal file
View File

@@ -0,0 +1,40 @@
from datetime import UTC, datetime
import pytest
from src.core.order_policy import OrderPolicyRejected, classify_session_id, validate_order_policy
from src.markets.schedule import MARKETS
def test_classify_kr_nxt_after() -> None:
# 2026-02-26 16:00 KST == 07:00 UTC
now = datetime(2026, 2, 26, 7, 0, tzinfo=UTC)
assert classify_session_id(MARKETS["KR"], now) == "NXT_AFTER"
def test_classify_us_pre() -> None:
# 2026-02-26 19:00 KST == 10:00 UTC
now = datetime(2026, 2, 26, 10, 0, tzinfo=UTC)
assert classify_session_id(MARKETS["US_NASDAQ"], now) == "US_PRE"
def test_reject_market_order_in_low_liquidity_session() -> None:
now = datetime(2026, 2, 26, 10, 0, tzinfo=UTC) # 19:00 KST -> US_PRE
with pytest.raises(OrderPolicyRejected):
validate_order_policy(
market=MARKETS["US_NASDAQ"],
order_type="BUY",
price=0.0,
now=now,
)
def test_allow_limit_order_in_low_liquidity_session() -> None:
now = datetime(2026, 2, 26, 10, 0, tzinfo=UTC) # 19:00 KST -> US_PRE
info = validate_order_policy(
market=MARKETS["US_NASDAQ"],
order_type="BUY",
price=100.0,
now=now,
)
assert info.session_id == "US_PRE"