QuantStrategyLab · Pigbibi · Apr 17, 2026 · Apr 17, 2026
@@ -6,11 +6,11 @@
 - `InteractiveBrokersPlatform`、`CharlesSchwabPlatform`、`LongBridgePlatform`、`BinancePlatform` 这些仓库才是实际运行单元。
 - 策略仓库应该固定依赖某个 Git tag，不要直接依赖 `main`。
 
-如果要看当前线上真实运行清单，包括仓库、项目、服务、scheduler、runtime identity、secret 名称，见 [`platform_runtime_inventory.zh-CN.md`](./platform_runtime_inventory.zh-CN.md)。
+如果要看公开 runtime 接线清单，包括仓库、项目、服务、scheduler、runtime identity、selector 和 secret 入口，见 [`platform_runtime_inventory.zh-CN.md`](./platform_runtime_inventory.zh-CN.md)。
 
 如果要看 `QuantPlatformKit`、平台运行仓库、未来策略仓库三者的职责边界，见 [`platform_repo_boundaries.zh-CN.md`](./platform_repo_boundaries.zh-CN.md)。
 
-如果要看当前的平台 / 策略大类 / live profile 对照表，请看 [`platform_strategy_matrix.zh-CN.md`](./platform_strategy_matrix.zh-CN.md)。
+如果要看当前的平台 / 策略大类 / 可配置 profile 对照表，请看 [`platform_strategy_matrix.zh-CN.md`](./platform_strategy_matrix.zh-CN.md)。
 
 ## 仓库职责
 

@@ -12,7 +12,7 @@
 
 > 哪些东西该放在哪一层，哪些东西不该放？
 
-如果要看当前的平台 / 策略大类 / live profile 对照表，请看 [`platform_strategy_matrix.zh-CN.md`](./platform_strategy_matrix.zh-CN.md)。
+如果要看当前的平台 / 策略大类 / 可配置 profile 对照表，请看 [`platform_strategy_matrix.zh-CN.md`](./platform_strategy_matrix.zh-CN.md)。
 
 ## 1. `QuantPlatformKit`
 

@@ -2,13 +2,13 @@
 
 _Verified snapshot: 2026-04-18_
 
-This document records the **current live runtime inventory** across platform repositories and deployment projects. It is meant to answer one question quickly:
+This document records the public runtime wiring inventory across platform repositories and deployment projects. It is meant to answer one question quickly:
 
-> which repository, project, service, scheduler, runtime identity, and secret set is actually in use right now?
+> which repository, project, service, scheduler, runtime identity, selector, and secret set is wired for each platform?
 
-This is a **current-state runbook**, not a target-state design doc. For target architecture and migration rules, see [`deployment_model.md`](./deployment_model.md).
+This is a wiring runbook, not a record of any account's deployed strategy. It intentionally does **not** record mutable deployment state or account-specific allocation choices.
 
-For the current platform / strategy-domain / live-profile matrix, see [`platform_strategy_matrix.md`](./platform_strategy_matrix.md).
+For the platform / strategy-domain / configurable-profile matrix, see [`platform_strategy_matrix.md`](./platform_strategy_matrix.md).
 
 ## Shared rules
 
@@ -22,14 +22,14 @@ For the current platform / strategy-domain / live-profile matrix, see [`platform
 - The US equity Cloud Run env-sync workflows use GitHub OIDC + Workload Identity Federation. `GCP_SA_KEY` is not required for those workflows.
 - GitHub Secrets can remain as temporary runtime fallbacks where migration is not fully finished.
 
-## Current inventory
+## Runtime inventory
 
-| Platform | Repo | Strategy domain | Current profile | Runtime model | Project / backend | Current runtime unit |
+| Platform | Repo | Strategy domain | Strategy selector | Runtime model | Project / backend | Runtime unit |
 |---|---|---:|---|---|---|---|
-| IBKR | `QuantStrategyLab/InteractiveBrokersPlatform` | `us_equity` | `soxl_soxx_trend_income` | Cloud Run | `interactivebrokersquant` | `interactive-brokers-quant-service` |
-| Schwab | `QuantStrategyLab/CharlesSchwabPlatform` | `us_equity` | `tqqq_growth_income` | Cloud Run | `charlesschwabquant` | `charles-schwab-quant-service` |
-| LongBridge | `QuantStrategyLab/LongBridgePlatform` | `us_equity` | `HK: tech_communication_pullback_enhancement` / `SG: soxl_soxx_trend_income` | Cloud Run | `longbridgequant` | `longbridge-quant-hk-service`, `longbridge-quant-sg-service` |
-| Binance | `QuantStrategyLab/BinancePlatform` | `crypto` | `crypto_leader_rotation` | Oracle Cloud + self-hosted runner | `binancequant` only for Firestore / GCP credentials | GitHub Actions `workflow_dispatch` + self-hosted runner |
+| IBKR | `QuantStrategyLab/InteractiveBrokersPlatform` | `us_equity` | `STRATEGY_PROFILE=<runtime_enabled us_equity profile>` | Cloud Run | `interactivebrokersquant` | `interactive-brokers-quant-service` |
+| Schwab | `QuantStrategyLab/CharlesSchwabPlatform` | `us_equity` | `STRATEGY_PROFILE=<runtime_enabled us_equity profile>` | Cloud Run | `charlesschwabquant` | `charles-schwab-quant-service` |
+| LongBridge | `QuantStrategyLab/LongBridgePlatform` | `us_equity` | `STRATEGY_PROFILE=<runtime_enabled us_equity profile>` per regional service | Cloud Run | `longbridgequant` | `longbridge-quant-hk-service`, `longbridge-quant-sg-service` |
+| Binance | `QuantStrategyLab/BinancePlatform` | `crypto` | `STRATEGY_PROFILE=crypto_leader_rotation` | Oracle Cloud + self-hosted runner | `binancequant` only for Firestore / GCP credentials | GitHub Actions `workflow_dispatch` + self-hosted runner |
 
 ## Platform details
 
@@ -43,20 +43,19 @@ For the current platform / strategy-domain / live-profile matrix, see [`platform
   - `interactive-brokers-quant-service`
 - **Runtime service account**
   - `ibkr-platform-runtime@interactivebrokersquant.iam.gserviceaccount.com`
-- **Current ready revision**
-  - `interactive-brokers-quant-service-00111-wr5`
 - **Scheduler**
   - `interactive-brokers-quant-service-scheduler`
   - region: `us-central1`
 - **Core runtime selectors**
-  - `STRATEGY_PROFILE=soxl_soxx_trend_income`
-  - `ACCOUNT_GROUP=default`
-  - `IB_ACCOUNT_GROUP_CONFIG_SECRET_NAME=ibkr-account-groups`
+  - `STRATEGY_PROFILE=<runtime_enabled us_equity profile>`
+  - `ACCOUNT_GROUP=<account group selector>`
+  - `IB_ACCOUNT_GROUP_CONFIG_SECRET_NAME=<Secret Manager secret name>`
 - **Runtime secrets**
-  - `ibkr-account-groups`
-  - `interactive-brokers-telegram-token`
-- **Current notes**
-  - Transitional envs `IB_GATEWAY_ZONE=us-central1-c` and `IB_GATEWAY_IP_MODE=internal` are still present as service-level fallbacks; the target state is to keep these in the selected account-group payload.
+  - account-group payload secret selected by `IB_ACCOUNT_GROUP_CONFIG_SECRET_NAME`
+  - runtime Telegram token secret
+- **Runtime notes**
+  - `ACCOUNT_GROUP` decides which broker/account payload the runtime loads.
+  - Gateway zone and IP-mode settings should live in the selected account-group payload when the migration is complete.
 
 ### Charles Schwab
 
@@ -68,22 +67,19 @@ For the current platform / strategy-domain / live-profile matrix, see [`platform
   - `charles-schwab-quant-service`
 - **Runtime service account**
   - `schwab-platform-runtime@charlesschwabquant.iam.gserviceaccount.com`
-- **Current ready revision**
-  - `charles-schwab-quant-service-00092-8hz`
 - **Scheduler**
   - `charles-schwab-quant-service-scheduler`
   - region: `us-central1`
 - **Core runtime selectors**
-  - `STRATEGY_PROFILE=tqqq_growth_income`
-  - `DUAL_DRIVE_UNLEVERED_SYMBOL=QQQM`
+  - `STRATEGY_PROFILE=<runtime_enabled us_equity profile>`
+  - optional strategy-specific envs such as `DUAL_DRIVE_UNLEVERED_SYMBOL`
 - **Runtime secrets**
-  - `schwab_token`
-  - `charles-schwab-api-key`
-  - `charles-schwab-app-secret`
-  - `charles-schwab-telegram-token`
-- **Current notes**
-  - Runtime-sensitive envs have already been moved off plain Cloud Run env vars and into Secret Manager refs.
-  - `crisis_response_shadow` is mounted for `tqqq_growth_income` in `shadow` mode. It is log/notification context only and does not change allocation.
+  - Schwab token payload secret
+  - Schwab API key / app secret refs
+  - runtime Telegram token secret
+- **Runtime notes**
+  - Runtime-sensitive envs should use Secret Manager refs, not plain Cloud Run env values.
+  - Strategy plugins are sidecars: `shadow` logs and notifies only; `paper`, `advisory`, and `live` semantics are governed by the plugin execution mode contract.
   - The token refresher lives outside this repo:
     - `QuantStrategyLab/SchwabTokenAutoRefresher`
 
@@ -98,31 +94,22 @@ For the current platform / strategy-domain / live-profile matrix, see [`platform
   - SG: `longbridge-quant-sg-service`
 - **Runtime service account**
   - `longbridge-platform-runtime@longbridgequant.iam.gserviceaccount.com`
-- **Current ready revisions**
-  - HK: `longbridge-quant-hk-service-00086-slh`
-  - SG: `longbridge-quant-sg-service-00089-526`
 - **Schedulers**
   - `longbridge-quant-hk-service-scheduler` in `asia-east2`
   - `longbridge-quant-sg-service-scheduler` in `asia-southeast1`
 - **Core runtime selectors**
-  - `STRATEGY_PROFILE=tech_communication_pullback_enhancement on HK; STRATEGY_PROFILE=soxl_soxx_trend_income on SG`
+  - `STRATEGY_PROFILE=<runtime_enabled us_equity profile>` per regional service
   - `ACCOUNT_REGION=HK|SG`
-  - `LONGPORT_SECRET_NAME=longport_token_hk|longport_token_sg`
+  - `LONGPORT_SECRET_NAME=<region token secret>`
 - **Runtime secrets**
-  - Secret Manager refs:
-    - `longbridge-telegram-token`
-    - `longport-app-key-hk`
-    - `longport-app-key-sg`
-    - `longport-app-secret-hk`
-    - `longport-app-secret-sg`
-  - region token secrets:
-    - `longport_token_hk`
-    - `longport_token_sg`
-- **Current notes**
+  - Secret Manager refs for LongPort app key / app secret
+  - region token secrets selected by `LONGPORT_SECRET_NAME`
+  - runtime Telegram token secret
+- **Runtime notes**
   - HK and SG keep two independent Cloud Run services, two triggers, and two GitHub Environments.
-  - HK uses feature-snapshot envs for `tech_communication_pullback_enhancement`; SG is currently on the direct-runtime `soxl_soxx_trend_income` profile.
+  - Snapshot-backed profiles require feature snapshot path / manifest envs; direct-runtime profiles do not.
   - App key / secret are region-specific Secret Manager refs; Telegram token is shared inside the LongBridge project.
-  - `SERVICE_NAME` is now aligned to the full runtime-facing names above, instead of using the older short `longbridge-quant-hk` / `longbridge-quant-sg` prefixes.
+  - `SERVICE_NAME` should use the full runtime-facing service names above, not older short prefixes.
 
 ### Binance
 
@@ -137,13 +124,13 @@ For the current platform / strategy-domain / live-profile matrix, see [`platform
 - **What GCP is used for**
   - Firestore
   - GCP service-account credentials consumed by the workflow / runtime
-- **Current runtime selector**
+- **Runtime selector**
   - `STRATEGY_PROFILE=crypto_leader_rotation`
 - **Known Firestore backend**
   - database: `(default)`
   - mode: `FIRESTORE_NATIVE`
   - location: `nam5`
-- **Current notes**
+- **Runtime notes**
   - Binance is intentionally **not** modeled like the Cloud Run platforms.
   - Any future cleanup here should keep Oracle runtime concerns separate from GCP backend concerns.
 
@@ -177,9 +164,3 @@ For the current platform / strategy-domain / live-profile matrix, see [`platform
 
 - Scheduler OIDC identity is still tied to the default compute service account in the Cloud Run projects.
 - Real cross-platform strategy implementation sharing has **not** started yet. Only the shared strategy contract and platform-compatibility skeleton are in place.
-
-## Recommended next steps after this inventory
-
-1. keep this file current whenever a runtime service, secret name, or runtime service account changes
-2. keep repository names, service names, scheduler names, and docs aligned whenever one side changes
-3. only after naming and runtime config are stable, start the real strategy-implementation split by domain