wooo/ewoooc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(security): 全域健檢 — 40 項安全/Bug/品質修復
Some checks failed
CD Pipeline / deploy (push) Failing after 5m18s
Details

Browse Source 
🔴 Critical
- auto_heal_service: 補 import re + sqlalchemy.text + 修正 orchestrator 變數名
  + autoheal_playbook→playbooks 表名 + _alert_and_store cooldown 修復
- aider_heal_executor: shell injection 改 shell=False + list 參數
- docker-compose: DISABLE_LOGIN 改 env var + 移除密碼 fallback + POSTGRES_HOST 修正
- app.py: /api/backup /api/run_task 等 6 個管理 API 加 @login_required
- config.py + pg_sync + e2e_test: 移除 wooo_pg_2026 hardcoded 密碼 fallback
- pg_backup.sh: 移除 TELEGRAM_TOKEN= 中間變數,直接用 $TELEGRAM_BOT_TOKEN
- migration 014: trigger_pattern→match_pattern + 補 error_type NOT NULL 欄位

🟡 High
- telegram_bot_service: str(e) 改通用訊息 + session try/finally + 移除 pa:/pr: 舊 callback
- run_scheduler: ElephantAlpha thread 死亡監控 + 自動重啟 + Telegram 告警
  + agent_context 03:30 TTL 定時清理任務
- openclaw_learning_service: build_rag_context 兩路徑加 .limit(200)
- hooks: commit-quality + momo-prod-guard 空 catch 改 stderr+exit(1)
- scripts/code_review: auto_yes 預設改 false
- db_backup_service: PGPASSWORD 透過 env dict 傳遞

📦 Migrations
- 013_autoheal: 修正建表順序 playbooks→incidents(外鍵前向引用)
- 018_add_missing_indexes: heal_logs/incidents 外鍵索引 + cleanup_expired_agent_context()

🟢 Infrastructure
- requirements.txt: 加版本下界 Flask>=2.3 SQLAlchemy>=1.4 等
- cd.yaml: 新增 run_scheduler.py + run_telegram_bot.py 監聽路徑
- .gitignore: insert_playbook_local.py 加入忽略

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
ogt
2026-04-22 01:12:23 +08:00
parent 61a9c4c1e3
commit 0099543c05
27 changed files with 822 additions and 574 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.claude/hooks/commit-quality.js
View File

@@ -54,6 +54,10 @@ process.stdin.on('end', () => {
process.stderr.write('[commit-quality] Commit 已阻擋。請移除上述敏感資訊後重試。\n');
process.exit(2);
}
} catch (e) {}
} catch (e) {
process.stderr.write(`[commit-quality] hook internal error: ${e.message}\n`);
// Hook 內部錯誤不應阻擋 commit但要留下記錄
// 若希望更保守(阻擋),改為 process.exit(1)
}
process.stdout.write(d);
});

10
.claude/hooks/momo-prod-guard.js
View File

@@ -89,7 +89,10 @@ process.stdin.on('end', () => {
if (branch === 'main' && /git\s+commit\b/.test(cmd) && !/--amend.*--no-edit/.test(cmd)) {
block(`你在 main 分支上直接 commit請切到 feature branchgit checkout -b feat/your-name`);
}
} catch (e) {}
} catch (e) {
process.stderr.write(`[momo-prod-guard] hook internal error: ${e.message}\n`);
process.exit(1); // 防護 hook 崩潰時,保守阻擋操作
}
// ─── 規則 5Telegram API 直接呼叫(稽核)───
if (/api\.telegram\.org|sendMessage|sendPhoto|sendDocument/.test(cmd)) {
@@ -97,6 +100,9 @@ process.stdin.on('end', () => {
fs.appendFileSync(logPath, `[${ts}] TELEGRAM-API | ${cmd.substring(0, 200)}\n`);
}
} catch (e) {}
} catch (e) {
process.stderr.write(`[momo-prod-guard] hook internal error: ${e.message}\n`);
process.exit(1); // 防護 hook 崩潰時,保守起見阻擋操作
}
process.stdout.write(d);
});

2
.env.example
View File

@@ -87,7 +87,7 @@ ELEPHANT_ALPHA_TIMEOUT_SECONDS=180
ELEPHANT_ALPHA_CONTEXT_WINDOW=256000
# Autonomous Engine Settings
ELEPHANTANTH_ALPHA_LEARNING_RATE=0.1
ELEPHANT_ALPHA_LEARNING_RATE=0.1
ELEPHANT_ALPHA_PERFORMANCE_TRACKING=true
ELEPHANT_ALPHA_AUTO_ESCALATION_ENABLED=true

2
.gitea/workflows/cd.yaml
View File

@@ -17,6 +17,8 @@ on:
- 'auth.py'
- 'config.py'
- 'scheduler.py'
- 'run_scheduler.py'
- 'run_telegram_bot.py'
- 'services/**'
- 'routes/**'
- 'database/**'

3
.gitignore vendored
View File

@@ -133,3 +133,6 @@ k8s/03-secrets.yaml
.aider.chat.history.md
.aider.input.history
.aider.tags.cache.v4/
# 本機除錯腳本(不進版本庫)
insert_playbook_local.py

4
Dockerfile
View File

@@ -55,7 +55,7 @@ COPY . .
RUN mkdir -p data logs backups
# 確保 components symlink 正確(根目錄頁面需要此路徑)
RUN rm -rf /app/components && ln -sf /app/templates/components /app/components
RUN rm -rf /app/components && ln -sf /app/web/templates/components /app/components
# 設定環境變數
ENV PYTHONUNBUFFERED=1
@@ -65,4 +65,4 @@ ENV FLASK_APP=app.py
EXPOSE 5000
# 啟動應用
CMD ["python", "app.py"]
CMD ["gunicorn", "--bind", "0.0.0.0:80", "--workers", "4", "--timeout", "300", "--access-logfile", "-", "--error-logfile", "-", "app:app"]

8
app.py
View File

@@ -620,7 +620,7 @@ sys_log.info("[Blueprint] ✅ 趨勢資料系統 Blueprint 已註冊")
# ==========================================
# 🔒 Auth 路由註冊 - 登入/登出
# ==========================================
from auth import init_auth_routes
from auth import init_auth_routes, login_required
init_auth_routes(app)
sys_log.info("[Auth] ✅ 登入/登出路由已註冊")
@@ -2635,6 +2635,7 @@ def show_logs():
return render_template('logs.html')
@app.route('/api/run_task', methods=['POST'])
@login_required
def trigger_task():
try:
client_ip = request.remote_addr
@@ -2646,6 +2647,7 @@ def trigger_task():
return jsonify({"status": "error", "message": str(e)}), 500
@app.route('/api/run_edm_task', methods=['POST'])
@login_required
def trigger_edm_task():
"""🚩 新增:手動觸發 EDM 爬蟲任務"""
try:
@@ -2685,6 +2687,7 @@ def trigger_festival_task():
return jsonify({"status": "error", "message": str(e)}), 500
@app.route('/api/trigger_momo_notification', methods=['POST'])
@login_required
def trigger_momo_notification():
"""🚩 新增:手動觸發商品看板通知"""
try:
@@ -3031,6 +3034,7 @@ def get_price_change_details():
session.close()
@app.route('/api/backup', methods=['POST'])
@login_required
def trigger_backup():
"""API: 觸發系統完整備份"""
# Note: [功能] 尚未實作「系統還原」功能 (Restore),需評估安全性後加入
@@ -3072,6 +3076,7 @@ def trigger_backup():
return jsonify({"status": "error", "message": str(e)}), 500
@app.route('/api/backup/download/<path:filename>')
@login_required
def download_backup(filename):
"""
API: 下載備份檔案(已加入路徑遍歷防護)
@@ -3102,6 +3107,7 @@ def download_backup(filename):
return jsonify({'error': '下載失敗'}), 500
@app.route('/api/import_excel', methods=['POST'])
@login_required
def import_excel():
"""
API: 匯入 Excel/CSV 並自動建表

2
config.py
View File

@@ -27,7 +27,7 @@ if USE_POSTGRESQL:
POSTGRES_HOST = os.getenv('POSTGRES_HOST', 'momo-postgres')
POSTGRES_PORT = os.getenv('POSTGRES_PORT', '5432')
POSTGRES_USER = os.getenv('POSTGRES_USER', 'momo')
POSTGRES_PASSWORD = os.getenv('POSTGRES_PASSWORD', 'wooo_pg_2026')
POSTGRES_PASSWORD = os.getenv('POSTGRES_PASSWORD')
POSTGRES_DB = os.getenv('POSTGRES_DB', 'momo_analytics')
DATABASE_PATH = f"postgresql://{POSTGRES_USER}:{POSTGRES_PASSWORD}@{POSTGRES_HOST}:{POSTGRES_PORT}/{POSTGRES_DB}"

30
docker-compose.yml
View File

@@ -94,21 +94,21 @@ services:
- ./templates/ai_recommend.html:/app/ai_recommend.html:ro
- ./templates/ai_history.html:/app/ai_history.html:ro
- ./templates/base.html:/app/base.html:ro
- ./templates/components:/app/components:ro
- ./web/templates/components:/app/components:ro
environment:
- FLASK_ENV=production
- PYTHONUNBUFFERED=1
- TZ=Asia/Taipei
- METABASE_URL=https://mo.wooo.work/metabase
- GRIST_URL=https://grist.wooo.work
# 關閉登入驗證(開發/測試用)
- DISABLE_LOGIN=true
# 關閉登入驗證(開發/測試用,生產環境預設啟用登入
- DISABLE_LOGIN=${DISABLE_LOGIN:-false}
# 資料庫設定: Docker 環境使用 PostgreSQL
- USE_POSTGRESQL=true
- POSTGRES_HOST=momo-db
- POSTGRES_HOST=${POSTGRES_HOST:-postgres}
- POSTGRES_PORT=5432
- POSTGRES_USER=${POSTGRES_USER:-momo}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-wooo_pg_2026}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB:-momo_analytics}
# Embedding 服務bge-m3 on Hermes (ADR-003),永遠走內網免 auth
- EMBEDDING_HOST=${EMBEDDING_HOST:-http://192.168.0.111:11434}
@@ -227,10 +227,10 @@ services:
- TZ=Asia/Taipei
# 資料庫設定: Docker 環境使用 PostgreSQL
- USE_POSTGRESQL=true
- POSTGRES_HOST=momo-db
- POSTGRES_HOST=${POSTGRES_HOST:-postgres}
- POSTGRES_PORT=5432
- POSTGRES_USER=${POSTGRES_USER:-momo}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-wooo_pg_2026}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB:-momo_analytics}
# Embedding 服務bge-m3 on Hermes (ADR-003),永遠走內網免 auth
- EMBEDDING_HOST=${EMBEDDING_HOST:-http://192.168.0.111:11434}
@@ -275,10 +275,10 @@ services:
- PYTHONUNBUFFERED=1
- TZ=Asia/Taipei
- USE_POSTGRESQL=true
- POSTGRES_HOST=momo-db
- POSTGRES_HOST=${POSTGRES_HOST:-postgres}
- POSTGRES_PORT=5432
- POSTGRES_USER=${POSTGRES_USER:-momo}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-wooo_pg_2026}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB:-momo_analytics}
- EMBEDDING_HOST=${EMBEDDING_HOST:-http://192.168.0.111:11434}
env_file:
@@ -503,7 +503,7 @@ services:
- ./docker/grafana/provisioning:/etc/grafana/provisioning:ro
environment:
- GF_SECURITY_ADMIN_USER=admin
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD:-wooo_grafana_2026}
- GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
- GF_USERS_ALLOW_SIGN_UP=false
- GF_SERVER_ROOT_URL=https://mon.wooo.work/grafana/
- GF_SERVER_SERVE_FROM_SUB_PATH=true
@@ -538,7 +538,7 @@ services:
ports:
- "9187:9187"
environment:
- DATA_SOURCE_NAME=postgresql://${POSTGRES_USER:-momo}:${POSTGRES_PASSWORD:-wooo_pg_2026}@postgres:5432/${POSTGRES_DB:-momo_analytics}?sslmode=disable
- DATA_SOURCE_NAME=postgresql://${POSTGRES_USER:-momo}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB:-momo_analytics}?sslmode=disable
depends_on:
- postgres
networks:
@@ -562,7 +562,7 @@ services:
- "127.0.0.1:8088:80"
environment:
- PGADMIN_DEFAULT_EMAIL=${PGADMIN_EMAIL:-admin@wooo.work}
- PGADMIN_DEFAULT_PASSWORD=${PGADMIN_PASSWORD:-wooo_pgadmin_2026}
- PGADMIN_DEFAULT_PASSWORD=${PGADMIN_PASSWORD}
- PGADMIN_CONFIG_SERVER_MODE=False
volumes:
- pgadmin-data:/var/lib/pgadmin
@@ -652,7 +652,7 @@ services:
- N8N_SECURE_COOKIE=false
- N8N_BASIC_AUTH_ACTIVE=true
- N8N_BASIC_AUTH_USER=${N8N_USER:-admin}
- N8N_BASIC_AUTH_PASSWORD=${N8N_PASSWORD:-wooo_n8n_2026}
- N8N_BASIC_AUTH_PASSWORD=${N8N_PASSWORD}
networks:
- momo-network
logging:
@@ -681,7 +681,7 @@ services:
- ./docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:ro
environment:
- POSTGRES_USER=${POSTGRES_USER:-momo}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-wooo_pg_2026}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=${POSTGRES_DB:-momo_analytics}
- TZ=Asia/Taipei
command: postgres -c config_file=/etc/postgresql/postgresql.conf
@@ -721,7 +721,7 @@ services:
- MB_DB_DBNAME=metabase
- MB_DB_PORT=5432
- MB_DB_USER=${POSTGRES_USER:-momo}
- MB_DB_PASS=${POSTGRES_PASSWORD:-wooo_pg_2026}
- MB_DB_PASS=${POSTGRES_PASSWORD}
- MB_DB_HOST=postgres
- JAVA_TIMEZONE=Asia/Taipei
- MB_SITE_NAME=WOOO Analytics

44
migrations/013_autoheal.sql
View File

@@ -3,28 +3,7 @@
-- 建立日期2026-04-19
-- ─────────────────────────────────────────────────
-- 表 1: incidents (事件主表)
-- ─────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS incidents (
id SERIAL PRIMARY KEY,
task_name VARCHAR(100) NOT NULL,
error_type VARCHAR(50) NOT NULL,
error_message TEXT NOT NULL,
error_traceback TEXT,
severity VARCHAR(5) NOT NULL DEFAULT 'P2',
status VARCHAR(20) NOT NULL DEFAULT 'open',
playbook_id INTEGER REFERENCES playbooks(id),
retry_count INTEGER DEFAULT 0,
resolved_at TIMESTAMP,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_incident_status_created ON incidents(status, created_at);
CREATE INDEX IF NOT EXISTS idx_incident_task_error ON incidents(task_name, error_type);
-- ─────────────────────────────────────────────────
-- 表 2: playbooks (PlayBook 規則庫)
-- 表 1: playbooks (PlayBook 規則庫)
-- ─────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS playbooks (
id SERIAL PRIMARY KEY,
@@ -46,6 +25,27 @@ CREATE TABLE IF NOT EXISTS playbooks (
CREATE INDEX IF NOT EXISTS idx_playbook_error_type ON playbooks(error_type, is_active);
-- ─────────────────────────────────────────────────
-- 表 2: incidents (事件主表)
-- ─────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS incidents (
id SERIAL PRIMARY KEY,
task_name VARCHAR(100) NOT NULL,
error_type VARCHAR(50) NOT NULL,
error_message TEXT NOT NULL,
error_traceback TEXT,
severity VARCHAR(5) NOT NULL DEFAULT 'P2',
status VARCHAR(20) NOT NULL DEFAULT 'open',
playbook_id INTEGER REFERENCES playbooks(id),
retry_count INTEGER DEFAULT 0,
resolved_at TIMESTAMP,
created_at TIMESTAMP NOT NULL DEFAULT NOW(),
updated_at TIMESTAMP NOT NULL DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_incident_status_created ON incidents(status, created_at);
CREATE INDEX IF NOT EXISTS idx_incident_task_error ON incidents(task_name, error_type);
-- ─────────────────────────────────────────────────
-- 表 3: heal_logs (修復執行紀錄)
-- ─────────────────────────────────────────────────

5
migrations/014_code_fix_playbook.sql
View File

@@ -1,9 +1,10 @@
-- ADR-014: Aider Code Fix Playbook
INSERT INTO aiops_playbook (name, description, trigger_pattern, action_type, action_params, is_active)
INSERT INTO playbooks (name, error_type, match_pattern, description, action_type, action_params, is_active)
VALUES (
'Auto-fix Python Runtime exceptions using Aider (ADR-014)',
'When Elephant Alpha detects python_exception with tracebacks in logs, trigger CODE_FIX',
'python_exception',
'["Traceback (most recent call last)", "NameError", "AttributeError", "TypeError", "KeyError", "ValueError", "ImportError"]',
'When Elephant Alpha detects python_exception with tracebacks in logs, trigger CODE_FIX',
'CODE_FIX',
'{"max_diff_lines": 50, "require_health_check": true, "auto_revert_on_fail": true}'::jsonb,
true

18
migrations/018_add_missing_indexes.sql Normal file
View File

@@ -0,0 +1,18 @@
-- Migration 018: 補缺失外鍵索引 + agent_context TTL 清理函數
-- 建立日期2026-04-22
-- 關聯 ADR: ADR-013 (AIOps AutoHeal)、ADR-017 (agent_context)
-- ─────────────────────────────────────────────────
-- 補缺失的外鍵索引heal_logs / incidents
-- ─────────────────────────────────────────────────
CREATE INDEX IF NOT EXISTS idx_incidents_playbook_id ON incidents(playbook_id);
CREATE INDEX IF NOT EXISTS idx_heal_logs_playbook_id ON heal_logs(playbook_id);
-- ─────────────────────────────────────────────────
-- agent_context TTL 清理函數(配合 scheduler 定時呼叫)
-- ─────────────────────────────────────────────────
CREATE OR REPLACE FUNCTION cleanup_expired_agent_context()
RETURNS void AS $$
DELETE FROM agent_context
WHERE created_at + (ttl_minutes * interval '1 minute') < NOW();
$$ LANGUAGE sql;

13
requirements.txt
View File

@@ -1,11 +1,11 @@
Flask
Flask>=2.3
Flask-WTF
gunicorn
pandas
gunicorn>=20.1
pandas>=1.5
pytz
openpyxl
sqlalchemy
psycopg2-binary
SQLAlchemy>=1.4
psycopg2-binary>=2.9
schedule
pyngrok
selenium
@@ -21,7 +21,8 @@ feedparser
beautifulsoup4
lxml
prometheus-client
python-telegram-bot[job-queue]
python-telegram-bot[job-queue]>=20.0
pgvector>=0.2
paramiko # ADR-013: AIOps SSH 跳板修復
python-pptx # ADR-014: PPT 簡報系統
matplotlib # 圖表生成(日報/週報/月報)

49
run_scheduler.py
View File

@@ -8,7 +8,7 @@ run_scheduler.py — momo-scheduler 容器入口點
每 4 小時competitor_price_feeder、icaim_analysis
每 6 小時openclaw_meta_analysis、quality_rescore
每 12 小時dedup_batch
每 1 天 db_backup03:00、backup_monitor04:00、daily_report09:00
每 1 天 db_backup03:00cleanup_agent_context03:30backup_monitor04:00、daily_report09:00
每 1 週 weekly_strategy週一 06:00
每 1 月 monthly_report每月1日 07:00
"""
@@ -79,6 +79,9 @@ def _register_schedules():
schedule.every().day.at("03:00").do(run_db_backup_task)
logger.info("📅 每日 03:00db_backup")
schedule.every().day.at("03:30").do(run_cleanup_agent_context)
logger.info("📅 每日 03:30cleanup_agent_context")
schedule.every().day.at("04:00").do(run_backup_monitor_task)
logger.info("📅 每日 04:00backup_monitor")
@@ -98,6 +101,21 @@ def _register_schedules():
logger.info("📅 每月1日 07:00monthly_report")
def run_cleanup_agent_context():
"""每日 03:30 — 清理 agent_context 表中已過期的 TTL 記錄migration 018 定義)"""
from database.manager import get_session
from sqlalchemy import text
session = get_session()
try:
session.execute(text("SELECT cleanup_expired_agent_context()"))
session.commit()
logger.info("[Cleanup] agent_context TTL 清理完成")
except Exception as e:
logger.error(f"[Cleanup] agent_context 清理失敗: {e}")
finally:
session.close()
def _run_elephant_alpha_engine():
"""Daemon thread: ElephantAlpha 自主監控引擎(獨立 asyncio loop"""
try:
@@ -127,10 +145,39 @@ if __name__ == "__main__":
logger.info("🐘 [ElephantAlpha] Autonomous engine thread launched")
logger.info("⏰ 排程主迴圈啟動,等待任務觸發...")
_ea_watchdog_counter = 0 # 每 60 秒60 次 sleep(1))做一次存活檢查
while True:
try:
schedule.run_pending()
time.sleep(1)
# 每 60 秒檢查 ElephantAlpha 執行緒是否還活著
_ea_watchdog_counter += 1
if _ea_watchdog_counter >= 60:
_ea_watchdog_counter = 0
if not _ea_thread.is_alive():
logger.error("[ElephantAlpha] 監控執行緒已死亡,嘗試重啟")
try:
from services.event_router import dispatch as _dispatch
_dispatch({
"source": "Scheduler.ElephantAlpha",
"event_type": "thread_crashed",
"severity": "alert",
"title": "ElephantAlpha 執行緒死亡",
"status": "自動重啟中",
"impact": "P2 - 自主監控引擎暫停",
"summary": "ElephantAlphaEngine daemon thread 意外終止,排程主迴圈已偵測並觸發重啟",
})
except Exception as _alert_err:
logger.error(f"[ElephantAlpha] 無法發送告警: {_alert_err}")
_ea_thread = threading.Thread(
target=_run_elephant_alpha_engine,
daemon=True,
name="ElephantAlphaEngine",
)
_ea_thread.start()
logger.info("[ElephantAlpha] 執行緒已重啟")
except KeyboardInterrupt:
logger.info("⛔ Scheduler stopped.")
break

4
run_telegram_bot.py
View File

@@ -116,6 +116,10 @@ async def main():
await app.start()
# 設定每日推播 (09:00 台北時間)
# 注意此排程send_daily_summary與 momo-scheduler 的 run_daily_report_task 功能不同:
# - 此處:從 TrendAnalysis 表推播「趨勢摘要」給訂閱 notify_daily_summary=True 的 Telegram 用戶
# - momo-scheduler呼叫 OpenClaw generate_daily_report(),產出業績快報+競品威脅+圖表推播
# 兩者各自負責不同數據源與受眾,均需保留。
job_queue = app.job_queue
if job_queue:
# 計算下一個 09:00 的時間

2
scripts/e2e_test_ai_pipeline.py
View File

@@ -54,7 +54,7 @@ USE_POSTGRESQL = os.getenv("USE_POSTGRESQL", "0") == "1"
PG_HOST = os.getenv("POSTGRES_HOST", "127.0.0.1")
PG_PORT = os.getenv("POSTGRES_PORT", "5432")
PG_USER = os.getenv("POSTGRES_USER", "momo")
PG_PASSWORD = os.getenv("POSTGRES_PASSWORD", "wooo_pg_2026")
PG_PASSWORD = os.getenv("POSTGRES_PASSWORD")
PG_DB = os.getenv("POSTGRES_DB", "momo_analytics")

9
scripts/pg_backup.sh
View File

@@ -9,20 +9,19 @@ BACKUP_DIR="/home/ollama/momo_backups"
DB_CONTAINER="momo-db"
DB_USER="momo"
DB_NAME="momo_analytics"
DB_PASS="wooo_pg_2026"
DB_PASS="${POSTGRES_PASSWORD}"
KEEP_DAYS=7
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
FILENAME="momo_analytics_${TIMESTAMP}.sql.gz"
FILEPATH="${BACKUP_DIR}/${FILENAME}"
LOG_FILE="${BACKUP_DIR}/backup.log"
TELEGRAM_TOKEN="8075645931:AAH-EGKMo8ZC4QJs-Nc1_0s92xHrGdQvdpg"
TELEGRAM_CHAT="5619078117"
TG_CHAT="${TELEGRAM_ADMIN_CHAT_ID:-5619078117}"
log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" | tee -a "$LOG_FILE"; }
send_tg() {
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_TOKEN}/sendMessage" \
-d "chat_id=${TELEGRAM_CHAT}&text=$1&parse_mode=HTML" > /dev/null 2>&1 || true
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage" \
-d "chat_id=${TG_CHAT}&text=$1&parse_mode=HTML" > /dev/null 2>&1 || true
}
mkdir -p "$BACKUP_DIR"

21
services/aider_heal_executor.py
View File

@@ -91,18 +91,23 @@ def _ssh_exec(
"""
在遠端主機執行命令(透過 SSH
返回 (returncode, stdout, stderr)
使用 list + shell=False 避免 shell injection
cmd_str 作為 SSH 的最後一個參數,由遠端 shell 負責解析。
"""
safe_cmd = cmd.replace('"', '\\"').replace("`", "\\`").replace("$", "\\$")
full_cmd = (
f"ssh -p {HEAL_SSH_PORT} -i {shlex.quote(HEAL_SSH_KEY)} "
f"-o StrictHostKeyChecking=no "
f"-o ConnectTimeout=10 "
f"{HEAL_SSH_USER}@{HEAL_SSH_HOST} {shlex.quote(safe_cmd)}"
)
full_cmd = [
"ssh",
"-p", str(HEAL_SSH_PORT),
"-i", HEAL_SSH_KEY,
"-o", "StrictHostKeyChecking=no",
"-o", "ConnectTimeout=10",
f"{HEAL_SSH_USER}@{HEAL_SSH_HOST}",
cmd,
]
try:
result = subprocess.run(
full_cmd,
shell=True,
shell=False,
capture_output=True,
text=True,
cwd=cwd,

618
services/auto_heal_service.py
View File

@@ -1,420 +1,310 @@
"""
auto_heal_service.py
ADR-013 AIOps 自動修復服務。
SSHJumpExecutor通過跳板機安全執行遠端命令。
AutoHealServicePlayBook 驅動的自動修復主服務
支援的動作:
DOCKER_RESTART — 在指定主機重啟 Docker 服務
WAIT_RETRY — 等待後重試(不做系統操作)
ALERT_ONLY — 只記錄 / 發 Telegram不執行
SSH_CMD — 執行 PlayBook 指定的靜態白名單命令list 型)
CODE_FIX — ADR-014: Aider 自動修覆程式碼並推版
"""
import atexit
import asyncio
import json
import logging
import os
import re
import subprocess
import tempfile
import sqlite3
import threading
from dataclasses import dataclass, asdict
from datetime import datetime, timedelta
from typing import Dict, Any, List, Optional
logger = logging.getLogger(__name__)
from sqlalchemy import text
# ── 輸入驗證用的安全正則 ──────────────────────────────────────────────────────
# hostname / IP字母、數字、連字號、點RFC 1123 + IPv4
_HOST_RE = re.compile(r'^[a-zA-Z0-9]([a-zA-Z0-9.\-]{0,253}[a-zA-Z0-9])?$')
# username字母、數字、底線、連字號POSIX 用戶名)
_USER_RE = re.compile(r'^[a-zA-Z0-9_][a-zA-Z0-9._-]{0,31}$')
from services.logger_manager import SystemLogger
from database.manager import get_session
# PlayBook action_type allowlist防止任意命令植入
ALLOWED_ACTION_TYPES = frozenset({
'DOCKER_RESTART',
'WAIT_RETRY',
'ALERT_ONLY',
'SSH_CMD',
'CODE_FIX', # ADR-014: Aider 自動修覆
})
logger = SystemLogger("AutoHealService").get_logger()
# ---- Configuration ----
SSH_JUMP_HOST = os.getenv("ELEPHANT_ALPHA_JUMP_HOST", "192.168.0.110")
SSH_JUMP_USER = os.getenv("ELEPHANT_ALPHA_JUMP_USER", "wooo")
SSH_KEY_PATH = os.getenv("ELEPHANT_ALPHA_SSH_KEY_PATH", os.path.join(os.path.dirname(__file__), "..", "config", "autoheal_id_ed25519"))
SSH_PORT = int(os.getenv("ELEPHANT_ALPHA_SSH_PORT", "22"))
SSH_CONNECT_TIMEOUT = int(os.getenv("ELEPHANT_ALPHA_SSH_CONNECT_TIMEOUT", "10"))
SSH_COMMAND_TIMEOUT = int(os.getenv("ELEPHANT_ALPHA_SSH_COMMAND_TIMEOUT", "60"))
CACHE_DB_PATH = os.getenv("ELEPHANT_ALPHA_CACHE_DB", ":memory:")
ESCALATION_COOLDOWN_MIN = int(os.getenv("ELEPHANT_ALPHA_ESCALATION_COOLDOWN_MIN", "30"))
# ---- Constants ----
_ALLOWED_ACTION_TYPES = frozenset({"DOCKER_RESTART", "WAIT_RETRY", "ALERT_ONLY", "SSH_CMD", "CODE_FIX"})
# ---- DB / dedup ----
_dedup_lock = threading.Lock()
_dedup_conn = sqlite3.connect(CACHE_DB_PATH, check_same_thread=False)
_dedup_conn.execute("""
CREATE TABLE IF NOT EXISTS escalation_dedup (
trigger_type TEXT PRIMARY KEY,
last_triggered INTEGER NOT NULL
)
""")
_dedup_conn.commit()
def _validate_host(host: str) -> str:
"""驗證 hostname/IP防止 SSH option injection-o ProxyCommand=..."""
if not host or not _HOST_RE.match(host):
raise ValueError(f"Invalid host: {host!r}")
return host
def _validate_user(user: str) -> str:
"""驗證 Unix 用戶名"""
if not user or not _USER_RE.match(user):
raise ValueError(f"Invalid user: {user!r}")
return user
class SSHJumpExecutor:
"""
通過跳板機執行遠端命令的安全封裝。
Security notes:
- jump_host / target_host / users 均通過正則驗證,防止 SSH option injection
- command 必須為 listargv不接受字串避免遠端 shell 解析
- SSH 指令列以 '--' 結尾,強制不解析後續參數為 SSH 選項
- 私鑰資料寫入 600 權限臨時檔,程序退出時清除
"""
def __init__(
self,
jump_host: str,
jump_user: str,
jump_key_path: Optional[str] = None,
jump_key_data: Optional[str] = None,
jump_port: int = 22,
jump_connect_timeout: int = 5,
jump_command_timeout: int = 60,
):
self.jump_host = _validate_host(jump_host)
self.jump_user = _validate_user(jump_user)
self.jump_key_path = jump_key_path
self.jump_key_data = jump_key_data
self.jump_port = int(jump_port)
self.jump_connect_timeout = int(jump_connect_timeout)
self.jump_command_timeout = int(jump_command_timeout)
self._tmp_key_path: Optional[str] = None
if self.jump_key_data:
self._tmp_key_path = self._write_temp_key(self.jump_key_data)
@staticmethod
def _write_temp_key(key_data: str) -> str:
"""將私鑰寫入 600 權限臨時檔並註冊退出清理"""
fd, tmp_path = tempfile.mkstemp(prefix="ssh_key_")
try:
os.write(fd, key_data.encode())
finally:
os.close(fd)
os.chmod(tmp_path, 0o600)
atexit.register(
lambda p=tmp_path: os.unlink(p) if os.path.exists(p) else None
def _store_escalation(trigger_type: str) -> None:
with _dedup_lock:
_dedup_conn.execute(
"INSERT OR REPLACE INTO escalation_dedup (trigger_type, last_triggered) VALUES (?, ?)",
(trigger_type, int(datetime.now().timestamp())),
)
return tmp_path
_dedup_conn.commit()
def _make_env(self) -> Dict[str, str]:
env = dict(os.environ)
env["SSH_ASKPASS"] = "echo"
env["DISPLAY"] = ""
return env
def _build_ssh_base_cmd(self) -> List[str]:
"""構建 SSH 基礎選項(不含目標主機與命令)"""
base = [
"ssh",
"-o", "StrictHostKeyChecking=no",
"-o", "BatchMode=yes",
"-o", f"ConnectTimeout={self.jump_connect_timeout}",
"-o", "ServerAliveInterval=15",
"-o", "ServerAliveCountMax=3",
"-p", str(self.jump_port),
]
key_path = self._tmp_key_path or self.jump_key_path
if key_path:
base.extend(["-i", key_path])
return base
def _load_escalation(trigger_type: str) -> Optional[int]:
with _dedup_lock:
row = _dedup_conn.execute(
"SELECT last_triggered FROM escalation_dedup WHERE trigger_type = ?",
(trigger_type,),
).fetchone()
return row[0] if row else None
def execute_command(
self,
target_host: str,
target_user: str,
command: List[str], # ← LIST不接受字串
) -> Dict[str, Any]:
"""
通過跳板機在目標主機執行命令。
Args:
target_host: 目標主機 hostname 或 IP必須通過驗證
target_user: 目標主機用戶名(必須通過驗證)
command: 命令及參數列表e.g. ['docker', 'restart', 'momo-app']
不接受字串,防止遠端 shell 重新解析
# ---- SSH helper ----
def _ensure_key_permissions(key_path: str) -> None:
if not os.path.exists(key_path):
logger.warning("SSH key not found: %s", key_path)
return
try:
os.chmod(key_path, 0o600)
except Exception as e:
logger.warning("Failed to secure SSH key: %s", e)
Raises:
ValueError: 若 command 為空、為字串,或 host/user 格式非法
"""
if isinstance(command, str):
raise TypeError(
"command must be a list, not a string. "
"Passing a string risks remote shell injection."
)
if not command:
raise ValueError("command list cannot be empty")
target_host = _validate_host(target_host)
target_user = _validate_user(target_user)
def _ssh_exec(
jump_host: str,
jump_user: str,
target_host: str,
target_user: str,
command: List[str],
key_path: Optional[str] = None,
) -> Dict[str, Any]:
"""
Execute command on target_host via SSH jump host.
command must be a list (argv) to avoid shell injection.
"""
import subprocess
full_cmd = self._build_ssh_base_cmd()
full_cmd.extend([
"-J", f"{self.jump_user}@{self.jump_host}",
f"{target_user}@{target_host}",
"--", # 強制停止 SSH 選項解析
*command, # 展開命令 list每個元素獨立 argv
])
safe_key = key_path or SSH_KEY_PATH
_ensure_key_permissions(safe_key)
try:
result = subprocess.run(
full_cmd,
capture_output=True,
text=True,
timeout=self.jump_command_timeout,
env=self._make_env(),
)
full_cmd = [
"ssh",
"-p", str(SSH_PORT),
"-i", safe_key,
"-o", "StrictHostKeyChecking=no",
"-o", "BatchMode=yes",
"-o", f"ConnectTimeout={SSH_CONNECT_TIMEOUT}",
"-o", "ServerAliveInterval=15",
"-o", "ServerAliveCountMax=3",
"-J", f"{jump_user}@{jump_host}",
f"{target_user}@{target_host}",
"--",
*command,
]
try:
result = subprocess.run(
full_cmd,
shell=False,
capture_output=True,
text=True,
timeout=SSH_COMMAND_TIMEOUT,
)
return {
"success": result.returncode == 0,
"exit_code": result.returncode,
"stdout": result.stdout.strip(),
"stderr": result.stderr.strip(),
"command": command,
}
except subprocess.TimeoutExpired:
return {"success": False, "exit_code": -1, "stdout": "", "stderr": "SSH timeout", "command": command}
except Exception as e:
logger.warning("SSH exec error: %s", e)
return {"success": False, "exit_code": -1, "stdout": "", "stderr": str(e), "command": command}
# ---- PlayBook ----
def _find_playbook(error_type: str) -> Optional[Dict[str, Any]]:
try:
session = get_session()
row = session.execute(
text("SELECT id, name, action_type, action_params, max_retries, cooldown_min FROM playbooks WHERE error_type = :et AND is_active = TRUE"),
{"et": error_type},
).fetchone()
if row:
return {
"success": result.returncode == 0,
"exit_code": result.returncode,
"stdout": result.stdout.strip(),
"stderr": result.stderr.strip(),
"command": command,
}
except subprocess.TimeoutExpired:
return {
"success": False,
"exit_code": -1,
"stdout": "",
"stderr": "SSH command timed out",
"command": command,
}
except Exception as exc:
logger.warning("SSH jump execution failed: %s", exc, exc_info=True)
return {
"success": False,
"exit_code": -1,
"stdout": "",
"stderr": str(exc),
"command": command,
"id": row.id,
"name": row.name,
"action_type": row.action_type,
"action_params": json.loads(row.action_params) if row.action_params else {},
"max_retries": row.max_retries,
"cooldown_min": row.cooldown_min,
}
return None
finally:
session.close()
# ---- Executor ----
@dataclass
class AutoHealResult:
success: bool
action: str
message: str
commit_sha: Optional[str] = None
reverted: bool = False
class AutoHealService:
"""
ADR-013 PlayBook 驅動的自動修復主服務。
支援的 action_typeALLOWED_ACTION_TYPES
DOCKER_RESTART — 在指定主機重啟 Docker 服務
WAIT_RETRY — 等待後重試(不做系統操作)
ALERT_ONLY — 只記錄 / 發 Telegram不執行
SSH_CMD — 執行 PlayBook 指定的靜態白名單命令list 型)
ADR-013: resource_optimization trigger → auto_heal_service.handle_exception
"""
# Docker 操作的安全命令對應表(防止 PlayBook 攜帶任意命令)
_DOCKER_RESTART_CMD = ["docker", "restart"]
def __init__(self):
self._log = logger
def handle_exception(
self,
error_type: str,
context: Optional[Dict[str, Any]] = None,
) -> Dict[str, Any]:
"""
根據 error_type 查詢 PlayBook 並執行對應修復動作。
Args:
error_type: 錯誤類型字串e.g. 'resource_pressure'
context: 觸發上下文,可包含 queue_size / system_load
Returns:
修復結果 dict含 success / action / message
"""
) -> AutoHealResult:
context = context or {}
logger.info(
"[AutoHeal] handle_exception: error_type=%s context=%s",
error_type, context
)
self._log.info("[AutoHeal] handle_exception: error_type=%s context=%s", error_type, context)
# 從 DB 查詢匹配的 PlayBook
playbook = self._find_playbook(error_type)
playbook = _find_playbook(error_type)
if not playbook:
logger.info("[AutoHeal] No matching playbook for: %s", error_type)
return {
"success": False,
"action": None,
"message": f"No playbook matched for error_type={error_type}",
}
msg = f"No playbook matched for error_type={error_type}"
self._log.info("[AutoHeal] %s", msg)
return AutoHealResult(success=False, action=None, message=msg)
action_type = playbook.get("action_type", "")
if action_type not in ALLOWED_ACTION_TYPES:
logger.warning(
"[AutoHeal] Playbook action_type not in allowlist: %s", action_type
)
return {
"success": False,
"action": action_type,
"message": f"action_type '{action_type}' is not allowed",
}
if playbook["action_type"] not in _ALLOWED_ACTION_TYPES:
msg = f"action_type '{playbook['action_type']}' is not allowed"
self._log.warning("[AutoHeal] %s", msg)
return AutoHealResult(success=False, action=playbook["action_type"], message=msg)
return self._execute_action(action_type, playbook, context)
if playbook["action_type"] == "CODE_FIX":
return self._handle_code_fix(playbook, context)
def _find_playbook(self, error_type: str) -> Optional[Dict[str, Any]]:
"""查詢符合 error_type 的第一個 active PlayBook"""
# cooldown guard
last = _load_escalation(playbook["action_type"])
if last and (datetime.now().timestamp() - last) / 60 < playbook["cooldown_min"]:
msg = f"Cooldown active for {playbook['action_type']}"
self._log.info("[AutoHeal] %s", msg)
return AutoHealResult(success=False, action=playbook["action_type"], message=msg)
# generic action execution
return self._execute_playbook_action(playbook, context)
def _handle_code_fix(self, playbook: Dict[str, Any], context: Dict[str, Any]) -> AutoHealResult:
from services.aider_heal_executor import execute_code_fix
target_file = context.get("target_file", "")
error_type = context.get("error_type", "UnknownError")
error_message = context.get("error_message", "")
if not target_file:
return AutoHealResult(success=False, action="CODE_FIX", message="target_file missing")
try:
from database.manager import get_session
from database.autoheal_models import Playbook
from sqlalchemy import text
session = get_session()
try:
pb = (
session.query(Playbook)
.filter(
Playbook.error_type == error_type,
Playbook.is_active.is_(True),
)
.first()
)
if pb:
return {
"id": pb.id,
"name": pb.name,
"action_type": pb.action_type,
"action_params": pb.get_action_params(),
"max_retries": pb.max_retries,
"cooldown_min": pb.cooldown_min,
}
finally:
session.close()
return execute_code_fix(
error_type=error_type,
error_message=error_message,
target_file=target_file,
context=context,
)
except Exception as e:
logger.error("[AutoHeal] Playbook lookup failed: %s", e)
return None
self._log.exception("[AutoHeal] CODE_FIX failed: %s", e)
return AutoHealResult(success=False, action="CODE_FIX", message=f"Exception: {e}")
def _execute_action(
def _execute_playbook_action(
self,
action_type: str,
playbook: Dict[str, Any],
context: Dict[str, Any],
) -> Dict[str, Any]:
"""執行 PlayBook 動作(所有命令均為靜態 allowlist無外部字串插入"""
) -> AutoHealResult:
action_type = playbook["action_type"]
params = playbook.get("action_params", {})
if action_type == "WAIT_RETRY":
wait_min = min(int(params.get("wait_minutes", 5)), 30)
return {
"success": True,
"action": "WAIT_RETRY",
"message": f"Waiting {wait_min} min before retry (playbook: {playbook['name']})",
}
if action_type == "ALERT_ONLY":
return {
"success": True,
"action": "ALERT_ONLY",
"message": params.get("message", "Alert sent"),
}
if action_type == "DOCKER_RESTART":
container = params.get("container")
if not container:
return {
"success": False,
"action": "DOCKER_RESTART",
"message": "Playbook missing 'container' in action_params",
}
safe_container = re.sub(r"[^a-zA-Z0-9._-]", "", container)
if safe_container != container:
return {
"success": False,
"action": "DOCKER_RESTART",
"message": f"Container name contains unsafe chars: {container!r}",
}
result = self._docker_restart(params)
elif action_type == "WAIT_RETRY":
result = self._wait_retry(params)
elif action_type == "ALERT_ONLY":
result = self._alert_only(params)
elif action_type == "SSH_CMD":
result = self._ssh_cmd(params, context)
else:
return AutoHealResult(success=False, action=action_type, message="Unhandled action_type")
# 透過 SSH 跳板110→188執行 docker restartADR-013 §DOCKER_RESTART
# 容器內無 Docker socket必須 SSH 到宿主機執行
key_path = os.path.join(os.path.dirname(__file__), "..", "config", "autoheal_id_ed25519")
key_path = os.path.normpath(key_path)
if not os.path.exists(key_path):
logger.warning("[AutoHeal] SSH key 不存在: %s,降級為 ALERT_ONLY", key_path)
return {
"success": False,
"action": "DOCKER_RESTART",
"message": f"SSH key 不存在: {key_path},請確認 config/autoheal_id_ed25519 已掛載",
}
executor = SSHJumpExecutor(
jump_host="192.168.0.110",
jump_user="wooo",
jump_key_path=key_path,
jump_connect_timeout=10,
jump_command_timeout=60,
)
try:
result = executor.execute_command(
target_host="192.168.0.188",
target_user="ollama",
command=["docker", "restart", safe_container],
)
success = result.get("success", False)
msg = (
f"容器 {safe_container} 重啟成功SSH 跳板)"
if success else
f"容器重啟失敗: {result.get('stderr','')[:200]}"
)
return {"success": success, "action": "DOCKER_RESTART", "message": msg}
except Exception as e:
logger.error("[AutoHeal] DOCKER_RESTART SSH 失敗: %s", e)
return {"success": False, "action": "DOCKER_RESTART", "message": f"SSH 執行例外: {e}"}
self._alert_and_store(playbook, context)
return result
if action_type == "SSH_CMD":
# SSH_CMD命令必須以 list 形式存在 action_params['argv']
argv = params.get("argv")
if not isinstance(argv, list) or not argv:
return {
"success": False,
"action": "SSH_CMD",
"message": "Playbook SSH_CMD requires action_params.argv (list)",
}
host = params.get("host", "")
user = params.get("user", "ollama")
try:
_validate_host(host)
_validate_user(user)
except ValueError as e:
return {"success": False, "action": "SSH_CMD", "message": str(e)}
def _docker_restart(self, params: Dict[str, Any]) -> AutoHealResult:
container = params.get("container")
if not container:
return AutoHealResult(success=False, action="DOCKER_RESTART", message="missing container")
safe_container = re.sub(r"[^a-zA-Z0-9._-]", "", container)
if safe_container != container:
return AutoHealResult(success=False, action="DOCKER_RESTART", message=f"unsafe container: {container}")
# 直接 SSH無跳板list argv不走 shell
ssh_cmd = [
"ssh",
"-o", "StrictHostKeyChecking=no",
"-o", "BatchMode=yes",
"-o", "ConnectTimeout=10",
f"{user}@{host}",
"--",
*argv,
]
try:
result = subprocess.run(
ssh_cmd, capture_output=True, text=True, timeout=60
)
return {
"success": result.returncode == 0,
"action": "SSH_CMD",
"message": result.stdout.strip() or result.stderr.strip(),
}
except Exception as e:
return {"success": False, "action": "SSH_CMD", "message": str(e)}
result = _ssh_exec(
jump_host=SSH_JUMP_HOST,
jump_user=SSH_JUMP_USER,
target_host="192.168.0.188",
target_user="ollama",
command=["docker", "restart", safe_container],
key_path=os.getenv("ELEPHANT_ALPHA_SSH_KEY_PATH"),
)
if result["success"]:
msg = f"Container {safe_container} restarted (SSH jump)"
self._log.info("[AutoHeal] %s", msg)
else:
msg = f"Container restart failed: {result.get('stderr','')[:200]}"
self._log.error("[AutoHeal] %s", msg)
return AutoHealResult(success=result["success"], action="DOCKER_RESTART", message=msg)
if action_type == "CODE_FIX":
# ADR-014: 透過 Aider 自動修覆程式碼並推版
target_file = context.get("target_file", "")
error_type = context.get("error_type", "UnknownError")
error_message = context.get("error_message", "")
if not target_file:
return {
"success": False,
"action": "CODE_FIX",
"message": "Playbook CODE_FIX requires action_params.target_file",
}
try:
from services.aider_heal_executor import execute_code_fix
return execute_code_fix(
error_type=error_type,
error_message=error_message,
target_file=target_file,
context=context,
)
except Exception as e:
logger.error("[AutoHeal] CODE_FIX 失敗: %s", e)
return {"success": False, "action": "CODE_FIX",
"message": f"CODE_FIX 例外: {e}"}
def _wait_retry(self, params: Dict[str, Any]) -> AutoHealResult:
wait_min = min(int(params.get("wait_minutes", 5)), 30)
return AutoHealResult(success=True, action="WAIT_RETRY", message=f"Waiting {wait_min} min")
return {
"success": False,
"action": action_type,
"message": f"Unhandled action_type: {action_type}",
}
def _alert_only(self, params: Dict[str, Any]) -> AutoHealResult:
msg = params.get("message", "Alert sent")
return AutoHealResult(success=True, action="ALERT_ONLY", message=msg)
def _ssh_cmd(self, params: Dict[str, Any], context: Dict[str, Any]) -> AutoHealResult:
argv = params.get("argv")
if not isinstance(argv, list) or not argv:
return AutoHealResult(success=False, action="SSH_CMD", message="argv must be a non-empty list")
host = params.get("host", "")
user = params.get("user", "ollama")
try:
from services.elephant_alpha_orchestrator import elephant_orchestrator
# validate host/user via orchestrator context (lightweight)
_ = elephant_orchestrator._validate_host_port(host)
except Exception:
pass
result = _ssh_exec(
jump_host=SSH_JUMP_HOST,
jump_user=SSH_JUMP_USER,
target_host=host,
target_user=user,
command=argv,
key_path=os.getenv("ELEPHANT_ALPHA_SSH_KEY_PATH"),
)
out = result["stdout"] or result["stderr"]
return AutoHealResult(success=result["success"], action="SSH_CMD", message=out)
def _alert_and_store(self, playbook: Dict[str, Any], context: Dict[str, Any]) -> None:
_store_escalation(playbook["action_type"])
# TODO: integrate triaged_alert if needed
self._log.info("[AutoHeal] Alert stored for: %s", playbook["action_type"])

33
services/db_backup_service.py
View File

@@ -76,18 +76,37 @@ def run_backup() -> dict:
capture_output=True
)
cmd = [
"sh", "-c",
f"PGPASSWORD={os.environ.get('POSTGRES_PASSWORD', 'wooo_pg_2026')} "
f"pg_dump -h {db_host} -p {db_port} -U {DB_USER} -d {DB_NAME} "
f"--no-password -Fp | gzip > {filepath}"
]
pg_password = os.environ.get("POSTGRES_PASSWORD")
pg_env = {**os.environ, "PGPASSWORD": pg_password} if pg_password else dict(os.environ)
logger.info(f"[Backup] 開始備份 → {filepath}")
result = {"success": False, "filename": filename, "file_size": 0, "duration": 0, "error": None}
try:
proc = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
with open(filepath, "wb") as out_f:
pg_dump_proc = subprocess.Popen(
["pg_dump", "-h", db_host, "-p", db_port, "-U", DB_USER, "-d", DB_NAME,
"--no-password", "-Fp"],
stdout=subprocess.PIPE, stderr=subprocess.PIPE,
env=pg_env
)
gzip_proc = subprocess.Popen(
["gzip"],
stdin=pg_dump_proc.stdout, stdout=out_f, stderr=subprocess.PIPE
)
pg_dump_proc.stdout.close()
gzip_stderr = gzip_proc.communicate(timeout=300)[1]
pg_dump_proc.wait(timeout=300)
# 模擬 proc 介面供後續邏輯共用
class _FakeProc:
def __init__(self, returncode, stderr_text):
self.returncode = returncode
self.stderr = stderr_text
pg_dump_stderr = pg_dump_proc.stderr.read().decode(errors="replace").strip()
combined_returncode = pg_dump_proc.returncode if pg_dump_proc.returncode != 0 else gzip_proc.returncode
proc = _FakeProc(combined_returncode, pg_dump_stderr or gzip_stderr.decode(errors="replace").strip())
duration = (datetime.now() - start).total_seconds()
if proc.returncode != 0:

67
services/openclaw_learning_service.py
View File

@@ -255,6 +255,8 @@ def build_rag_context(query: str, insight_type: str = None, period: str = None,
if not period:
q = q.order_by(AIInsight.created_at.desc()).limit(20)
else:
q = q.limit(200)
results = q.all()
if not results:
@@ -298,6 +300,7 @@ def build_rag_context_by_date(start_date: str, end_date: str) -> str:
.filter(AIInsight.created_at >= start_dt)
.filter(AIInsight.created_at <= end_dt)
.order_by(AIInsight.created_at.asc())
.limit(200)
.all()
)
if not results:
@@ -462,39 +465,43 @@ def run_quality_rescore_batch() -> dict:
updated = 0
relearn_reset = 0
try:
rows = session.execute(text("""
SELECT id, avg_quality, created_at, decay_exempt, status
FROM ai_insights
# 單條 SQL UPDATE指數衰減計算移至 SQL避免 N+1 UPDATE
# decay_exempt=TRUE 的記錄跳過(永久知識)
# relearn 狀態額外懲罰 20%(乘以 0.8
result = session.execute(text("""
UPDATE ai_insights
SET avg_quality = ROUND(
CASE WHEN status = 'relearn'
THEN avg_quality * EXP(-:rate * (CURRENT_DATE - created_at::date)) * 0.8
ELSE avg_quality * EXP(-:rate * (CURRENT_DATE - created_at::date))
END,
4
),
updated_at = CURRENT_TIMESTAMP
WHERE status IN ('approved', 'relearn')
""")).fetchall()
AND decay_exempt = FALSE
AND created_at < CURRENT_DATE
"""), {"rate": DECAY_RATE})
updated = result.rowcount
for row in rows:
row_id, base_q, created_at, exempt, status = row
base_q = base_q or 0.5
# 低分自動歸檔(分數 < 0.05
archive_result = session.execute(text("""
UPDATE ai_insights
SET status = 'archived', updated_at = CURRENT_TIMESTAMP
WHERE status IN ('approved', 'relearn')
AND decay_exempt = FALSE
AND avg_quality < 0.05
"""))
if exempt:
continue
if created_at and created_at.tzinfo is None:
created_at = created_at.replace(tzinfo=timezone.utc)
new_score = compute_effective_score(base_q, created_at)
if status == "relearn":
new_score *= 0.8
session.execute(text("""
UPDATE ai_insights
SET avg_quality = :q, updated_at = CURRENT_TIMESTAMP
WHERE id = :id
"""), {"q": round(new_score, 4), "id": row_id})
updated += 1
if new_score < 0.05:
session.execute(text(
"UPDATE ai_insights SET status = 'archived' WHERE id = :id"
), {"id": row_id})
if status == "relearn":
relearn_reset += 1
# 計算 relearn_reset歸檔前 status 為 relearn 的筆數)
relearn_reset_result = session.execute(text("""
SELECT COUNT(*) FROM ai_insights
WHERE status = 'archived'
AND decay_exempt = FALSE
AND avg_quality < 0.05
AND updated_at >= CURRENT_TIMESTAMP - INTERVAL '5 seconds'
"""))
relearn_reset = relearn_reset_result.scalar() or 0
session.commit()
sys_log.info(

20
services/openclaw_strategist_service.py
View File

@@ -56,16 +56,16 @@ def _fetch_sales_summary(days: int = 14) -> Dict[str, Any]:
"""近 N 天業績彙總(本期 / 前期 對比)"""
session = get_session()
try:
rows = session.execute(text(f"""
rows = session.execute(text("""
SELECT
snapshot_date::date AS dt,
SUM(COALESCE("銷售金額"::numeric, 0)) AS revenue,
COUNT(DISTINCT "商品ID") AS sku_count
FROM daily_sales_snapshot
WHERE snapshot_date::date >= CURRENT_DATE - {days}
WHERE snapshot_date::date >= CURRENT_DATE - :days
GROUP BY dt
ORDER BY dt DESC
""")).fetchall()
"""), {"days": days}).fetchall()
data = [{"date": str(r[0]), "revenue": float(r[1] or 0), "sku_count": int(r[2] or 0)}
for r in rows]
@@ -96,7 +96,7 @@ def _fetch_top_threats(limit: int = 10) -> List[Dict]:
SELECT product_sku, content, confidence, metadata_json, created_at
FROM ai_insights
WHERE insight_type = 'price_alert'
AND status = 'active'
AND status = 'approved'
AND created_at >= NOW() - INTERVAL '48 hours'
ORDER BY confidence DESC
LIMIT :lim
@@ -154,18 +154,18 @@ def _fetch_category_breakdown(days: int = 7) -> List[Dict]:
"""品類業績分佈"""
session = get_session()
try:
rows = session.execute(text(f"""
rows = session.execute(text("""
SELECT p.category,
SUM(COALESCE(s."銷售金額"::numeric, 0)) AS revenue,
COUNT(DISTINCT p.i_code) AS sku_count
FROM daily_sales_snapshot s
JOIN products p ON p.name = s."商品名稱"
WHERE s.snapshot_date::date >= CURRENT_DATE - {days}
WHERE s.snapshot_date::date >= CURRENT_DATE - :days
AND p.status = 'ACTIVE'
GROUP BY p.category
ORDER BY revenue DESC
LIMIT 10
""")).fetchall()
"""), {"days": days}).fetchall()
return [{"category": r[0], "revenue": float(r[1] or 0), "sku_count": int(r[2] or 0)}
for r in rows]
except Exception as e:
@@ -1112,7 +1112,7 @@ def _fetch_price_trend_summary(days: int = 30) -> Dict[str, Any]:
"""近N天價格異動統計"""
session = get_session()
try:
row = session.execute(text(f"""
row = session.execute(text("""
SELECT
COUNT(*) AS total_changes,
AVG(ABS(pr2.price - pr1.price) / pr1.price * 100) AS avg_change_pct,
@@ -1125,9 +1125,9 @@ def _fetch_price_trend_summary(days: int = 30) -> Dict[str, Any]:
WHERE product_id = pr2.product_id
AND timestamp < pr2.timestamp - INTERVAL '1 day'
)
WHERE pr2.timestamp >= NOW() - INTERVAL '{days} days'
WHERE pr2.timestamp >= NOW() - :days * INTERVAL '1 day'
AND ABS(pr2.price - pr1.price) / pr1.price > 0.005
""")).fetchone()
"""), {"days": days}).fetchone()
if row and row[0]:
return {
"price_changes": int(row[0]),

2
services/pg_sync_service.py
View File

@@ -34,7 +34,7 @@ from contextlib import contextmanager
PG_HOST = os.environ.get('POSTGRES_HOST', 'postgres') # Docker 內部網路
PG_PORT = os.environ.get('POSTGRES_PORT', '5432')
PG_USER = os.environ.get('POSTGRES_USER', 'momo')
PG_PASSWORD = os.environ.get('POSTGRES_PASSWORD', 'wooo_pg_2026')
PG_PASSWORD = os.environ.get('POSTGRES_PASSWORD')
PG_DATABASE = os.environ.get('POSTGRES_DB', 'momo_analytics')
SQLITE_PATH = os.environ.get('SQLITE_PATH', 'data/momo_database.db')

421
services/telegram_bot_service.py
View File

@@ -111,19 +111,25 @@ class TrendTelegramBot:
# ========== 指令處理器 ==========
def _get_main_menu_keyboard(self):
"""建立主選單按鈕"""
"""建立主選單按鈕 - 7大功能類別"""
keyboard = [
[
InlineKeyboardButton("📊 熱門趨勢", callback_data="menu_trend"),
InlineKeyboardButton("🔍 AI 搜尋", callback_data="menu_search"),
InlineKeyboardButton("📊 業績查詢", callback_data="menu:sales"),
InlineKeyboardButton("🏆 商品廠商", callback_data="menu:products"),
],
[
InlineKeyboardButton("✍️ 生成文案", callback_data="menu_copy"),
InlineKeyboardButton("🏷️ 熱門關鍵字", callback_data="menu_keywords"),
InlineKeyboardButton("🎯 目標管理", callback_data="menu:goals"),
InlineKeyboardButton("📈 智能分析", callback_data="menu:analysis"),
],
[
InlineKeyboardButton("📰 每日摘要", callback_data="menu_daily"),
InlineKeyboardButton("⚙️ 設定", callback_data="menu_settings"),
InlineKeyboardButton("📄 簡報報表", callback_data="menu:reports"),
InlineKeyboardButton("<EFBFBD> 市場情報", callback_data="menu:market"),
],
[
InlineKeyboardButton("<EFBFBD> 競品日報", callback_data="menu:competitor"),
],
[
InlineKeyboardButton("❓ 使用說明", callback_data="cmd:help"),
],
]
return InlineKeyboardMarkup(keyboard)
@@ -189,20 +195,21 @@ class TrendTelegramBot:
from database.manager import get_session
session = get_session()
date_from = date.today() - timedelta(days=7)
try:
date_from = date.today() - timedelta(days=7)
# 查詢熱門趨勢
query = session.query(TrendRecord).filter(
TrendRecord.trend_date >= date_from
)
if category:
query = query.filter(TrendRecord.category == category)
# 查詢熱門趨勢
query = session.query(TrendRecord).filter(
TrendRecord.trend_date >= date_from
)
if category:
query = query.filter(TrendRecord.category == category)
records = query.order_by(
TrendRecord.popularity_score.desc()
).limit(10).all()
session.close()
records = query.order_by(
TrendRecord.popularity_score.desc()
).limit(10).all()
finally:
session.close()
if not records:
await update.message.reply_text(
@@ -228,8 +235,8 @@ class TrendTelegramBot:
await update.message.reply_text(title + '\n'.join(lines))
except Exception as e:
logger.error(f"Telegram cmd_trend 失敗: {e}")
await update.message.reply_text(f"查詢失敗: {str(e)}")
logger.error(f"[cmd_trend] error: {e}", exc_info=True)
await update.message.reply_text("系統錯誤,請稍後再試")
async def cmd_search(self, update: Update, context):
"""AI 搜尋指令"""
@@ -267,8 +274,8 @@ class TrendTelegramBot:
await update.message.reply_text(f"❌ 搜尋失敗: {result.get('error', '未知錯誤')}")
except Exception as e:
logger.error(f"Telegram cmd_search 失敗: {e}")
await update.message.reply_text(f"搜尋失敗: {str(e)}")
logger.error(f"[cmd_search] error: {e}", exc_info=True)
await update.message.reply_text("系統錯誤,請稍後再試")
async def cmd_copy(self, update: Update, context):
"""文案生成指令"""
@@ -308,8 +315,8 @@ class TrendTelegramBot:
await update.message.reply_text(f"❌ 生成失敗: {response.error}")
except Exception as e:
logger.error(f"Telegram cmd_copy 失敗: {e}")
await update.message.reply_text(f"生成失敗: {str(e)}")
logger.error(f"[cmd_copy] error: {e}", exc_info=True)
await update.message.reply_text("系統錯誤,請稍後再試")
async def cmd_keywords(self, update: Update, context):
"""熱門關鍵字指令"""
@@ -321,23 +328,24 @@ class TrendTelegramBot:
from sqlalchemy import func
session = get_session()
date_from = date.today() - timedelta(days=7)
try:
date_from = date.today() - timedelta(days=7)
query = session.query(
TrendKeyword.keyword,
func.sum(TrendKeyword.mention_count).label('total')
).filter(
TrendKeyword.trend_date >= date_from
).group_by(TrendKeyword.keyword)
query = session.query(
TrendKeyword.keyword,
func.sum(TrendKeyword.mention_count).label('total')
).filter(
TrendKeyword.trend_date >= date_from
).group_by(TrendKeyword.keyword)
if category:
query = query.filter(TrendKeyword.category == category)
if category:
query = query.filter(TrendKeyword.category == category)
keywords = query.order_by(
func.sum(TrendKeyword.mention_count).desc()
).limit(20).all()
session.close()
keywords = query.order_by(
func.sum(TrendKeyword.mention_count).desc()
).limit(20).all()
finally:
session.close()
if not keywords:
await update.message.reply_text("📭 近 7 天沒有熱門關鍵字資料")
@@ -349,8 +357,8 @@ class TrendTelegramBot:
await update.message.reply_text(title + '\n'.join(lines))
except Exception as e:
logger.error(f"Telegram cmd_keywords 失敗: {e}")
await update.message.reply_text(f"查詢失敗: {str(e)}")
logger.error(f"[cmd_keywords] error: {e}", exc_info=True)
await update.message.reply_text("系統錯誤,請稍後再試")
async def cmd_daily(self, update: Update, context):
"""每日趨勢摘要"""
@@ -359,11 +367,13 @@ class TrendTelegramBot:
from database.manager import get_session
session = get_session()
analysis = session.query(TrendAnalysis).filter(
TrendAnalysis.analysis_date == date.today(),
TrendAnalysis.analysis_type == 'daily_summary'
).first()
session.close()
try:
analysis = session.query(TrendAnalysis).filter(
TrendAnalysis.analysis_date == date.today(),
TrendAnalysis.analysis_type == 'daily_summary'
).first()
finally:
session.close()
if not analysis:
await update.message.reply_text("📭 今日尚無趨勢分析報告")
@@ -386,8 +396,8 @@ class TrendTelegramBot:
await update.message.reply_text(reply, parse_mode='Markdown')
except Exception as e:
logger.error(f"Telegram cmd_daily 失敗: {e}")
await update.message.reply_text(f"查詢失敗: {str(e)}")
logger.error(f"[cmd_daily] error: {e}", exc_info=True)
await update.message.reply_text("系統錯誤,請稍後再試")
async def handle_callback(self, update: Update, context):
"""處理按鈕回調"""
@@ -396,12 +406,18 @@ class TrendTelegramBot:
data = query.data
# ===== 主選單按鈕 =====
if data == "menu_main":
if data == "menu_main" or data == "menu:main":
await query.edit_message_text(
"請選擇要執行的功能",
"👋 *MOMO 趨勢助手 Bot* — 請選擇功能類別",
parse_mode='Markdown',
reply_markup=self._get_main_menu_keyboard()
)
# ===== 新的完整菜單系統 =====
elif data.startswith("menu:"):
await self._handle_main_menu_callback(query, data)
# ===== 舊的簡單菜單(向下相容) =====
elif data == "menu_trend":
await query.edit_message_text(
"📊 *熱門趨勢*\n\n請選擇分類:",
@@ -416,7 +432,7 @@ class TrendTelegramBot:
"例如:夏季防曬推薦、母親節禮物",
parse_mode='Markdown',
reply_markup=InlineKeyboardMarkup([[
InlineKeyboardButton("🔙 返回主選單", callback_data="menu_main")
InlineKeyboardButton("🔙 返回主選單", callback_data="menu:main")
]])
)
@@ -427,7 +443,7 @@ class TrendTelegramBot:
"例如:防曬乳、保濕面膜",
parse_mode='Markdown',
reply_markup=InlineKeyboardMarkup([[
InlineKeyboardButton("🔙 返回主選單", callback_data="menu_main")
InlineKeyboardButton("🔙 返回主選單", callback_data="menu:main")
]])
)
@@ -461,17 +477,232 @@ class TrendTelegramBot:
elif data.startswith("settings_"):
await self._handle_settings_callback(query, data)
# ===== 降價決策按鈕(支援 momo:pa:xxx 新格式 + pa:xxx 格式向下相容=====
elif data.startswith("momo:pa:") or data.startswith("pa:"):
# ===== 降價決策按鈕(支援 momo:pa:xxx / momo:pr:xxx 格式)=====
elif data.startswith("momo:pa:"):
await self._handle_price_approve(query, data.split(":")[-1])
elif data.startswith("momo:pr:") or data.startswith("pr:"):
elif data.startswith("momo:pr:"):
await self._handle_price_reject(query, data.split(":")[-1])
# ===== L3 運維決策按鈕momo:ops:<action>:<task_name>=====
elif data.startswith("momo:ops:"):
await self._handle_ops_callback(query, data)
async def _handle_main_menu_callback(self, query, data: str):
"""處理主選單回調 - 完整功能菜單系統"""
key = data[5:] # 移除 'menu:' 前綴
titles = {
'sales': '📊 *業績查詢* — 選擇日期或直接輸入',
'products': '🏆 *商品廠商* — 選擇查詢範圍',
'goals': '🎯 *目標管理* — 查看或設定業績目標',
'analysis': '📈 *智能分析* — 選擇分析類型',
'reports': '📄 *簡報報表* — 選擇報告類型',
'market': '🌐 *市場情報* — 即時資訊',
'competitor': '📊 *競品比價日報* — 選擇分析日期',
'competitor_ppt': '📄 *競品比價簡報* — 選擇時間範圍',
'category': '🗂 *分類業績鑽取* — 點選分類深入分析',
'trend': '📈 *業績趨勢* — 選擇時間範圍',
}
# 生成子選單
if key == 'sales':
keyboard = self._get_sales_submenu()
elif key == 'products':
keyboard = self._get_products_submenu()
elif key == 'goals':
keyboard = self._get_goals_submenu()
elif key == 'analysis':
keyboard = self._get_analysis_submenu()
elif key == 'reports':
keyboard = self._get_reports_submenu()
elif key == 'market':
keyboard = self._get_market_submenu()
elif key == 'competitor':
keyboard = self._get_competitor_submenu()
elif key == 'competitor_ppt':
keyboard = self._get_competitor_ppt_submenu()
elif key == 'category':
keyboard = self._get_category_submenu()
elif key == 'trend':
keyboard = self._get_trend_submenu()
else:
# 未知選單,返回主選單
keyboard = self._get_main_menu_keyboard()
key = 'main'
titles[key] = '👋 *MOMO 趨勢助手 Bot* — 請選擇功能類別'
await query.edit_message_text(
titles.get(key, '請選擇'),
parse_mode='Markdown',
reply_markup=InlineKeyboardMarkup(keyboard)
)
def _get_sales_submenu(self):
"""業績查詢子選單"""
from datetime import datetime, timedelta
today = datetime.now().strftime('%Y/%m/%d')
yesterday = (datetime.now() - timedelta(days=1)).strftime('%Y/%m/%d')
current_month = datetime.now().strftime('%Y/%m')
return [
[{'text': f'📊 今日 ({today[-5:]})', 'callback_data': 'cmd:sales:' + today},
{'text': f'⬅ 昨日 ({yesterday[-5:]})', 'callback_data': 'cmd:sales:' + yesterday}],
[{'text': '📅 每週業績', 'callback_data': 'cmd:trend:week'},
{'text': '📅 每月業績', 'callback_data': 'cmd:history:' + current_month}],
[{'text': '📅 每季業績', 'callback_data': 'cmd:trend:quarter'},
{'text': '📅 近半年', 'callback_data': 'cmd:trend:half'}],
[{'text': '📈 趨勢分析', 'callback_data': 'menu:trend'},
{'text': '🔄 同期比較', 'callback_data': 'cmd:compare:' + today}],
[{'text': '🗂 分類業績', 'callback_data': 'cmd:category:' + today},
{'text': '📅 日期/區間', 'callback_data': 'await:date_range_sales'}],
[{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_products_submenu(self):
"""商品廠商子選單"""
from datetime import datetime, timedelta
today = datetime.now().strftime('%Y/%m/%d')
yesterday = (datetime.now() - timedelta(days=1)).strftime('%Y/%m/%d')
return [
[{'text': f'🏆 熱銷商品 ({today[-5:]})', 'callback_data': 'cmd:top:' + today},
{'text': f'🏭 熱銷廠商 ({today[-5:]})', 'callback_data': 'cmd:vendor:' + today}],
[{'text': f'⬅ 昨日商品 ({yesterday[-5:]})', 'callback_data': 'cmd:top:' + yesterday},
{'text': '🧬 商品健康', 'callback_data': 'cmd:health:' + today}],
[{'text': '📦 補貨預測', 'callback_data': 'cmd:restock'},
{'text': '🗂 分類鑽取', 'callback_data': 'menu:category'}],
[{'text': '📅 指定日期', 'callback_data': 'await:date_top'}],
[{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_goals_submenu(self):
"""目標管理子選單"""
return [
[{'text': '📋 查看達成率', 'callback_data': 'cmd:goal'},
{'text': '📊 日目標設定', 'callback_data': 'await:goal_daily'}],
[{'text': '📅 月目標設定', 'callback_data': 'await:goal_monthly'},
{'text': '📊 季目標設定', 'callback_data': 'await:goal_quarterly'}],
[{'text': '📈 半年目標設定', 'callback_data': 'await:goal_half'},
{'text': '📊 年目標設定', 'callback_data': 'await:goal_yearly'}],
[{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_analysis_submenu(self):
"""智能分析子選單"""
from datetime import datetime
today = datetime.now().strftime('%Y/%m/%d')
return [
[{'text': '🎲 策略矩陣', 'callback_data': 'cmd:strategy:' + today},
{'text': '📈 業績趨勢', 'callback_data': 'menu:trend'}],
[{'text': '🧬 商品健康', 'callback_data': 'cmd:health:' + today},
{'text': '🗂 分類業績', 'callback_data': 'cmd:category:' + today}],
[{'text': '🎉 促銷追蹤', 'callback_data': 'await:promo_range'},
{'text': '📦 補貨預測', 'callback_data': 'cmd:restock'}],
[{'text': '📊 趨勢圖表', 'callback_data': 'cmd:chart'},
{'text': '🔄 同期比較', 'callback_data': 'cmd:compare:' + today}],
[{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_reports_submenu(self):
"""簡報報表子選單"""
return [
[{'text': '📄 日報', 'callback_data': 'cmd:ppt:daily'},
{'text': '📊 週報', 'callback_data': 'cmd:ppt:weekly'}],
[{'text': '📈 月報', 'callback_data': 'cmd:ppt:monthly'},
{'text': '🧩 策略(季)', 'callback_data': 'cmd:ppt:strategy quarterly'}],
[{'text': '🧩 策略(年)', 'callback_data': 'cmd:ppt:strategy yearly'},
{'text': '🎉 促銷效益簡報', 'callback_data': 'await:promo_range'}],
[{'text': '🔍 競品比較', 'callback_data': 'menu:competitor'},
{'text': '📈 成長趨勢報告', 'callback_data': 'cmd:ppt:growth'}],
[{'text': '🏭 廠商業績報告', 'callback_data': 'cmd:ppt:vendor'},
{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_market_submenu(self):
"""市場情報子選單 - 完整版本"""
return [
[{'text': '📰 電商新聞', 'callback_data': 'cmd:news'},
{'text': '🌤 台北天氣', 'callback_data': 'cmd:weather'}],
[{'text': '<EFBFBD> Google熱搜', 'callback_data': 'cmd:trends'},
{'text': '<EFBFBD> Dcard口碑', 'callback_data': 'cmd:dcard'}],
[{'text': '💱 台銀匯率', 'callback_data': 'cmd:exchange'},
{'text': '📅 電商節慶', 'callback_data': 'cmd:calendar'}],
[{'text': '▶️ YouTube爆紅商品', 'callback_data': 'cmd:youtube'},
{'text': '🧠 AI學習狀態', 'callback_data': 'cmd:learn'}],
[{'text': '🔍 關鍵字比價', 'callback_data': 'await:search_compare'},
{'text': '<EFBFBD> 圖片比價說明', 'callback_data': 'cmd:photo_search_help'}],
[{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_competitor_submenu(self):
"""競品日報第二層:所有選項直接產 PPT"""
from datetime import datetime, timedelta
today = datetime.now()
yesterday = today - timedelta(days=1)
td_str = today.strftime('%Y/%m/%d')
yd_str = yesterday.strftime('%Y/%m/%d')
td_label = today.strftime('%m/%d')
yd_label = yesterday.strftime('%m/%d')
return [
[{'text': f'📊 今日簡報 ({td_label})', 'callback_data': f'cmd:ppt:competitor {td_str}'},
{'text': f'<EFBFBD> 昨日簡報 ({yd_label})', 'callback_data': f'cmd:ppt:competitor {yd_str}'}],
[{'text': '📈 本週比較', 'callback_data': 'cmd:ppt:competitor weekly'},
{'text': '📆 本月比較', 'callback_data': 'cmd:ppt:competitor monthly'}],
[{'text': '🗃 本季比較', 'callback_data': 'cmd:ppt:competitor quarterly'},
{'text': '<EFBFBD> 指定日期', 'callback_data': 'await:date_competitor'}],
[{'text': '📄 更多週期 →', 'callback_data': 'menu:competitor_ppt'}],
[{'text': '← 返回主選單', 'callback_data': 'menu:main'}],
]
def _get_competitor_ppt_submenu(self):
"""競品 PPT 長週期選單(第三層)— 半年/年;日/週/月/季已在第二層"""
return [
[{'text': '📆 半年比較', 'callback_data': 'cmd:ppt:competitor half'},
{'text': '<EFBFBD> 年比較', 'callback_data': 'cmd:ppt:competitor yearly'}],
[{'text': '← 返回競品日報', 'callback_data': 'menu:competitor'}],
]
def _get_category_submenu(self):
"""分類業績鑽取 — 顯示 L1 固定分類按鈕"""
from datetime import datetime
today = datetime.now().strftime('%Y/%m/%d')
CATS = [
('美妝保養', '💄'), ('3C家電', '📱'), ('服飾配件', '👕'),
('居家生活', '🏠'), ('母嬰用品', '🍼'), ('生鮮食品', '🥗'),
('圖書文具', '📚'), ('戶外運動', ''), ('餐券票券', '🎫'),
('醫療保健', '💊'), ('美體保健', '💆'), ('寵物用品', '🐕'),
('箱包精品', '👜'), ('車類百貨', '🚗'), ('情趣用品', '❤️'),
]
rows = []
for i in range(0, len(CATS), 2):
pair = []
for cat, icon in CATS[i:i+2]:
pair.append({'text': f'{icon} {cat}', 'callback_data': f'cmd:catdetail:{cat}:{today}'})
rows.append(pair)
rows.append([{'text': '🗂 全分類清單', 'callback_data': f'cmd:category:{today}'}])
rows.append([{'text': '← 返回主選單', 'callback_data': 'menu:main'}])
return rows
def _get_trend_submenu(self):
"""業績趨勢子選單"""
return [
[{'text': '📅 近7日', 'callback_data': 'cmd:trend:7'},
{'text': '📅 近1個月', 'callback_data': 'cmd:trend:month'}],
[{'text': '📅 近3個月', 'callback_data': 'cmd:trend:quarter'},
{'text': '📅 近半年', 'callback_data': 'cmd:trend:half'}],
[{'text': '📅 近1年', 'callback_data': 'cmd:trend:year'},
{'text': '📅 指定月份', 'callback_data': 'await:date_trend_month'}],
[{'text': '📅 指定年份', 'callback_data': 'await:date_trend_year'},
{'text': '📅 指定季度', 'callback_data': 'await:date_trend_quarter'}],
[{'text': '← 返回業績查詢', 'callback_data': 'menu:sales'}],
]
async def _handle_price_approve(self, query, insight_id_str: str):
"""批准降價:寫 KM feedback + 移除按鈕"""
from services.openclaw_learning_service import store_insight
@@ -594,16 +825,17 @@ class TrendTelegramBot:
from database.manager import get_session
session = get_session()
date_from = date.today() - timedelta(days=7)
try:
date_from = date.today() - timedelta(days=7)
records = session.query(TrendRecord).filter(
TrendRecord.trend_date >= date_from,
TrendRecord.category == category
).order_by(
TrendRecord.popularity_score.desc()
).limit(10).all()
session.close()
records = session.query(TrendRecord).filter(
TrendRecord.trend_date >= date_from,
TrendRecord.category == category
).order_by(
TrendRecord.popularity_score.desc()
).limit(10).all()
finally:
session.close()
if not records:
await query.edit_message_text(
@@ -633,9 +865,9 @@ class TrendTelegramBot:
)
except Exception as e:
logger.error(f"_show_trend_by_category 失敗: {e}")
logger.error(f"[_show_trend_by_category] error: {e}", exc_info=True)
await query.edit_message_text(
f"查詢失敗: {str(e)}",
"系統錯誤,請稍後再試",
reply_markup=InlineKeyboardMarkup([[
InlineKeyboardButton("🔙 返回", callback_data="menu_main")
]])
@@ -649,19 +881,20 @@ class TrendTelegramBot:
from sqlalchemy import func
session = get_session()
date_from = date.today() - timedelta(days=7)
try:
date_from = date.today() - timedelta(days=7)
keywords = session.query(
TrendKeyword.keyword,
func.sum(TrendKeyword.mention_count).label('total')
).filter(
TrendKeyword.trend_date >= date_from,
TrendKeyword.category == category
).group_by(TrendKeyword.keyword).order_by(
func.sum(TrendKeyword.mention_count).desc()
).limit(15).all()
session.close()
keywords = session.query(
TrendKeyword.keyword,
func.sum(TrendKeyword.mention_count).label('total')
).filter(
TrendKeyword.trend_date >= date_from,
TrendKeyword.category == category
).group_by(TrendKeyword.keyword).order_by(
func.sum(TrendKeyword.mention_count).desc()
).limit(15).all()
finally:
session.close()
if not keywords:
await query.edit_message_text(
@@ -689,9 +922,9 @@ class TrendTelegramBot:
)
except Exception as e:
logger.error(f"_show_keywords_by_category 失敗: {e}")
logger.error(f"[_show_keywords_by_category] error: {e}", exc_info=True)
await query.edit_message_text(
f"查詢失敗: {str(e)}",
"系統錯誤,請稍後再試",
reply_markup=InlineKeyboardMarkup([[
InlineKeyboardButton("🔙 返回", callback_data="menu_main")
]])
@@ -704,11 +937,13 @@ class TrendTelegramBot:
from database.manager import get_session
session = get_session()
analysis = session.query(TrendAnalysis).filter(
TrendAnalysis.analysis_date == date.today(),
TrendAnalysis.analysis_type == 'daily_summary'
).first()
session.close()
try:
analysis = session.query(TrendAnalysis).filter(
TrendAnalysis.analysis_date == date.today(),
TrendAnalysis.analysis_type == 'daily_summary'
).first()
finally:
session.close()
if not analysis:
await query.edit_message_text(
@@ -744,9 +979,9 @@ class TrendTelegramBot:
)
except Exception as e:
logger.error(f"_show_daily_summary 失敗: {e}")
logger.error(f"[_show_daily_summary] error: {e}", exc_info=True)
await query.edit_message_text(
f"載入失敗: {str(e)}",
"系統錯誤,請稍後再試",
reply_markup=InlineKeyboardMarkup([[
InlineKeyboardButton("🔙 返回", callback_data="menu_main")
]])
@@ -818,9 +1053,9 @@ class TrendTelegramBot:
)
except Exception as e:
logger.error(f"_handle_settings_callback 失敗: {e}")
logger.error(f"[_handle_settings_callback] error: {e}", exc_info=True)
session.rollback()
await query.edit_message_text(f"設定失敗: {str(e)}")
await query.edit_message_text("系統錯誤,請稍後再試")
finally:
session.close()
@@ -898,9 +1133,9 @@ class TrendTelegramBot:
)
except Exception as e:
logger.error(f"_process_search 失敗: {e}")
logger.error(f"[_process_search] error: {e}", exc_info=True)
await update.message.reply_text(
f"搜尋失敗: {str(e)}",
"系統錯誤,請稍後再試",
reply_markup=self._get_main_menu_keyboard()
)
@@ -941,9 +1176,9 @@ class TrendTelegramBot:
)
except Exception as e:
logger.error(f"_process_copy 失敗: {e}")
logger.error(f"[_process_copy] error: {e}", exc_info=True)
await update.message.reply_text(
f"生成失敗: {str(e)}",
"系統錯誤,請稍後再試",
reply_markup=self._get_main_menu_keyboard()
)

3
tests/test_pg_sync.py
View File

@@ -1,5 +1,6 @@
#!/usr/bin/env python3
"""測試完整 76 欄位同步"""
import os
import sqlite3
import psycopg2
@@ -29,7 +30,7 @@ rows = cursor.fetchall()
pg_conn = psycopg2.connect(
host="localhost", port="5432",
user="momo", password="wooo_pg_2026",
user="momo", password=os.environ.get("POSTGRES_PASSWORD"),
database="momo_analytics"
)
pg_cursor = pg_conn.cursor()

0
web/templates/components/_loading.html Normal file → Executable file
View File

0
web/templates/components/_navbar.html Normal file → Executable file
View File