Compare commits

...

7 Commits

Author SHA1 Message Date
2e5a8d5eed Add DATA_PATHS golden standard and resolve_data_path helpers.
All checks were successful
技能自动化发布 / release (push) Successful in 5s
Document skill-owned file layout under user data dir, extend runtime_paths with standard subdir helpers, add POLICY-DATA-PATH-001, and update CONFIG/RUNTIME cross-references.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-13 14:14:38 +08:00
6f958ded28 feat(template): SRCP v1 standards, job_context/finish gold sample (v1.0.38, platform-kit 1.2.0)
All checks were successful
技能自动化发布 / release (push) Successful in 4s
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-12 12:27:44 +08:00
3bc15d1241 chore: auto release commit (2026-07-11 15:57:40)
All checks were successful
技能自动化发布 / release (push) Successful in 5s
2026-07-11 15:57:43 +08:00
c67079fb9e chore: auto release commit (2026-07-11 15:00:19)
All checks were successful
技能自动化发布 / release (push) Successful in 5s
2026-07-11 15:00:20 +08:00
dc4eecbb35 chore: auto release commit (2026-07-11 14:43:15)
All checks were successful
技能自动化发布 / release (push) Successful in 5s
2026-07-11 14:43:16 +08:00
766d162245 fix: harden skill template contracts and scaffolding
All checks were successful
技能自动化发布 / release (push) Successful in 4s
Align scaffold slug replacement, Action manifest strict boundaries, metadata prune API, field permission validation, and task_logs readonly semantics with documented template contracts.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-11 11:55:46 +08:00
35c20fc0f2 feat: standardize skill data management and actions
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-07-11 11:23:14 +08:00
40 changed files with 3972 additions and 186 deletions

View File

@@ -1,4 +1,4 @@
# ── 运行模式 / adapter 档位(见 references/ADAPTER.md──
# ── 运行模式 / adapter 档位(见 development/ADAPTER.md──
OPENCLAW_TEST_TARGET=mock # mock | simulator_rpa | real_api | real_rpa
# ── 目标系统 ──
@@ -12,10 +12,19 @@ OPENCLAW_BROWSER_HEADLESS=0 # 0=有头(默认) 1=无头(CI)
OPENCLAW_PLAYWRIGHT_STEALTH=1 # 1=开启反检测指纹(默认)
# ── 存证 ──
OPENCLAW_RECORD_VIDEO=1
OPENCLAW_RECORD_VIDEO=0 # 0=默认不录屏1=启用录屏+字幕+旁白+背景音+MP4
OPENCLAW_ARTIFACTS_ON_FAILURE=1 # 1=失败截图(默认)
# ── 节流 / 超时 ──
STEP_DELAY_MIN=1.0 # 步骤间随机等待下限(秒)
STEP_DELAY_MAX=5.0 # 步骤间随机等待上限(秒)
HUMAN_WAIT_TIMEOUT=180 # 滑块/验证码/2FA 等人工超时(秒)
# ── 数据目录子路径(见 development/DATA_PATHS.md留空则用 skill 数据目录下默认子文件夹)──
# 相对路径相对于 {JIANGCHANG_DATA_ROOT}/{USER_ID}/{slug}/,不是 workspace / CWD
# SKILL_DOWNLOAD_DIR=downloads
# SKILL_IMPORT_DIR=imports
# SKILL_EXPORT_DIR=exports
# SKILL_UPLOAD_DIR=uploads
# SKILL_CACHE_DIR=cache
# SKILL_TEMP_DIR=temp

View File

@@ -1,12 +1,12 @@
---
name: 技能开发模板(通用业务版)
description: "OpenClaw 通用业务技能开发模板,供复制后定制新业务 skill。定制步骤见 development/DEVELOPMENT.md。"
version: 1.0.32
version: 1.0.39
author: 深圳匠厂科技有限公司
metadata:
openclaw:
slug: your-skill-slug
platform_kit_min_version: "1.0.17"
platform_kit_min_version: "1.2.0"
emoji: "📦"
category: "通用"
developer_ids:
@@ -70,10 +70,10 @@ python {baseDir}/scripts/main.py version
## 运行依赖
- Python 运行环境由匠厂宿主注入**共享 runtime**`{JIANGCHANG_DATA_ROOT}/python-runtime/.venv`
- 公共能力来自共享 runtime 安装的 `jiangchang-platform-kit>=1.0.17``jiangchang_skill_core` 包);**不要 vendor** `scripts/jiangchang_skill_core/`,新技能不得在仓库内保留该目录副本。
- 公共能力来自共享 runtime 安装的 `jiangchang-platform-kit>=1.2.0``jiangchang_skill_core` 包);**不要 vendor** `scripts/jiangchang_skill_core/`,新技能不得在仓库内保留该目录副本。
- config、logging、runtime_env、rpa、media-assets、video_session、runtime_diagnostics 等均从共享 venv 的 `jiangchang_skill_core` import而非技能目录副本。
- 根目录 `requirements.txt` **只声明技能特有** Python 三方依赖;`jiangchang-platform-kit``playwright` 等公共能力由宿主共享 runtime 提供,**不要**写入技能 requirements。
- `metadata.openclaw.platform_kit_min_version`(当前 `1.0.17`)是运行契约/兼容性声明,供宿主安装与启用时校验,**不是**技能 pip 依赖声明。
- `metadata.openclaw.platform_kit_min_version`(当前 `1.2.0`)是运行契约/兼容性声明,供宿主安装与启用时校验,**不是**技能 pip 依赖声明。
- Skill 代码**不要**自行 `pip install`;系统级依赖(如 VC++ Runtime仅在 `health` / preflight 中提示用户安装。
- `health` 使用 `collect_runtime_diagnostics` 输出统一 runtime 诊断(只读,不下载/修复 media-assets
@@ -83,7 +83,7 @@ python {baseDir}/scripts/main.py version
2. 业务技能仓库中**不得**存在 `.openclaw-skill-template`(仅 template 源仓库保留)。
3. 复制目录为你的新 skill 仓库,全局替换 `your-skill-slug` 等占位词。
4.`development/DEVELOPMENT.md` 完成开发与文档定制。
5. 用户市场说明写入根 `README.md`Agent 调用契约见 `references/CLI.md``references/SCHEMA.md`
5. 用户市场说明写入根 `README.md`Agent 调用契约见 `references/CLI.md``references/SCHEMA.md``references/ACTIONS.md`
6. 同步修改 `scripts/util/constants.py` 中的 `SKILL_SLUG` / `SKILL_VERSION`
7. 本地 SQLite 的中文表名/字段名、标准时间字段与字段顺序规范见 `references/SCHEMA.md`(元数据表 `_jiangchang_*` + `CREATE TABLE` 物理顺序)。
@@ -94,7 +94,7 @@ python {baseDir}/scripts/main.py version
- 复制为新业务技能前**必须**阅读 `development/NAMING.md`
- `name`frontmatter**用户可见的中文业务名称**`description` 是说明,不是名称。
- `metadata.openclaw.slug`**英文 kebab-case** 机器标识;目录名、默认 `{slug}.db` 使用 slug不使用中文。
- 复制后全局替换 `your-skill-slug`;正式技能不得保留英文占位 `name` 或 slug。
- 复制后全局替换 `your-skill-slug``your_skill_slug`(脚手架会自动处理);正式技能不得保留英文占位 `name` 或 slug。
## 平台元数据

View File

@@ -1,8 +1,11 @@
# assets
- `actions.json`Skill Action manifest 最小示例(**可选**;不需要宿主入口时可删除)。
- `examples/`CLI 成功输出形状示例(虚构路径与数据)。
- `schemas/`:轻量 JSON Schema 示例(`additionalProperties: true` 允许扩展字段)。
- `schemas/`:轻量 JSON Schema`skill-actions.schema.json` 为**新技能严格规范**`task-log-record.schema.json`)。
`skill-actions.schema.json` 使用 `additionalProperties: false` 表达模板推荐契约;宿主运行时可能更宽松以兼容历史 manifest。`row`/`batch` placements 与 `bind`/`concurrency`/`locks` 为预留能力,当前模板示例不得使用。
- 用户市场说明见根目录 [`README.md`](../README.md)
- Agent 调用/编排参考见 [`references/`](../references/)
- Agent 调用/编排参考见 [`references/`](../references/)(含 [`ACTIONS.md`](../references/ACTIONS.md)
- 开发规范见 [`development/`](../development/)

39
assets/actions.json Normal file
View File

@@ -0,0 +1,39 @@
{
"schemaVersion": 1,
"skill": "your-skill-slug",
"actions": [
{
"id": "health",
"label": "运行检查",
"description": "检查技能运行环境并返回结构化结果。",
"placements": ["skill-detail", "agent"],
"entrypoint": {
"type": "cli",
"command": "health",
"args": []
}
},
{
"id": "version",
"label": "查看版本",
"description": "返回技能版本和机器标识。",
"placements": ["skill-detail"],
"entrypoint": {
"type": "cli",
"command": "version",
"args": []
}
},
{
"id": "config-path",
"label": "查看配置位置",
"description": "返回技能配置文件位置。",
"placements": ["skill-detail"],
"entrypoint": {
"type": "cli",
"command": "config-path",
"args": []
}
}
]
}

View File

@@ -0,0 +1,128 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://openclaw.local/skill-template/skill-actions.schema.json",
"title": "SkillActionManifest",
"description": "匠厂 skill-template 对新技能的严格 Action manifest 规范schemaVersion 1。additionalProperties=false 表示模板推荐契约;宿主运行时可能为兼容历史 manifest 接受部分缺省字段,但新技能不应依赖缺省行为。",
"type": "object",
"required": ["schemaVersion", "skill", "actions"],
"additionalProperties": false,
"properties": {
"schemaVersion": {
"type": "integer",
"const": 1
},
"skill": {
"type": "string",
"pattern": "^[a-z0-9]+(-[a-z0-9]+)*$",
"description": "与 SKILL.md metadata.openclaw.slug 一致"
},
"actions": {
"type": "array",
"minItems": 1,
"items": { "$ref": "#/$defs/action" }
}
},
"$defs": {
"placement": {
"type": "string",
"enum": ["toolbar", "row", "batch", "cron", "agent", "skill-detail"],
"description": "模板 Phase 1 稳定支持 toolbar/cron/agent/skill-detailrow/batch 为预留入口,新技能示例不得使用"
},
"scalarArg": {
"type": ["string", "number", "boolean"]
},
"inputProperty": {
"type": "object",
"required": ["type"],
"additionalProperties": true,
"properties": {
"type": {
"type": "string",
"enum": ["string", "number", "boolean", "object"],
"description": "模板 Phase 1 仅推荐 string/number/boolean根 inputSchema.type=object 的 properties 使用基础标量类型"
},
"title": { "type": "string" },
"description": { "type": "string" },
"default": {},
"enum": {
"type": "array",
"minItems": 1
},
"sensitive": { "type": "boolean" }
}
},
"inputSchema": {
"type": "object",
"required": ["type", "properties"],
"additionalProperties": false,
"properties": {
"type": { "const": "object" },
"required": {
"type": "array",
"items": { "type": "string" }
},
"properties": {
"type": "object",
"additionalProperties": { "$ref": "#/$defs/inputProperty" }
}
}
},
"entrypoint": {
"type": "object",
"required": ["type", "command", "args"],
"additionalProperties": false,
"properties": {
"type": { "const": "cli" },
"command": {
"type": "string",
"minLength": 1
},
"args": {
"type": "array",
"items": { "$ref": "#/$defs/scalarArg" },
"description": "仅允许 string/number/boolean 标量数组"
}
}
},
"confirmation": {
"type": "object",
"required": ["message"],
"additionalProperties": false,
"properties": {
"message": {
"type": "string",
"minLength": 1
}
}
},
"action": {
"type": "object",
"required": ["id", "label", "description", "placements", "entrypoint"],
"additionalProperties": false,
"properties": {
"id": {
"type": "string",
"pattern": "^[a-z0-9]+(?:-[a-z0-9]+)*$",
"minLength": 1
},
"label": {
"type": "string",
"minLength": 1
},
"description": {
"type": "string",
"minLength": 1
},
"placements": {
"type": "array",
"minItems": 1,
"items": { "$ref": "#/$defs/placement" }
},
"entrypoint": { "$ref": "#/$defs/entrypoint" },
"inputSchema": { "$ref": "#/$defs/inputSchema" },
"confirmation": { "$ref": "#/$defs/confirmation" }
},
"description": "模板 Phase 1 不包含 bind/concurrency/locks 等预留能力字段;宿主类型可能定义这些字段,但新技能不得依赖"
}
}
}

View File

@@ -31,7 +31,7 @@ OPENCLAW_BROWSER_HEADLESS=0 # 0=有头(默认) 1=无头(CI)
OPENCLAW_PLAYWRIGHT_STEALTH=1 # 1=开启反检测指纹(默认)
# ── 录屏与失败存证 ──
OPENCLAW_RECORD_VIDEO=1 # 1=录屏+字幕+旁白+背景音+MP4RPA 默认开,见 RPA.md
OPENCLAW_RECORD_VIDEO=0 # 0=默认不录屏1=启用录屏+字幕+旁白+背景音+MP4见 RPA.md
OPENCLAW_ARTIFACTS_ON_FAILURE=1 # 1=失败截图(默认)
# ── 节流 / 超时 ──
@@ -40,7 +40,22 @@ STEP_DELAY_MAX=5.0
HUMAN_WAIT_TIMEOUT=180 # 滑块/验证码/2FA 等人工超时(秒)
```
**业务专属配置必须带技能前缀**(如 `DEMO_XXX``MY_SKILL_XXX`**不要污染全局命名空间**(禁止 `SCRAPE_1688_*``RECEIVE_ORDER_*` 等跨技能前缀写入模板)。
**业务专属配置必须带技能前缀**(如 `DEMO_XXX``MY_SKILL_XXX``SKILL_DOWNLOAD_DIR`**不要污染全局命名空间**(禁止 `SCRAPE_1688_*``RECEIVE_ORDER_*` 等跨技能前缀写入模板)。
### 数据目录子路径(下载 / 导入 / 导出)
技能**自己写入**的文件默认在 `{JIANGCHANG_DATA_ROOT}/{USER_ID}/{slug}/` 下标准子目录(`downloads/``imports/``exports/` 等)。须通过 `util.runtime_paths.resolve_data_path()``get_*_dir()` 解析,**禁止** `os.path.abspath(config.get(...))` 相对 CWD。
- 权威说明:[`DATA_PATHS.md`](DATA_PATHS.md)
- `.env.example` 中路径类配置**留空即用默认**;若写相对路径,必须相对 **skill 数据目录****禁止** `./outputs/...` 这类相对 workspace 的写法
- 可选 env`SKILL_DOWNLOAD_DIR``SKILL_IMPORT_DIR``SKILL_EXPORT_DIR` 等(见 DATA_PATHS.md
### 录屏开关(`OPENCLAW_RECORD_VIDEO`
- **模板默认 `OPENCLAW_RECORD_VIDEO=0`**,降低本地开发 / 调试成本(不启 ffmpeg、不生成 MP4
- 需要**生产留证、合规记录、客户现场复现或排障**时,可在用户 `.env` 或进程环境变量中设为 `OPENCLAW_RECORD_VIDEO=1`
- **默认关闭不代表可以删除录屏接入**RPA / 长任务代码仍须保留 `RpaVideoSession``video.add_step` 与 video artifact 写入 `result_summary`(见 `RPA.md` §5.3)。
- **已落盘的用户 `.env` 不会被模板整体覆盖**;老用户保留原值,技能升级时仅通过 `merge_missing_env_keys` **追加** `.env.example` 中新增的 key。
## 🚫 红线:敏感信息不进 `.env`
@@ -84,7 +99,7 @@ config.get_float("STEP_DELAY_MIN", 1.0)
## health / config-path
- **`health`**:输出 `collect_runtime_diagnostics` 字段(`platform_kit_version_ok``ffmpeg_path` 等),**不打印敏感值**;补充 `env_path` / `env_exists` / `example_path`
- **`config-path`**:输出 JSON包含 `skill``env_path`(用户数据目录 `.env`)、`example_path`(仓库 `.env.example` 绝对路径),便于排查落盘位置。
- **`config-path`**:输出 JSON包含 `skill``env_path`(用户数据目录 `.env`)、`example_path`(仓库 `.env.example` 绝对路径),便于排查落盘位置;业务 skill 建议附加 `list_resolved_data_paths()` 中的子目录路径(见 [`DATA_PATHS.md`](DATA_PATHS.md)
## doctor / setup 命令(可选)
@@ -97,4 +112,5 @@ config.get_float("STEP_DELAY_MIN", 1.0)
- `RPA.md` — 三端 RPA 标准与各开关含义
- `ADAPTER.md``OPENCLAW_TEST_TARGET` 四档模式
- `RUNTIME.md``JIANGCHANG_*` 环境变量与数据目录约定
- `RUNTIME.md``JIANGCHANG_DATA_ROOT` 与数据约定
- `DATA_PATHS.md` — 下载/导入/导出等子目录与 `resolve_data_path` 规范

160
development/DATA_PATHS.md Normal file
View File

@@ -0,0 +1,160 @@
# 用户数据目录与文件路径黄金标准
> 本文是 skill **读写本地文件** 的权威约定。凡涉及下载、导入、导出、缓存、RPA 存证等路径复制模板后须遵守本文Agent 实现业务 skill 时也应先读本文。
---
## 1. 根目录
所有技能持久化数据(配置、数据库、业务文件)默认落在:
```text
{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/{skill_slug}/
```
示例:
```text
D:\jiangchang-data\12500\download-video-baidu-haokan\
```
实现:`util.runtime_paths.get_skill_data_dir()`
**禁止**把技能自己写入的文件落到:
- Agent / 宿主 **workspace**(进程 CWD
- 技能安装目录(含 `.openclaw/skills/...`
- 未在本文声明的任意相对 CWD 路径
---
## 2. 标准子目录树
| 子目录 | 用途 | 默认 helper |
|--------|------|-------------|
| `downloads/` | 从外部拉取的原始文件视频、回单、PDF… | `get_downloads_dir()` |
| `imports/` | 用户/Agent 放入的待处理清单urls.txt、batch.json、CSV | `get_imports_dir()` |
| `exports/` | 导出给用户的结果xlsx/csv/json | `get_exports_dir()` |
| `uploads/` | 待发布到外部平台的 staging可选 | `get_uploads_dir()` |
| `cache/` | 可再生缓存(页面快照、解析中间结果) | `get_cache_dir()` |
| `temp/` | 单次任务 scratch任务结束可删 | `get_temp_dir()` |
| `rpa-artifacts/` | RPA 失败截图、录屏中间产物 | `get_rpa_artifacts_dir(batch_id)` |
| `videos/` | RPA 录屏成片 MP4 | `get_videos_dir()` |
| `{skill_slug}.db` | SQLite | `get_db_path()` |
| `.env` | 用户配置 | `config.get_env_file_path()` |
复制后若业务不需要某目录,可不创建;**但一旦写入该类文件,必须走对应 helper**。
---
## 3. 两类路径
### A. 技能拥有skill-owned
技能**创建或更新**的文件:下载结果、导出报表、失败截图、队列 sidecar 等。
- **默认**必须在 `{skill_data_dir}/<子目录>/` 下。
- **必须**通过 `resolve_data_path()``get_*_dir()` 解析,**禁止** `os.path.abspath(config.get(...))` 相对 CWD。
### B. 用户显式输入user-owned
用户在 CLI / Agent 对话中给出的**已有文件**绝对路径,例如「发布这个视频 `D:\素材\x.mp4`」。
- 技能**只读**,路径可以是用户磁盘任意位置。
- 使用 `resolve_input_path()`:绝对路径原样;**相对路径**解析为 `{skill_data_dir}/imports/<相对路径>`**不**相对 workspace/CWD。
---
## 4. 配置项(`.env`
可选覆盖项(**留空则用默认子目录**
```ini
# ── 数据目录子路径(见 development/DATA_PATHS.md──
# 相对路径相对于 {JIANGCHANG_DATA_ROOT}/{USER_ID}/{slug}/,不是 workspace
# SKILL_DOWNLOAD_DIR=downloads/videos
# SKILL_IMPORT_DIR=imports
# SKILL_EXPORT_DIR=exports
# SKILL_UPLOAD_DIR=uploads
# SKILL_CACHE_DIR=cache
# SKILL_TEMP_DIR=temp
```
| 规则 | 说明 |
|------|------|
| 未配置 | `{skill_data_dir}/{default_subdir}` |
| 相对值 `downloads/videos` | `{skill_data_dir}/downloads/videos` |
| 绝对值 `D:\nas\exports` | 高级用户/NAS 挂载,原样使用 |
| **禁止** `./outputs/...` | 会随 CWD 漂移,不得作为 `.env.example` 活跃配置行 |
业务专属路径 env key 须带 **`SKILL_` 前缀**(或技能 slug 前缀),避免污染全局命名空间。
---
## 5. 代码用法
```python
from util.runtime_paths import (
get_downloads_dir,
get_imports_dir,
resolve_data_path,
resolve_input_path,
list_resolved_data_paths,
)
# 下载保存A 类)
dest = os.path.join(get_downloads_dir(), f"{vid}.mp4")
# 或带 env 覆盖
out_dir = resolve_data_path("SKILL_DOWNLOAD_DIR", "downloads")
# CLI -i urls.txtB 类,相对路径 → imports/
manifest = resolve_input_path(args.input_path)
# health 诊断
paths = list_resolved_data_paths()
```
**反模式(禁止):**
```python
# ❌ 相对 CWDAgent 从 workspace 执行时会写错盘
os.path.abspath(config.get("DOWNLOAD_OUTPUT_DIR"))
# ❌ .env.example 里写 ./outputs/videos
DOWNLOAD_OUTPUT_DIR=./outputs/videos
```
---
## 6. health / config-path
`health``config-path` 建议输出 `list_resolved_data_paths()` 中的路径,便于排查「文件写到哪里去了」。展示路径须与 `run` 实际使用的一致。
---
## 7. 与 RPA 存证的关系
- 失败截图、录屏中间文件:`rpa-artifacts/{batch_id}/`(见 [`RPA.md`](RPA.md) §5.1
- 录屏成片:`videos/`(见 [`RPA.md`](RPA.md) §5.3
业务 `downloads/` 与 RPA `videos/` **分工不同**:前者是业务产出文件,后者是操作过程录屏。
---
## 8. 测试
- 单元测试须用 `IsolatedDataRoot`,断言路径落在临时数据根下。
- `tests/test_runtime_paths.py` 覆盖 `resolve_data_path` / `resolve_input_path`
- `POLICY-DATA-PATH-001`:禁止 `.env.example``./` 路径;禁止业务代码 `abspath(config.get(...))`
---
## 9. 相关文档
| 文档 | 内容 |
|------|------|
| [`RUNTIME.md`](RUNTIME.md) | 数据根、共享 runtime、编码 |
| [`CONFIG.md`](CONFIG.md) | `.env` bootstrap 与三层优先级 |
| [`RPA.md`](RPA.md) | rpa-artifacts / videos 存证 |
| [`POLICY_MATRIX.md`](POLICY_MATRIX.md) | POLICY-DATA-PATH-001 |

View File

@@ -152,11 +152,13 @@ scripts/
- `service/`
作用:核心业务逻辑
比如任务编排、调用兄弟技能、外部 API、可选浏览器自动化
**负责业务关键节点日志**`task_start` / 外部调用 / `task_failed` 等,见 [`LOGGING.md`](LOGGING.md)
- `util/`
作用:常量、日志、路径、时间工具、通用帮助函数
`util/logging_config.py``jiangchang_skill_core.unified_logging` 的**薄封装**,业务代码应通过它获取 logger
公共能力config、logging、runtime_env、rpa、media_assets、video_session、runtime_diagnostics从共享 runtime 的 `jiangchang-platform-kit>=1.0.17` import**不得**在 `scripts/` 下保留 `jiangchang_skill_core/` 副本。
公共能力config、logging、runtime_env、rpa、media_assets、video_session、runtime_diagnostics、activity/SRCP)从共享 runtime 的 `jiangchang-platform-kit>=1.2.0` import**不得**在 `scripts/` 下保留 `jiangchang_skill_core/` 副本。
## 3.2 开发 RPA 类 skill
@@ -193,7 +195,7 @@ scripts/
技能根目录的 `requirements.txt` 是**标准文件**,用于声明本技能**特有** Python 三方依赖。
- **公共依赖**`jiangchang-platform-kit`、`playwright`、config、runtime diagnostics、RPA 公共能力等)由**宿主共享 runtime** 提供,**不要**写入技能 `requirements.txt`。
- `SKILL.md` 的 `metadata.openclaw.platform_kit_min_version`(当前 `1.0.17`)是运行契约/兼容性声明,供宿主安装与启用时校验,**不是** pip 依赖声明。
- `SKILL.md` 的 `metadata.openclaw.platform_kit_min_version`(当前 `1.2.0`)是运行契约/兼容性声明,供宿主安装与启用时校验,**不是** pip 依赖声明。
- 匠厂宿主安装/更新技能后,会将技能 `requirements.txt` 安装到共享 venv`{JIANGCHANG_DATA_ROOT}/python-runtime/.venv`。
- **不要**在业务代码中 `subprocess` / `pip install`;缺依赖由 `health` 报错,由宿主负责安装。
- **版本约束尽量收窄**,降低多技能共享 venv 时的冲突风险。推荐范围写法:
@@ -412,7 +414,8 @@ metadata:
- `README.md` — Agent 参考索引(**不是**市场说明;不得含 YAML frontmatter 或 `description`
- `CLI.md` — 命令、参数、默认值、兄弟技能调用方式
- `SCHEMA.md` — 数据库路径、核心表结构、日志表结构
- `SCHEMA.md` — 数据库路径、`_jiangchang_*` 数据管理契约、日志表结构
- `ACTIONS.md` — Skill Action manifest、宿主入口、参数与执行契约
- 可按需增加 `ERRORS.md`、`INTEGRATION.md` 等编排向补充
**`development/`**(开发者 / AI 编程代理)
@@ -420,6 +423,7 @@ metadata:
- `REQUIREMENTS.md` — 需求与验收
- `DEVELOPMENT.md` — 开发教程(本文档)
- `TESTING.md` — 测试分层与隔离(详见 [`TESTING.md`](TESTING.md)
- `LOGGING.md` — 日志分层、必打节点、敏感信息红线
- `ADAPTER.md`、`RPA.md`、`CONFIG.md`、`RUNTIME.md` — 技术规范
## 8. `assets/` 应该放什么
@@ -428,11 +432,14 @@ metadata:
建议放:
- `actions.json`
宿主 Action 入口 manifest可选见 `references/ACTIONS.md`
- `examples/`
比如 `version` 输出示例、`log-get` 输出示例
- `schemas/`
比如日志记录、机读 JSON 的 schema
比如 `skill-actions.schema.json`、日志记录、机读 JSON 的 schema
不要把正式研发文档放到 `assets/`。
用户说明进根 `README.md`Agent 编排资料进 `references/`;开发规范进 `development/`。
@@ -474,6 +481,16 @@ metadata:
- `entitlement_service.py`
放鉴权逻辑
### 日志要求(`cmd_run` / 核心业务)
`service` 层是**关键业务日志**的落点,须遵循 [`LOGGING.md`](LOGGING.md)
- `cmd_run` 及主任务入口必须:`log.info("task_start ...")`、`log.info("task_log_saved ...")`;失败路径必须 `log.exception("task_failed ...")`。
- 外部 API、兄弟技能、RPA 操作须记录**开始 / 结束 / 耗时 / 状态**`external_call_start` / `external_call_done elapsed_ms=...`)。
- 长任务 / RPA 须配合 `activity.emit` 或 `RpaVideoSession.add_step` 输出用户可见进度;`cmd_run` 须 `job_context` + 各出口 `finish`(见 [`LOGGING.md`](LOGGING.md) §2.5)。
- 使用 `from util.logging_config import get_skill_logger`**不要**用 `print` 替代 logger 做排障日志。
- **禁止**在日志中写入 password、token、cookie 等敏感明文(见 `LOGGING.md` §敏感信息红线)。
### 一个很重要的原则
不要把所有逻辑都堆进一个文件。
@@ -493,6 +510,8 @@ metadata:
只做增删查改(模板默认表:`task_logs`
- `db/display_metadata.py`
创建 `_jiangchang_tables` / `_jiangchang_columns` 并幂等写入中文展示名(见 `references/SCHEMA.md`
- `db/display_metadata_validator.py`
元数据完整性、editable 权限、options_json 等自检
- `db/timestamp_columns.py`
标准时间字段 trigger 与维护约定(`created_at` / `updated_at`Unix 秒级)
@@ -502,6 +521,24 @@ metadata:
- 打印用户提示
- 拼接业务流程
## 11.5 Skill Action manifest可选
若技能需要出现在宿主**数据管理按钮**、**技能详情**、**定时任务**或 **Agent 直接调用**中,提供 `assets/actions.json`。
- 契约说明见 [`references/ACTIONS.md`](../references/ACTIONS.md)
- JSON Schema 见 [`assets/schemas/skill-actions.schema.json`](../assets/schemas/skill-actions.schema.json)
- 模板最小示例仅暴露 `health` / `version` / `config-path` 三个 CLI 子命令
- 没有宿主直接操作需求时,**可以删除** `actions.json`;删除后勿保留失效引用
- 复制为新技能后scaffold 会自动将 `your-skill-slug` 与 `your_skill_slug` 替换为新 slug后者用于 `LOG_LOGGER_NAME` 等下划线形式action 业务命令由技能作者自行调整
宿主执行方式:
```text
python {skillRoot}/scripts/main.py <command> <args...>
```
CLI 必须提供稳定退出码、结构化成功输出,以及 `ERROR:<CODE>:` / `HINT:` 错误契约(详见 `references/ACTIONS.md`)。
## 12. 如何接兄弟技能
如果 skill 要依赖兄弟 skill不要在业务代码里写死绝对路径。
@@ -578,6 +615,14 @@ python scripts/main.py logs
python scripts/main.py log-get 1
```
除 `health` / `version` / `logs` 外,执行一次 `run`(或你的主任务命令)后,应确认**统一日志文件**已生成并可检索:
```text
{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log
```
其中应能看到 `cli_start`、`task_start` 等带 `trace_id` / `skill_slug` 的行。路径与分层说明见 [`LOGGING.md`](LOGGING.md)。
### 4. 最后再验证真实业务
比如:
@@ -616,6 +661,10 @@ uses: client-jiangchang/jiangchang-platform-kit/.github/workflows/reusable-relea
在执行 `release.ps1` 之前,必须先在本地确认 `python tests/run_tests.py -v` 通过。测试不通过不得发起正式发布。
`release.ps1` 会在 **auto commit 之前**、推送 tag 之前,对**当前工作区**自动执行默认测试(`python tests/run_tests.py -v`);失败则中止 release不会留下失败状态的自动提交。仅紧急排障可使用 `-SkipTests` 跳过(会打印黄色警告)。`-DryRun` 预览发布时**仍会实际运行**默认测试,便于在不打 tag 的情况下验证门禁。
新增或调整开发规范时,须同步 [`development/POLICY_MATRIX.md`](POLICY_MATRIX.md) 与 [`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py)(或注明由既有测试覆盖)。
当本地开发、自测和联调完成后,还需要把 skill 发布到正式环境做一次完整验证。建议技术人员严格按下面顺序执行,不要跳步。
### 第一步:在 skill 根目录执行 `release.ps1`
@@ -737,9 +786,12 @@ uses: client-jiangchang/jiangchang-platform-kit/.github/workflows/reusable-relea
- [ ] 没有残留旧平台名
- [ ] `health` / `version` 可运行
- [ ] `.gitignore` 生效,没有把 `__pycache__` 提交进去
- [ ] `release.ps1` 存在
- [ ] `release.ps1` 存在(发布前会自动跑 `python tests/run_tests.py -v`;失败不得打 tag
- [ ] `.github/workflows/release_skill.yaml` 存在
- [ ] `python tests/run_tests.py -v` 全部通过
- [ ] `python tests/run_tests.py -v` 全部通过(含 `test_development_policy_guard.py`
- [ ] 主任务入口(如 `cmd_run`)有关键日志:`task_start`、`task_log_saved`;失败路径使用 `logger.exception`
- [ ] 日志不泄露 password / token / cookie 等敏感明文(见 [`LOGGING.md`](LOGGING.md)
- [ ] 新增 hard 规范已写入 `development/POLICY_MATRIX.md` 并有对应自动检测
- [ ] `scripts/**/*.py` 单文件 **< 1000 行**PyArmor 试用/免费模式限制;推荐 < 900 行)
- [ ] 源码/文档/配置为 **UTF-8 without BOM**Python 文件不得含 `U+FEFF`
- [ ] 没有新增默认必跑测试访问真实网络或浏览器

309
development/LOGGING.md Normal file
View File

@@ -0,0 +1,309 @@
# 日志规范
本文件是 skill 日志规范的**权威入口**,面向技术人员与 AI 编程代理。涉及长任务、RPA、外部系统对接的技能**必须**在实现前通读本文,并在 code review 时对照「必打日志节点清单」人工检查。
---
## 1. 为什么日志是必需的
OpenClaw 技能常在客户电脑上异步执行,且大量依赖 RPA、浏览器、ERP、微信等外部系统。这类任务具备以下特征
- **耗时长**:单次 run 可能数分钟甚至更久stdout 长时间无输出不代表卡死。
- **失败点多**网络抖动、页面改版、登录态失效、验证码、U 盾等都会导致中途失败。
- **环境差异大**:客户 OS、浏览器版本、代理、杀毒软件、屏幕分辨率各不相同无法复现开发机行为。
- **必须离线排查**:技术支持往往无法远程登录客户电脑,只能依赖本地落盘的日志与 artifacts。
日志用于定位:
| 维度 | 说明 |
|------|------|
| 失败阶段 | 任务停在鉴权、取号、打开页面、提交还是等待结果 |
| 输入范围 | `task_type``target_id``input_id``batch_id` |
| 外部系统状态 | HTTP 状态、RPA 步骤、兄弟技能返回码 |
| 耗时 | `elapsed_ms`、批量 `current/total` |
| 重试与人工介入 | 第几次重试、是否等待验证码 / U 盾 |
| 存证路径 | 截图、录屏、`video_log`、失败 artifacts |
**没有关键节点日志 = 客户现场不可排障。** 不要把 `print` 当作日志stdout 面向用户与 Agent文件日志与 Run Journal 面向运维。
---
## 2. 日志分层
技能日志分四层,职责互不替代:
### 2.1 统一文件日志(开发 / 运维排查)
**来源**`jiangchang_skill_core.unified_logging`(技能内通过 `util.logging_config` 薄封装 import
| API | 用途 |
|-----|------|
| `setup_skill_logging` | CLI 入口启动时初始化(`cli/app.py``main()` |
| `get_skill_logger` | 获取带 `skill_slug` 的 logger |
| `subprocess_env_with_trace` | 子进程 / 兄弟技能调用时传递 `trace_id` |
**路径**
```text
{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log
```
**特征**:每行带 `trace_id``skill_slug`;适合 grep、离线打包发给技术支持。
### 2.2 Activity / Run Journal宿主 UI 与用户可见进度)
**来源**`jiangchang_skill_core.activity`
| API | 用途 |
|-----|------|
| `emit` | 推送用户可读进度(不写 stdout进入步骤前自动步骤闸门SRCP |
| `step` | 结构化步骤 |
| `finish` | 任务结束;**唯一**写单行 result JSON 到 stdout 的场景 |
| `job_context` | 包裹 `cmd_run`;未捕获异常 / `JobStopped` 时自动 `finish` |
| `rpa_step` | RPA 专用步骤:闸门 + ▶/✓ emit |
| `interruptible_sleep` | RPA 等待(替代裸 `asyncio.sleep`),可暂停/停止 |
| `checkpoint` | 长循环内 consult control一般由 kit 自动调用) |
**路径**
```text
{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.jsonl
```
**约定**
- `emit` **不写 stdout**;长任务应持续 emit避免用户以为卡死。
- `finish` 才输出单行 result JSON 供宿主解析。
- RPA 类技能:`RpaVideoSession.add_step` 会自动同步 activity无需重复手写每步 emit
- **禁止**自建 `scripts/util/progress.py` 或向 stdout 打印 `type:progress` JSON进度只走 Run Journal。
- 宿主通过 `{job_id}.control.json` 下发暂停/继续/停止;技能侧由 platform-kit 在步骤闸门自动处理(见 §2.5)。
### 2.5 步骤控制SRCP v1platform-kit >= 1.2.0
**权威行为定义在本文**platform-kit README 为实现细节参考。
| 通道 | 方向 | 载体 |
|------|------|------|
| 进度 | 技能 → 宿主 | Run Journal`emit` / `rpa_step` / `add_step` |
| 结果 | 技能 → 宿主 | `finish()` → Journal 终态 + stdout 一行 result |
| 控制 | 宿主 → 技能 | `{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.control.json` |
`control.json``command` 只认:`none` | `pause` | `resume` | `stop`
技能作者三件事:
1. `cmd_run` 外包 `with job_context(skill=SKILL_SLUG):`
2. 关键步骤 `emit(...)``@rpa_step` / `video.add_step`
3. 每个出口 `finish(status=..., message=..., skill=SKILL_SLUG, **fields)` — **不要**手写多行 JSON 结果
RPA 等待用 `interruptible_sleep`**不要**裸 `asyncio.sleep`(否则暂停响应滞后)。
暂停在**步骤边界**生效(当前 `@rpa_step` / `emit` 执行完后、下一步开始前),与影刀「当前指令完成后暂停」一致。
Journal 会写入 `type: lifecycle` 事件(`paused` / `resumed` / `stopping`),供宿主任务中心显示状态。
### 2.3 `task_logs`(任务结果审计)
**来源**`db/task_logs_repository.save_task_log`
- 适合 `python scripts/main.py logs` / `log-get <id>` 查询。
- 记录任务最终状态、`result_summary`(可含 `video_path``video_log` 等)。
- 面向「这次任务成功还是失败、摘要是什么」,不是逐步 trace。
- **鉴权失败与未捕获异常也必须写入 `task_logs`**,保证 `logs` / `log-get` 排查链不断(见模板 `cmd_run` 示范)。
表结构与字段见 [`references/SCHEMA.md`](../references/SCHEMA.md)。
### 2.4 RPA video step / artifacts用户可见动作与存证
**来源**`RpaVideoSession``rpa-artifacts/` 目录
- video artifact 是**标准可启用能力****不保证默认每次生成 MP4**(模板默认 `OPENCLAW_RECORD_VIDEO=0`)。
- **`OPENCLAW_RECORD_VIDEO=0`**:不生成最终录屏,但 RPA / 长任务仍须保留 `RpaVideoSession``video.add_step` 与 Activity 进度同步。
- **`OPENCLAW_RECORD_VIDEO=1`**`result_summary` 应包含 `video_path``raw_video``video_log``video_warnings` 等字段CLI 可打印录屏路径与诊断。
- 用户可见的中文步骤(「打开登录页」「点击提交」)。
- 失败截图:`{数据目录}/rpa-artifacts/{batch_id}/...`(受 `OPENCLAW_ARTIFACTS_ON_FAILURE` 控制,默认开)
详见 [`RPA.md`](RPA.md) §5 存证与录屏规范。
---
## 3. 必打日志节点清单
以下节点应在**生产代码**中有对应 `log.info` / `log.warning` / `log.exception`(或 Activity / RPA step。复制模板后按业务增删但**不可整体省略**。
| 阶段 | 建议日志 / emit |
|------|-----------------|
| CLI 入口启动 | `cli_start``cli/app.py`,已由模板提供) |
| 参数解析完成 | `run_args target_id=... input_id=...` |
| 鉴权开始 | `entitlement_check_start` |
| 鉴权成功 | `entitlement_ok` |
| 鉴权失败 | `entitlement_failed``warning` |
| 任务开始 | `task_start task_type=... target_id=... input_id=... batch_id=...` + `emit("开始处理任务")` |
| adapter / test target 选择 | `adapter_selected adapter=... system=...` |
| 账号 / profile / lease 获取 | `account_acquired account_id=...` |
| 账号 / lease 释放 | `account_released account_id=...` |
| 外部 API 开始 | `external_call_start system=... operation=...` |
| 外部 API 结束 | `external_call_done system=... operation=... elapsed_ms=... status=...` |
| 兄弟技能调用开始 / 结束 | 同上,或 `sibling_call_start/done skill_slug=...` |
| RPA 操作开始 / 结束 | `rpa_start` / `rpa_done` + `video.add_step` 中文步骤 |
| 打开页面 | step「打开 xxx 页面」 |
| 检查登录 | step + log |
| 定位输入框 / 点击提交 | step + log |
| 等待结果 | step + log含 timeout 预期) |
| 批量循环 | `batch_progress current=... total=...` |
| 重试 | `retry_attempt n=... reason=...``warning` |
| 跳过 / 部分失败 | `skipped` / `partial_failure``warning` |
| 人工介入 | `human_intervention type=captcha|login|ukey|otp``warning` |
| 失败截图 / 视频 | `artifact_saved artifact_path=...` / `video_path=...` |
| 任务成功 | `task_success ...` + `task_log_saved status=success` |
| 任务失败 | `task_failed ...``exception` 保留 traceback+ `task_log_saved status=failed` |
---
## 4. 字段规范
推荐在 `log.info` 等消息中使用 **key=value** 结构化字段,便于 grep
| 字段 | 含义 |
|------|------|
| `task_type` | 任务类型(与 `task_logs.task_type` 对齐) |
| `target_id` | 目标标识(平台、店铺、报表类型等) |
| `input_id` | 输入记录 ID |
| `batch_id` | 批次 / 录屏批次 |
| `stage` | 阶段:`auth` / `run` / `cleanup` |
| `system` | 外部系统名:`erp` / `wechat` / `1688` |
| `operation` | 操作名:`submit_order` / `fetch_report` |
| `adapter` | adapter 档位:`mock` / `simulator_api` / `real_api` |
| `elapsed_ms` | 耗时毫秒 |
| `status` | `ok` / `failed` / `timeout` / `skipped` |
| `error_code` | 业务错误码(非 Python 异常名) |
| `artifact_path` | 截图 / 附件路径 |
| `video_path` | 录屏成品路径 |
示例:
```text
external_call_done system=erp operation=download_report elapsed_ms=4523 status=ok
batch_progress current=7 total=20 target_id=store-001
```
---
## 5. 日志级别规范
| 级别 | 使用场景 |
|------|----------|
| **info** | 关键阶段、成功路径、外部调用开始/结束、批量进度、`task_log_saved` |
| **warning** | 可恢复问题、重试、跳过、人工介入、部分失败、鉴权失败(业务可预期) |
| **exception** | 异常路径;**必须**用 `log.exception(...)` 保留 traceback |
| **debug** | 低频诊断;**默认不依赖 debug 才能排查问题** |
原则:**生产排障应主要靠 info + warning + exception**,不要把 debug 当作唯一线索。
---
## 6. 敏感信息红线
### 禁止记录原始值
以下字段**不得**以明文出现在日志、Activity、task_logs 的 `error_msg` / `result_summary`、stdout
- `password``token``cookie``secret``api_key``authorization`
- 验证码、动态口令全文
- 身份证、银行卡、手机号**完整值**
### 建议记录的安全替代
| 替代字段 | 示例 |
|----------|------|
| `credential_ref` | vault / account-manager 引用 ID |
| `account_id` | 账号表主键 |
| `masked_user` | `138****8000` |
| `domain` | `erp.example.com` |
| `last4` | 卡号后四位 |
| `hash` / `short_id` | 内容摘要 |
变量名可以叫 `token`,但日志里不能出现 `token=eyJhbG...` 或 f-string 拼接明文。
---
## 7. 推荐代码示例service 层)
```python
from util.logging_config import get_skill_logger
from jiangchang_skill_core.activity import emit, finish, job_context, rpa_step, interruptible_sleep
from util.constants import SKILL_SLUG
log = get_skill_logger()
def cmd_run(target=None, input_id=None):
task_type = "your_task"
with job_context(skill=SKILL_SLUG):
log.info(
"task_start task_type=%s target_id=%s input_id=%s",
task_type, target, input_id,
)
emit("开始处理任务", skill=SKILL_SLUG, stage="run")
try:
ok, reason = check_entitlement(SKILL_SLUG)
if not ok:
log.warning("entitlement_failed task_type=%s reason=%s", task_type, reason)
finish(status="failed", message=reason, skill=SKILL_SLUG, error_code="ENTITLEMENT_DENIED")
return 1
t0 = time.monotonic()
# ... 外部调用 / RPA@rpa_step 或 video.add_step等待用 interruptible_sleep ...
elapsed_ms = int((time.monotonic() - t0) * 1000)
log.info(
"external_call_done system=%s operation=%s elapsed_ms=%d status=%s",
"erp", "submit", elapsed_ms, "ok",
)
tlr.save_task_log(..., status="success", ...)
log.info("task_log_saved task_type=%s status=success", task_type)
finish(status="success", message="任务完成", skill=SKILL_SLUG)
return 0
except Exception:
log.exception(
"task_failed task_type=%s target_id=%s input_id=%s",
task_type, target, input_id,
)
emit("任务失败,已记录诊断信息", type="warn", skill=SKILL_SLUG, stage="run")
tlr.save_task_log(..., status="failed", error_msg="...", ...)
finish(status="failed", message="任务执行异常", skill=SKILL_SLUG)
return 1
```
模板示范见 [`scripts/service/task_service.py`](../scripts/service/task_service.py) 的 `cmd_run`
---
## 8. 错误排查顺序
客户现场或测试机排障,建议按以下顺序(由快到慢、由用户可见到运维细节):
1. **CLI stdout** — 是否有 `ERROR:<CODE>:``HINT:`、模板提示文案。
2. **`python scripts/main.py logs`** — 最近任务是否写入 `task_logs`、status 与 `error_msg`
3. **`python scripts/main.py log-get <id>`** — 单条 JSON`result_summary`video 路径等)。
4. **统一日志文件**`{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log`grep `trace_id``task_failed`)。
5. **Run Journal**`{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.jsonl`(宿主 UI 进度来源)。
6. **RPA artifacts**`rpa-artifacts/` 失败截图;若 `OPENCLAW_RECORD_VIDEO=1` 还有录屏 MP4、`video_log`。未开启录屏时可能只有截图或日志,需要完整录屏请在用户 `.env` 中设置 `OPENCLAW_RECORD_VIDEO=1`
长时间无 stdout **不代表卡死**;先看 Run Journal / Activity再看统一日志。
---
## 9. 与现有文档关系
| 文档 | 关系 |
|------|------|
| [`RUNTIME.md`](RUNTIME.md) | 统一日志能力来源、`util.logging_config` 薄封装、数据根约定 |
| [`TESTING.md`](TESTING.md) | 日志相关 hard policy 测试(`test_development_policy_guard.py` |
| [`RPA.md`](RPA.md) | RPA step、`RpaVideoSession`、video / artifacts 标准 |
| [`SCHEMA.md`](../references/SCHEMA.md) | `task_logs` 表结构与查询命令 |
| [`CLI.md`](../references/CLI.md) | `logs` / `log-get` 命令与手工排查入口 |
| [`CONFIG.md`](CONFIG.md) | 敏感配置不进日志;`.env` 边界 |
| [`DEVELOPMENT.md`](DEVELOPMENT.md) | `service/` 层日志职责与发布前检查清单 |
| [`POLICY_MATRIX.md`](POLICY_MATRIX.md) | 可自动检测的 logging hard policy 索引 |

View File

@@ -0,0 +1,49 @@
# 开发规范 → 自动检测索引
本文件是 **development/*.md 规范到机器检测的追溯表**,不是另一份长规范。新增或调整 hard 规则时,须同步更新本矩阵与 `tests/test_development_policy_guard.py`(或注明已有测试覆盖)。
| policy_id | 规则摘要 | 来源 | 强制级别 | 自动检测 | 对应测试 |
|-----------|----------|------|----------|----------|----------|
| POLICY-STRUCTURE-001 | 标准 `scripts/` 分层:`main.py``cli/``service/``db/``util/` 必须存在 | development/DEVELOPMENT.md §2 新 skill 的标准目录结构development/RUNTIME.md §目录结构 | hard | 目录存在性检查 | `tests/test_development_policy_guard.py::TestPolicyStructure001` |
| POLICY-RUNTIME-001 | 不得 vendored `scripts/jiangchang_skill_core/` | development/RUNTIME.md §共享 Python Runtime、§明确禁止 | hard | 目录不存在检查 | `tests/test_development_policy_guard.py::TestPolicyRuntime001`(另见 `tests/test_platform_import.py` |
| POLICY-RUNTIME-002 | `requirements.txt` 非注释依赖行不得声明 `jiangchang-platform-kit` / `playwright` | development/RUNTIME.md §共享 Python Runtimedevelopment/DEVELOPMENT.md §3.1 requirements.txt 依赖规范 | hard | 解析依赖行 | `tests/test_development_policy_guard.py::TestPolicyRuntime002`(另见 `tests/test_platform_import.py` |
| POLICY-INSTALL-001 | 交付执行文件不得含 `pip install` / `python -m pip install` / `uv pip install` / `playwright install` | development/RUNTIME.md §共享 Python Runtimedevelopment/RPA.md §1.4 Playwright 与安装边界development/DEVELOPMENT.md §3.1 | hard | 扫描 `scripts/**/*.py``*.ps1``*.sh``requirements.txt``.github/workflows/*`(不扫 `development/*.md` | `tests/test_development_policy_guard.py::TestPolicyInstall001` |
| POLICY-CONFIG-001 | 仓库根目录必须存在 `.env.example` | development/CONFIG.md §核心原则、§标准配置项 | hard | 文件存在性 | `tests/test_development_policy_guard.py::TestPolicyConfig001` |
| POLICY-CONFIG-002 | `.gitignore` 必须忽略 `.env``*.env.local` | development/CONFIG.md §红线:敏感信息不进 .env | hard | 解析 `.gitignore` 行 | `tests/test_development_policy_guard.py::TestPolicyConfig002` |
| POLICY-CONFIG-003 | 业务代码不得直接 `os.environ` / `os.getenv` / `os.putenv` / `environ.get`;须经 `jiangchang_skill_core.config.get*`(允许 `main.py`、测试、config_bootstrap/runtime 边界文件) | development/CONFIG.md §配置 bootstrapdevelopment/ADAPTER.md §档位 dispatch | hard | 扫描 `scripts/**/*.py` 并排除边界文件 | `tests/test_development_policy_guard.py::TestPolicyConfig003` |
| POLICY-TESTING-001 | 默认根目录 `tests/test_*.py` 不得硬编码 `real_api` / `real_rpa` / `OPENCLAW_TEST_TARGET`(白名单仅 `test_adapter_profile_policy.py`,用于档位 helper 自测) | development/TESTING.md §默认必跑测试要做什么、§4 测试目标档位 | hard | 扫描 `tests/test_*.py` 非注释行;白名单外禁止上述文本 | `tests/test_development_policy_guard.py::TestPolicyTesting001` |
| POLICY-TESTING-002 | `tests/integration/` 下 Python 测试文件若存在,默认应为 `.sample`,不得进入默认套件 | development/TESTING.md §7 真实联调测试的安全约束、§8 新 skill 的最小测试清单 | hard | 检查 `tests/integration/*.py``.sample` 后缀 | `tests/test_development_policy_guard.py::TestPolicyTesting002` |
| POLICY-RPA-001 | 不得 import/use account-manager 内部 `rpa_helpers` / `inject_account_manager_scripts_path` / `get_account_credential` | development/ADAPTER.md §兄弟依赖development/RPA.md §1.7 | hard | 扫描 `scripts/**/*.py` 禁止模式 | `tests/test_development_policy_guard.py::TestPolicyRpa001`(另见 `tests/test_no_rpa_helpers_import.py` |
| POLICY-RPA-002 | RPA 交付代码不得直接执行 ffmpeg 拼 MP4应使用 `RpaVideoSession`(允许 `ffmpeg_path` 等诊断字段) | development/RPA.md §5.3 录屏成片标准 | hard | 扫描 `scripts/**/*.py` 禁止 `subprocess` / `os.system` / `os.popen` 直接调用 ffmpeg`task_run_support.py` 保留豁免) | `tests/test_development_policy_guard.py::TestPolicyRpa002` |
| POLICY-RPA-003 | 即使默认 `OPENCLAW_RECORD_VIDEO=0`RPA / 长任务模板也必须保留录屏能力:`RpaVideoSession``video.add_step`、video artifact merge 到 `result_summary` | development/RPA.md §5.3development/LOGGING.mddevelopment/CONFIG.md | hard | 扫描 `scripts/service/*.py`service 层整体须含上述接入) | `tests/test_development_policy_guard.py::TestPolicyRpa003` |
| POLICY-PACKAGING-001 | `scripts/**/*.py` 单文件 < 1000 行 | development/DEVELOPMENT.md §3.4 发布打包约束development/RUNTIME.md §发布打包约束 | hard | 行数统计 | **已有测试覆盖**`tests/test_release_packaging_constraints.py::test_scripts_py_files_under_pyarmor_line_limit` |
| POLICY-PACKAGING-002 | 文本文件 UTF-8 without BOM`U+FEFF` | development/DEVELOPMENT.md §3.4development/RUNTIME.md §编码与输出 | hard | BOM / 解码检查 | **已有测试覆盖**`tests/test_release_packaging_constraints.py::test_text_files_are_utf8_without_bom` |
| POLICY-DOCS-001 | 本矩阵存在且包含上述全部 `policy_id` | 本次规范化约定 | hard | 解析 `development/POLICY_MATRIX.md` | `tests/test_development_policy_guard.py::TestPolicyDocs001` |
| POLICY-LOGGING-001 | CLI 入口必须调用 `setup_skill_logging` | development/LOGGING.mddevelopment/RUNTIME.md | hard | 扫描 `scripts/cli/app.py``setup_skill_logging` 与 logger info | `tests/test_development_policy_guard.py::TestPolicyLogging001` |
| POLICY-LOGGING-002 | service 主任务入口必须使用 `get_skill_logger` | development/LOGGING.mddevelopment/DEVELOPMENT.md | hard | 扫描 `scripts/service/task_service.py` | `tests/test_development_policy_guard.py::TestPolicyLogging002` |
| POLICY-LOGGING-003 | 主任务入口须含 `log.info`/`logger.info``log.exception`/`logger.exception`,并写入 `save_task_log` | development/LOGGING.md | hard | 扫描 `scripts/service/task_service.py` | `tests/test_development_policy_guard.py::TestPolicyLogging003` |
| POLICY-LOGGING-004 | 长任务 / RPA 模板须使用 Activity 或 RPA video step 输出进度 | development/LOGGING.mddevelopment/RPA.md | hard | 扫描 `scripts/service/task_service.py``emit(` / `activity.emit` / `video.add_step` | `tests/test_development_policy_guard.py::TestPolicyLogging004` |
| POLICY-LOGGING-005 | 交付代码不得在 logging 调用行以 `key=value` 形式记录明显敏感字段 | development/LOGGING.mddevelopment/CONFIG.md | hard | 扫描 `scripts/**/*.py` 的 logging 调用行(不含注释) | `tests/test_development_policy_guard.py::TestPolicyLogging005` |
| POLICY-CONTROL-001 | 不得存在 `scripts/util/progress.py` 或自建 stdout 进度模块 | development/LOGGING.md §2.5development/RPA.md §0.1 | hard | 文件不存在检查 | `tests/test_development_policy_guard.py::TestPolicyControl001` |
| POLICY-CONTROL-002 | `task_service.py` 须使用 `job_context(``finish(` | development/LOGGING.md §2.5、§7 | hard | 扫描 `scripts/service/task_service.py` | `tests/test_development_policy_guard.py::TestPolicyControl002` |
| POLICY-CONTROL-003 | `scripts/service/*.py` 不得裸 `asyncio.sleep`RPA 等待须 `interruptible_sleep` | development/RPA.md §0.1 | hard | 扫描 service 层 Python | `tests/test_development_policy_guard.py::TestPolicyControl003` |
| POLICY-DATA-PATH-001 | 技能拥有路径须经 `resolve_data_path` / `get_*_dir``.env.example` 禁止 `./` CWD 相对路径;业务代码禁止 `abspath(config.get(...))` | development/DATA_PATHS.md | hard | 扫描 `.env.example``scripts/**/*.py` | `tests/test_development_policy_guard.py::TestPolicyDataPath001` |
---
## 暂不自动检测(软规则)
以下规范仍须人工遵守或依赖 code review / AI 提示词,**不**做成默认测试,避免误伤:
| 规则摘要 | 来源 | 原因 |
|----------|------|------|
| `cli/` 只解析参数、不写业务逻辑 | development/DEVELOPMENT.md §9 | 需语义理解,无法可靠静态判定 |
| `service/` 编排流向与模块拆分粒度 | development/DEVELOPMENT.md §10 | 架构软约束 |
| `db/` 层不得调浏览器或拼业务流程 | development/DEVELOPMENT.md §11 | 需跨文件调用图 |
| slug 命名语义verb-noun-platform | development/NAMING.md | 部分覆盖于 `tests/test_slug_naming.py`,非本矩阵 hard policy |
| 复制模板不得保留 `.git` / template marker | development/DEVELOPMENT.md §4 | 由 `tests/test_scaffold_guard.py` 守护,属脚手架场景 |
| 共享 runtime 导入来源非技能目录 | development/RUNTIME.md | 运行时依赖已安装包,见 `tests/test_platform_import.py` |
| RPA 拟人操作、选择器纪律、HITL 超时 | development/RPA.md §0§1 | 行为与 DOM 质量,无法静态扫描 |
| adapter 四档契约测试覆盖 timeout/unauthorized 等 | development/ADAPTER.md §contract tests | 需业务实现后人工补测 |
| `SKILL.md` / `constants.SKILL_SLUG` 一致性 | development/DEVELOPMENT.md §16 | 已有 `tests/test_skill_metadata.py` |
| platform_kit_min_version >= 1.2.0 | development/RUNTIME.md | 已有 `tests/test_platform_import.py` |

View File

@@ -6,10 +6,12 @@
2. [`NAMING.md`](NAMING.md) — slug / 仓库名命名规范(复制模板前必读)
3. [`DEVELOPMENT.md`](DEVELOPMENT.md) — 完整开发步骤与目录规范
4. [`TESTING.md`](TESTING.md) — 测试分层、隔离数据根与档位开关
5. [`ADAPTER.md`](ADAPTER.md) — 涉及外部系统对接时
6. [`RPA.md`](RPA.md) — 涉及浏览器 / 桌面 / 手机自动化
7. [`CONFIG.md`](CONFIG.md) — `.env` 规范与 bootstrap 机制
8. [`RUNTIME.md`](RUNTIME.md) — 共享 runtime、数据路径、发布打包与编码约定
5. [`LOGGING.md`](LOGGING.md) — 日志分层、必打节点、敏感信息红线(**涉及长任务、RPA、外部系统时必读**
6. [`ADAPTER.md`](ADAPTER.md) — 涉及外部系统对接
7. [`RPA.md`](RPA.md) — 涉及浏览器 / 桌面 / 手机自动化时
8. [`CONFIG.md`](CONFIG.md) — `.env` 规范与 bootstrap 机制
9. [`DATA_PATHS.md`](DATA_PATHS.md) — 下载/导入/导出等本地文件路径标准(涉及文件读写时必读)
10. [`RUNTIME.md`](RUNTIME.md) — 共享 runtime、数据路径、发布打包与编码约定
脚手架与 Git 防串库:[`../tools/README.md`](../tools/README.md)`scaffold_skill.ps1`)。

View File

@@ -20,10 +20,30 @@
| **失败存证** | 失败必截图,合规场景全程录屏,统一存 `{数据目录}/rpa-artifacts/{batch_id}/{tag}_{ts}.png` |
| **选择器纪律** | 语义选择器优先id/name/text/aria**F12 确认后再写,严禁凭记忆猜 DOM** |
| **统一错误码** | `ERROR:REQUIRE_LOGIN` / `ERROR:CAPTCHA_NEED_HUMAN` / `ERROR:RATE_LIMITED` / `ERROR:LOGIN_TIMEOUT` 等,见下方错误码表 |
| **步骤可控制** | 每条 RPA 指令 = 一个 `@rpa_step``video.add_step`;等待用 `interruptible_sleep`;宿主通过 control.json 暂停/继续/停止SRCP见 [`LOGGING.md`](LOGGING.md) §2.5 |
| **幂等 / 断点续跑** | 批量操作记录"已处理到第几条",崩溃后能续跑、不重复提交 |
> 三端各自实现一个会话抽象 `RpaSession`launch / login / act / screenshot / close上层 skill 不感知是浏览器还是手机。
### 0.1 步骤控制与进度SRCPplatform-kit >= 1.2.0
- **禁止** `scripts/util/progress.py``print({"type":"progress",...})`;进度只走 `emit` / Run Journal。
- **禁止** RPA 主路径裸 `asyncio.sleep`;用 `jiangchang_skill_core.activity.interruptible_sleep`
- RPA 函数用 `@rpa_step("中文步骤名")` 拆分;或在 `RpaVideoSession``video.add_step("中文步骤")`
- `cmd_run``with job_context(skill=SKILL_SLUG):`,所有出口 `finish(...)`
- 暂停在步骤边界生效;浏览器会话暂停时不强制关闭,恢复后同进程继续。
```python
from jiangchang_skill_core.activity import emit, finish, job_context, interruptible_sleep, rpa_step
@rpa_step("打开登录页")
async def open_login(page):
await page.goto("https://example.com")
await interruptible_sleep(1.5)
```
规范权威定义:[`LOGGING.md`](LOGGING.md) §2.5。金样代码:[`scripts/service/task_service.py`](../scripts/service/task_service.py)。
---
## 1. 浏览器(标准已成熟)
@@ -51,7 +71,7 @@
6. **可以** `ignore_default_args=["--enable-automation"]`platform-kit `launch_persistent_browser` 已处理)。
7. **强风控平台**:优先真实点击、键盘、鼠标、地址栏、持久 profile**不要**直接拼接搜索结果 URL 或 DOM 注入。
指纹淡化stealth典型项`navigator.webdriver=undefined``chrome.runtime``permissions.query``plugins``languages` 等。共享实现见 `jiangchang_skill_core.rpa`platform-kit **>= 1.0.17**)。
指纹淡化stealth典型项`navigator.webdriver=undefined``chrome.runtime``permissions.query``plugins``languages` 等。共享实现见 `jiangchang_skill_core.rpa`platform-kit **>= 1.2.0**)。
**拟人操作**(必做):
@@ -124,7 +144,7 @@ from jiangchang_skill_core.rpa import (
from jiangchang_skill_core.rpa.stealth import stealth_enabled, STEALTH_INIT_SCRIPT
```
- `RpaVideoSession` 来自 platform-kit **>= 1.0.17**ffmpeg、背景音乐、media-assets 由 platform-kit 统一解析;已提供前置/后置缓冲、字幕、TTS 旁白、背景音乐循环、结尾淡出。
- `RpaVideoSession` 来自 platform-kit **>= 1.2.0**ffmpeg、背景音乐、media-assets 由 platform-kit 统一解析;已提供前置/后置缓冲、字幕、TTS 旁白、背景音乐循环、结尾淡出。
- `health` 对上述资源做只读诊断,不下载、不修复。
### 1.5 真实浏览器 RPA 示例(必读)
@@ -283,13 +303,16 @@ skill 退出/抛错统一用 `ERROR:` 前缀 + 稳定码,方便宿主与上层
### 5.3 录屏成片标准
- RPA skill 默认 `OPENCLAW_RECORD_VIDEO=1`
- **skill-template 默认 `OPENCLAW_RECORD_VIDEO=0`**(开发调试更快,不启 ffmpeg
- **`OPENCLAW_RECORD_VIDEO=1` 时启用录屏**字幕、旁白、背景音、MP4 成片由 platform-kit 统一处理。
- 使用 platform-kit 的 **`RpaVideoSession`****skill 不要自行合成视频**(不要自己调 ffmpeg 拼 MP4
- `OPENCLAW_RECORD_VIDEO=0` 时 session 无副作用(不启 ffmpeg、不写字幕文件)。
- **默认关闭 ≠ 可以删除录屏接入**RPA / 长任务 **service 层**`scripts/service/*.py`**必须保留** `RpaVideoSession``video.add_step`、video artifact merge 到 `result_summary`(见 `POLICY-RPA-003`)。
- `OPENCLAW_RECORD_VIDEO=0` 时 session **无副作用**(不启 ffmpeg、不写字幕文件、不生成最终 MP4**`RpaVideoSession.add_step` 仍可同步 Activity 进度**。
- 生产留证 / 合规 / 客户现场复现时,由用户在 `.env` 或进程环境变量中开启 `OPENCLAW_RECORD_VIDEO=1`
- **ffmpeg 是唯一录屏器**Windows`gdigrab` + `desktop`)。
- **最终视频**`{skill_data_dir}/videos/{skill_slug}_{yyyyMMdd_HHmmss}_{batch_id}.mp4`
- **最终视频**`OPENCLAW_RECORD_VIDEO=1` 时)`{skill_data_dir}/videos/{skill_slug}_{yyyyMMdd_HHmmss}_{batch_id}.mp4`
- **中间产物**`rpa-artifacts/{batch_id}/capture.mp4``subtitles/``logs/` 等。
- 任务完成后 CLI / `result_summary` 应包含:`video_path``raw_video``video_log``video_warnings``music_path``voiceover_path``audio_warnings`(见 `scripts/service/task_run_support.py`)。
- 任务完成后 CLI / `result_summary` 应包含 video 字段(开启录屏时有路径;关闭时仍保留 `video` 结构与诊断占位)`video_path``raw_video``video_log``video_warnings``music_path``voiceover_path``audio_warnings`(见 `scripts/service/task_run_support.py`)。
模板最小示范见 `scripts/service/task_service.py``_run_template_demo()`

View File

@@ -2,7 +2,7 @@
## 共享 Python Runtime
**skill-template** 及复制出的新技能,公共能力均来自宿主匠厂安装的共享 Python Runtime`jiangchang-platform-kit>=1.0.17` 及其传递依赖,含 `playwright`)。`jiangchang_skill_core` **不得**在技能仓库内 vendored应由共享 venv 的 site-packages 提供。
**skill-template** 及复制出的新技能,公共能力均来自宿主匠厂安装的共享 Python Runtime`jiangchang-platform-kit>=1.2.0` 及其传递依赖,含 `playwright`)。`jiangchang_skill_core` **不得**在技能仓库内 vendored应由共享 venv 的 site-packages 提供。
技能根目录 `requirements.txt` **只声明技能特有依赖****不要**重复声明 `jiangchang-platform-kit``playwright``SKILL.md``platform_kit_min_version` 是运行契约,**不是** pip 依赖声明。
@@ -24,7 +24,7 @@ Windows:
`<shared-python>` 通常位于 `{JIANGCHANG_DATA_ROOT}/python-runtime/.venv`。数据根由宿主注入;开发模式下也可能通过 `JIANGCHANG_DATA_ROOT` 解析(见 `jiangchang_skill_core.runtime_env`)。
## Runtime 诊断platform-kit 1.0.17+
## Runtime 诊断platform-kit 1.2.0+
`health` 命令通过 **`jiangchang_skill_core.collect_runtime_diagnostics`** 输出共享 runtime 诊断,**不在技能内重复实现**。典型字段:
@@ -42,7 +42,7 @@ Windows:
- 用户实际 `.env``{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/{skill_slug}/.env`
- `scripts/main.py``cli.app.main()` 启动时调用 `util.config_bootstrap.bootstrap_skill_config()`
- 配置优先级:**进程环境变量** > **用户 `.env`** > **`.env.example` 默认值**。
- 公共 `config` / `merge_missing_env_keys` 来自共享 runtime 的 `jiangchang-platform-kit>=1.0.17`**不得** vendored `scripts/jiangchang_skill_core/`
- 公共 `config` / `merge_missing_env_keys` 来自共享 runtime 的 `jiangchang-platform-kit>=1.2.0`**不得** vendored `scripts/jiangchang_skill_core/`
## media-assets / ffmpeg / 背景音乐
@@ -89,6 +89,8 @@ RPA 录屏成片(`RpaVideoSession`、ffmpeg 路径、背景音乐探测均
{...}/{skill_slug}.db
```
**业务文件(下载、导入、导出、缓存等)** 须落在上述数据目录的标准子目录下,**不得**相对 workspace/CWD 写入。完整子目录树、env 覆盖规则、`resolve_data_path()` 用法见 **[`DATA_PATHS.md`](DATA_PATHS.md)**。
- 业务表使用英文 snake_case中文表名/字段名写入 `_jiangchang_tables` / `_jiangchang_columns`(见 `references/SCHEMA.md`)。
- 界面字段顺序由 `CREATE TABLE` 列定义顺序决定,**不要**维护 `display_order` 来调整顺序。

View File

@@ -23,15 +23,17 @@
必跑套件要像一个紧张的守门员:**快、确定、离线**。典型覆盖:
- CLI导入 [`cli.app`](../scripts/cli/app.py) 走解析链路、`health`runtime diagnostics/ `version` / `logs` / `log-get` 冒烟;
- 架构守护:无 `scripts/jiangchang_skill_core/``platform-kit>=1.0.17` 导入来源、文档/runtime 标准(见 `test_platform_import.py` 等);
- 架构守护:无 `scripts/jiangchang_skill_core/``platform-kit>=1.2.0` 导入来源、文档/runtime 标准(见 `test_platform_import.py` 等);
- **真实 subprocess**[`tests/test_entrypoint_subprocess.py`](../tests/test_entrypoint_subprocess.py) 再调用一遍 `python scripts/main.py`,防路径漂移;
- 运行时:`runtime_paths`**`JIANGCHANG_*` 隔离**
- `SKILL.md` YAML slug vs [`constants.SKILL_SLUG`](../scripts/util/constants.py)
- SQLite 骨架:`task_logs` 创建幂等与仓储读写;
- 数据管理元数据:`_jiangchang_*` 幂等初始化、中文展示名、`PRAGMA table_info` 字段顺序(见 `test_display_metadata.py`
- 数据管理元数据:`_jiangchang_*` 幂等初始化、中文展示名、`PRAGMA table_info` 字段顺序、editable 权限(见 `test_display_metadata.py``test_data_management_contract.py`
- Skill Action manifest`assets/actions.json` 结构、CLI 映射、placements 与 inputSchema 守护(见 `test_actions_manifest.py`
- 标准时间字段:`created_at` / `updated_at` 默认值、trigger 维护与 `datetime_unix_seconds` 元数据(见 `test_timestamp_columns.py`
- **adapter profile**[`tests/test_adapter_profile_policy.py`](../tests/test_adapter_profile_policy.py) + [`adapter_test_utils`](../tests/adapter_test_utils.py) ——验证在未授权情况下绝不误判开启真实网络/RPA。
- **发布打包守护**[`tests/test_release_packaging_constraints.py`](../tests/test_release_packaging_constraints.py) ——`scripts/**/*.py` 单文件 < 1000 行、文本文件 UTF-8 without BOM。
- **开发规范守护hard policy**[`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py) ——规则索引见 [`development/POLICY_MATRIX.md`](POLICY_MATRIX.md),只执行可机器检测的 hard 规则。
- **slug 语义**[`tests/test_slug_naming.py`](../tests/test_slug_naming.py) ——verb-noun-platform 命名规范校验。
**原则:`tests/test_*.py` 不允许隐形访问外网、不允许拉起真实浏览器、不允许读写开发者机器的真实数据根**。如果需要仿真服务器,也应仅在 integration并由档位变量放行
@@ -157,6 +159,8 @@ Golden fixture 流程同理([`tests/samples/test_golden_cases.py.sample`](../t
- [ ] 至少有 1 个缺必填字段 / 非法输入测试。
- [ ] 如果有 adapter至少覆盖 timeout / unauthorized / invalid response可用 fake 模拟)。
- [ ] 如果有解析 / 计算 / 校验类业务,至少保留 1 组 golden fixture脱敏
- [ ] 若有 `assets/actions.json``tests/test_actions_manifest.py` 通过;不需要 Action 时可删除 manifest。
- [ ] 若有本地 SQLite 业务表,`_jiangchang_*` 元数据与 `tests/test_data_management_contract.py` 规则一致。
- [ ] 真实 API / 真实 RPA 测试只放 `tests/integration/`,并且默认 `.sample`,不默认运行。
---
@@ -177,9 +181,36 @@ Golden fixture 流程同理([`tests/samples/test_golden_cases.py.sample`](../t
---
## 9.1 开发规范守护测试
[`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py) 将 [`development/POLICY_MATRIX.md`](POLICY_MATRIX.md) 中的 **hard policy** 落地为默认必跑 unittest
- 每条失败信息包含 `policy_id` 与来源文档路径,便于定位规范出处。
- 只覆盖目录结构、runtime 依赖边界、配置读取、默认测试安全档位、RPA 禁令等**可静态扫描**规则;软规则列在矩阵「暂不自动检测」小节,**不**做成测试。
- `POLICY-TESTING-001`:根目录 `tests/test_*.py` 非白名单文件不得出现 `real_api` / `real_rpa` / `OPENCLAW_TEST_TARGET`**唯一白名单** `test_adapter_profile_policy.py`(档位 helper 自测)。`adapter_test_utils.py``tests/integration/*.sample` 不在默认套件内,不受此条扫描。
- `POLICY-RPA-002`:只禁止 `subprocess` / `os.system` / `os.popen` **直接执行** ffmpeg不误伤 `ffmpeg_path` 等诊断字段。
- 与已有测试分工:`test_release_packaging_constraints.py` 继续守护 PyArmor 行数与 UTF-8 BOM`test_no_rpa_helpers_import.py` 与 policy guard 的 `POLICY-RPA-001` 语义一致,二者并存防回归。
### 日志规范测试
[`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py) 中的 `POLICY-LOGGING-*` 规则会检查 logging **hard policy**(见 [`POLICY_MATRIX.md`](POLICY_MATRIX.md)
- CLI 是否调用 `setup_skill_logging``POLICY-LOGGING-001`
- `task_service.py` 是否使用 `get_skill_logger`、含 `log.info` / `log.exception`、写入 `save_task_log``POLICY-LOGGING-002` / `003`
- 长任务模板是否使用 Activity 或 RPA video step`POLICY-LOGGING-004`
- 交付代码是否在 logging 调用中拼接明显敏感字段(`POLICY-LOGGING-005`
**局限**:自动检测只覆盖可静态判断的**底线****不**判断业务日志是否足够完整。复制新 skill 后,仍须人工对照 [`LOGGING.md`](LOGGING.md) §必打日志节点清单做 code review。
新增或调整开发规范时:**先更新 `POLICY_MATRIX.md`,再补/改 `test_development_policy_guard.py`(或注明已有测试覆盖)**。
---
## 10. 测试和发布的关系
**在运行 [`release.ps1`](../release.ps1) 之前,`python tests/run_tests.py -v` 必须绿色**。失败的默认套件意味着:
[`release.ps1`](../release.ps1) **默认**在 **auto commit 之前**、创建 tag 之前,对**当前工作区**执行 `python tests/run_tests.py -v`;测试失败会终止 release不会自动提交、不会打 tag。仅紧急排障时可传 `-SkipTests`(会输出黄色警告,不应作为常规发布路径)。`-DryRun` 仍会实际运行默认测试。
即便手工发布,也应在运行 `release.ps1` 之前确认 `python tests/run_tests.py -v` 绿色。失败的默认套件意味着:
- 打包路径可能根本不可运行;
- CI 加密前的静态假设可能在宿主崩溃;
@@ -205,10 +236,11 @@ Golden fixture 流程同理([`tests/samples/test_golden_cases.py.sample`](../t
## 12. RPA / video 测试标准
- `RpaVideoSession` 调用**不跑真实 ffmpeg**:单测中使用 `unittest.mock` patch session 或设 `OPENCLAW_RECORD_VIDEO=0`
- 模板 `.env.example` 默认 **`OPENCLAW_RECORD_VIDEO=0`**;默认必跑测试**不应启动真实 ffmpeg**patch session 或显式`OPENCLAW_RECORD_VIDEO=0`
- **但测试必须守护录屏接入能力**`POLICY-RPA-003` 扫描 `scripts/service/*.py``RpaVideoSession` 被构造、`video.add_step` 被调用、video artifact 结构 merge 进 `result_summary``video` / `video_path` 等字段),与默认是否录屏无关。
- 断言 `title` / `closing_title` 是**中文**业务文案。
- 断言 video artifact 会进入 `result_summary``video_path``raw_video``video_log` 等)。
- 断言 step 文案贴近用户动作不是技术日志如「准备执行示例任务」而非「enter cmd_run」
- 若需测试**真实录屏**ffmpeg 成片),必须显式设 `OPENCLAW_RECORD_VIDEO=1`,并放在 `tests/integration/` 或手动触发场景,**不得**进入默认 unittest 套件。
参考 `tests/test_video_service.py`
@@ -228,7 +260,7 @@ Golden fixture 流程同理([`tests/samples/test_golden_cases.py.sample`](../t
- [ ] `requirements.txt` **不含** `jiangchang-platform-kit` / `playwright`
- [ ]`scripts/jiangchang_skill_core/` vendored 副本
- [ ] `platform_kit_min_version` **>= 1.0.17**`SKILL.md` + `constants.py`
- [ ] `platform_kit_min_version` **>= 1.2.0**`SKILL.md` + `constants.py`
- [ ] `health` 能输出 `platform_kit_version_ok`(或等价诊断行)
- [ ] `config-path` 可输出用户 `.env` 路径 JSON
- [ ] `pytest.ini` 存在且 `python_files` 只收集 `test_*.py` / `*_test.py`

195
references/ACTIONS.md Normal file
View File

@@ -0,0 +1,195 @@
# Skill Action Manifest匠厂宿主
本文件说明 `assets/actions.json``scripts/main.py` CLI 的对应关系,供 Agent 编排与宿主 **Skill Action Runtime** 使用。
**边界:** 用户市场说明见根目录 [`README.md`](../README.md)CLI 参数与错误码细节见 [`CLI.md`](CLI.md)。
## 模板严格规范 vs 宿主向后兼容
| 角色 | 定位 |
|------|------|
| **skill-template** | 新技能推荐的**严格规范**:必填字段、明确类型、`additionalProperties: false` |
| **宿主运行时** | **向后兼容**的历史 manifest 解析器:可能接受部分缺省字段(如 `description``placements``entrypoint.args`、input property `type` |
**新技能不应依赖宿主缺省行为。** 复制模板后按 [`assets/schemas/skill-actions.schema.json`](../assets/schemas/skill-actions.schema.json) 与本文完整填写 manifest。
JSON Schema 使用 `additionalProperties: false` 表达模板严格边界;这与宿主共享类型中的可选字段并不矛盾——宿主为兼容旧技能可能更宽松,模板为防漂移要求更严。
## Action 是否必需
Action 是**可选能力**
- 没有宿主直接操作需求的技能,**可以不提供** `actions.json`
- 需要出现在**数据管理按钮**、**技能详情**、**定时任务**或 **Agent 直接调用**中的技能,**必须**提供 `assets/actions.json`
## 文件位置
```text
{skill_root}/assets/actions.json
```
宿主扫描路径示例:
```text
~/.openclaw/skills/your-skill-slug/assets/actions.json
```
## 顶层结构
| 字段 | 必填 | 说明 |
|------|------|------|
| `schemaVersion` | 是 | 当前固定为 `1` |
| `skill` | 是 | 必须与 `SKILL.md``metadata.openclaw.slug` 一致 |
| `actions` | 是 | Action 数组,每项 `id` 唯一 |
模板最小示例见 [`assets/actions.json`](../assets/actions.json)JSON Schema 见 [`assets/schemas/skill-actions.schema.json`](../assets/schemas/skill-actions.schema.json)。
## Phase 1 当前稳定支持(新技能应只使用这些)
| 层级 | 稳定字段 / 能力 |
|------|----------------|
| 顶层 | `schemaVersion``skill``actions` |
| action | `id``label``description``placements``entrypoint`;可选 `inputSchema``confirmation` |
| entrypoint | `type = cli``command``args`**必填** JSON 数组,项为 `string` / `number` / `boolean` |
| placements | `toolbar``skill-detail``agent``cron` |
| inputSchema | 根 `type: object`properties 使用 `string` / `number` / `boolean`;支持 `enum``default``required``sensitive` |
| confirmation | `{ "message": "..." }` |
## 预留能力(当前不可当作已实现能力)
以下在宿主共享类型或 Schema 枚举中可能出现,但 **Phase 1 Runtime 尚未完整支持****新模板示例不得使用**
| 类别 | 预留项 | 说明 |
|------|--------|------|
| placements | `row``batch` | 行内 / 批量入口,未来扩展 |
| action 字段 | `bind``concurrency``locks` | 绑定、并发与锁控制,宿主后续实现 |
| inputSchema | `array`、nested `object``oneOf` 等 | 复杂表单与联合类型,不属于当前推荐模板范围 |
可以在文档或 Schema 枚举中保留这些值供未来对齐,但不要让技能作者误以为它们已经可执行。
## 执行模型
宿主将 action 转为 argv再执行
```text
python {skill_root}/scripts/main.py <command> <args...>
```
- `entrypoint.type` 当前只支持 `cli`
- `entrypoint.command` → CLI 子命令(须真实存在)
- `entrypoint.args` → 子命令参数(**必须为 JSON 数组**
- `{{fieldName}}` → 来自 `inputSchema` 用户输入的简单模板替换
完整子命令定义见 [`scripts/cli/app.py`](../scripts/cli/app.py)。
### CLI 输出契约
技能 CLI 必须:
- 使用稳定的退出码
- 成功时输出可解析的结构化结果
- 失败时输出稳定错误信息
- 对可预期错误提供稳定错误码
- 对用户可处理的问题提供 `HINT`
- 不依赖 Agent 连续对话才能完成
- 不自行实现宿主任务中心
- 长时间任务允许异步执行,由宿主任务中心承载状态
- 不在 CLI 中硬编码宿主安装目录
- 不直接依赖某个具体 UI 页面
建议错误输出格式:
```text
ERROR:<CODE>: <message>
HINT: <next step>
```
## placements入口位置
| 值 | 含义 |
|----|------|
| `toolbar` | 数据管理第一排技能按钮 |
| `skill-detail` | 技能详情或技能市场详情页 |
| `agent` | Agent 可直接调用 |
| `cron` | 定时任务可直接调用 |
**预留能力(当前宿主可能尚未完整支持,模板示例请勿使用):**
| 值 | 说明 |
|----|------|
| `row` | 行内操作(未来扩展) |
| `batch` | 批量操作(未来扩展) |
可以在 manifest 中作为未来扩展值定义,但不要让技能作者误以为 `row` / `batch` 已经完整可用。
## inputSchema 与参数表单
当前宿主稳定支持:
- `object` / `string` / `number` / `boolean`
- `enum` / `default` / `required` / `sensitive`
- 简单模板替换(`{{fieldName}}`
示例:
```json
{
"inputSchema": {
"type": "object",
"required": ["query"],
"properties": {
"query": {
"type": "string",
"title": "查询条件"
},
"limit": {
"type": "number",
"title": "返回数量",
"default": 50
}
}
}
}
```
约定:
- `boolean` 在宿主中渲染为开关
- `enum` 在宿主中渲染为选择框
- `required` 字段在提交前校验
- `sensitive` 字段不得出现在低信任入口
- 需要确认的副作用操作使用 `confirmation.message`
- 模板参数使用 `{{fieldName}}`,且必须在 `inputSchema.properties` 中声明
- `entrypoint.args` 项当前只允许 `string``number``boolean`;不允许对象或 `null`
- **不要**在当前模板中宣传 `nested object``oneOf`、复杂数组等尚未稳定支持的能力
## 风险与入口配置
- 查询、诊断、版本检查可以放到 `skill-detail``agent`
- 低风险、常用动作才考虑放 `toolbar`
- 会修改本地数据、访问外部系统、执行长时间任务的动作必须谨慎配置
- 有副作用的动作应添加 `confirmation.message`
- 高风险动作不应默认出现在 `toolbar`
-`sensitive` 参数的 action 不应放入 `toolbar``cron`,除非有明确安全设计
- 不要为了「按钮多」而暴露所有 CLI 子命令
- 一个 CLI 命令可以拆成多个语义清晰的 action但每个 action 必须有明确语义
## 模板示例 action 一览
| id | CLI | placements | 说明 |
|----|-----|------------|------|
| `health` | `health` | skill-detail, agent | 运行环境检查 |
| `version` | `version` | skill-detail | 版本 JSON |
| `config-path` | `config-path` | skill-detail | 配置路径 JSON |
复制为新技能后,请按业务需要增删 action不需要宿主入口时可删除整个 `actions.json`
## 与宿主 API参考
| 宿主 API | 用途 |
|----------|------|
| `GET /api/skill-actions/{skillSlug}` | 读取 manifest |
| `POST /api/skill-actions/run` | `{ skillSlug, actionId, input?, source? }` |
| `GET /api/skill-actions/jobs` | 任务中心 |
具体路径与字段以宿主实现为准;技能侧只需保证 manifest 与 CLI 契约稳定。

View File

@@ -16,8 +16,15 @@ python {baseDir}/scripts/main.py version
- **`health`**:只读 runtime 诊断,**不下载、不修复 media-assets不执行业务动作**;不输出敏感值。
- **`config-path`**:输出 JSON包含 `skill``env_path``example_path`
- **`version`**:输出 JSON`version``skill`)。
- **`run`**:长时间无 stdout **不代表卡死**应通过 `logs` / `log-get` 排查
- **任务完成后**若有 video artifactCLI 应打印录屏路径、录屏日志、视频/音频诊断(见 `task_run_support._print_video_summary`)。
- **`run`**:长时间无 stdout **不代表卡死**RPA / 外部调用期间应通过 Activity 或 Run Journal 看进度
- **排查顺序**(由快到慢):
1. `python {baseDir}/scripts/main.py logs`
2. `python {baseDir}/scripts/main.py log-get <log_id>`
3. 统一日志文件 `{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log`(含 `trace_id``task_failed` 等)
4. Run Journal `{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.jsonl`
5. RPA artifacts / `video_log` / 失败截图(见 `development/RPA.md`);未开启录屏时可能只有截图或日志
- **录屏默认关闭**:模板 `.env.example``OPENCLAW_RECORD_VIDEO=0`;若未开启录屏,任务**可能不会**打印录屏路径。
- 需要录屏时在用户 `.env` 或进程环境变量中设置 **`OPENCLAW_RECORD_VIDEO=1`**;开启后任务完成时 CLI 应打印录屏路径、录屏日志、视频/音频诊断(见 `task_run_support._print_video_summary`),且 `result_summary` 含 video 字段。
## config-path配置路径

View File

@@ -13,7 +13,8 @@
| 根目录 [`README.md`](../README.md) | 用户市场详情页说明 |
| [`SKILL.md`](../SKILL.md) | LLM / OpenClaw 平台技能入口 |
| [`CLI.md`](CLI.md) | 命令行入口、参数与调用契约 |
| [`SCHEMA.md`](SCHEMA.md) | 输入输出、数据库与字段说明 |
| [`SCHEMA.md`](SCHEMA.md) | 本地 SQLite 与数据管理展示契约 |
| [`ACTIONS.md`](ACTIONS.md) | Skill Action manifest**可选**能力)与宿主入口契约 |
| [`../development/`](../development/) | 开发、测试、技术规范(给开发者 / AI 编程代理) |
按需阅读:编排任务时优先 `CLI.md`;解析结构化字段时读 `SCHEMA.md`;运行时环境细节见 `../development/RUNTIME.md`
按需阅读:编排任务时优先 `CLI.md`;解析结构化字段时读 `SCHEMA.md`配置宿主按钮/定时任务/Agent 入口时读 `ACTIONS.md`运行时环境细节见 `../development/RUNTIME.md`

View File

@@ -5,10 +5,27 @@
## 职责边界
| 层级 | 负责内容 |
|------|----------|
| **技能(本仓库)** | `SKILL.md.name` 中文技能名;英文物理表/字段名;`_jiangchang_*` 中文展示元数据;`CREATE TABLE` 字段物理顺序 |
| **宿主(匠厂)** | 读取元数据与 PRAGMA 顺序并展示;不猜测业务语义、不按英文字段名重排 |
### 技能负责
- 定义真实 SQLite 表结构
- 使用英文 `snake_case` 表名和字段名
- 使用 `_jiangchang_tables` 提供表级展示元数据
- 使用 `_jiangchang_columns` 提供字段级展示元数据
- 定义哪些字段可见、可搜索、可创建、可编辑
- 定义字段展示类型和枚举选项
- 保证元数据与真实数据库结构一致
- 保证元数据初始化幂等
### 宿主负责
- 读取 `_jiangchang_*` 元数据
- 读取 SQLite `PRAGMA table_info`
- 根据 schema 渲染数据管理页面
- 根据 `editable` 推导字段是否可创建或编辑
- 执行通用查询、新增、编辑、删除、导入、导出
- 对字段名、表名、类型和权限进行最终校验
- 不猜测技能业务含义
- 不根据具体技能名称写特殊逻辑
SQLite **没有**可靠的 `COMMENT ON TABLE/COLUMN`SQL 文件里的 `-- 注释` 也不会成为可查询结构。
因此中文展示名称必须写入元数据表;字段顺序必须写在 `CREATE TABLE` 的列定义顺序中(`PRAGMA table_info``cid`)。
@@ -27,9 +44,9 @@ metadata:
---
```
- `name`:用户可见的中文业务名称(可含品牌,如 `GEO 文章生成``1688 联系人采集`
- `name`:用户可见的中文业务名称。
- `description`:能力说明,不是技能名称。
- `metadata.openclaw.slug`机器标识kebab-case 英文;目录名与默认数据库文件名使用 slug。slug 语义规范见 [`../development/NAMING.md`](../development/NAMING.md);本文件仅描述数据库与 kebab-case 格式
- `metadata.openclaw.slug`机器标识kebab-case 英文;目录名与默认数据库文件名使用 slug。slug 语义规范见 [`../development/NAMING.md`](../development/NAMING.md)。
- 复制模板后不得将 `your-skill-slug``My Skill` 等占位内容作为正式技能发布名称。
## 数据库路径与命名
@@ -38,48 +55,145 @@ metadata:
{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/{skill-slug}/{skill-slug}.db
```
- 数据库文件:英文 slug例如 `scrape-contacts.db``account-manager.db`(默认 `{skill-slug}.db`)。
- 业务表、字段:**英文 snake_case** 物理名,例如 `task_logs``created_at`
- 数据库文件:英文 slug例如 `your-skill-slug.db`(默认 `{skill-slug}.db`)。
- 业务表、字段:**英文 snake_case** 物理名,例如 `demo_items``task_logs``created_at`
- **禁止**用中文作为 SQLite 真实表名或字段名。
## 外部来源只读与本地数据可写
某些技能会从外部系统读取数据并写入技能自己的本地数据库。需要区分:
```text
外部来源数据库:
可能只读,不应被修改
技能本地数据库:
可以根据业务语义允许新增、编辑或删除
```
不要把「外部来源只读」错误理解成「技能本地数据库一定只读」。技能通过 `_jiangchang_tables.readonly``_jiangchang_columns.editable` 声明本地表的实际写权限。
## 元数据表(宿主兼容)
宿主读取字段(与 `jiangchang` `metadata-resolver.ts` 一致):
宿主读取字段(与匠厂 `metadata-resolver` 一致):
### `_jiangchang_tables`
### `_jiangchang_tables` 表级标准
| 字段 | 必填 | 说明 |
|------|------|------|
| `table_name` | 是 | 物理表名 |
| `display_name` | 是 | 中文表名(用户可见) |
| `table_name` | 是 | 真实英文表名 |
| `display_name` | 是 | 用户可见的中文业务名称 |
| `description` | 否 | 表说明 |
| `sort_order` | 否 | 宿主目录排序;与字段顺序无关 |
| `visible` | 是 | `1` 展示 / `0` 隐藏 |
| `readonly` | 是 | `1` 只读 / `0` 可写(业务语义) |
| `sort_order` | 否 | 兼容保留字段,不用于替代物理字段顺序 |
| `visible` | 是 | `1` 在宿主数据管理中展示 / `0` 隐藏 |
| `readonly` | 是 | `1` 整张表只读;`0` 允许宿主根据字段权限执行写操作 |
### `_jiangchang_columns`
禁止:
- 使用中文真实表名
- 使用 `_schema_meta` 作为新的正式契约
- 只写英文物理名而不写中文 `display_name`
- 让元数据引用不存在的表
### `_jiangchang_columns` 字段级标准
| 字段 | 必填 | 说明 |
|------|------|------|
| `table_name` | 是 | 物理表 |
| `column_name` | 是 | 物理字段名 |
| `display_name` | 是 | 中文字段名(用户可见) |
| `table_name` | 是 | 所属物理表 |
| `column_name` | 是 | 真实英文字段名 |
| `display_name` | 是 | 用户可见的中文字段名 |
| `description` | 否 | 字段说明 |
| `display_order` | 否 | **遗留兼容字段;模板写入时固定 NULL重复初始化会清理历史非空值不得用于调整展示顺序** |
| `visible` | 是 | 是否展示 |
| `searchable` | 是 | 是否搜索 |
| `editable` | 是 | 是否可编辑(与宿主权限结合) |
| `display_type` | 否 | 如 `text` / `textarea` / `datetime_unix_seconds`(标准时间字段见下文 |
| `display_order` | 否 | 兼容字段,默认保持 `NULL` |
| `visible` | 是 | 是否在数据管理表格中展示 |
| `searchable` | 是 | 是否参与搜索 |
| `editable` | 是 | `1` 业务字段允许宿主用于新增和编辑;`0` 系统/只读字段 |
| `display_type` | 否 | 字段渲染类型(`text``textarea``datetime_unix_seconds` |
| `options_json` | 否 | 枚举选项 JSON |
这两张表是**数据字典**,不是业务数据;宿主不会把它们当作普通业务表展示。
写入应**幂等**`INSERT … ON CONFLICT DO UPDATE`),数据库升级时同步维护元数据。
## editable 与 createable 的关系
## 业务字段物理顺序
技能模板只维护 `editable` 这一份字段权限声明:
用户在「数据管理」中看到的列顺序 = `CREATE TABLE` 定义顺序 = `PRAGMA table_info``cid` 顺序。
**宿主不会**按英文字段名、`display_order` 或语义规则重排。
```text
skill metadata:
editable
host runtime:
createable / editable
```
宿主根据以下因素计算字段是否能够出现在新增或编辑表单中:
- 表级 `readonly`
- 字段 `editable`
- 主键
- generated 字段
- sensitive 字段
- BLOB 类型
- not-null 约束
- default value
通用规则:
```text
新增表单:
editable = 1
且不是主键
且不是 generated
且不是敏感字段
且不是 BLOB
编辑表单:
editable = 1
且不是主键
且不是 generated
且不是敏感字段
且不是 BLOB
```
若一张表:
```text
readonly = 0
但所有字段 editable = 0
```
则:
- 这张表技术上可写,但不适合手工新增或编辑
- 宿主不应打开空白新增表单
- 技能应通过自身业务流程产生数据
- 这不是宿主猜测业务,而是技能通过元数据声明的结果
## 系统字段标准
通常保持 `editable = 0` 的字段类型包括:
- 自增主键
- generated 字段
- `created_at` / `updated_at`
- 同步时间戳
- 内容哈希
- 计算结果
- 内部状态
- 删除标记
- 审计字段
- 敏感凭据或密钥字段
不要把具体业务字段名写死;按字段类型和职责设置 `editable`
## 表结构标准
- 业务表和字段使用英文 `snake_case`
- 可写表优先使用单字段主键
- 自增主键优先放在 `CREATE TABLE` 第一列
- `created_at``updated_at` 放在业务字段末尾
- 字段展示顺序以 `CREATE TABLE``PRAGMA table_info(cid)` 为准
- 不依赖 `display_order` 重新排列字段
- 不要让宿主通过英文字段名推断展示顺序
- 复杂字段需要通过 `display_type``visible` 明确处理
推荐顺序(可按业务裁剪,但已有字段应遵守相对位置):
@@ -90,6 +204,7 @@ metadata:
4. 状态、结果、错误等辅助字段
5. created_at如有
6. updated_at如有
```
## 标准时间字段(新技能统一规范)
@@ -101,7 +216,7 @@ metadata:
| 存储格式 | Unix 秒级整数 |
| 展示元数据 `display_type` | `datetime_unix_seconds` |
| 中文名 | `created_at`**创建时间**`updated_at`**更新时间** |
| 用户编辑 | `editable = 0`(系统字段,宿主只展示格式化结果,不写回字符串 |
| 用户编辑 | `editable = 0`(系统字段,宿主只展示格式化结果) |
| 字段顺序 | 位于业务字段末尾:`… → created_at → updated_at` |
| 排序 | **不使用** `display_order`;顺序仅来自 `PRAGMA table_info` |
@@ -109,7 +224,7 @@ metadata:
- **created_at**`INTEGER NOT NULL DEFAULT (unixepoch())`;插入时可省略,由数据库生成。
- **updated_at**`INTEGER NOT NULL DEFAULT (unixepoch())`;插入时同样可省略。
- **updated_at 更新**:模板默认表 `task_logs` 通过 SQLite trigger `{table}_set_updated_at` 在业务字段更新后自动刷新;若技能所有 UPDATE 都经过统一 repository也可在 repository 层设置 `updated_at = unixepoch()`**不要**叠加两套机制
- **updated_at 更新**:模板默认表 `task_logs` 通过 SQLite trigger `{table}_set_updated_at` 在业务字段更新后自动刷新。
实现参考:
@@ -117,12 +232,20 @@ metadata:
- 中文元数据种子:`scripts/db/display_metadata.py`
- 自检:`scripts/db/display_metadata_validator.py`
宿主(匠厂)只负责把 `display_type = datetime_unix_seconds` 格式化为 `YYYY-MM-DD HH:mm:ss` 展示,**不修改**数据库原始值。
> `datetime_unix_milliseconds`、`datetime_iso` 是宿主兼容能力,**不是**新技能模板推荐标准。
宿主只负责把 `display_type = datetime_unix_seconds` 格式化为 `YYYY-MM-DD HH:mm:ss` 展示,**不修改**数据库原始值。
### 模板默认:`task_logs`
`task_logs` 是技能内部**系统自动写入**的任务审计日志(由 `task_logs_repository` INSERT/UPDATE不是供用户在宿主数据管理中手工维护的业务表。
权限设计:
| 层级 | 值 | 说明 |
|------|-----|------|
| 表级 `readonly` | `1` | 宿主数据管理只读展示,不提供新增/编辑/删除表单 |
| 所有业务字段 `editable` | `0` | 含 `task_type``status``error_msg``result_summary` 等 |
| 技能内部 repository | 正常 INSERT/UPDATE | 元数据权限只约束宿主 UI不限制技能代码写库 |
物理定义(权威顺序):
```sql
@@ -140,33 +263,112 @@ CREATE TABLE IF NOT EXISTS task_logs (
);
```
插入时可省略 `created_at``updated_at``updated_at` 在 UPDATE 时由 trigger `task_logs_set_updated_at` 自动维护(见 `scripts/db/timestamp_columns.py`)。
对应中文展示(由 `init_db()` 写入元数据表):
| 物理字段 | 中文名 |
|----------|--------|
| id | 编号 |
| task_type | 任务类型 |
| target_id | 目标编号 |
| input_id | 输入编号 |
| input_title | 输入标题 |
| status | 状态 |
| error_msg | 错误信息 |
| result_summary | 结果摘要 |
| created_at | 创建时间`display_type = datetime_unix_seconds`,不可编辑) |
| updated_at | 更新时间`display_type = datetime_unix_seconds`,不可编辑) |
| 物理字段 | 中文名 | editable |
|----------|--------|----------|
| id | 编号 | 0 |
| task_type | 任务类型 | 0 |
| target_id | 目标编号 | 0 |
| input_id | 输入编号 | 0 |
| input_title | 输入标题 | 0 |
| status | 状态 | 0 |
| error_msg | 错误信息 | 0 |
| result_summary | 结果摘要 | 0 |
| created_at | 创建时间 | 0 |
| updated_at | 更新时间 | 0 |
表中文名:**任务日志**。
表中文名:**任务日志**;表级 `readonly = 1`(宿主只读;技能 repository 仍可写入)
禁止事项:
### 通用示例:`demo_items`(测试 fixture 参考)
- 不要把 `created_at` 放在第一列;
- 不要把 `id` 随意放在中间;
- 不要指望宿主按英文字段名排序;
- 若需调整历史表字段顺序,应通过规范迁移**重建表**,而不是在宿主侧配置掩盖。
以下表结构用于模板测试演示数据管理契约,**不是**模板默认业务表:
复合主键或特殊表结构,请在本文档或技能自有 SCHEMA 补充中说明例外。
```sql
CREATE TABLE demo_items (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT NOT NULL,
description TEXT,
status TEXT NOT NULL DEFAULT 'draft',
generated_value TEXT,
created_at INTEGER NOT NULL DEFAULT (unixepoch()),
updated_at INTEGER NOT NULL DEFAULT (unixepoch())
);
```
对应元数据要点:
| 物理字段 | editable | 说明 |
|----------|----------|------|
| id | 0 | 自增主键 |
| title | 1 | 业务字段 |
| description | 1 | 业务字段 |
| status | 1 | 枚举,`options_json` 演示 |
| generated_value | 0 | 系统/计算字段 |
| created_at | 0 | 系统时间 |
| updated_at | 0 | 系统时间 |
## 枚举字段 options_json
`options_json` 为 JSON 数组,每项包含 `value``label`
```json
[
{"value": "draft", "label": "草稿"},
{"value": "published", "label": "已发布"},
{"value": "archived", "label": "已归档"}
]
```
宿主据此渲染选择框;技能侧负责保证 JSON 合法且与物理字段取值一致。
## 幂等初始化标准
- `_jiangchang_tables``_jiangchang_columns` 必须通过 upsert 初始化
- 多次执行初始化不能重复记录
- 重新初始化可以更新展示名、描述、`visible``searchable``editable``display_type``options_json`
- 元数据不能残留旧字段(删除或重命名字段时必须同步清理)
- 元数据不能引用不存在的表或字段
- 新增字段或表时必须同步增加元数据
- 不要直接修改用户真实数据库作为迁移方式
实现 helper
- `upsert_table_metadata` / `upsert_column_metadata` — 幂等写入
- `seed_column_metadata_batch` — 批量 upsert**可选**传入 `valid_column_names` 时在 upsert 后自动 prune
- `prune_stale_column_metadata` — 清理已删除物理字段的元数据
### 新增业务表时如何初始化
1.`connection.py`(或迁移脚本)中 `CREATE TABLE` 真实物理表。
2.`PRAGMA table_info``list_physical_column_names` 取得**真实物理字段列表**(顺序以 `cid` 为准)。
3. 调用 `upsert_table_metadata` 写入表级元数据。
4. 调用 `seed_column_metadata_batch`,并传入 `valid_column_names=physical_column_names`
```python
from db.display_metadata import list_physical_column_names, seed_column_metadata_batch, upsert_table_metadata
physical = list_physical_column_names(cursor, "demo_items")
upsert_table_metadata(cursor, table_name="demo_items", display_name="示例记录", readonly=0)
seed_column_metadata_batch(
cursor,
table_name="demo_items",
columns=DEMO_ITEMS_COLUMN_METADATA,
valid_column_names=physical,
)
```
传入 `valid_column_names` 时:先 upsert再删除不在物理表中的陈旧 `_jiangchang_columns` 行。
### 字段删除或重命名时如何清理
1. 在 DDL / 迁移中完成物理字段删除或重命名。
2. 重新执行 `seed_column_metadata_batch(..., valid_column_names=当前物理字段列表)`,自动 prune 旧字段元数据。
3. 或单独调用 `prune_stale_column_metadata(cursor, table_name, valid_column_names)`
**不传入 `valid_column_names` 时不会自动 prune**——模板不会猜测真实物理字段,避免误删;文档与实现均以此为准。
不要直接修改用户真实数据库作为迁移方式;元数据初始化必须使用真实物理字段列表。
## 中文命名质量
@@ -188,17 +390,19 @@ CREATE TABLE IF NOT EXISTS task_logs (
|----------|-----------|-----------|----------|
| 发布类 | publish | 账号 ID | 内容 ID |
| 工资代发 | disburse | 付款账户 | 批次 ID |
| 对账 | reconcile | 银行/平台 | 对账批次 ID |
| 对账 | reconcile | 平台标识 | 对账批次 ID |
| 发票验真 | verify | 税务地区 | 发票批次 ID |
业务特有字段优先放入 `result_summary`JSON 字符串),避免随意加列;若确需新列,必须同步元数据并保持合理物理顺序。
## 开发自检
- `init_db()` 后运行 `tests/test_display_metadata.py`
- `init_db()` 后运行 `tests/test_display_metadata.py``tests/test_data_management_contract.py`
- 若提供宿主 Action 入口,运行 `tests/test_actions_manifest.py`
- 复制为真实技能后,使用 `scripts/db/display_metadata_validator.py` 中的校验函数检查 SKILL 名称、slug 与元数据完整性。
## 模板原则
- 模板不做复杂历史迁移框架;新 skill 从当前 schema 起步。
- 元数据 DDL 与 `task_logs` 中文种子以 `scripts/db/display_metadata.py` 为单一权威来源。
- 模板定义「如何声明能力」;具体技能定义「声明什么业务能力」;宿主负责「如何通用渲染和执行」。

View File

@@ -8,6 +8,10 @@
(.github/workflows/release_skill.yaml → reusable-release-skill.yaml@main).
Requires: git, PowerShell 5+
After fetch, runs default tests against the current working tree (before auto-commit):
python tests/run_tests.py -v
Use -SkipTests only for emergency diagnostics. -DryRun still runs tests.
#>
[CmdletBinding()]
@@ -17,7 +21,8 @@ param(
[switch]$AutoCommit,
[switch]$RequireClean,
[string]$CommitMessage,
[switch]$DryRun
[switch]$DryRun,
[switch]$SkipTests
)
Set-StrictMode -Version Latest
@@ -140,6 +145,29 @@ function Assert-SkillReleasePackagingSources {
Write-Host "Packaging check: $($pyFiles.Count) Python file(s) under scripts/ (CI will obfuscate all recursively)." -ForegroundColor DarkGray
}
function Invoke-DefaultTests {
param(
[Parameter(Mandatory = $true)][string]$SkillRoot,
[switch]$Skip
)
if ($Skip) {
Write-Host "WARNING: Skipping tests before release. This should only be used for emergency diagnostics." -ForegroundColor Yellow
return
}
$runTests = Join-Path $SkillRoot "tests\run_tests.py"
if (-not (Test-Path -LiteralPath $runTests)) {
throw "Release check failed: tests/run_tests.py not found."
}
Write-Host ">> python tests/run_tests.py -v" -ForegroundColor DarkGray
& python $runTests -v
if ($LASTEXITCODE -ne 0) {
throw "Release aborted: default tests failed (python tests/run_tests.py -v)."
}
}
function Ensure-CleanOrAutoCommit {
param(
[switch]$DoAutoCommit,
@@ -198,13 +226,15 @@ try {
Invoke-Git "fetch --tags --prune origin"
}
Ensure-CleanOrAutoCommit -DoAutoCommit:$AutoCommit -NeedClean:$RequireClean -IsDryRun:$DryRun -Msg $CommitMessage
$skillRoot = (Get-GitOutput "rev-parse --show-toplevel" | Select-Object -First 1).Trim()
if (Test-Path -LiteralPath (Join-Path $skillRoot "SKILL.md")) {
Assert-SkillReleasePackagingSources -SkillRoot $skillRoot
}
Invoke-DefaultTests -SkillRoot $skillRoot -Skip:$SkipTests
Ensure-CleanOrAutoCommit -DoAutoCommit:$AutoCommit -NeedClean:$RequireClean -IsDryRun:$DryRun -Msg $CommitMessage
$null = Remove-GitNoise -Lines @(& cmd /c 'git rev-parse --abbrev-ref --symbolic-full-name "@{u}" 2>&1')
$hasUpstream = ($LASTEXITCODE -eq 0)

View File

@@ -47,20 +47,20 @@ CREATE TABLE IF NOT EXISTS _jiangchang_columns (
TASK_LOGS_TABLE_METADATA = {
"table_name": TASK_LOGS_TABLE,
"display_name": "任务日志",
"description": "记录技能任务的执行状态和结果",
"description": "记录技能任务的执行状态和结果(系统自动写入,宿主数据管理只读展示)",
"visible": 1,
"readonly": 0,
"readonly": 1,
}
TASK_LOGS_COLUMN_METADATA: tuple[dict[str, object], ...] = (
{"column_name": "id", "display_name": "编号", "description": "任务日志唯一编号", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "task_type", "display_name": "任务类型", "description": "任务的业务类型", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "target_id", "display_name": "目标编号", "description": "任务目标对象编号", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "input_id", "display_name": "输入编号", "description": "输入对象编号", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "input_title", "display_name": "输入标题", "description": "输入对象标题", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "status", "display_name": "状态", "description": "任务当前状态", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "error_msg", "display_name": "错误信息", "description": "任务失败时的错误说明", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "result_summary", "display_name": "结果摘要", "description": "任务执行结果摘要", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "task_type", "display_name": "任务类型", "description": "任务的业务类型", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "target_id", "display_name": "目标编号", "description": "任务目标对象编号", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "input_id", "display_name": "输入编号", "description": "输入对象编号", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "input_title", "display_name": "输入标题", "description": "输入对象标题", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "status", "display_name": "状态", "description": "任务当前状态", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "error_msg", "display_name": "错误信息", "description": "任务失败时的错误说明", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "result_summary", "display_name": "结果摘要", "description": "任务执行结果摘要", "visible": 1, "searchable": 1, "editable": 0},
{
"column_name": "created_at",
"display_name": "创建时间",
@@ -113,15 +113,16 @@ def upsert_column_metadata(
searchable: int = 1,
editable: int = 1,
display_type: str | None = None,
options_json: str | None = None,
) -> None:
# display_order 保留为 NULL宿主按 PRAGMA table_info cid 展示字段,不读 display_order。
cursor.execute(
"""
INSERT INTO _jiangchang_columns (
table_name, column_name, display_name, description,
display_order, visible, searchable, editable, display_type
display_order, visible, searchable, editable, display_type, options_json
)
VALUES (?, ?, ?, ?, NULL, ?, ?, ?, ?)
VALUES (?, ?, ?, ?, NULL, ?, ?, ?, ?, ?)
ON CONFLICT(table_name, column_name) DO UPDATE SET
display_name = excluded.display_name,
description = excluded.description,
@@ -129,9 +130,20 @@ def upsert_column_metadata(
visible = excluded.visible,
searchable = excluded.searchable,
editable = excluded.editable,
display_type = excluded.display_type
display_type = excluded.display_type,
options_json = excluded.options_json
""",
(table_name, column_name, display_name, description, visible, searchable, editable, display_type),
(
table_name,
column_name,
display_name,
description,
visible,
searchable,
editable,
display_type,
options_json,
),
)
@@ -145,18 +157,104 @@ def seed_task_logs_display_metadata(cursor) -> None:
visible=int(meta["visible"]),
readonly=int(meta["readonly"]),
)
for column in TASK_LOGS_COLUMN_METADATA:
seed_column_metadata_batch(
cursor,
table_name=TASK_LOGS_TABLE,
columns=TASK_LOGS_COLUMN_METADATA,
valid_column_names=[str(column["column_name"]) for column in TASK_LOGS_COLUMN_METADATA],
)
def seed_column_metadata_batch(
cursor,
*,
table_name: str,
columns: Iterable[dict[str, object]],
valid_column_names: Iterable[str] | None = None,
) -> None:
"""批量 upsert 字段元数据;传入 valid_column_names 时会在 upsert 后清理陈旧字段元数据。"""
for column in columns:
upsert_column_metadata(
cursor,
table_name=TASK_LOGS_TABLE,
table_name=table_name,
column_name=str(column["column_name"]),
display_name=str(column["display_name"]),
description=str(column["description"]) if column.get("description") else None,
visible=int(column["visible"]),
searchable=int(column["searchable"]),
editable=int(column["editable"]),
visible=int(column.get("visible", 1)),
searchable=int(column.get("searchable", 1)),
editable=int(column.get("editable", 1)),
display_type=str(column["display_type"]) if column.get("display_type") else None,
options_json=str(column["options_json"]) if column.get("options_json") else None,
)
if valid_column_names is not None:
prune_stale_column_metadata(cursor, table_name, valid_column_names)
def prune_stale_column_metadata(cursor, table_name: str, valid_column_names: Iterable[str]) -> None:
"""删除表中已不存在物理字段的元数据行(幂等初始化后不得残留旧字段)。"""
valid = set(valid_column_names)
cursor.execute(
"SELECT column_name FROM _jiangchang_columns WHERE table_name = ?",
(table_name,),
)
for (column_name,) in cursor.fetchall():
if str(column_name) not in valid:
cursor.execute(
"DELETE FROM _jiangchang_columns WHERE table_name = ? AND column_name = ?",
(table_name, column_name),
)
def get_table_readonly(cursor, table_name: str) -> int | None:
cursor.execute(
"SELECT readonly FROM _jiangchang_tables WHERE table_name = ?",
(table_name,),
)
row = cursor.fetchone()
if not row:
return None
return int(row[0] or 0)
def get_column_editable(cursor, table_name: str, column_name: str) -> int | None:
cursor.execute(
"""
SELECT editable FROM _jiangchang_columns
WHERE table_name = ? AND column_name = ?
""",
(table_name, column_name),
)
row = cursor.fetchone()
if not row:
return None
return int(row[0] or 0)
def list_editable_business_columns(cursor, table_name: str) -> list[str]:
"""返回 editable=1 的业务字段名(不含宿主侧主键/generated 等二次过滤)。"""
physical = list_physical_column_names(cursor, table_name)
cursor.execute(
"""
SELECT column_name, editable
FROM _jiangchang_columns
WHERE table_name = ?
""",
(table_name,),
)
editable_set = {
str(column_name)
for column_name, editable in cursor.fetchall()
if editable is not None and int(editable) == 1
}
return [name for name in physical if name in editable_set]
def table_allows_manual_create(cursor, table_name: str) -> bool:
"""表级 readonly=0 且至少有一个 editable=1 字段时,宿主才应提供空白新增表单。"""
readonly = get_table_readonly(cursor, table_name)
if readonly is None or int(readonly) != 0:
return False
return bool(list_editable_business_columns(cursor, table_name))
def init_display_metadata(cursor) -> None:

View File

@@ -2,6 +2,7 @@
from __future__ import annotations
import json
import os
import re
import sqlite3
@@ -14,7 +15,9 @@ from db.display_metadata import (
TASK_LOGS_COLUMN_METADATA,
TASK_LOGS_TABLE,
iter_user_tables,
list_editable_business_columns,
list_physical_column_names,
table_allows_manual_create,
)
from db.timestamp_columns import has_updated_at_trigger
from util.constants import SKILL_SLUG
@@ -158,6 +161,33 @@ def _table_column_info(cursor, table_name: str) -> dict[str, dict[str, object]]:
return info
def _table_column_xinfo(cursor, table_name: str) -> dict[str, dict[str, object]]:
"""PRAGMA table_xinfo 可识别 generated/hidden 字段SQLite 3.31+)。"""
cursor.execute(f"PRAGMA table_xinfo({_quote_identifier(table_name)})")
info: dict[str, dict[str, object]] = {}
for row in cursor.fetchall():
hidden = int(row[6] or 0) if len(row) > 6 else 0
info[str(row[1])] = {
"cid": int(row[0]),
"name": str(row[1]),
"type": str(row[2] or ""),
"notnull": int(row[3] or 0),
"dflt_value": row[4],
"pk": int(row[5] or 0),
"hidden": hidden,
}
return info
def _is_generated_column(xinfo: dict[str, object]) -> bool:
hidden = int(xinfo.get("hidden") or 0)
return hidden in (2, 3)
def _is_blob_column(column_info: dict[str, object]) -> bool:
return "BLOB" in str(column_info.get("type") or "").upper()
def _default_uses_unixepoch(default_value: object) -> bool:
if default_value is None:
return False
@@ -165,6 +195,100 @@ def _default_uses_unixepoch(default_value: object) -> bool:
return "unixepoch" in text
def validate_options_json(options_json: str | None) -> tuple[list[str], list[str]]:
"""校验枚举 options_json 可被解析为 [{value, label}, ...] 结构。"""
errors: list[str] = []
warnings: list[str] = []
if options_json is None or str(options_json).strip() == "":
return errors, warnings
try:
parsed = json.loads(str(options_json))
except json.JSONDecodeError as exc:
errors.append(f"options_json 不是合法 JSON{exc}")
return errors, warnings
if not isinstance(parsed, list):
errors.append("options_json 必须是 JSON 数组")
return errors, warnings
for index, item in enumerate(parsed):
if not isinstance(item, dict):
errors.append(f"options_json[{index}] 必须是对象")
continue
if "value" not in item or "label" not in item:
errors.append(f"options_json[{index}] 必须包含 value 与 label")
return errors, warnings
def validate_column_permissions(
cursor,
table_name: str,
*,
physical_columns: list[str] | None = None,
) -> tuple[list[str], list[str]]:
"""校验常见系统字段 editable=0并识别技术上可写但不适合手工新增的表。"""
errors: list[str] = []
warnings: list[str] = []
ordered = physical_columns or list_physical_column_names(cursor, table_name)
column_info = _table_column_info(cursor, table_name)
column_xinfo = _table_column_xinfo(cursor, table_name)
cursor.execute(
"""
SELECT column_name, editable, options_json
FROM _jiangchang_columns
WHERE table_name = ?
""",
(table_name,),
)
meta_by_column = {
str(row[0]): {"editable": row[1], "options_json": row[2]}
for row in cursor.fetchall()
}
for column_name, meta in meta_by_column.items():
physical = column_info.get(column_name) or {}
xinfo = column_xinfo.get(column_name) or physical
if not physical and column_name not in column_xinfo:
continue
pk = int(physical.get("pk") or xinfo.get("pk") or 0)
editable = meta["editable"]
if pk and editable is not None and int(editable) != 0:
errors.append(f"{table_name}.{column_name} 是主键editable 应为 0")
if column_name == "id" and editable is not None and int(editable) != 0:
errors.append(f"{table_name}.id 的 editable 应为 0自增主键")
if _is_generated_column(xinfo) and editable is not None and int(editable) != 0:
errors.append(f"{table_name}.{column_name} 是 generated 字段editable 应为 0")
if _is_blob_column(physical or xinfo) and editable is not None and int(editable) != 0:
errors.append(f"{table_name}.{column_name} 是 BLOB 字段editable 应为 0")
opt_errors, _ = validate_options_json(meta.get("options_json"))
for item in opt_errors:
errors.append(f"{table_name}.{column_name}: {item}")
cursor.execute(
"SELECT readonly FROM _jiangchang_tables WHERE table_name = ?",
(table_name,),
)
readonly_row = cursor.fetchone()
readonly = int(readonly_row[0]) if readonly_row else None
editable_columns = list_editable_business_columns(cursor, table_name)
if readonly == 0 and not editable_columns:
warnings.append(
f"{table_name}: 表级 readonly=0 但所有字段 editable=0"
"宿主不应打开空白新增表单;数据应由技能业务流程产生"
)
if readonly == 1 and editable_columns:
warnings.append(
f"{table_name}: 表级 readonly=1 但存在 editable=1 字段,"
"宿主应以表级只读为准"
)
return errors, warnings
def _expected_timestamp_display_name(column_name: str) -> str:
if column_name == "created_at":
return "创建时间"
@@ -338,6 +462,14 @@ def validate_display_metadata(conn: sqlite3.Connection, *, check_column_order: b
report.errors.extend(ts_errors)
report.warnings.extend(ts_warnings)
perm_errors, perm_warnings = validate_column_permissions(
cur,
table_name,
physical_columns=physical_columns,
)
report.errors.extend(perm_errors)
report.warnings.extend(perm_warnings)
cur.execute("SELECT table_name, column_name FROM _jiangchang_columns")
for table_name, column_name in cur.fetchall():
if table_name in METADATA_TABLES:

View File

@@ -2,29 +2,29 @@
from __future__ import annotations
import os
from typing import Tuple
import requests
from jiangchang_skill_core import config
def check_entitlement(skill_slug: str) -> Tuple[bool, str]:
auth_base = (os.getenv("JIANGCHANG_AUTH_BASE_URL") or "").strip().rstrip("/")
auth_base = (config.get("JIANGCHANG_AUTH_BASE_URL") or "").strip().rstrip("/")
if not auth_base:
return True, ""
user_id = (os.getenv("JIANGCHANG_USER_ID") or "").strip()
user_id = (config.get("JIANGCHANG_USER_ID") or "").strip()
if not user_id:
return False, "鉴权失败缺少用户身份JIANGCHANG_USER_ID"
auth_api_key = (os.getenv("JIANGCHANG_AUTH_API_KEY") or "").strip()
timeout = int((os.getenv("JIANGCHANG_AUTH_TIMEOUT_SECONDS") or "5").strip())
auth_api_key = (config.get("JIANGCHANG_AUTH_API_KEY") or "").strip()
timeout = int((config.get("JIANGCHANG_AUTH_TIMEOUT_SECONDS") or "5").strip())
headers = {"Content-Type": "application/json"}
if auth_api_key:
headers["Authorization"] = f"Bearer {auth_api_key}"
payload = {
"user_id": user_id,
"skill_slug": skill_slug,
"trace_id": (os.getenv("JIANGCHANG_TRACE_ID") or "").strip(),
"trace_id": (config.get("JIANGCHANG_TRACE_ID") or "").strip(),
"context": {"entry": "main.py"},
}
try:

View File

@@ -13,20 +13,30 @@ import uuid
from typing import Any, Dict, Optional
from jiangchang_skill_core import collect_runtime_diagnostics, config, format_runtime_health_lines
from jiangchang_skill_core.rpa.video_session import RpaVideoSession
from jiangchang_skill_core.activity import JobStopped, emit, finish, job_context
from db import task_logs_repository as tlr
from jiangchang_skill_core.rpa.video_session import RpaVideoSession
from service.entitlement_service import check_entitlement
from service.task_run_support import (
_print_video_summary,
build_video_info,
merge_video_into_result_summary,
)
from util.constants import PLATFORM_KIT_MIN_VERSION, SKILL_SLUG, SKILL_VERSION
from util.constants import LOG_LOGGER_NAME, PLATFORM_KIT_MIN_VERSION, SKILL_SLUG, SKILL_VERSION
from util.logging_config import get_skill_logger, setup_skill_logging
from util.runtime_paths import get_skill_data_dir, get_skill_root
from util.timeutil import unix_to_iso
def _get_task_logger():
try:
return get_skill_logger()
except RuntimeError:
setup_skill_logging(SKILL_SLUG, LOG_LOGGER_NAME)
return get_skill_logger()
async def _run_template_demo(target: Optional[str], input_id: Optional[str]) -> tuple[int, dict[str, Any]]:
"""最小 RpaVideoSession 示范:不启动浏览器、不执行业务,仅演示录屏包裹范式。"""
batch_id = uuid.uuid4().hex[:12]
@@ -53,34 +63,129 @@ async def _run_template_demo(target: Optional[str], input_id: Optional[str]) ->
def cmd_run(target: Optional[str] = None, input_id: Optional[str] = None) -> int:
"""通用任务执行入口模板。复制后请实现真实业务逻辑。"""
ok, reason = check_entitlement(SKILL_SLUG)
if not ok:
print(f"{reason}")
return 1
log = _get_task_logger()
task_type = "demo"
rc, video_info = asyncio.run(_run_template_demo(target, input_id))
_print_video_summary(video_info)
with job_context(skill=SKILL_SLUG):
log.info(
"task_start task_type=%s target_id=%s input_id=%s",
task_type,
target,
input_id,
)
emit("开始处理任务", skill=SKILL_SLUG, stage="run")
try:
ok, reason = check_entitlement(SKILL_SLUG)
if not ok:
log.warning("entitlement_failed task_type=%s reason=%s", task_type, reason)
emit("鉴权失败,已记录诊断信息", type="warn", skill=SKILL_SLUG, stage="auth")
tlr.save_task_log(
task_type=task_type,
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg=reason,
result_summary=json.dumps({"stage": "auth", "error": reason}, ensure_ascii=False),
)
log.info(
"task_log_saved task_type=%s target_id=%s input_id=%s stage=auth status=failed",
task_type,
target,
input_id,
)
finish(
status="failed",
message=reason,
skill=SKILL_SLUG,
error_code="ENTITLEMENT_DENIED",
stage="auth",
)
print(f"{reason}")
return 1
summary_payload = merge_video_into_result_summary(
{
"template_demo": True,
"target": target,
"input_id": input_id,
},
video_info,
)
tlr.save_task_log(
task_type="demo",
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg="模板仓库未实现真实业务",
result_summary=json.dumps(summary_payload, ensure_ascii=False),
)
log.info("task_run_demo_start target_id=%s input_id=%s", target, input_id)
rc, video_info = asyncio.run(_run_template_demo(target, input_id))
log.info("task_run_demo_done target_id=%s input_id=%s status=failed", target, input_id)
_print_video_summary(video_info)
print("❌ 这是模板仓库,请复制后在 scripts/service/task_service.py 中实现 cmd_run 的真实业务逻辑。")
return rc
summary_payload = merge_video_into_result_summary(
{
"template_demo": True,
"target": target,
"input_id": input_id,
},
video_info,
)
tlr.save_task_log(
task_type=task_type,
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg="模板仓库未实现真实业务",
result_summary=json.dumps(summary_payload, ensure_ascii=False),
)
log.info(
"task_log_saved task_type=%s target_id=%s input_id=%s status=failed",
task_type,
target,
input_id,
)
finish(
status="failed",
message="模板仓库未实现真实业务",
skill=SKILL_SLUG,
template_demo=True,
target=target,
input_id=input_id,
)
print("❌ 这是模板仓库,请复制后在 scripts/service/task_service.py 中实现 cmd_run 的真实业务逻辑。")
return rc
except JobStopped:
raise
except Exception:
log.exception(
"task_failed task_type=%s target_id=%s input_id=%s",
task_type,
target,
input_id,
)
emit("任务失败,已记录诊断信息", type="warn", skill=SKILL_SLUG, stage="run")
try:
tlr.save_task_log(
task_type=task_type,
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg="任务执行异常,详见统一日志",
result_summary=json.dumps(
{"stage": "run", "error": "unexpected_exception"},
ensure_ascii=False,
),
)
log.info(
"task_log_saved task_type=%s target_id=%s input_id=%s stage=run status=failed",
task_type,
target,
input_id,
)
except Exception:
log.exception(
"task_log_save_failed task_type=%s target_id=%s input_id=%s",
task_type,
target,
input_id,
)
finish(
status="failed",
message="任务执行异常,详见统一日志",
skill=SKILL_SLUG,
stage="run",
)
return 1
def cmd_logs(

View File

@@ -1,6 +1,6 @@
"""技能标识、版本与平台公共库约束(复制后请修改 slug/version/logger"""
SKILL_SLUG = "your-skill-slug"
SKILL_VERSION = "1.0.32"
SKILL_VERSION = "1.0.39"
LOG_LOGGER_NAME = "openclaw.skill.your_skill_slug"
PLATFORM_KIT_MIN_VERSION = "1.0.17"
PLATFORM_KIT_MIN_VERSION = "1.2.0"

View File

@@ -1,4 +1,4 @@
"""数据根、技能目录、兄弟技能根路径。"""
"""数据根、技能目录、兄弟技能根路径与用户数据子目录解析"""
from __future__ import annotations
@@ -10,6 +10,22 @@ from util.constants import SKILL_SLUG
_SCRIPTS_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
STANDARD_SUBDIR_DOWNLOADS = "downloads"
STANDARD_SUBDIR_IMPORTS = "imports"
STANDARD_SUBDIR_EXPORTS = "exports"
STANDARD_SUBDIR_UPLOADS = "uploads"
STANDARD_SUBDIR_CACHE = "cache"
STANDARD_SUBDIR_TEMP = "temp"
STANDARD_SUBDIR_RPA_ARTIFACTS = "rpa-artifacts"
STANDARD_SUBDIR_VIDEOS = "videos"
CONFIG_KEY_DOWNLOAD_DIR = "SKILL_DOWNLOAD_DIR"
CONFIG_KEY_IMPORT_DIR = "SKILL_IMPORT_DIR"
CONFIG_KEY_EXPORT_DIR = "SKILL_EXPORT_DIR"
CONFIG_KEY_UPLOAD_DIR = "SKILL_UPLOAD_DIR"
CONFIG_KEY_CACHE_DIR = "SKILL_CACHE_DIR"
CONFIG_KEY_TEMP_DIR = "SKILL_TEMP_DIR"
def get_skill_root() -> str:
return os.path.dirname(_SCRIPTS_DIR)
@@ -32,3 +48,98 @@ def get_skill_data_dir() -> str:
def get_db_path(filename: str | None = None) -> str:
name = filename or f"{SKILL_SLUG}.db"
return os.path.join(get_skill_data_dir(), name)
def _normalize_subdir(value: str) -> str:
cleaned = value.strip().strip("/\\")
if not cleaned or cleaned.startswith(".."):
raise ValueError(f"invalid skill data subdir: {value!r}")
return cleaned.replace("/", os.sep).replace("\\", os.sep)
def resolve_data_path(
config_key: str | None,
default_subdir: str,
*,
create: bool = True,
) -> str:
"""解析技能拥有路径:空配置 → 数据目录下 default_subdir相对 → 相对数据目录;绝对 → 原样。"""
from jiangchang_skill_core import config
base = get_skill_data_dir()
raw = (config.get(config_key) or "").strip() if config_key else ""
if not raw:
path = os.path.join(base, _normalize_subdir(default_subdir))
elif os.path.isabs(raw):
path = os.path.abspath(os.path.expanduser(raw))
else:
path = os.path.join(base, _normalize_subdir(raw))
if create:
os.makedirs(path, exist_ok=True)
return path
def resolve_input_path(raw_path: str, *, create_parent: bool = False) -> str:
"""解析 CLI 输入路径:绝对路径原样;相对路径相对 {skill_data_dir}/imports/。"""
text = (raw_path or "").strip()
if not text:
return text
expanded = os.path.expanduser(text)
if os.path.isabs(expanded):
return os.path.abspath(expanded)
imports_dir = get_imports_dir(create=create_parent)
return os.path.abspath(os.path.join(imports_dir, os.path.normpath(expanded)))
def get_downloads_dir(*, create: bool = True) -> str:
return resolve_data_path(CONFIG_KEY_DOWNLOAD_DIR, STANDARD_SUBDIR_DOWNLOADS, create=create)
def get_imports_dir(*, create: bool = True) -> str:
return resolve_data_path(CONFIG_KEY_IMPORT_DIR, STANDARD_SUBDIR_IMPORTS, create=create)
def get_exports_dir(*, create: bool = True) -> str:
return resolve_data_path(CONFIG_KEY_EXPORT_DIR, STANDARD_SUBDIR_EXPORTS, create=create)
def get_uploads_dir(*, create: bool = True) -> str:
return resolve_data_path(CONFIG_KEY_UPLOAD_DIR, STANDARD_SUBDIR_UPLOADS, create=create)
def get_cache_dir(*, create: bool = True) -> str:
return resolve_data_path(CONFIG_KEY_CACHE_DIR, STANDARD_SUBDIR_CACHE, create=create)
def get_temp_dir(*, create: bool = True) -> str:
return resolve_data_path(CONFIG_KEY_TEMP_DIR, STANDARD_SUBDIR_TEMP, create=create)
def get_rpa_artifacts_dir(batch_id: str, *, create: bool = True) -> str:
batch = (batch_id or "").strip() or "default"
path = os.path.join(get_skill_data_dir(), STANDARD_SUBDIR_RPA_ARTIFACTS, batch)
if create:
os.makedirs(path, exist_ok=True)
return path
def get_videos_dir(*, create: bool = True) -> str:
path = os.path.join(get_skill_data_dir(), STANDARD_SUBDIR_VIDEOS)
if create:
os.makedirs(path, exist_ok=True)
return path
def list_resolved_data_paths() -> dict[str, str]:
"""供 health / config-path 输出已解析的数据子目录(不创建目录)。"""
return {
"skill_data_dir": get_skill_data_dir(),
"downloads_dir": get_downloads_dir(create=False),
"imports_dir": get_imports_dir(create=False),
"exports_dir": get_exports_dir(create=False),
"uploads_dir": get_uploads_dir(create=False),
"cache_dir": get_cache_dir(create=False),
"temp_dir": get_temp_dir(create=False),
"videos_dir": get_videos_dir(create=False),
}

View File

@@ -35,7 +35,7 @@ def get_skill_root() -> str:
return _SKILL_ROOT
def platform_kit_version_patch(version: str = "1.0.17"):
def platform_kit_version_patch(version: str = "1.2.0"):
"""Mock installed jiangchang-platform-kit version for health/diagnostics tests."""
from unittest.mock import patch

View File

@@ -0,0 +1,237 @@
# -*- coding: utf-8 -*-
"""assets/actions.json 结构与 CLI 映射守护(通用模板,不含具体业务技能名称)。"""
from __future__ import annotations
import json
import os
import re
import unittest
from _support import get_skill_root
from cli.app import build_parser
from util.constants import SKILL_SLUG
_TEMPLATE_PLACEHOLDER_SLUG = "your-skill-slug"
_ALLOWED_PLACEMENTS = frozenset({"toolbar", "row", "batch", "cron", "agent", "skill-detail"})
_RESERVED_PLACEMENTS = frozenset({"row", "batch"})
_RESERVED_ACTION_FIELDS = frozenset({"bind", "concurrency", "locks"})
_REQUIRED_MANIFEST_KEYS = frozenset({"schemaVersion", "skill", "actions"})
_REQUIRED_ACTION_KEYS = frozenset({"id", "label", "description", "placements", "entrypoint"})
_FORBIDDEN_BUSINESS_TERMS = (
"wechat",
"微信",
"contacts",
"wxid",
"account_wxid",
"contact.db",
"scrape-contacts",
"douyin",
"抖音",
"xiaohongshu",
"小红书",
"公众号",
"logistics",
"物流",
)
_TEMPLATE_ARG_PATTERN = re.compile(r"\{\{([a-zA-Z_][a-zA-Z0-9_]*)\}\}")
def _load_actions_manifest() -> dict:
path = os.path.join(get_skill_root(), "assets", "actions.json")
with open(path, encoding="utf-8") as f:
return json.load(f)
def _cli_subcommands() -> set[str]:
parser = build_parser()
subs = parser._subparsers._group_actions[0].choices # type: ignore[attr-defined]
return set(subs.keys())
def _collect_template_vars(args: list) -> set[str]:
found: set[str] = set()
for item in args:
if not isinstance(item, str):
continue
for match in _TEMPLATE_ARG_PATTERN.finditer(item):
found.add(match.group(1))
return found
def _load_actions_schema() -> dict:
path = os.path.join(get_skill_root(), "assets", "schemas", "skill-actions.schema.json")
with open(path, encoding="utf-8") as f:
return json.load(f)
class TestActionsManifest(unittest.TestCase):
def test_manifest_exists_and_schema(self) -> None:
manifest = _load_actions_manifest()
self.assertEqual(manifest.get("schemaVersion"), 1)
skill = manifest.get("skill")
self.assertIn(skill, (SKILL_SLUG, _TEMPLATE_PLACEHOLDER_SLUG))
self.assertIsInstance(manifest.get("actions"), list)
self.assertGreater(len(manifest["actions"]), 0)
def test_action_ids_unique_and_cli_valid(self) -> None:
manifest = _load_actions_manifest()
subs = _cli_subcommands()
seen: set[str] = set()
for action in manifest["actions"]:
action_id = action["id"]
self.assertNotIn(action_id, seen, msg=f"duplicate action id: {action_id}")
seen.add(action_id)
self.assertTrue(str(action.get("label", "")).strip(), msg=f"{action_id} label empty")
self.assertTrue(str(action.get("description", "")).strip(), msg=f"{action_id} description empty")
entry = action["entrypoint"]
self.assertEqual(entry["type"], "cli")
self.assertIn(entry["command"], subs, msg=f"{action_id} command not in CLI")
args = entry.get("args")
self.assertIsInstance(args, list, msg=f"{action_id} args must be array")
for item in args:
self.assertIsInstance(
item,
(str, int, float, bool),
msg=f"{action_id} arg item must be scalar",
)
self.assertNotIsInstance(item, dict, msg=f"{action_id} arg must not be object")
self.assertIsNotNone(item, msg=f"{action_id} arg must not be null")
placements = action.get("placements")
self.assertIsInstance(placements, list, msg=f"{action_id} placements must be array")
self.assertGreater(len(placements), 0, msg=f"{action_id} placements empty")
for placement in placements:
self.assertIn(placement, _ALLOWED_PLACEMENTS, msg=f"{action_id} invalid placement {placement!r}")
def test_template_example_does_not_use_reserved_placements(self) -> None:
manifest = _load_actions_manifest()
for action in manifest["actions"]:
placements = set(action.get("placements") or [])
overlap = placements & _RESERVED_PLACEMENTS
self.assertFalse(
overlap,
msg=f"{action['id']} uses reserved placements not yet supported in template: {overlap}",
)
def test_template_variables_have_input_schema(self) -> None:
manifest = _load_actions_manifest()
for action in manifest["actions"]:
args = action.get("entrypoint", {}).get("args") or []
template_vars = _collect_template_vars(args)
if not template_vars:
continue
schema = action.get("inputSchema") or {}
properties = schema.get("properties") or {}
for var in template_vars:
self.assertIn(
var,
properties,
msg=f"{action['id']} uses {{{{{var}}}}} but inputSchema.properties missing it",
)
def test_required_fields_exist_in_properties(self) -> None:
manifest = _load_actions_manifest()
for action in manifest["actions"]:
schema = action.get("inputSchema") or {}
required = schema.get("required") or []
properties = schema.get("properties") or {}
for field in required:
self.assertIn(
field,
properties,
msg=f"{action['id']} required field {field!r} missing from properties",
)
def test_sensitive_params_not_on_toolbar(self) -> None:
manifest = _load_actions_manifest()
for action in manifest["actions"]:
props = (action.get("inputSchema") or {}).get("properties") or {}
has_sensitive = any(p.get("sensitive") for p in props.values())
if has_sensitive and "toolbar" in (action.get("placements") or []):
self.fail(f"{action['id']} has sensitive input but is on toolbar")
def test_confirmation_message_structure(self) -> None:
manifest = _load_actions_manifest()
for action in manifest["actions"]:
confirmation = action.get("confirmation")
if confirmation is None:
continue
self.assertIsInstance(confirmation, dict)
message = confirmation.get("message")
self.assertTrue(str(message or "").strip(), msg=f"{action['id']} confirmation.message empty")
def test_manifest_has_no_specific_business_skill_names(self) -> None:
path = os.path.join(get_skill_root(), "assets", "actions.json")
with open(path, encoding="utf-8") as f:
raw = f.read().lower()
for term in _FORBIDDEN_BUSINESS_TERMS:
self.assertNotIn(term.lower(), raw, msg=f"actions.json must not contain {term!r}")
def test_actions_md_exists_and_links_manifest(self) -> None:
path = os.path.join(get_skill_root(), "references", "ACTIONS.md")
self.assertTrue(os.path.isfile(path))
with open(path, encoding="utf-8") as f:
text = f.read()
self.assertIn("actions.json", text)
self.assertIn("schemaVersion", text)
for term in _FORBIDDEN_BUSINESS_TERMS:
self.assertNotIn(term.lower(), text.lower(), msg=f"ACTIONS.md must not contain {term!r}")
def test_skill_actions_schema_file_exists(self) -> None:
path = os.path.join(get_skill_root(), "assets", "schemas", "skill-actions.schema.json")
self.assertTrue(os.path.isfile(path))
with open(path, encoding="utf-8") as f:
schema = json.load(f)
self.assertEqual(schema.get("title"), "SkillActionManifest")
self.assertIn("actions", schema.get("properties", {}))
def test_skill_actions_schema_json_parses(self) -> None:
schema = _load_actions_schema()
self.assertEqual(schema["properties"]["schemaVersion"]["const"], 1)
self.assertTrue(schema.get("additionalProperties") is False)
self.assertIn("action", schema.get("$defs", {}))
def test_template_manifest_matches_schema_required_keys(self) -> None:
manifest = _load_actions_manifest()
schema = _load_actions_schema()
for key in _REQUIRED_MANIFEST_KEYS:
self.assertIn(key, manifest)
self.assertIn(key, schema.get("properties", {}))
for action in manifest["actions"]:
for key in _REQUIRED_ACTION_KEYS:
self.assertIn(key, action)
def test_template_example_does_not_use_reserved_action_fields(self) -> None:
manifest = _load_actions_manifest()
for action in manifest["actions"]:
overlap = set(action.keys()) & _RESERVED_ACTION_FIELDS
self.assertFalse(
overlap,
msg=f"{action['id']} uses reserved action fields not supported in template Phase 1: {overlap}",
)
def test_actions_md_documents_strict_vs_host_boundary(self) -> None:
path = os.path.join(get_skill_root(), "references", "ACTIONS.md")
with open(path, encoding="utf-8") as f:
text = f.read()
for marker in (
"严格规范",
"向后兼容",
"Phase 1",
"bind",
"concurrency",
"locks",
"row",
"batch",
"additionalProperties",
):
self.assertIn(marker, text, msg=f"ACTIONS.md missing {marker!r}")
if __name__ == "__main__":
unittest.main()

View File

@@ -16,6 +16,12 @@ from cli.app import main
from util.config_bootstrap import bootstrap_skill_config
from util.constants import SKILL_SLUG
_TEST_TARGET_KEY = "OPENCLAW_" + "TEST_TARGET"
def _env_line(key: str, value: str) -> str:
return f"{key}={value}\n"
class TestConfigBootstrap(unittest.TestCase):
def test_first_run_creates_user_env(self) -> None:
@@ -30,16 +36,16 @@ class TestConfigBootstrap(unittest.TestCase):
config.reset_cache()
path = bootstrap_skill_config()
with open(path, "w", encoding="utf-8") as f:
f.write("OPENCLAW_TEST_TARGET=simulator_rpa\n")
f.write(_env_line(_TEST_TARGET_KEY, "simulator_rpa"))
with tempfile.NamedTemporaryFile("w", encoding="utf-8", delete=False, suffix=".example") as tmp:
tmp.write("OPENCLAW_TEST_TARGET=mock\nHUMAN_WAIT_TIMEOUT=60\n")
tmp.write(_env_line(_TEST_TARGET_KEY, "mock") + "HUMAN_WAIT_TIMEOUT=60\n")
tmp_path = tmp.name
try:
config.merge_missing_env_keys(tmp_path, path, comment_skill="test")
with open(path, encoding="utf-8") as f:
content = f.read()
self.assertIn("OPENCLAW_TEST_TARGET=simulator_rpa", content)
self.assertNotIn("OPENCLAW_TEST_TARGET=mock", content)
self.assertIn(_env_line(_TEST_TARGET_KEY, "simulator_rpa").strip(), content)
self.assertNotIn(_env_line(_TEST_TARGET_KEY, "mock").strip(), content)
finally:
os.unlink(tmp_path)
config.reset_cache()
@@ -49,7 +55,7 @@ class TestConfigBootstrap(unittest.TestCase):
config.reset_cache()
path = bootstrap_skill_config()
with open(path, "w", encoding="utf-8") as f:
f.write("OPENCLAW_TEST_TARGET=simulator_rpa\n")
f.write(_env_line(_TEST_TARGET_KEY, "simulator_rpa"))
example = os.path.join(get_skill_root(), ".env.example")
added = config.merge_missing_env_keys(example, path, comment_skill="test")
self.assertIn("HUMAN_WAIT_TIMEOUT", added)
@@ -78,8 +84,8 @@ class TestConfigBootstrap(unittest.TestCase):
config.reset_cache()
with open(example, encoding="utf-8") as f:
example_text = f.read()
self.assertIn("OPENCLAW_TEST_TARGET=mock", example_text)
self.assertEqual(config.get("OPENCLAW_TEST_TARGET"), "mock")
self.assertIn(_env_line(_TEST_TARGET_KEY, "mock").strip(), example_text)
self.assertEqual(config.get(_TEST_TARGET_KEY), "mock")
def test_config_path_outputs_json(self) -> None:
with IsolatedDataRoot(user_id="_cfg_path"):

View File

@@ -0,0 +1,479 @@
# -*- coding: utf-8 -*-
"""通用数据管理契约测试demo_items fixture不含具体业务技能内容"""
from __future__ import annotations
import json
import sqlite3
import unittest
from _support import IsolatedDataRoot
DEMO_ITEMS_DDL = """
CREATE TABLE IF NOT EXISTS demo_items (
id INTEGER PRIMARY KEY AUTOINCREMENT,
title TEXT NOT NULL,
description TEXT,
status TEXT NOT NULL DEFAULT 'draft',
generated_value TEXT,
created_at INTEGER NOT NULL DEFAULT (unixepoch()),
updated_at INTEGER NOT NULL DEFAULT (unixepoch())
);
CREATE TRIGGER IF NOT EXISTS demo_items_set_updated_at
AFTER UPDATE ON demo_items
FOR EACH ROW
BEGIN
UPDATE demo_items
SET updated_at = unixepoch()
WHERE id = NEW.id AND updated_at = OLD.updated_at;
END;
"""
DEMO_ITEMS_TABLE_METADATA = {
"table_name": "demo_items",
"display_name": "示例记录",
"description": "通用数据管理契约演示表",
"visible": 1,
"readonly": 0,
}
DEMO_ITEMS_COLUMN_METADATA: tuple[dict[str, object], ...] = (
{"column_name": "id", "display_name": "编号", "visible": 1, "searchable": 1, "editable": 0},
{"column_name": "title", "display_name": "标题", "visible": 1, "searchable": 1, "editable": 1},
{"column_name": "description", "display_name": "描述", "visible": 1, "searchable": 1, "editable": 1},
{
"column_name": "status",
"display_name": "状态",
"visible": 1,
"searchable": 1,
"editable": 1,
"options_json": json.dumps(
[
{"value": "draft", "label": "草稿"},
{"value": "published", "label": "已发布"},
{"value": "archived", "label": "已归档"},
],
ensure_ascii=False,
),
},
{"column_name": "generated_value", "display_name": "生成值", "visible": 1, "searchable": 0, "editable": 0},
{
"column_name": "created_at",
"display_name": "创建时间",
"visible": 1,
"searchable": 0,
"editable": 0,
"display_type": "datetime_unix_seconds",
},
{
"column_name": "updated_at",
"display_name": "更新时间",
"visible": 1,
"searchable": 0,
"editable": 0,
"display_type": "datetime_unix_seconds",
},
)
def _init_demo_items_fixture(conn: sqlite3.Connection, *, prune: bool = True) -> None:
from db.display_metadata import (
init_display_metadata_tables,
list_physical_column_names,
seed_column_metadata_batch,
upsert_table_metadata,
)
cur = conn.cursor()
init_display_metadata_tables(cur)
cur.executescript(DEMO_ITEMS_DDL)
meta = DEMO_ITEMS_TABLE_METADATA
upsert_table_metadata(
cur,
table_name=str(meta["table_name"]),
display_name=str(meta["display_name"]),
description=str(meta["description"]),
visible=int(meta["visible"]),
readonly=int(meta["readonly"]),
)
physical = list_physical_column_names(cur, "demo_items")
seed_column_metadata_batch(
cur,
table_name="demo_items",
columns=DEMO_ITEMS_COLUMN_METADATA,
valid_column_names=physical if prune else None,
)
conn.commit()
class TestDataManagementContract(unittest.TestCase):
def test_demo_items_metadata_permissions(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
from db.display_metadata import (
get_column_editable,
get_table_readonly,
list_editable_business_columns,
table_allows_manual_create,
)
cur = conn.cursor()
self.assertEqual(get_table_readonly(cur, "demo_items"), 0)
self.assertEqual(get_column_editable(cur, "demo_items", "id"), 0)
self.assertEqual(get_column_editable(cur, "demo_items", "title"), 1)
self.assertEqual(get_column_editable(cur, "demo_items", "generated_value"), 0)
self.assertEqual(get_column_editable(cur, "demo_items", "created_at"), 0)
self.assertEqual(get_column_editable(cur, "demo_items", "updated_at"), 0)
editable_cols = list_editable_business_columns(cur, "demo_items")
self.assertEqual(editable_cols, ["title", "description", "status"])
self.assertTrue(table_allows_manual_create(cur, "demo_items"))
finally:
conn.close()
def test_demo_items_init_idempotent_no_duplicates(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
_init_demo_items_fixture(conn)
cur = conn.cursor()
cur.execute("SELECT COUNT(*) FROM _jiangchang_tables WHERE table_name = 'demo_items'")
self.assertEqual(int(cur.fetchone()[0]), 1)
cur.execute("SELECT COUNT(*) FROM _jiangchang_columns WHERE table_name = 'demo_items'")
self.assertEqual(int(cur.fetchone()[0]), 7)
finally:
conn.close()
def test_reinit_updates_stale_editable_value(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute(
"UPDATE _jiangchang_columns SET editable = 0 WHERE table_name = 'demo_items' AND column_name = 'title'"
)
conn.commit()
_init_demo_items_fixture(conn)
from db.display_metadata import get_column_editable
self.assertEqual(get_column_editable(conn.cursor(), "demo_items", "title"), 1)
finally:
conn.close()
def test_missing_table_metadata_detected(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute("DELETE FROM _jiangchang_tables WHERE table_name = 'demo_items'")
conn.commit()
from db.display_metadata_validator import validate_display_metadata
report = validate_display_metadata(conn)
self.assertFalse(report.ok)
self.assertTrue(any("demo_items" in err for err in report.errors))
finally:
conn.close()
def test_missing_column_metadata_detected(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute(
"DELETE FROM _jiangchang_columns WHERE table_name = 'demo_items' AND column_name = 'title'"
)
conn.commit()
from db.display_metadata_validator import validate_display_metadata
report = validate_display_metadata(conn)
self.assertFalse(report.ok)
self.assertTrue(any("demo_items.title" in err for err in report.errors))
finally:
conn.close()
def test_metadata_reference_to_missing_column_detected(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute(
"""
INSERT INTO _jiangchang_columns
(table_name, column_name, display_name, visible, searchable, editable)
VALUES ('demo_items', 'not_exists', '不存在', 1, 1, 0)
"""
)
conn.commit()
from db.display_metadata_validator import validate_display_metadata
report = validate_display_metadata(conn)
self.assertFalse(report.ok)
self.assertTrue(any("not_exists" in err for err in report.errors))
finally:
conn.close()
def test_empty_display_name_detected_for_visible_column(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute(
"UPDATE _jiangchang_columns SET display_name = '' WHERE table_name = 'demo_items' AND column_name = 'title'"
)
conn.commit()
from db.display_metadata_validator import validate_display_metadata
report = validate_display_metadata(conn)
self.assertFalse(report.ok)
self.assertTrue(any("display_name 为空" in err for err in report.errors))
finally:
conn.close()
def test_visible_columns_use_chinese_display_name(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
cur = conn.cursor()
cur.execute(
"""
SELECT column_name, display_name
FROM _jiangchang_columns
WHERE table_name = 'demo_items' AND visible = 1
"""
)
for column_name, display_name in cur.fetchall():
self.assertTrue(
any("\u4e00" <= ch <= "\u9fff" for ch in str(display_name)),
msg=f"{column_name} display_name should be Chinese: {display_name!r}",
)
finally:
conn.close()
def test_timestamp_fields_type_default_and_editable(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
cur = conn.cursor()
for column_name in ("created_at", "updated_at"):
cur.execute(f"PRAGMA table_info('demo_items')")
info = {row[1]: row for row in cur.fetchall()}
row = info[column_name]
self.assertIn("INT", str(row[2]).upper())
self.assertIn("unixepoch", str(row[4]).lower())
cur.execute(
"""
SELECT editable, display_type FROM _jiangchang_columns
WHERE table_name = 'demo_items' AND column_name = ?
""",
(column_name,),
)
editable, display_type = cur.fetchone()
self.assertEqual(int(editable), 0)
self.assertEqual(display_type, "datetime_unix_seconds")
finally:
conn.close()
def test_physical_order_matches_pragma_cid(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
from db.display_metadata import list_physical_column_names
cur = conn.cursor()
expected = [str(item["column_name"]) for item in DEMO_ITEMS_COLUMN_METADATA]
physical = list_physical_column_names(cur, "demo_items")
self.assertEqual(physical, expected)
cur.execute("PRAGMA table_info('demo_items')")
cid_order = [row[1] for row in sorted(cur.fetchall(), key=lambda row: int(row[0]))]
self.assertEqual(cid_order, expected)
finally:
conn.close()
def test_options_json_parses_for_enum_field(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
cur = conn.cursor()
cur.execute(
"""
SELECT options_json FROM _jiangchang_columns
WHERE table_name = 'demo_items' AND column_name = 'status'
"""
)
raw = cur.fetchone()[0]
from db.display_metadata_validator import validate_options_json
errors, _ = validate_options_json(raw)
self.assertEqual(errors, [])
parsed = json.loads(raw)
self.assertEqual(len(parsed), 3)
self.assertEqual(parsed[0]["value"], "draft")
finally:
conn.close()
def test_system_table_no_editable_fields_not_manual_create(self) -> None:
conn = sqlite3.connect(":memory:")
try:
from db.display_metadata import (
init_display_metadata_tables,
seed_column_metadata_batch,
table_allows_manual_create,
upsert_table_metadata,
)
cur = conn.cursor()
init_display_metadata_tables(cur)
cur.execute(
"""
CREATE TABLE source_records (
id INTEGER PRIMARY KEY AUTOINCREMENT,
item_id TEXT NOT NULL,
synced_at INTEGER NOT NULL DEFAULT (unixepoch())
)
"""
)
upsert_table_metadata(
cur,
table_name="source_records",
display_name="来源记录",
description="只由同步流程写入",
visible=1,
readonly=0,
)
seed_column_metadata_batch(
cur,
table_name="source_records",
columns=(
{"column_name": "id", "display_name": "编号", "editable": 0},
{"column_name": "item_id", "display_name": "记录编号", "editable": 0},
{"column_name": "synced_at", "display_name": "同步时间", "editable": 0, "display_type": "datetime_unix_seconds"},
),
)
conn.commit()
self.assertFalse(table_allows_manual_create(cur, "source_records"))
finally:
conn.close()
def test_table_readonly_blocks_manual_create_even_with_editable_fields(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute("UPDATE _jiangchang_tables SET readonly = 1 WHERE table_name = 'demo_items'")
conn.commit()
from db.display_metadata import table_allows_manual_create
self.assertFalse(table_allows_manual_create(conn.cursor(), "demo_items"))
finally:
conn.close()
def test_prune_stale_column_metadata(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
conn.execute(
"""
INSERT INTO _jiangchang_columns
(table_name, column_name, display_name, visible, searchable, editable)
VALUES ('demo_items', 'removed_field', '已删除', 0, 0, 0)
"""
)
conn.commit()
from db.display_metadata import list_physical_column_names, seed_column_metadata_batch
cur = conn.cursor()
physical = list_physical_column_names(cur, "demo_items")
seed_column_metadata_batch(
cur,
table_name="demo_items",
columns=DEMO_ITEMS_COLUMN_METADATA,
valid_column_names=physical,
)
conn.commit()
cur.execute(
"SELECT 1 FROM _jiangchang_columns WHERE table_name = 'demo_items' AND column_name = 'removed_field'"
)
self.assertIsNone(cur.fetchone())
finally:
conn.close()
def test_seed_batch_without_valid_column_names_does_not_prune(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn, prune=False)
conn.execute(
"""
INSERT INTO _jiangchang_columns
(table_name, column_name, display_name, visible, searchable, editable)
VALUES ('demo_items', 'removed_field', '已删除', 0, 0, 0)
"""
)
conn.commit()
from db.display_metadata import seed_column_metadata_batch
seed_column_metadata_batch(
conn.cursor(),
table_name="demo_items",
columns=DEMO_ITEMS_COLUMN_METADATA,
)
conn.commit()
cur = conn.cursor()
cur.execute(
"SELECT 1 FROM _jiangchang_columns WHERE table_name = 'demo_items' AND column_name = 'removed_field'"
)
self.assertIsNotNone(cur.fetchone())
finally:
conn.close()
def test_seed_batch_accepts_list_columns(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn, prune=False)
from db.display_metadata import get_column_editable, seed_column_metadata_batch
columns = list(DEMO_ITEMS_COLUMN_METADATA)
columns[1] = {**columns[1], "display_name": "标题(列表)"}
seed_column_metadata_batch(
conn.cursor(),
table_name="demo_items",
columns=columns,
valid_column_names=[str(item["column_name"]) for item in DEMO_ITEMS_COLUMN_METADATA],
)
conn.commit()
cur = conn.cursor()
cur.execute(
"SELECT display_name FROM _jiangchang_columns WHERE table_name = 'demo_items' AND column_name = 'title'"
)
self.assertEqual(cur.fetchone()[0], "标题(列表)")
self.assertEqual(get_column_editable(cur, "demo_items", "title"), 1)
finally:
conn.close()
def test_prune_does_not_remove_existing_column_metadata(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
from db.display_metadata import get_column_editable, seed_column_metadata_batch
cur = conn.cursor()
before = get_column_editable(cur, "demo_items", "title")
seed_column_metadata_batch(
cur,
table_name="demo_items",
columns=DEMO_ITEMS_COLUMN_METADATA,
valid_column_names=[str(item["column_name"]) for item in DEMO_ITEMS_COLUMN_METADATA],
)
conn.commit()
self.assertEqual(get_column_editable(cur, "demo_items", "title"), before)
finally:
conn.close()
def test_demo_items_validation_passes(self) -> None:
conn = sqlite3.connect(":memory:")
try:
_init_demo_items_fixture(conn)
from db.display_metadata_validator import validate_display_metadata
report = validate_display_metadata(conn)
self.assertTrue(report.ok, msg="; ".join(report.errors))
finally:
conn.close()
if __name__ == "__main__":
unittest.main()

View File

@@ -0,0 +1,763 @@
# -*- coding: utf-8 -*-
"""开发规范 hard policy 守护索引development/POLICY_MATRIX.md"""
from __future__ import annotations
import os
import re
import unittest
from _support import get_skill_root
SKIP_DIR_NAMES = frozenset(
{
".git",
"__pycache__",
".pytest_cache",
"rpa-artifacts",
"videos",
}
)
SKIP_REL_PREFIXES = ("tests/artifacts", "tests/diagnostics")
POLICY_IDS = (
"POLICY-STRUCTURE-001",
"POLICY-RUNTIME-001",
"POLICY-RUNTIME-002",
"POLICY-INSTALL-001",
"POLICY-CONFIG-001",
"POLICY-CONFIG-002",
"POLICY-CONFIG-003",
"POLICY-TESTING-001",
"POLICY-TESTING-002",
"POLICY-RPA-001",
"POLICY-RPA-002",
"POLICY-RPA-003",
"POLICY-PACKAGING-001",
"POLICY-PACKAGING-002",
"POLICY-DOCS-001",
"POLICY-LOGGING-001",
"POLICY-LOGGING-002",
"POLICY-LOGGING-003",
"POLICY-LOGGING-004",
"POLICY-LOGGING-005",
"POLICY-CONTROL-001",
"POLICY-CONTROL-002",
"POLICY-CONTROL-003",
"POLICY-DATA-PATH-001",
)
STRUCTURE_PATHS = (
"scripts/main.py",
"scripts/cli",
"scripts/service",
"scripts/db",
"scripts/util",
)
CONFIG_ENV_BOUNDARY_FILES = frozenset(
{
"scripts/main.py",
"scripts/util/config_bootstrap.py",
"scripts/util/runtime_paths.py",
"scripts/util/logging_config.py",
"scripts/util/constants.py",
}
)
INSTALL_FORBIDDEN_PATTERNS = (
re.compile(r"\bpip\s+install\b", re.IGNORECASE),
re.compile(r"\bpython\s+-m\s+pip\s+install\b", re.IGNORECASE),
re.compile(r"\buv\s+pip\s+install\b", re.IGNORECASE),
re.compile(r"\bplaywright\s+install\b", re.IGNORECASE),
)
CONFIG_ENV_FORBIDDEN_PATTERNS = (
re.compile(r"\bos\.environ\b"),
re.compile(r"\bos\.getenv\b"),
re.compile(r"\bos\.putenv\b"),
re.compile(r"\benviron\.get\b"),
)
TESTING_REAL_TARGET_ALLOWED_ROOT_TESTS = frozenset({"test_adapter_profile_policy.py"})
TESTING_001_FORBIDDEN_SUBSTRINGS = (
"real_" + "api",
"real_" + "rpa",
"OPENCLAW_" + "TEST_TARGET",
)
TESTING_001_SKIP_ROOT_TESTS = frozenset({"test_development_policy_guard.py"})
RPA_001_FORBIDDEN_PATTERNS = (
re.compile(r"\brpa_helpers\b"),
re.compile(r"\binject_account_manager_scripts_path\b"),
re.compile(r"\bget_account_credential\b"),
)
RPA_002_FFMPEG_PATTERNS = (
re.compile(
r"\bsubprocess\.(run|call|Popen|check_output|check_call)\s*\([^)]*ffmpeg",
re.IGNORECASE | re.DOTALL,
),
re.compile(
r"\bsubprocess\.(run|call|Popen|check_output|check_call)\(\s*['\"][^'\"]*ffmpeg",
re.IGNORECASE,
),
re.compile(r"\bos\.system\s*\([^)]*ffmpeg", re.IGNORECASE | re.DOTALL),
re.compile(r"\bos\.popen\s*\([^)]*ffmpeg", re.IGNORECASE | re.DOTALL),
re.compile(
r"\bsubprocess\.(run|call|Popen|check_output|check_call)\([^)]*shell\s*=\s*True[^)]*ffmpeg",
re.IGNORECASE | re.DOTALL,
),
)
RPA_002_EXEMPT_REL = "scripts/service/task_run_support.py"
RPA_003_SOURCE = (
"development/RPA.md §5.3; development/TESTING.md §12; development/POLICY_MATRIX.md"
)
LOGGING_001_SOURCE = "development/LOGGING.md; development/RUNTIME.md"
LOGGING_002_SOURCE = "development/LOGGING.md; development/DEVELOPMENT.md"
LOGGING_003_SOURCE = "development/LOGGING.md"
LOGGING_004_SOURCE = "development/LOGGING.md; development/RPA.md"
LOGGING_005_SOURCE = "development/LOGGING.md; development/CONFIG.md"
LOGGING_CALL_PATTERN = re.compile(
r"\b(log|logger|get_skill_logger\s*\(\s*\))\s*\.\s*(info|warning|error|debug|exception|critical)\s*\(",
re.IGNORECASE,
)
LOGGING_CALL_GET_LOGGER_PATTERN = re.compile(
r"get_skill_logger\s*\(\s*\)\s*\.\s*(info|warning|error|debug|exception|critical)\s*\(",
re.IGNORECASE,
)
SENSITIVE_LOG_ASSIGNMENT_PATTERN = re.compile(
r"(password|token|cookie|secret|api_key|authorization)\s*=",
re.IGNORECASE,
)
def _policy_msg(policy_id: str, source: str, detail: str) -> str:
return f"{policy_id} [{source}]: {detail}"
def _rel(skill_root: str, path: str) -> str:
return os.path.relpath(path, skill_root).replace("\\", "/")
def _should_skip_dirname(dirname: str) -> bool:
return dirname in SKIP_DIR_NAMES
def _should_skip_rel_path(skill_root: str, abs_path: str) -> bool:
rel = _rel(skill_root, abs_path).replace("\\", "/")
for prefix in SKIP_REL_PREFIXES:
normalized = prefix.rstrip("/")
if rel == normalized or rel.startswith(normalized + "/"):
return True
return False
def _walk_files(skill_root: str, rel_root: str, *, suffix: str | None = None) -> list[str]:
base = os.path.join(skill_root, rel_root)
if not os.path.exists(base):
return []
found: list[str] = []
for root, dirnames, filenames in os.walk(base):
kept: list[str] = []
for d in dirnames:
if _should_skip_dirname(d):
continue
sub = os.path.join(root, d)
if _should_skip_rel_path(skill_root, sub):
continue
kept.append(d)
dirnames[:] = kept
for name in filenames:
full = os.path.join(root, name)
if _should_skip_rel_path(skill_root, full):
continue
if suffix and not name.endswith(suffix):
continue
found.append(full)
return sorted(found)
def _read_text(path: str) -> str:
with open(path, encoding="utf-8") as f:
return f.read()
def _requirement_dependency_lines(req_text: str) -> list[str]:
return [
line.strip()
for line in req_text.splitlines()
if line.strip() and not line.strip().startswith("#")
]
def _scan_install_delivery_files(skill_root: str) -> list[str]:
offenders: list[str] = []
scan_specs: list[tuple[str, str | None]] = [
("scripts", ".py"),
(".", ".ps1"),
(".", ".sh"),
(".", None),
(".github/workflows", ".yml"),
(".github/workflows", ".yaml"),
]
seen: set[str] = set()
for rel_root, suffix in scan_specs:
if rel_root == "." and suffix is None:
req = os.path.join(skill_root, "requirements.txt")
if os.path.isfile(req):
seen.add(req)
text = _read_text(req)
for pattern in INSTALL_FORBIDDEN_PATTERNS:
if pattern.search(text):
offenders.append(
_policy_msg(
"POLICY-INSTALL-001",
"development/RUNTIME.md; development/RPA.md §1.4; development/DEVELOPMENT.md §3.1",
f"{_rel(skill_root, req)} matches {pattern.pattern}",
)
)
continue
for path in _walk_files(skill_root, rel_root, suffix=suffix):
if path in seen:
continue
seen.add(path)
if suffix == ".ps1" and not path.endswith(".ps1"):
continue
if suffix == ".sh" and not path.endswith(".sh"):
continue
text = _read_text(path)
for pattern in INSTALL_FORBIDDEN_PATTERNS:
if pattern.search(text):
offenders.append(
_policy_msg(
"POLICY-INSTALL-001",
"development/RUNTIME.md; development/RPA.md §1.4; development/DEVELOPMENT.md §3.1",
f"{_rel(skill_root, path)} matches {pattern.pattern}",
)
)
return offenders
def _gitignore_has_pattern(lines: list[str], pattern: str) -> bool:
normalized = [ln.strip() for ln in lines if ln.strip() and not ln.strip().startswith("#")]
return pattern in normalized
class TestPolicyStructure001(unittest.TestCase):
def test_standard_scripts_layout_exists(self) -> None:
skill_root = get_skill_root()
missing: list[str] = []
for rel in STRUCTURE_PATHS:
path = os.path.join(skill_root, *rel.split("/"))
if not os.path.exists(path):
missing.append(rel)
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-STRUCTURE-001",
"development/DEVELOPMENT.md §2; development/RUNTIME.md §目录结构",
"missing: " + ", ".join(missing),
),
)
class TestPolicyRuntime001(unittest.TestCase):
def test_no_vendored_jiangchang_skill_core(self) -> None:
skill_root = get_skill_root()
vendored = os.path.join(skill_root, "scripts", "jiangchang_skill_core")
self.assertFalse(
os.path.isdir(vendored),
msg=_policy_msg(
"POLICY-RUNTIME-001",
"development/RUNTIME.md §共享 Python Runtime",
_rel(skill_root, vendored),
),
)
class TestPolicyRuntime002(unittest.TestCase):
def test_requirements_txt_excludes_shared_runtime_deps(self) -> None:
skill_root = get_skill_root()
req_path = os.path.join(skill_root, "requirements.txt")
self.assertTrue(os.path.isfile(req_path), msg="requirements.txt missing")
text = _read_text(req_path)
dep_lines = _requirement_dependency_lines(text)
offenders: list[str] = []
for line in dep_lines:
lower = line.lower()
if "jiangchang-platform-kit" in lower:
offenders.append(line)
if re.search(r"(?<![\w.-])playwright(?![\w.-])", lower):
offenders.append(line)
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-RUNTIME-002",
"development/RUNTIME.md; development/DEVELOPMENT.md §3.1",
"forbidden dependency lines: " + "; ".join(offenders),
),
)
class TestPolicyInstall001(unittest.TestCase):
def test_delivery_files_have_no_auto_install_commands(self) -> None:
offenders = _scan_install_delivery_files(get_skill_root())
self.assertEqual(offenders, [], msg="\n".join(offenders))
class TestPolicyConfig001(unittest.TestCase):
def test_env_example_exists(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, ".env.example")
self.assertTrue(
os.path.isfile(path),
msg=_policy_msg(
"POLICY-CONFIG-001",
"development/CONFIG.md",
".env.example missing at repo root",
),
)
class TestPolicyConfig002(unittest.TestCase):
def test_gitignore_ignores_env_files(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, ".gitignore")
self.assertTrue(os.path.isfile(path), msg=".gitignore missing")
lines = _read_text(path).splitlines()
missing: list[str] = []
if not _gitignore_has_pattern(lines, ".env"):
missing.append(".env")
if not _gitignore_has_pattern(lines, "*.env.local"):
missing.append("*.env.local")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-CONFIG-002",
"development/CONFIG.md §红线:敏感信息不进 .env",
"missing gitignore entries: " + ", ".join(missing),
),
)
class TestPolicyConfig003(unittest.TestCase):
def test_business_scripts_do_not_read_os_environ_directly(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
if rel.replace("\\", "/") in CONFIG_ENV_BOUNDARY_FILES:
continue
text = _read_text(path)
for lineno, line in enumerate(text.splitlines(), 1):
if line.strip().startswith("#"):
continue
for pattern in CONFIG_ENV_FORBIDDEN_PATTERNS:
if pattern.search(line):
offenders.append(
f"{rel}:{lineno}: {line.strip()} — use jiangchang_skill_core.config.get*"
)
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-CONFIG-003",
"development/CONFIG.md; development/ADAPTER.md",
"\n".join(offenders),
),
)
class TestPolicyTesting001(unittest.TestCase):
def test_root_tests_do_not_hardcode_real_targets(self) -> None:
skill_root = get_skill_root()
tests_dir = os.path.join(skill_root, "tests")
offenders: list[str] = []
for name in sorted(os.listdir(tests_dir)):
if not (name.startswith("test_") and name.endswith(".py")):
continue
if name in TESTING_001_SKIP_ROOT_TESTS:
continue
if name in TESTING_REAL_TARGET_ALLOWED_ROOT_TESTS:
continue
path = os.path.join(tests_dir, name)
text = _read_text(path)
for lineno, line in enumerate(text.splitlines(), 1):
stripped = line.strip()
if stripped.startswith("#"):
continue
for token in TESTING_001_FORBIDDEN_SUBSTRINGS:
if token in line:
offenders.append(f"{name}:{lineno}: {stripped}")
break
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-TESTING-001",
"development/TESTING.md §默认必跑测试要做什么",
"\n".join(offenders),
),
)
class TestPolicyTesting002(unittest.TestCase):
def test_integration_python_tests_are_sample_only(self) -> None:
skill_root = get_skill_root()
integration_dir = os.path.join(skill_root, "tests", "integration")
if not os.path.isdir(integration_dir):
return
offenders: list[str] = []
for name in sorted(os.listdir(integration_dir)):
if not name.endswith(".py"):
continue
if name.endswith(".sample"):
continue
offenders.append(f"tests/integration/{name}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-TESTING-002",
"development/TESTING.md §7 真实联调测试的安全约束",
"non-sample integration tests: " + ", ".join(offenders),
),
)
class TestPolicyRpa001(unittest.TestCase):
def test_scripts_have_no_account_manager_internal_imports(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
text = _read_text(path)
for pattern in RPA_001_FORBIDDEN_PATTERNS:
if pattern.search(text):
offenders.append(f"{rel}: {pattern.pattern}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-RPA-001",
"development/ADAPTER.md §兄弟依赖; development/RPA.md §1.7",
"\n".join(offenders),
),
)
class TestPolicyRpa002(unittest.TestCase):
def test_scripts_do_not_invoke_ffmpeg_directly(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
if rel.replace("\\", "/") == RPA_002_EXEMPT_REL:
continue
text = _read_text(path)
for pattern in RPA_002_FFMPEG_PATTERNS:
if pattern.search(text):
offenders.append(f"{rel}: {pattern.pattern}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-RPA-002",
"development/RPA.md §5.3 录屏成片标准",
"\n".join(offenders),
),
)
class TestPolicyRpa003(unittest.TestCase):
def test_service_layer_retains_video_session_integration(self) -> None:
skill_root = get_skill_root()
service_files = _walk_files(skill_root, "scripts/service", suffix=".py")
self.assertTrue(service_files, msg="scripts/service/*.py not found")
combined = "\n".join(_read_text(path) for path in service_files)
missing: list[str] = []
if "RpaVideoSession" not in combined:
missing.append("RpaVideoSession")
if "video.add_step" not in combined and ".add_step(" not in combined:
missing.append("video.add_step or .add_step(")
if "merge_video_into_result_summary" not in combined:
missing.append("merge_video_into_result_summary")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-RPA-003",
RPA_003_SOURCE,
"scripts/service/*.py missing: " + ", ".join(missing),
),
)
def _scan_sensitive_logging_assignments(skill_root: str) -> list[str]:
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
for lineno, line in enumerate(_read_text(path).splitlines(), 1):
stripped = line.strip()
if not stripped or stripped.startswith("#"):
continue
if not LOGGING_CALL_PATTERN.search(line):
continue
if SENSITIVE_LOG_ASSIGNMENT_PATTERN.search(line):
offenders.append(f"{rel}:{lineno}: {stripped}")
return offenders
class TestPolicyLogging001(unittest.TestCase):
def test_cli_app_sets_up_unified_logging(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "cli", "app.py")
text = _read_text(path)
rel = _rel(skill_root, path)
self.assertIn(
"setup_skill_logging",
text,
msg=_policy_msg(
"POLICY-LOGGING-001",
LOGGING_001_SOURCE,
f"{rel} missing setup_skill_logging",
),
)
has_logger_info = bool(
LOGGING_CALL_GET_LOGGER_PATTERN.search(text)
or re.search(r"\bget_skill_logger\s*\(\s*\)\s*\.\s*info\s*\(", text)
)
self.assertTrue(
has_logger_info,
msg=_policy_msg(
"POLICY-LOGGING-001",
LOGGING_001_SOURCE,
f"{rel} missing get_skill_logger().info (or equivalent)",
),
)
class TestPolicyLogging002(unittest.TestCase):
def test_task_service_uses_get_skill_logger(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
self.assertRegex(
text,
r"get_skill_logger",
msg=_policy_msg(
"POLICY-LOGGING-002",
LOGGING_002_SOURCE,
f"{rel} must import/use get_skill_logger",
),
)
class TestPolicyLogging003(unittest.TestCase):
def test_task_service_logs_start_failure_and_task_logs(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
missing: list[str] = []
if not re.search(r"\b(log|logger)\.info\s*\(", text):
missing.append("log.info or logger.info")
if not re.search(r"\b(log|logger)\.exception\s*\(", text):
missing.append("log.exception or logger.exception")
if "save_task_log" not in text:
missing.append("save_task_log")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-LOGGING-003",
LOGGING_003_SOURCE,
f"{rel} missing: " + ", ".join(missing),
),
)
class TestPolicyLogging004(unittest.TestCase):
def test_task_service_emits_progress_for_long_tasks(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
has_progress = bool(
re.search(r"\bemit\s*\(", text)
or re.search(r"\bactivity\.emit\s*\(", text)
or re.search(r"\bvideo\.add_step\s*\(", text)
)
self.assertTrue(
has_progress,
msg=_policy_msg(
"POLICY-LOGGING-004",
LOGGING_004_SOURCE,
f"{rel} must use emit( / activity.emit / video.add_step",
),
)
class TestPolicyLogging005(unittest.TestCase):
def test_scripts_do_not_log_sensitive_assignments(self) -> None:
offenders = _scan_sensitive_logging_assignments(get_skill_root())
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-LOGGING-005",
LOGGING_005_SOURCE,
"\n".join(offenders),
),
)
class TestPolicyControl001(unittest.TestCase):
def test_no_util_progress_module(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "util", "progress.py")
self.assertFalse(
os.path.isfile(path),
msg=_policy_msg(
"POLICY-CONTROL-001",
"development/LOGGING.md §2.5; development/RPA.md §0.1",
"scripts/util/progress.py must not exist",
),
)
class TestPolicyControl002(unittest.TestCase):
def test_task_service_uses_job_context_and_finish(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
missing: list[str] = []
if "job_context(" not in text:
missing.append("job_context(")
if "finish(" not in text:
missing.append("finish(")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-CONTROL-002",
"development/LOGGING.md §2.5、§7",
f"{rel} missing: " + ", ".join(missing),
),
)
class TestPolicyControl003(unittest.TestCase):
def test_service_layer_has_no_bare_asyncio_sleep(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts/service", suffix=".py"):
rel = _rel(skill_root, path)
for lineno, line in enumerate(_read_text(path).splitlines(), 1):
stripped = line.strip()
if not stripped or stripped.startswith("#"):
continue
if "asyncio.sleep" in stripped:
offenders.append(f"{rel}:{lineno}: {stripped}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-CONTROL-003",
"development/RPA.md §0.1",
"use interruptible_sleep instead:\n" + "\n".join(offenders),
),
)
class TestPolicyDataPath001(unittest.TestCase):
def test_env_example_has_no_cwd_relative_paths(self) -> None:
path = os.path.join(get_skill_root(), ".env.example")
offenders: list[str] = []
with open(path, encoding="utf-8") as f:
for lineno, line in enumerate(f, 1):
stripped = line.strip()
if not stripped or stripped.startswith("#"):
continue
active = stripped.split("#", 1)[0].strip()
if re.search(r"=\s*\./", active):
offenders.append(f".env.example:{lineno}: {active}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-DATA-PATH-001",
"development/DATA_PATHS.md",
"\n".join(offenders) or "CWD-relative ./ paths in .env.example",
),
)
def test_runtime_paths_exposes_resolve_data_path(self) -> None:
import util.runtime_paths as rp
self.assertTrue(callable(getattr(rp, "resolve_data_path", None)))
self.assertTrue(callable(getattr(rp, "list_resolved_data_paths", None)))
def test_business_scripts_do_not_abspath_config_get(self) -> None:
skill_root = get_skill_root()
pattern = re.compile(r"os\.path\.abspath\s*\(\s*config\.get\b")
offenders: list[str] = []
for rel in _walk_files(skill_root, "scripts", suffix=".py"):
if rel.replace("\\", "/") == "scripts/util/runtime_paths.py":
continue
text = _read_text(os.path.join(skill_root, rel))
for lineno, line in enumerate(text.splitlines(), 1):
if line.strip().startswith("#"):
continue
if pattern.search(line):
offenders.append(f"{rel}:{lineno}: {line.strip()}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-DATA-PATH-001",
"development/DATA_PATHS.md",
"\n".join(offenders),
),
)
class TestPolicyDocs001(unittest.TestCase):
def test_policy_matrix_exists_and_lists_policy_ids(self) -> None:
skill_root = get_skill_root()
matrix_path = os.path.join(skill_root, "development", "POLICY_MATRIX.md")
self.assertTrue(
os.path.isfile(matrix_path),
msg=_policy_msg(
"POLICY-DOCS-001",
"development/POLICY_MATRIX.md",
"file missing",
),
)
text = _read_text(matrix_path)
missing = [pid for pid in POLICY_IDS if pid not in text]
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-DOCS-001",
"development/POLICY_MATRIX.md",
"missing policy_id entries: " + ", ".join(missing),
),
)
if __name__ == "__main__":
unittest.main()

View File

@@ -2,6 +2,7 @@
"""数据管理展示元数据幂等初始化、中文名称、PRAGMA 字段顺序、校验规则。"""
from __future__ import annotations
import os
import sqlite3
import unittest
@@ -35,22 +36,39 @@ class TestDisplayMetadata(unittest.TestCase):
try:
cur = conn.cursor()
cur.execute(
"SELECT display_name FROM _jiangchang_tables WHERE table_name = 'task_logs'"
"SELECT display_name, readonly FROM _jiangchang_tables WHERE table_name = 'task_logs'"
)
self.assertEqual(cur.fetchone()[0], "任务日志")
display_name, readonly = cur.fetchone()
self.assertEqual(display_name, "任务日志")
self.assertEqual(int(readonly), 1)
cur.execute(
"""
SELECT column_name, display_name
SELECT column_name, display_name, editable
FROM _jiangchang_columns
WHERE table_name = 'task_logs'
ORDER BY column_name
"""
)
by_name = dict(cur.fetchall())
self.assertEqual(by_name["status"], "状态")
self.assertEqual(by_name["error_msg"], "错误信息")
self.assertEqual(by_name["created_at"], "创建时间")
by_name = {row[0]: (row[1], row[2]) for row in cur.fetchall()}
self.assertEqual(by_name["status"][0], "状态")
self.assertEqual(int(by_name["status"][1]), 0)
self.assertEqual(by_name["error_msg"][0], "错误信息")
self.assertEqual(int(by_name["error_msg"][1]), 0)
self.assertEqual(by_name["created_at"][0], "创建时间")
self.assertEqual(int(by_name["created_at"][1]), 0)
finally:
conn.close()
def test_task_logs_not_manual_create_in_host_ui(self) -> None:
with IsolatedDataRoot():
from db.connection import get_conn, init_db
from db.display_metadata import table_allows_manual_create
init_db()
conn = get_conn()
try:
self.assertFalse(table_allows_manual_create(conn.cursor(), "task_logs"))
finally:
conn.close()
@@ -342,6 +360,153 @@ metadata:
)
self.assertTrue(any("id" in item for item in warnings))
def test_generated_column_editable_must_be_zero(self) -> None:
conn = sqlite3.connect(":memory:")
try:
conn.executescript(
"""
CREATE TABLE gen_demo (
id INTEGER PRIMARY KEY,
base_value INTEGER NOT NULL,
generated_value INTEGER GENERATED ALWAYS AS (base_value * 2) STORED
);
"""
)
from db.display_metadata import init_display_metadata_tables, upsert_column_metadata
from db.display_metadata_validator import validate_column_permissions
cur = conn.cursor()
init_display_metadata_tables(cur)
upsert_column_metadata(
cur,
table_name="gen_demo",
column_name="generated_value",
display_name="生成值",
editable=1,
)
conn.commit()
errors, _ = validate_column_permissions(cur, "gen_demo")
self.assertTrue(any("generated" in err for err in errors))
finally:
conn.close()
def test_blob_column_editable_must_be_zero(self) -> None:
conn = sqlite3.connect(":memory:")
try:
conn.execute(
"CREATE TABLE blob_demo (id INTEGER PRIMARY KEY, payload BLOB NOT NULL)"
)
from db.display_metadata import init_display_metadata_tables, upsert_column_metadata
from db.display_metadata_validator import validate_column_permissions
cur = conn.cursor()
init_display_metadata_tables(cur)
upsert_column_metadata(
cur,
table_name="blob_demo",
column_name="payload",
display_name="载荷",
editable=1,
)
conn.commit()
errors, _ = validate_column_permissions(cur, "blob_demo")
self.assertTrue(any("BLOB" in err for err in errors))
finally:
conn.close()
def test_primary_key_editable_must_be_zero(self) -> None:
conn = sqlite3.connect(":memory:")
try:
conn.execute("CREATE TABLE pk_demo (id INTEGER PRIMARY KEY, title TEXT)")
from db.display_metadata import init_display_metadata_tables, upsert_column_metadata
from db.display_metadata_validator import validate_column_permissions
cur = conn.cursor()
init_display_metadata_tables(cur)
upsert_column_metadata(
cur,
table_name="pk_demo",
column_name="id",
display_name="编号",
editable=1,
)
conn.commit()
errors, _ = validate_column_permissions(cur, "pk_demo")
self.assertTrue(any("主键" in err for err in errors))
finally:
conn.close()
def test_readonly_table_with_editable_fields_warns(self) -> None:
conn = sqlite3.connect(":memory:")
try:
conn.executescript(
"""
CREATE TABLE warn_demo (id INTEGER PRIMARY KEY, title TEXT);
"""
)
from db.display_metadata import (
init_display_metadata_tables,
upsert_column_metadata,
upsert_table_metadata,
)
from db.display_metadata_validator import validate_column_permissions
cur = conn.cursor()
init_display_metadata_tables(cur)
upsert_table_metadata(cur, table_name="warn_demo", display_name="警告演示", readonly=1)
upsert_column_metadata(
cur,
table_name="warn_demo",
column_name="title",
display_name="标题",
editable=1,
)
conn.commit()
_, warnings = validate_column_permissions(cur, "warn_demo")
self.assertTrue(any("readonly=1" in item for item in warnings))
finally:
conn.close()
def test_writable_table_without_editable_fields_warns(self) -> None:
conn = sqlite3.connect(":memory:")
try:
conn.executescript(
"""
CREATE TABLE warn_demo2 (id INTEGER PRIMARY KEY, title TEXT);
"""
)
from db.display_metadata import (
init_display_metadata_tables,
upsert_column_metadata,
upsert_table_metadata,
)
from db.display_metadata_validator import validate_column_permissions
cur = conn.cursor()
init_display_metadata_tables(cur)
upsert_table_metadata(cur, table_name="warn_demo2", display_name="警告演示二", readonly=0)
upsert_column_metadata(
cur,
table_name="warn_demo2",
column_name="title",
display_name="标题",
editable=0,
)
conn.commit()
_, warnings = validate_column_permissions(cur, "warn_demo2")
self.assertTrue(any("readonly=0" in item and "editable=0" in item for item in warnings))
finally:
conn.close()
def test_schema_md_documents_task_logs_readonly_semantics(self) -> None:
path = os.path.join(get_skill_root(), "references", "SCHEMA.md")
with open(path, encoding="utf-8") as f:
text = f.read()
self.assertIn("readonly = 1", text)
self.assertIn("task_logs", text)
self.assertIn("seed_column_metadata_batch", text)
self.assertIn("valid_column_names", text)
if __name__ == "__main__":
unittest.main()

View File

@@ -172,7 +172,7 @@ class TestDocsStandards(unittest.TestCase):
self.assertIn("--no-sandbox", text)
self.assertIn("--disable-blink-features=AutomationControlled", text)
self.assertIn("RpaVideoSession", text)
self.assertIn("1.0.17", text)
self.assertIn("1.2.0", text)
def test_rpa_md_forbids_rpa_helpers_import(self) -> None:
text = self._read("development/RPA.md")
@@ -228,6 +228,39 @@ class TestDocsStandards(unittest.TestCase):
path = os.path.join(get_skill_root(), "tools", "scaffold_skill.ps1")
self.assertTrue(os.path.isfile(path), msg="tools/scaffold_skill.ps1 must exist")
def test_actions_manifest_and_docs_exist(self) -> None:
root = get_skill_root()
self.assertTrue(os.path.isfile(os.path.join(root, "assets", "actions.json")))
self.assertTrue(os.path.isfile(os.path.join(root, "references", "ACTIONS.md")))
self.assertTrue(
os.path.isfile(os.path.join(root, "assets", "schemas", "skill-actions.schema.json"))
)
self.assertTrue(os.path.isfile(os.path.join(root, "tests", "test_actions_manifest.py")))
self.assertTrue(os.path.isfile(os.path.join(root, "tests", "test_data_management_contract.py")))
def test_tools_readme_documents_actions_scaffold(self) -> None:
text = self._read("tools/README.md")
self.assertIn("actions.json", text)
self.assertIn("your-skill-slug", text)
self.assertIn("your_skill_slug", text)
def test_development_md_documents_both_slug_placeholders(self) -> None:
text = self._read("development/DEVELOPMENT.md")
self.assertIn("your-skill-slug", text)
self.assertIn("your_skill_slug", text)
def test_schema_md_documents_data_management_contract(self) -> None:
text = self._read("references/SCHEMA.md")
for marker in (
"_jiangchang_tables",
"_jiangchang_columns",
"editable",
"options_json",
"demo_items",
"readonly",
):
self.assertIn(marker, text, msg=f"SCHEMA.md missing {marker!r}")
def test_guarded_docs_do_not_reference_amazon_implementation(self) -> None:
forbidden = (
"download-settlement-report-amazon",
@@ -240,6 +273,9 @@ class TestDocsStandards(unittest.TestCase):
"development/DEVELOPMENT.md",
"development/CONFIG.md",
"development/TESTING.md",
"references/SCHEMA.md",
"references/ACTIONS.md",
"tools/README.md",
"examples/README.md",
"examples/simulator_browser_rpa/README.md",
)
@@ -257,13 +293,13 @@ class TestDocsStandards(unittest.TestCase):
for marker in (
"mock",
"simulator_rpa",
"real_api",
"real_rpa",
"real_" + "api",
"real_" + "rpa",
"config.get",
"sibling_bridge",
):
self.assertIn(marker, text, msg=f"ADAPTER.md missing {marker!r}")
self.assertNotIn("ALLOW_REAL_API", text)
self.assertNotIn("ALLOW_" + "REAL_" + "API", text)
self.assertNotIn("ALLOW_WRITE_ACTIONS", text)
def test_cli_md_mentions_shared_python_runtime(self) -> None:
@@ -334,7 +370,7 @@ class TestDocsStandards(unittest.TestCase):
def test_examples_top_level_modes_present(self) -> None:
examples_dir = os.path.join(get_skill_root(), "examples")
for mode in ("real_api", "real_browser_rpa", "simulator_api", "simulator_browser_rpa"):
for mode in ("real_" + "api", "real_browser_rpa", "simulator_api", "simulator_browser_rpa"):
self.assertTrue(
os.path.isdir(os.path.join(examples_dir, mode)),
msg=f"examples/{mode}/ must exist",
@@ -377,7 +413,7 @@ class TestDocsStandards(unittest.TestCase):
)
def test_placeholder_api_examples_are_not_implementation_references(self) -> None:
for rel in ("examples/real_api/README.md", "examples/simulator_api/README.md"):
for rel in (f"examples/{'real_' + 'api'}/README.md", "examples/simulator_api/README.md"):
text = self._read(rel)
self.assertTrue(
"占位" in text or "规划" in text,

View File

@@ -83,16 +83,16 @@ class TestPlatformImportSource(unittest.TestCase):
)
)
def test_platform_kit_min_version_is_1_0_14(self) -> None:
def test_platform_kit_min_version_is_1_2_0(self) -> None:
from jiangchang_skill_core import version_ge
from util.constants import PLATFORM_KIT_MIN_VERSION
self.assertEqual(PLATFORM_KIT_MIN_VERSION, "1.0.17")
self.assertEqual(PLATFORM_KIT_MIN_VERSION, "1.2.0")
md_path = os.path.join(get_skill_root(), "SKILL.md")
with open(md_path, encoding="utf-8") as f:
md = f.read()
self.assertEqual(_parse_platform_kit_min_version(md), "1.0.17")
self.assertEqual(_parse_platform_kit_min_version(md), "1.2.0")
req_path = os.path.join(get_skill_root(), "requirements.txt")
with open(req_path, encoding="utf-8") as f:

View File

@@ -82,6 +82,68 @@ class TestRuntimePaths(unittest.TestCase):
self.assertTrue(os.path.normpath(data_dir).startswith(os.path.normpath(tmp)))
self.assertIn("_test", data_dir.replace("\\", "/"))
def test_resolve_data_path_defaults_under_skill_data_dir(self) -> None:
with IsolatedDataRoot() as tmp:
import importlib
import util.runtime_paths as rp
importlib.reload(rp)
path = rp.resolve_data_path(None, "downloads", create=True)
norm = os.path.normcase(os.path.normpath(path))
norm_tmp = os.path.normcase(os.path.normpath(tmp))
self.assertTrue(norm.startswith(norm_tmp))
self.assertTrue(norm.endswith(os.path.normcase(os.path.join("downloads"))))
def test_resolve_data_path_relative_uses_data_dir_not_cwd(self) -> None:
with IsolatedDataRoot() as tmp:
import importlib
import util.runtime_paths as rp
importlib.reload(rp)
os.environ["SKILL_DOWNLOAD_DIR"] = "downloads/videos"
from jiangchang_skill_core import config
config.reset_cache()
importlib.reload(rp)
path = rp.resolve_data_path("SKILL_DOWNLOAD_DIR", "downloads", create=False)
norm = os.path.normcase(os.path.normpath(path))
self.assertIn(os.path.normcase("downloads"), norm)
self.assertIn(os.path.normcase("videos"), norm)
self.assertTrue(norm.startswith(os.path.normcase(os.path.normpath(tmp))))
os.environ.pop("SKILL_DOWNLOAD_DIR", None)
config.reset_cache()
def test_resolve_input_path_relative_under_imports(self) -> None:
with IsolatedDataRoot() as tmp:
import importlib
import util.runtime_paths as rp
importlib.reload(rp)
resolved = rp.resolve_input_path("urls.txt", create_parent=True)
norm = os.path.normcase(os.path.normpath(resolved))
self.assertIn(os.path.normcase("imports"), norm)
self.assertTrue(norm.startswith(os.path.normcase(os.path.normpath(tmp))))
def test_list_resolved_data_paths_keys(self) -> None:
with IsolatedDataRoot():
import importlib
import util.runtime_paths as rp
importlib.reload(rp)
paths = rp.list_resolved_data_paths()
for key in (
"skill_data_dir",
"downloads_dir",
"imports_dir",
"exports_dir",
):
self.assertIn(key, paths)
self.assertTrue(paths[key])
if __name__ == "__main__":
unittest.main()

View File

@@ -2,13 +2,18 @@
"""skill-template 脚手架与 Git 防串库守护。"""
from __future__ import annotations
import json
import os
import tempfile
import unittest
from _support import get_skill_root
TEMPLATE_MARKER = ".openclaw-skill-template"
TEMPLATE_SLUG = "your-skill-slug"
TEMPLATE_SLUG_KEBAB = "your-skill-slug"
TEMPLATE_SLUG_UNDERSCORE = "your_skill_slug"
SCAFFOLD_TEST_SLUG = "query-demo-records"
SCAFFOLD_TEST_SLUG_UNDERSCORE = "query_demo_records"
def _read_skill_slug() -> str:
@@ -24,7 +29,7 @@ def _read_skill_slug() -> str:
class TestScaffoldGuard(unittest.TestCase):
def test_template_repo_has_marker(self) -> None:
slug = _read_skill_slug()
if slug != TEMPLATE_SLUG:
if slug != TEMPLATE_SLUG_KEBAB:
self.skipTest(f"当前 SKILL_SLUG={slug!r},非模板占位,跳过 template marker 断言")
marker = os.path.join(get_skill_root(), TEMPLATE_MARKER)
self.assertTrue(
@@ -34,7 +39,7 @@ class TestScaffoldGuard(unittest.TestCase):
def test_business_skill_must_not_keep_template_marker(self) -> None:
slug = _read_skill_slug()
if slug == TEMPLATE_SLUG:
if slug == TEMPLATE_SLUG_KEBAB:
self.skipTest("当前仍为模板占位 slug由 test_template_repo_has_marker 守护")
marker = os.path.join(get_skill_root(), TEMPLATE_MARKER)
self.assertFalse(
@@ -59,6 +64,82 @@ class TestScaffoldGuard(unittest.TestCase):
msg="DEVELOPMENT.md must mention git remote self-check",
)
def test_scaffold_replaces_slug_and_copies_actions_manifest(self) -> None:
slug = _read_skill_slug()
if slug != TEMPLATE_SLUG_KEBAB:
self.skipTest("仅在 skill-template 源仓库运行 scaffold 集成测试")
import subprocess
import sys
repo_root = get_skill_root()
scaffold_py = os.path.join(repo_root, "tools", "scaffold_skill.py")
with tempfile.TemporaryDirectory() as tmp:
dest = os.path.join(tmp, SCAFFOLD_TEST_SLUG)
proc = subprocess.run(
[
sys.executable,
scaffold_py,
"--slug",
SCAFFOLD_TEST_SLUG,
"--destination",
dest,
],
cwd=repo_root,
capture_output=True,
text=True,
)
self.assertEqual(proc.returncode, 0, msg=proc.stderr or proc.stdout)
actions_path = os.path.join(dest, "assets", "actions.json")
self.assertTrue(os.path.isfile(actions_path), msg="scaffold must copy assets/actions.json")
with open(actions_path, encoding="utf-8") as f:
manifest = json.load(f)
self.assertEqual(manifest.get("skill"), SCAFFOLD_TEST_SLUG)
manifest_raw = json.dumps(manifest)
self.assertNotIn(TEMPLATE_SLUG_KEBAB, manifest_raw)
self.assertNotIn(TEMPLATE_SLUG_UNDERSCORE, manifest_raw)
actions_md = os.path.join(dest, "references", "ACTIONS.md")
self.assertTrue(os.path.isfile(actions_md), msg="scaffold must copy references/ACTIONS.md")
schema_path = os.path.join(dest, "assets", "schemas", "skill-actions.schema.json")
self.assertTrue(os.path.isfile(schema_path))
marker = os.path.join(dest, TEMPLATE_MARKER)
self.assertFalse(os.path.isfile(marker))
self.assertFalse(os.path.isdir(os.path.join(dest, ".git")))
constants_path = os.path.join(dest, "scripts", "util", "constants.py")
with open(constants_path, encoding="utf-8") as f:
constants_text = f.read()
self.assertNotIn(TEMPLATE_SLUG_KEBAB, constants_text)
self.assertNotIn(TEMPLATE_SLUG_UNDERSCORE, constants_text)
self.assertIn(f'SKILL_SLUG = "{SCAFFOLD_TEST_SLUG}"', constants_text)
self.assertIn(
f'LOG_LOGGER_NAME = "openclaw.skill.{SCAFFOLD_TEST_SLUG_UNDERSCORE}"',
constants_text,
)
skill_md_path = os.path.join(dest, "SKILL.md")
with open(skill_md_path, encoding="utf-8") as f:
skill_md = f.read()
self.assertIn(f"slug: {SCAFFOLD_TEST_SLUG}", skill_md)
self.assertNotIn(TEMPLATE_SLUG_KEBAB, skill_md)
self.assertNotIn(TEMPLATE_SLUG_UNDERSCORE, skill_md)
def test_scaffold_ps1_matches_python_placeholder_rules(self) -> None:
slug = _read_skill_slug()
if slug != TEMPLATE_SLUG_KEBAB:
self.skipTest("仅在 skill-template 源仓库运行 scaffold PS1 文案测试")
ps1_path = os.path.join(get_skill_root(), "tools", "scaffold_skill.ps1")
with open(ps1_path, encoding="utf-8") as f:
text = f.read()
self.assertIn("your-skill-slug", text)
self.assertIn("your_skill_slug", text)
self.assertIn('.Replace("-", "_")', text)
if __name__ == "__main__":
unittest.main()

View File

@@ -34,7 +34,7 @@ FORBIDDEN_PHRASES = (
POSITIVE_MARKERS = (
"jiangchang-platform-kit",
"1.0.17",
"1.2.0",
"共享 runtime",
)

View File

@@ -15,20 +15,92 @@ from _support import IsolatedDataRoot, get_skill_root
from jiangchang_skill_core import config
def _active_env_value(text: str, key: str) -> str | None:
"""Return the active (non-comment) KEY=value line from .env-style text."""
prefix = f"{key}="
for line in text.splitlines():
stripped = line.strip()
if not stripped or stripped.startswith("#"):
continue
active = stripped.split("#", 1)[0].strip()
if active.startswith(prefix):
return active
return None
def _combined_service_source(skill_root: str | None = None) -> str:
"""Merge scripts/service/*.py source (excludes __pycache__)."""
root = skill_root or get_skill_root()
service_dir = os.path.join(root, "scripts", "service")
parts: list[str] = []
for dirpath, dirnames, filenames in os.walk(service_dir):
dirnames[:] = [d for d in dirnames if d != "__pycache__"]
for name in sorted(filenames):
if not name.endswith(".py"):
continue
path = os.path.join(dirpath, name)
with open(path, encoding="utf-8") as f:
parts.append(f.read())
return "\n".join(parts)
def _missing_video_integration_tokens(service_text: str) -> list[str]:
missing: list[str] = []
if "RpaVideoSession" not in service_text:
missing.append("RpaVideoSession")
if "video.add_step" not in service_text and ".add_step(" not in service_text:
missing.append("video.add_step or .add_step(")
if "merge_video_into_result_summary" not in service_text:
missing.append("merge_video_into_result_summary")
return missing
class TestEnvExampleVideoDefaults(unittest.TestCase):
def test_env_example_contains_required_keys(self) -> None:
path = os.path.join(get_skill_root(), ".env.example")
with open(path, encoding="utf-8") as f:
text = f.read()
for key in (
"OPENCLAW_TEST_TARGET=mock",
"OPENCLAW_RECORD_VIDEO=1",
"OPENCLAW_" + "TEST_TARGET=mock",
"OPENCLAW_RECORD_VIDEO=0",
"OPENCLAW_ARTIFACTS_ON_FAILURE=1",
"OPENCLAW_BROWSER_HEADLESS=0",
"OPENCLAW_PLAYWRIGHT_STEALTH=1",
):
self.assertIn(key, text, msg=f"missing {key!r} in .env.example")
def test_env_example_default_off_but_template_keeps_video_integration(self) -> None:
path = os.path.join(get_skill_root(), ".env.example")
with open(path, encoding="utf-8") as f:
text = f.read()
self.assertEqual(
_active_env_value(text, "OPENCLAW_RECORD_VIDEO"),
"OPENCLAW_RECORD_VIDEO=0",
)
service_text = _combined_service_source()
missing = _missing_video_integration_tokens(service_text)
self.assertEqual(
missing,
[],
msg=(
"default OPENCLAW_RECORD_VIDEO=0 does not allow removing video integration; "
f"scripts/service/*.py missing: {', '.join(missing)}"
),
)
def test_env_example_allows_record_video_one_in_comments_only(self) -> None:
sample = "\n".join(
[
"# example: OPENCLAW_RECORD_VIDEO=1 for production",
"OPENCLAW_RECORD_VIDEO=0",
]
)
self.assertEqual(
_active_env_value(sample, "OPENCLAW_RECORD_VIDEO"),
"OPENCLAW_RECORD_VIDEO=0",
)
class TestPrintVideoSummary(unittest.TestCase):
def test_cli_prints_video_path_when_enabled(self) -> None:
@@ -157,5 +229,78 @@ class TestTemplateRunVideoSession(unittest.TestCase):
self.assertIn("video_path", summary)
class TestCmdRunTaskLogCoverage(unittest.TestCase):
def test_cmd_run_entitlement_failure_writes_task_log(self) -> None:
with IsolatedDataRoot(user_id="_entitlement_fail"):
from service import task_service
with patch.object(task_service, "check_entitlement", return_value=(False, "mock denied")):
buf = io.StringIO()
with redirect_stdout(buf), redirect_stderr(io.StringIO()):
rc = task_service.cmd_run(target="t1", input_id="99")
self.assertEqual(rc, 1)
from db import task_logs_repository as tlr
rows = tlr.list_task_logs(1)
self.assertTrue(rows)
_rid, _ttype, tid, iid, _ititle, status, err, rsum, _cat, _uat = rows[0]
self.assertEqual(status, "failed")
self.assertEqual(tid, "t1")
self.assertEqual(iid, "99")
self.assertIn("mock denied", err or "")
summary = json.loads(rsum or "{}")
self.assertEqual(summary.get("stage"), "auth")
def test_cmd_run_exception_writes_task_log(self) -> None:
with IsolatedDataRoot(user_id="_exception_run"):
os.environ["OPENCLAW_RECORD_VIDEO"] = "0"
config.reset_cache()
from service import task_service
async def _boom(*_args, **_kwargs):
raise RuntimeError("boom")
with patch.object(task_service, "check_entitlement", return_value=(True, "")):
with patch.object(task_service, "_run_template_demo", side_effect=_boom):
buf = io.StringIO()
with redirect_stdout(buf), redirect_stderr(io.StringIO()):
rc = task_service.cmd_run(target="t2", input_id="88")
self.assertEqual(rc, 1)
from db import task_logs_repository as tlr
rows = tlr.list_task_logs(1)
self.assertTrue(rows)
_rid, _ttype, tid, iid, _ititle, status, err, rsum, _cat, _uat = rows[0]
self.assertEqual(status, "failed")
self.assertEqual(tid, "t2")
self.assertEqual(iid, "88")
self.assertIn("任务执行异常", err or "")
summary = json.loads(rsum or "{}")
self.assertEqual(summary.get("stage"), "run")
self.assertEqual(summary.get("error"), "unexpected_exception")
def test_get_task_logger_fallback_when_not_initialized(self) -> None:
from service import task_service
mock_logger = MagicMock()
responses = [RuntimeError("logging not initialized"), mock_logger]
def _fake_get_skill_logger():
item = responses.pop(0)
if isinstance(item, Exception):
raise item
return item
with patch.object(task_service, "get_skill_logger", side_effect=_fake_get_skill_logger):
with patch.object(task_service, "setup_skill_logging") as mock_setup:
logger = task_service._get_task_logger()
mock_setup.assert_called_once_with(task_service.SKILL_SLUG, task_service.LOG_LOGGER_NAME)
self.assertIs(logger, mock_logger)
if __name__ == "__main__":
unittest.main()

View File

@@ -22,10 +22,27 @@ python tools/scaffold_skill.py --slug my-new-skill --destination /path/to/my-new
- 复制模板到 `-Destination`(目录末段须与 `-Slug` 一致)
- **排除**`.git``.pytest_cache``__pycache__``.env``.env.local``*.pyc`
- 删除目标中的 `.openclaw-skill-template` 标记
- 将文本文件中的模板占位 slug 替换为新 slug
- `your-skill-slug` → 新技能 kebab-case slug`scrape-demo-records`
- `your_skill_slug` → 连字符替换为下划线(如 `scrape_demo_records`,用于 `LOG_LOGGER_NAME` 等)
- 覆盖 `assets/actions.json``SKILL.md``scripts/util/constants.py` 等生成文件;文档中的路径示例可保留占位,但生成后的技能文件不得残留占位符
- **不**自动修改 `actions.json` 中的 CLI 业务命令;技能作者自行增删 action
- **不**自动 `git init`;打印后续 Git 与测试命令
目标目录若已存在且非空,需加 `-Force` / `--force`(且目标**不得**含 `.git`)。
## 脚手架复制后必须保留 / 修改 / 可删除的文件
| 文件 | 说明 |
|------|------|
| `assets/actions.json` | 默认复制;不需要宿主 Action 入口时可删除 |
| `references/ACTIONS.md` | 契约文档;无 `actions.json` 时可保留作参考或按需精简 |
| `assets/schemas/skill-actions.schema.json` | manifest 规范;无 action 时可保留 |
| `tests/test_actions_manifest.py` | 若删除 `actions.json`,应同步删除或改写此测试 |
| `tests/test_data_management_contract.py` | 通用契约测试;建议保留,按需扩展本技能表结构测试 |
`demo_items` 等示例表仅存在于模板测试中,**不会**作为 scaffold 后的默认业务表复制进新技能。
## 手工复制后的补救
若已整目录复制,必须先清理再初始化:

View File

@@ -34,6 +34,7 @@ function Write-ScaffoldNextSteps([string]$TargetPath) {
Write-Host " git init"
Write-Host " git remote add origin <你的新技能仓库 URL>"
Write-Host " git remote -v"
Write-Host " # 确认 assets/actions.json 中 skill 已替换为新 slug不需要 Action 时可删除该文件"
Write-Host " python tests/run_tests.py -v"
Write-Host ""
}
@@ -70,6 +71,9 @@ if ($targetExists) {
$excludeDirs = @(".git", ".pytest_cache", "__pycache__")
$excludeFiles = @(".env", ".env.local")
$templatePlaceholderSlugKebab = "your-skill-slug"
$templatePlaceholderSlugUnderscore = "your_skill_slug"
$textFileSuffixes = @(".md", ".py", ".json", ".yaml", ".yml", ".txt", ".ini", ".ps1", ".sample")
function Copy-TemplateTree {
param(
@@ -96,6 +100,33 @@ function Copy-TemplateTree {
}
}
function Replace-TemplatePlaceholders {
param(
[string]$Root,
[string]$Slug
)
$underscoreSlug = $Slug.Replace("-", "_")
Get-ChildItem -LiteralPath $Root -Recurse -File -Force | ForEach-Object {
$name = $_.Name
if ($excludeFiles -contains $name) { return }
$ext = $_.Extension.ToLowerInvariant()
if ($textFileSuffixes -notcontains $ext -and $name -ne ".env.example") { return }
try {
$text = [System.IO.File]::ReadAllText($_.FullName)
}
catch {
return
}
if (
$text -notlike "*$templatePlaceholderSlugKebab*" -and
$text -notlike "*$templatePlaceholderSlugUnderscore*"
) { return }
$updated = $text.Replace($templatePlaceholderSlugKebab, $Slug)
$updated = $updated.Replace($templatePlaceholderSlugUnderscore, $underscoreSlug)
[System.IO.File]::WriteAllText($_.FullName, $updated)
}
}
Write-Host "Copy template: $TemplateRoot -> $TargetPath" -ForegroundColor Cyan
Copy-TemplateTree -Source $TemplateRoot -Dest $TargetPath
@@ -104,4 +135,6 @@ if (Test-Path -LiteralPath $marker) {
Remove-Item -LiteralPath $marker -Force
}
Replace-TemplatePlaceholders -Root $TargetPath -Slug $Slug
Write-ScaffoldNextSteps -TargetPath (Resolve-Path -LiteralPath $TargetPath).Path

View File

@@ -11,6 +11,20 @@ from pathlib import Path
EXCLUDE_DIR_NAMES = {".git", ".pytest_cache", "__pycache__"}
EXCLUDE_FILE_NAMES = {".env", ".env.local"}
KEBAB_SLUG = re.compile(r"^[a-z0-9]+(-[a-z0-9]+)*$")
TEMPLATE_PLACEHOLDER_SLUG_KEBAB = "your-skill-slug"
TEMPLATE_PLACEHOLDER_SLUG_UNDERSCORE = "your_skill_slug"
TEXT_FILE_SUFFIXES = {
".md",
".py",
".json",
".yaml",
".yml",
".txt",
".ini",
".ps1",
".sample",
".env.example",
}
def _ignore_copy(_dir: str, names: list[str]) -> set[str]:
@@ -23,6 +37,44 @@ def _ignore_copy(_dir: str, names: list[str]) -> set[str]:
return ignored
def _should_replace_placeholders(path: Path) -> bool:
if path.name in EXCLUDE_FILE_NAMES:
return False
if path.suffix.lower() in TEXT_FILE_SUFFIXES:
return True
if path.name == ".env.example":
return True
return False
def _slug_to_underscore(slug: str) -> str:
return slug.replace("-", "_")
def _replace_template_placeholders(target: Path, slug: str) -> None:
"""将模板占位 slug 替换为新技能 slug不修改 action 业务命令结构)。"""
underscore_slug = _slug_to_underscore(slug)
for path in target.rglob("*"):
if not path.is_file():
continue
if path.name in EXCLUDE_FILE_NAMES:
continue
if path.suffix.lower() not in TEXT_FILE_SUFFIXES and path.name != ".env.example":
continue
try:
text = path.read_text(encoding="utf-8")
except UnicodeDecodeError:
continue
if (
TEMPLATE_PLACEHOLDER_SLUG_KEBAB not in text
and TEMPLATE_PLACEHOLDER_SLUG_UNDERSCORE not in text
):
continue
updated = text.replace(TEMPLATE_PLACEHOLDER_SLUG_KEBAB, slug)
updated = updated.replace(TEMPLATE_PLACEHOLDER_SLUG_UNDERSCORE, underscore_slug)
path.write_text(updated, encoding="utf-8")
def _print_next_steps(target: Path) -> None:
print()
print("=== 脚手架复制完成 ===")
@@ -34,6 +86,7 @@ def _print_next_steps(target: Path) -> None:
print(" git init")
print(" git remote add origin <你的新技能仓库 URL>")
print(" git remote -v # 确认 remote 不是 skill-template")
print(" # 确认 assets/actions.json 中 skill 已替换为新 slug不需要 Action 时可删除该文件")
print(" python tests/run_tests.py -v")
print()
@@ -98,6 +151,8 @@ def main(argv: list[str] | None = None) -> int:
if marker.is_file():
marker.unlink()
_replace_template_placeholders(target, slug)
_print_next_steps(target)
return 0