Skip to content

Add LongBridge API probe workflow#52

Merged
Pigbibi merged 1 commit into
mainfrom
codex/longbridge-api-probe-workflow
May 7, 2026
Merged

Add LongBridge API probe workflow#52
Pigbibi merged 1 commit into
mainfrom
codex/longbridge-api-probe-workflow

Conversation

@Pigbibi

@Pigbibi Pigbibi commented May 7, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • add a manual LongBridge API Probe workflow that runs only against the longbridge-hk GitHub Environment
  • use GitHub OIDC to read HK LongPort app credentials and token from Secret Manager
  • checkout a selected QuantPlatformKit ref and run its skipped fractional-order API probe against the HK simulated account
  • document the manual probe and add workflow structure coverage

Validation

  • /home/ubuntu/Projects/LongBridgePlatform/.venv/bin/python -m unittest tests.test_longbridge_api_probe_workflow -v
  • bash tests/test_longbridge_api_probe_workflow.sh
  • /home/ubuntu/Projects/LongBridgePlatform/.venv/bin/python -m ruff check tests/test_longbridge_api_probe_workflow.py
  • git diff --check

Notes

The workflow does not run on normal CI or push events. After the QuantPlatformKit probe PR lands, trigger this workflow manually with qpk_ref=main to test the HK simulated LongBridge API.

@Pigbibi Pigbibi marked this pull request as ready for review May 7, 2026 21:13
@Pigbibi Pigbibi merged commit aa72f46 into main May 7, 2026
1 check passed
@Pigbibi Pigbibi deleted the codex/longbridge-api-probe-workflow branch May 7, 2026 21:14
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 7, 2026
View reviewed changes

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 5e31e2320d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread .github/workflows/longbridge-api-probe.yml
set -euo pipefail

python -m pip install --upgrade pip
python -m pip install -e quant-platform-kit pytest longport

@chatgpt-codex-connector chatgpt-codex-connector Bot May 7, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Prevent running editable install after exporting LongPort secrets

The workflow allows a user-provided qpk_ref to control which QuantPlatformKit code is checked out, then exports LONGPORT_* credentials to GITHUB_ENV before running python -m pip install -e quant-platform-kit pytest longport. Editable installs can execute package build/install hooks from that checked-out ref, so a malicious or unreviewed ref can read and exfiltrate the broker credentials during install. This is a real secret-exposure path whenever the dispatch input is set to an untrusted ref; move secret export after all untrusted code execution or restrict qpk_ref to trusted immutable refs.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Pigbibi