bytelyst/learning_ai_invt_trdg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14398af792
learning_ai_invt_trdg/docs/AZURE_INFRASTRUCTURE.md
Saravana Achu Mac 4cfb446f57 feat(backend): WebSocket namespaces, audit persistence, tab flags, telemetry 
- Add /trading and /admin named Socket.IO namespaces; root namespace kept for
  backward compat; admin namespace rejects non-admins at connect time
- Wire auditRepository.ts: persist TradeAuditEvent to Cosmos audit-events
  container (best-effort); expose GET /api/admin/audit for admin queries
- Add tradingTelemetry singleton (Node.js Map-based storage adapter); init
  and fatal-error tracking wired in index.ts main()
- Add TAB_MARKETPLACE_ENABLED / TAB_MEMBERSHIP_ENABLED config flags; expose
  tabs.* shape in GET /api/feature-flags response
- Fix SupabaseService URL validation (regex check before createClient)
- Wire check:api-contract and check:audit-repository into npm run test
- Switch @bytelyst/* deps to file:../vendor/* references

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 19:35:00 -04:00

5.5 KiB
Raw Blame History

Azure Infrastructure — invttrdg (ByteLyst Trading)

Audit trail of all Azure resources, secrets, and configuration for the trading platform.

Subscription

Field Value
Subscription Azure subscription 1
Subscription ID 0e0ceaea-2677-4097-9401-1102707db826
Tenant ID ab33246e-c9c9-4cb9-9a87-3616bb4920f0

Resource Group

rg-mywispraieastus — all trading resources share this group. No new resource groups were created.

Azure Cosmos DB

Field Value
Account cosmos-mywisprai
Location westus2
Kind GlobalDocumentDB (Serverless)
Consistency Session
Endpoint https://cosmos-mywisprai.documents.azure.com:443/
Database invttrdg (created 2026-04-05)

Containers (all created 2026-04-05, partition key /productId)

Container Purpose
trade_profiles Per-user trading strategy profiles
trading_users User accounts + exchange API keys
capital_ledgers Per-profile capital allocation tracking
trade_orders Live runtime order state
trade_history Completed trade ledger
manual_entries Dashboard manual trade entries
reconciliation_backfill_audit Exit backfill evidence audit log
dynamic_config Runtime key-value config overrides
trading_controls Kill-switch + trading behaviour controls
bot_state_snapshots Bot state snapshots for recovery
runtime_locks Distributed locks (prevent concurrent edits)
strategy_presets Pre-built strategy templates
audit-events Trade audit event log (90-day TTL) — activate: partition key /productId, TTL 7776000 s

Key Vault secret names

  • invttrdg-cosmos-endpoint
  • invttrdg-cosmos-key
  • invttrdg-cosmos-database

Azure OpenAI (AI Foundry)

Field Value
Account mywisprai-openai-sweden
Location swedencentral
Endpoint https://swedencentral.api.cognitive.microsoft.com/
SKU S0 Standard

Deployments

Deployment Name Model Version SKU Capacity Created
gpt-4o-mini gpt-4.1-mini 2025-04-14 Standard 1 pre-existing
gpt-4o gpt-4o 2024-11-20 GlobalStandard 10 2026-04-05

Default deployment for trading: gpt-4o (stored in Key Vault as invttrdg-azure-openai-deployment)
Fallback deployment: gpt-4o-mini (stored as invttrdg-azure-openai-deployment-gpt4o)

Key Vault secret names

  • invttrdg-azure-openai-endpoint
  • invttrdg-azure-openai-key
  • invttrdg-azure-openai-deploymentgpt-4o
  • invttrdg-azure-openai-deployment-gpt4ogpt-4o

Azure Key Vault

Field Value
Name kv-mywisprai
Location eastus
URI https://kv-mywisprai.vault.azure.net/

All invttrdg-* secrets (set 2026-04-05)

Secret Name Value (description)
invttrdg-product-id invttrdg
invttrdg-cosmos-endpoint https://cosmos-mywisprai.documents.azure.com:443/
invttrdg-cosmos-key Cosmos DB primary master key
invttrdg-cosmos-database invttrdg
invttrdg-azure-openai-endpoint https://swedencentral.api.cognitive.microsoft.com/
invttrdg-azure-openai-key Azure OpenAI API key
invttrdg-azure-openai-deployment gpt-4o
invttrdg-azure-openai-deployment-gpt4o gpt-4o

Other Shared Azure Resources

These exist in rg-mywisprai and are shared across the ecosystem (not trading-specific):

Resource Type Notes
bytelystblobs Storage Account (westus2) Blob storage, shared
bytelyst-appinsights Application Insights (eastus) Shared telemetry
mywisprai-speech Cognitive Services Speech (eastus) Not used by trading

Application Configuration

Set these in your .env (pull from Key Vault for production):

# Cosmos DB
COSMOS_ENDPOINT=https://cosmos-mywisprai.documents.azure.com:443/
COSMOS_KEY=<from kv-mywisprai / invttrdg-cosmos-key>
COSMOS_DATABASE=invttrdg

# Azure OpenAI (use instead of direct OpenAI for production)
AZURE_OPENAI_ENDPOINT=https://swedencentral.api.cognitive.microsoft.com/
AZURE_OPENAI_KEY=<from kv-mywisprai / invttrdg-azure-openai-key>
AZURE_OPENAI_DEPLOYMENT=gpt-4o
LLM_PROVIDER=azure

Pending Work

  • Wire Key Vault secret resolution at app startup — bootstrap.ts uses @bytelyst/config resolveSecrets() with DefaultAzureCredential (2026-04-05)
  • Switch aiClient.ts to use AzureOpenAIProvider when Azure config is present — auto-detected from AZURE_OPENAI_ENDPOINT + AZURE_OPENAI_KEY + AZURE_OPENAI_DEPLOYMENT (2026-04-05)
  • Configure Managed Identity on the backend app service to access Key Vault without a connection string
  • Set up TTL policy on runtime_locks container (e.g. 3600s) to auto-expire stale locks
  • Enable Cosmos DB diagnostic logs to Log Analytics workspace

Change Log

Date Action By
2026-04-05 Created invttrdg database in cosmos-mywisprai Claude Code / CLI
2026-04-05 Created 12 containers in invttrdg (all /productId partition key) Claude Code / CLI
2026-04-05 Deployed gpt-4o (2024-11-20) to mywisprai-openai-sweden Claude Code / CLI
2026-04-05 Stored 8 invttrdg-* secrets in kv-mywisprai Claude Code / CLI
2026-04-05 Added bootstrap.ts — Key Vault secret resolution at startup via DefaultAzureCredential Claude Code
2026-04-05 aiClient.ts auto-selects AzureOpenAIProvider when Azure OpenAI env vars are set Claude Code