diff --git a/config.py b/config.py index 7b9c607..4fb92ca 100644 --- a/config.py +++ b/config.py @@ -320,7 +320,7 @@ YOUTUBE_API_KEY = os.getenv('YOUTUBE_API_KEY', '') # ========================================== # 系統版本與路徑 # ========================================== -SYSTEM_VERSION = "V10.185" +SYSTEM_VERSION = "V10.186" LOG_FILE_PATH = os.path.join(BASE_DIR, 'logs/system.log') public_url = PUBLIC_URL # 用於模板顯示 diff --git a/docker-compose.yml b/docker-compose.yml index e30a969..c5d075e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -61,6 +61,7 @@ services: - ./config.py:/app/config.py:ro - ./app.py:/app/app.py:ro - ./auth.py:/app/auth.py:ro + - ./docker-compose.mcp.yml:/app/docker-compose.mcp.yml:ro - ./gunicorn.conf.py:/app/gunicorn.conf.py:ro - ./scheduler.py:/app/scheduler.py:ro - ./scripts:/app/scripts:ro diff --git a/docs/adr/ADR-035-cross-platform-market-campaign-intelligence.md b/docs/adr/ADR-035-cross-platform-market-campaign-intelligence.md index ab8fd9b..c4610e2 100644 --- a/docs/adr/ADR-035-cross-platform-market-campaign-intelligence.md +++ b/docs/adr/ADR-035-cross-platform-market-campaign-intelligence.md @@ -154,7 +154,7 @@ EwoooC 目前已有 MOMO EDM / 節慶活動資料、`promo_products`、PChome - 2026-05-18 追加 legacy source bridge preview:`/api/market_intel/legacy_source_bridge` 預設 `execute=false` 只回 planned,不連 DB;人工 smoke 才能以 `execute=true` 只讀盤點 `promo_products`、`competitor_prices`、`competitor_price_history`,產生舊資料導入 `market_*` 的 mapping、dedupe 與 blocked operation preview。此橋接不得寫入 DB、不得建立 ORM session、不得把 PChome 比價快取冒充為活動頁商品、不得掛 scheduler。 - 2026-05-18 追加 MCP readiness preview:`/api/market_intel/mcp_readiness` 預設 `execute=false` 只回 planned,盤點 ADR-031 外部 MCP server、`services.mcp_router` feature flag、tool registry、`mcp_calls` telemetry 與 market_intel tool contract 缺口。人工 smoke 才能以 `execute=true` 做只讀 health / telemetry probe;此探針不得寫 DB、不得建立 ORM session、不得替市場情報自動啟用 MCP 或外部爬取。 - 2026-05-18 追加 internal MCP tool contract preview:`services.market_intel.mcp_contract` 與 `/api/market_intel/mcp_tool_contract` 定義 `market_campaign_search`、`market_campaign_scrape`、`market_product_match_lookup` 三個 read-only contract,並在 `services.mcp_router.TOOL_REGISTRY` 註冊 `market_intel` caller 白名單。此階段只建立可審核合約與 readiness 檢查,不啟用 `MCP_ROUTER_ENABLED`、不呼叫 MCP server、不寫 DB、不掛 scheduler。 -- 2026-05-18 追加 external MCP deploy preflight preview:`services.market_intel.mcp_deploy_preflight` 與 `/api/market_intel/mcp_deploy_preflight` 只讀檢查 `docker-compose.mcp.yml`、必要 env、localhost-only ports、read-only volume、Firecrawl resource guard 與 fallback plan。此 preflight 不執行 docker/SSH、不建立 `mcp_readonly` role、不啟用 `MCP_ROUTER_ENABLED`、不寫 DB、不掛 scheduler;外部 MCP stack 須等 env 與 operator smoke 全過後另行批准。 +- 2026-05-18 追加 external MCP deploy preflight preview:`services.market_intel.mcp_deploy_preflight` 與 `/api/market_intel/mcp_deploy_preflight` 只讀檢查 `docker-compose.mcp.yml`、必要 env、localhost-only ports、read-only volume、Firecrawl resource guard 與 fallback plan。`docker-compose.mcp.yml` 需以 read-only bind mount 進 app 容器供 preflight 審核。此 preflight 不執行 docker/SSH、不建立 `mcp_readonly` role、不啟用 `MCP_ROUTER_ENABLED`、不寫 DB、不掛 scheduler;外部 MCP stack 須等 env 與 operator smoke 全過後另行批准。 ### Phase 4:Coupang / Shopee Adapter diff --git a/tests/test_market_intel_skeleton.py b/tests/test_market_intel_skeleton.py index 76eabfb..598a9a5 100644 --- a/tests/test_market_intel_skeleton.py +++ b/tests/test_market_intel_skeleton.py @@ -674,6 +674,12 @@ def test_mcp_deploy_preflight_blocks_without_required_env(): assert preflight["would_write_database"] is False +def test_mcp_compose_is_mounted_read_only_for_preflight(): + compose = Path("docker-compose.yml").read_text(encoding="utf-8") + + assert "./docker-compose.mcp.yml:/app/docker-compose.mcp.yml:ro" in compose + + def test_mcp_deploy_preflight_ready_when_env_contract_is_present(): preflight = build_mcp_deploy_preflight_plan( env={