DATABASE_URL ?= postgres://postgres:postgres@localhost:5432/hermes_market?sslmode=disable .PHONY: run build test test-race test-cover lint tidy docker-up docker-down migrate-up migrate-down backfill guard run: go run ./cmd/app build: go build -o bin/app ./cmd/app go build -o bin/backfill ./cmd/backfill test: go test ./... test-race: go test -race ./... test-cover: go test -race -coverprofile=coverage.out ./... go tool cover -func=coverage.out | tail -1 lint: golangci-lint run tidy: go mod tidy # guard 跑全部可机械验证的守卫规则;任一非零退出即失败。 # 保留极简实现,不做花哨格式化——CI 友好。 guard: @echo "G1 (no signing)..." && ! grep -rqi --include="*.go" "apikey\|x-mbx-apikey\|hmac\|secret_key\|api_secret" . @echo "G6 (boundary)..." && ! grep -rq "repo/webapi/binance\|repo/persistent" internal/usecase internal/controller @echo "G11 (ctrl derivs)..." && ! grep -rqn "FundingRepo\|OIRepo\|LSRepo\|TakerRepo" internal/controller @echo "G11.2 (ctrl coinglass)..." && ! grep -rqn "CoinglassRepo\|coinglassRepo" internal/controller @echo "G12.1 (usecase float)..." && ! { grep -rn --include="*.go" "float64\|float32" internal/usecase | grep -vE "indicator|derivatives_signal|coinglass" | grep -q . ; } @echo "G12.2 (indicator no repo)..." && ! grep -q "internal/repo" internal/usecase/indicator.go @echo "G12.3 (indicator no DB)..." && ! grep -qE "binance|postgres|pgx" internal/usecase/indicator.go @echo "G12.5 (derivatives_signal no repo)..." && ! grep -q "internal/repo" internal/usecase/derivatives_signal.go @echo "G12.6 (derivatives_signal no DB)..." && ! grep -qE "binance|postgres|pgx" internal/usecase/derivatives_signal.go @echo "G12.7 (coinglass_signal no repo)..." && ! { test -f internal/usecase/coinglass_signal.go && grep -q "internal/repo" internal/usecase/coinglass_signal.go ; } @echo "G12.8 (coinglass_signal no DB)..." && ! { test -f internal/usecase/coinglass_signal.go && grep -qE "binance|postgres|pgx" internal/usecase/coinglass_signal.go ; } @echo "G12.4 (entity no float)..." && ! grep -rqn --include="*.go" "float64\|float32" internal/entity @echo "G13.1 (compose requires password)..." && grep -qx 'POSTGRES_PASSWORD=' .env.example @echo "G13.2 (compose fixed app port)..." && grep -q 'APP_HOST_PORT' docker-compose.yml && grep -q 'APP_PORT: "8080"' docker-compose.yml && ! grep -q '$${APP_PORT' docker-compose.yml @echo "G13.3 (compose migrations gated)..." && grep -q 'service_healthy' docker-compose.yml && grep -q 'service_completed_successfully' docker-compose.yml @echo "G13.4 (dockerignore protects env)..." && grep -qx '.env' .dockerignore && grep -qx '.env.\*' .dockerignore @echo "G13.5 (docker build proxy explicit)..." && grep -q 'GO_MODULE_PROXY' docker-compose.yml && grep -q 'ARG GOPROXY' Dockerfile && ! grep -q 'go mod download || true' Dockerfile @echo "all guards green" docker-up: docker compose up -d docker-down: docker compose down migrate-up: migrate -path ./migrations -database "$(DATABASE_URL)" up migrate-down: migrate -path ./migrations -database "$(DATABASE_URL)" down 1 backfill: go run ./cmd/backfill $(ARGS)