QuantStrategyLab · Pigbibi · Jun 10, 2026 · Jun 10, 2026 · chatgpt-codex-connector · Jun 10, 2026
@@ -5,9 +5,13 @@ on:
     branches: [ main ]
   pull_request:
 
+permissions:
+  contents: read
+
 jobs:
   test:
     runs-on: ubuntu-latest
+    timeout-minutes: 20
     steps:
       - name: Checkout
         uses: actions/checkout@v6
@@ -75,7 +79,7 @@ jobs:
       - name: Setup Python
         uses: actions/setup-python@v6
         with:
-          python-version: "3.11"
+          python-version: "3.12"
 
       - name: Install dependencies
         run: |

@@ -9,6 +9,7 @@ jobs:
   auto-merge:
     if: github.event.workflow_run.conclusion == 'success' && startsWith(github.event.workflow_run.head_branch, 'dependabot/')
     runs-on: ubuntu-latest
+    timeout-minutes: 10
     permissions:
       contents: write
       pull-requests: write

@@ -24,10 +24,15 @@ env:
   GCP_WORKLOAD_IDENTITY_PROVIDER: projects/303168642265/locations/global/workloadIdentityPools/github-actions/providers/github-main
   GCP_WORKLOAD_IDENTITY_SERVICE_ACCOUNT: ibkr-platform-deploy@interactivebrokersquant.iam.gserviceaccount.com
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref_name }}
+  cancel-in-progress: false
+
 jobs:
   heartbeat:
     name: Check execution report heartbeat
     runs-on: ubuntu-latest
+    timeout-minutes: 15
     permissions:
       contents: read
       id-token: write

@@ -32,10 +32,15 @@ env:
   GCP_WORKLOAD_IDENTITY_PROVIDER: projects/303168642265/locations/global/workloadIdentityPools/github-actions/providers/github-main
   GCP_WORKLOAD_IDENTITY_SERVICE_ACCOUNT: ibkr-platform-deploy@interactivebrokersquant.iam.gserviceaccount.com
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref_name }}
+  cancel-in-progress: false
+
 jobs:
   guard:
     name: Check Cloud Run runtime
     runs-on: ubuntu-latest
+    timeout-minutes: 15
     permissions:
       contents: read
       id-token: write

@@ -49,10 +49,15 @@ env:
   GCP_RUNTIME_SERVICE_ACCOUNT: ibkr-platform-runtime@interactivebrokersquant.iam.gserviceaccount.com
   GCP_ARTIFACT_REGISTRY_REPOSITORY: cloud-run-source-deploy
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref_name }}
+  cancel-in-progress: false
+
 jobs:
   sync-cloud-run-env:
     name: Deploy / Sync Cloud Run
     runs-on: ubuntu-latest
+    timeout-minutes: 20
     permissions:
       contents: read
       id-token: write

@@ -0,0 +1 @@
+3.12
@@ -3,6 +3,31 @@
 from application.cycle_result import StrategyCycleResult
 
 
+def route_methods(strategy_module):
+    return {
+        rule.rule: sorted(rule.methods - {"HEAD", "OPTIONS"})
+        for rule in strategy_module.app.url_map.iter_rules()
+    }
+
+
+def test_cloud_run_route_contracts_are_registered(strategy_module):
+    assert route_methods(strategy_module) == {
+        "/": ["GET", "POST"],
+        "/precheck": ["GET", "POST"],
+        "/probe": ["GET", "POST"],
+        "/health": ["GET"],
+        "/static/<path:filename>": ["GET"],
+    }
+
+
+def test_health_route_returns_ok(strategy_module):
+    with strategy_module.app.test_request_context("/health", method="GET"):
+        body, status = strategy_module.health()
+
+    assert status == 200
+    assert body == "OK"
+
+
 def test_handle_request_get_returns_safe_message(strategy_module, monkeypatch):
     def fail_if_called():
         raise AssertionError("GET should not execute strategy")