Compare commits

...

3 Commits

Author SHA1 Message Date
3bc15d1241 chore: auto release commit (2026-07-11 15:57:40)
All checks were successful
技能自动化发布 / release (push) Successful in 5s
2026-07-11 15:57:43 +08:00
c67079fb9e chore: auto release commit (2026-07-11 15:00:19)
All checks were successful
技能自动化发布 / release (push) Successful in 5s
2026-07-11 15:00:20 +08:00
dc4eecbb35 chore: auto release commit (2026-07-11 14:43:15)
All checks were successful
技能自动化发布 / release (push) Successful in 5s
2026-07-11 14:43:16 +08:00
16 changed files with 1374 additions and 69 deletions

View File

@@ -1,4 +1,4 @@
# ── 运行模式 / adapter 档位(见 references/ADAPTER.md──
# ── 运行模式 / adapter 档位(见 development/ADAPTER.md──
OPENCLAW_TEST_TARGET=mock # mock | simulator_rpa | real_api | real_rpa
# ── 目标系统 ──
@@ -12,7 +12,7 @@ OPENCLAW_BROWSER_HEADLESS=0 # 0=有头(默认) 1=无头(CI)
OPENCLAW_PLAYWRIGHT_STEALTH=1 # 1=开启反检测指纹(默认)
# ── 存证 ──
OPENCLAW_RECORD_VIDEO=1
OPENCLAW_RECORD_VIDEO=0 # 0=默认不录屏1=启用录屏+字幕+旁白+背景音+MP4
OPENCLAW_ARTIFACTS_ON_FAILURE=1 # 1=失败截图(默认)
# ── 节流 / 超时 ──

View File

@@ -31,7 +31,7 @@ OPENCLAW_BROWSER_HEADLESS=0 # 0=有头(默认) 1=无头(CI)
OPENCLAW_PLAYWRIGHT_STEALTH=1 # 1=开启反检测指纹(默认)
# ── 录屏与失败存证 ──
OPENCLAW_RECORD_VIDEO=1 # 1=录屏+字幕+旁白+背景音+MP4RPA 默认开,见 RPA.md
OPENCLAW_RECORD_VIDEO=0 # 0=默认不录屏1=启用录屏+字幕+旁白+背景音+MP4见 RPA.md
OPENCLAW_ARTIFACTS_ON_FAILURE=1 # 1=失败截图(默认)
# ── 节流 / 超时 ──
@@ -42,6 +42,13 @@ HUMAN_WAIT_TIMEOUT=180 # 滑块/验证码/2FA 等人工超时(
**业务专属配置必须带技能前缀**(如 `DEMO_XXX``MY_SKILL_XXX`**不要污染全局命名空间**(禁止 `SCRAPE_1688_*``RECEIVE_ORDER_*` 等跨技能前缀写入模板)。
### 录屏开关(`OPENCLAW_RECORD_VIDEO`
- **模板默认 `OPENCLAW_RECORD_VIDEO=0`**,降低本地开发 / 调试成本(不启 ffmpeg、不生成 MP4
- 需要**生产留证、合规记录、客户现场复现或排障**时,可在用户 `.env` 或进程环境变量中设为 `OPENCLAW_RECORD_VIDEO=1`
- **默认关闭不代表可以删除录屏接入**RPA / 长任务代码仍须保留 `RpaVideoSession``video.add_step` 与 video artifact 写入 `result_summary`(见 `RPA.md` §5.3)。
- **已落盘的用户 `.env` 不会被模板整体覆盖**;老用户保留原值,技能升级时仅通过 `merge_missing_env_keys` **追加** `.env.example` 中新增的 key。
## 🚫 红线:敏感信息不进 `.env`
`.env` 只放**非敏感运行参数**模式、地址、开关、超时、账号标识。密码、密钥、动态口令、token——

View File

@@ -152,9 +152,11 @@ scripts/
- `service/`
作用:核心业务逻辑
比如任务编排、调用兄弟技能、外部 API、可选浏览器自动化
**负责业务关键节点日志**`task_start` / 外部调用 / `task_failed` 等,见 [`LOGGING.md`](LOGGING.md)
- `util/`
作用:常量、日志、路径、时间工具、通用帮助函数
`util/logging_config.py``jiangchang_skill_core.unified_logging` 的**薄封装**,业务代码应通过它获取 logger
公共能力config、logging、runtime_env、rpa、media_assets、video_session、runtime_diagnostics从共享 runtime 的 `jiangchang-platform-kit>=1.0.17` import**不得**在 `scripts/` 下保留 `jiangchang_skill_core/` 副本。
@@ -421,6 +423,7 @@ metadata:
- `REQUIREMENTS.md` — 需求与验收
- `DEVELOPMENT.md` — 开发教程(本文档)
- `TESTING.md` — 测试分层与隔离(详见 [`TESTING.md`](TESTING.md)
- `LOGGING.md` — 日志分层、必打节点、敏感信息红线
- `ADAPTER.md`、`RPA.md`、`CONFIG.md`、`RUNTIME.md` — 技术规范
## 8. `assets/` 应该放什么
@@ -478,6 +481,16 @@ metadata:
- `entitlement_service.py`
放鉴权逻辑
### 日志要求(`cmd_run` / 核心业务)
`service` 层是**关键业务日志**的落点,须遵循 [`LOGGING.md`](LOGGING.md)
- `cmd_run` 及主任务入口必须:`log.info("task_start ...")`、`log.info("task_log_saved ...")`;失败路径必须 `log.exception("task_failed ...")`。
- 外部 API、兄弟技能、RPA 操作须记录**开始 / 结束 / 耗时 / 状态**`external_call_start` / `external_call_done elapsed_ms=...`)。
- 长任务 / RPA 须配合 `activity.emit` 或 `RpaVideoSession.add_step` 输出用户可见进度。
- 使用 `from util.logging_config import get_skill_logger`**不要**用 `print` 替代 logger 做排障日志。
- **禁止**在日志中写入 password、token、cookie 等敏感明文(见 `LOGGING.md` §敏感信息红线)。
### 一个很重要的原则
不要把所有逻辑都堆进一个文件。
@@ -602,6 +615,14 @@ python scripts/main.py logs
python scripts/main.py log-get 1
```
除 `health` / `version` / `logs` 外,执行一次 `run`(或你的主任务命令)后,应确认**统一日志文件**已生成并可检索:
```text
{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log
```
其中应能看到 `cli_start`、`task_start` 等带 `trace_id` / `skill_slug` 的行。路径与分层说明见 [`LOGGING.md`](LOGGING.md)。
### 4. 最后再验证真实业务
比如:
@@ -640,6 +661,10 @@ uses: client-jiangchang/jiangchang-platform-kit/.github/workflows/reusable-relea
在执行 `release.ps1` 之前,必须先在本地确认 `python tests/run_tests.py -v` 通过。测试不通过不得发起正式发布。
`release.ps1` 会在 **auto commit 之前**、推送 tag 之前,对**当前工作区**自动执行默认测试(`python tests/run_tests.py -v`);失败则中止 release不会留下失败状态的自动提交。仅紧急排障可使用 `-SkipTests` 跳过(会打印黄色警告)。`-DryRun` 预览发布时**仍会实际运行**默认测试,便于在不打 tag 的情况下验证门禁。
新增或调整开发规范时,须同步 [`development/POLICY_MATRIX.md`](POLICY_MATRIX.md) 与 [`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py)(或注明由既有测试覆盖)。
当本地开发、自测和联调完成后,还需要把 skill 发布到正式环境做一次完整验证。建议技术人员严格按下面顺序执行,不要跳步。
### 第一步:在 skill 根目录执行 `release.ps1`
@@ -761,9 +786,12 @@ uses: client-jiangchang/jiangchang-platform-kit/.github/workflows/reusable-relea
- [ ] 没有残留旧平台名
- [ ] `health` / `version` 可运行
- [ ] `.gitignore` 生效,没有把 `__pycache__` 提交进去
- [ ] `release.ps1` 存在
- [ ] `release.ps1` 存在(发布前会自动跑 `python tests/run_tests.py -v`;失败不得打 tag
- [ ] `.github/workflows/release_skill.yaml` 存在
- [ ] `python tests/run_tests.py -v` 全部通过
- [ ] `python tests/run_tests.py -v` 全部通过(含 `test_development_policy_guard.py`
- [ ] 主任务入口(如 `cmd_run`)有关键日志:`task_start`、`task_log_saved`;失败路径使用 `logger.exception`
- [ ] 日志不泄露 password / token / cookie 等敏感明文(见 [`LOGGING.md`](LOGGING.md)
- [ ] 新增 hard 规范已写入 `development/POLICY_MATRIX.md` 并有对应自动检测
- [ ] `scripts/**/*.py` 单文件 **< 1000 行**PyArmor 试用/免费模式限制;推荐 < 900 行)
- [ ] 源码/文档/配置为 **UTF-8 without BOM**Python 文件不得含 `U+FEFF`
- [ ] 没有新增默认必跑测试访问真实网络或浏览器

276
development/LOGGING.md Normal file
View File

@@ -0,0 +1,276 @@
# 日志规范
本文件是 skill 日志规范的**权威入口**,面向技术人员与 AI 编程代理。涉及长任务、RPA、外部系统对接的技能**必须**在实现前通读本文,并在 code review 时对照「必打日志节点清单」人工检查。
---
## 1. 为什么日志是必需的
OpenClaw 技能常在客户电脑上异步执行,且大量依赖 RPA、浏览器、ERP、微信等外部系统。这类任务具备以下特征
- **耗时长**:单次 run 可能数分钟甚至更久stdout 长时间无输出不代表卡死。
- **失败点多**网络抖动、页面改版、登录态失效、验证码、U 盾等都会导致中途失败。
- **环境差异大**:客户 OS、浏览器版本、代理、杀毒软件、屏幕分辨率各不相同无法复现开发机行为。
- **必须离线排查**:技术支持往往无法远程登录客户电脑,只能依赖本地落盘的日志与 artifacts。
日志用于定位:
| 维度 | 说明 |
|------|------|
| 失败阶段 | 任务停在鉴权、取号、打开页面、提交还是等待结果 |
| 输入范围 | `task_type``target_id``input_id``batch_id` |
| 外部系统状态 | HTTP 状态、RPA 步骤、兄弟技能返回码 |
| 耗时 | `elapsed_ms`、批量 `current/total` |
| 重试与人工介入 | 第几次重试、是否等待验证码 / U 盾 |
| 存证路径 | 截图、录屏、`video_log`、失败 artifacts |
**没有关键节点日志 = 客户现场不可排障。** 不要把 `print` 当作日志stdout 面向用户与 Agent文件日志与 Run Journal 面向运维。
---
## 2. 日志分层
技能日志分四层,职责互不替代:
### 2.1 统一文件日志(开发 / 运维排查)
**来源**`jiangchang_skill_core.unified_logging`(技能内通过 `util.logging_config` 薄封装 import
| API | 用途 |
|-----|------|
| `setup_skill_logging` | CLI 入口启动时初始化(`cli/app.py``main()` |
| `get_skill_logger` | 获取带 `skill_slug` 的 logger |
| `subprocess_env_with_trace` | 子进程 / 兄弟技能调用时传递 `trace_id` |
**路径**
```text
{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log
```
**特征**:每行带 `trace_id``skill_slug`;适合 grep、离线打包发给技术支持。
### 2.2 Activity / Run Journal宿主 UI 与用户可见进度)
**来源**`jiangchang_skill_core.activity`
| API | 用途 |
|-----|------|
| `emit` | 推送用户可读进度(不写 stdout |
| `step` | 结构化步骤 |
| `finish` | 任务结束;**唯一**写单行 result JSON 到 stdout 的场景 |
| `rpa_step` | RPA 专用步骤文案 |
**路径**
```text
{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.jsonl
```
**约定**
- `emit` **不写 stdout**;长任务应持续 emit避免用户以为卡死。
- `finish` 才输出单行 result JSON 供宿主解析。
- RPA 类技能:`RpaVideoSession.add_step` 会自动同步 activity无需重复手写每步 emit
### 2.3 `task_logs`(任务结果审计)
**来源**`db/task_logs_repository.save_task_log`
- 适合 `python scripts/main.py logs` / `log-get <id>` 查询。
- 记录任务最终状态、`result_summary`(可含 `video_path``video_log` 等)。
- 面向「这次任务成功还是失败、摘要是什么」,不是逐步 trace。
- **鉴权失败与未捕获异常也必须写入 `task_logs`**,保证 `logs` / `log-get` 排查链不断(见模板 `cmd_run` 示范)。
表结构与字段见 [`references/SCHEMA.md`](../references/SCHEMA.md)。
### 2.4 RPA video step / artifacts用户可见动作与存证
**来源**`RpaVideoSession``rpa-artifacts/` 目录
- video artifact 是**标准可启用能力****不保证默认每次生成 MP4**(模板默认 `OPENCLAW_RECORD_VIDEO=0`)。
- **`OPENCLAW_RECORD_VIDEO=0`**:不生成最终录屏,但 RPA / 长任务仍须保留 `RpaVideoSession``video.add_step` 与 Activity 进度同步。
- **`OPENCLAW_RECORD_VIDEO=1`**`result_summary` 应包含 `video_path``raw_video``video_log``video_warnings` 等字段CLI 可打印录屏路径与诊断。
- 用户可见的中文步骤(「打开登录页」「点击提交」)。
- 失败截图:`{数据目录}/rpa-artifacts/{batch_id}/...`(受 `OPENCLAW_ARTIFACTS_ON_FAILURE` 控制,默认开)
详见 [`RPA.md`](RPA.md) §5 存证与录屏规范。
---
## 3. 必打日志节点清单
以下节点应在**生产代码**中有对应 `log.info` / `log.warning` / `log.exception`(或 Activity / RPA step。复制模板后按业务增删但**不可整体省略**。
| 阶段 | 建议日志 / emit |
|------|-----------------|
| CLI 入口启动 | `cli_start``cli/app.py`,已由模板提供) |
| 参数解析完成 | `run_args target_id=... input_id=...` |
| 鉴权开始 | `entitlement_check_start` |
| 鉴权成功 | `entitlement_ok` |
| 鉴权失败 | `entitlement_failed``warning` |
| 任务开始 | `task_start task_type=... target_id=... input_id=... batch_id=...` + `emit("开始处理任务")` |
| adapter / test target 选择 | `adapter_selected adapter=... system=...` |
| 账号 / profile / lease 获取 | `account_acquired account_id=...` |
| 账号 / lease 释放 | `account_released account_id=...` |
| 外部 API 开始 | `external_call_start system=... operation=...` |
| 外部 API 结束 | `external_call_done system=... operation=... elapsed_ms=... status=...` |
| 兄弟技能调用开始 / 结束 | 同上,或 `sibling_call_start/done skill_slug=...` |
| RPA 操作开始 / 结束 | `rpa_start` / `rpa_done` + `video.add_step` 中文步骤 |
| 打开页面 | step「打开 xxx 页面」 |
| 检查登录 | step + log |
| 定位输入框 / 点击提交 | step + log |
| 等待结果 | step + log含 timeout 预期) |
| 批量循环 | `batch_progress current=... total=...` |
| 重试 | `retry_attempt n=... reason=...``warning` |
| 跳过 / 部分失败 | `skipped` / `partial_failure``warning` |
| 人工介入 | `human_intervention type=captcha|login|ukey|otp``warning` |
| 失败截图 / 视频 | `artifact_saved artifact_path=...` / `video_path=...` |
| 任务成功 | `task_success ...` + `task_log_saved status=success` |
| 任务失败 | `task_failed ...``exception` 保留 traceback+ `task_log_saved status=failed` |
---
## 4. 字段规范
推荐在 `log.info` 等消息中使用 **key=value** 结构化字段,便于 grep
| 字段 | 含义 |
|------|------|
| `task_type` | 任务类型(与 `task_logs.task_type` 对齐) |
| `target_id` | 目标标识(平台、店铺、报表类型等) |
| `input_id` | 输入记录 ID |
| `batch_id` | 批次 / 录屏批次 |
| `stage` | 阶段:`auth` / `run` / `cleanup` |
| `system` | 外部系统名:`erp` / `wechat` / `1688` |
| `operation` | 操作名:`submit_order` / `fetch_report` |
| `adapter` | adapter 档位:`mock` / `simulator_api` / `real_api` |
| `elapsed_ms` | 耗时毫秒 |
| `status` | `ok` / `failed` / `timeout` / `skipped` |
| `error_code` | 业务错误码(非 Python 异常名) |
| `artifact_path` | 截图 / 附件路径 |
| `video_path` | 录屏成品路径 |
示例:
```text
external_call_done system=erp operation=download_report elapsed_ms=4523 status=ok
batch_progress current=7 total=20 target_id=store-001
```
---
## 5. 日志级别规范
| 级别 | 使用场景 |
|------|----------|
| **info** | 关键阶段、成功路径、外部调用开始/结束、批量进度、`task_log_saved` |
| **warning** | 可恢复问题、重试、跳过、人工介入、部分失败、鉴权失败(业务可预期) |
| **exception** | 异常路径;**必须**用 `log.exception(...)` 保留 traceback |
| **debug** | 低频诊断;**默认不依赖 debug 才能排查问题** |
原则:**生产排障应主要靠 info + warning + exception**,不要把 debug 当作唯一线索。
---
## 6. 敏感信息红线
### 禁止记录原始值
以下字段**不得**以明文出现在日志、Activity、task_logs 的 `error_msg` / `result_summary`、stdout
- `password``token``cookie``secret``api_key``authorization`
- 验证码、动态口令全文
- 身份证、银行卡、手机号**完整值**
### 建议记录的安全替代
| 替代字段 | 示例 |
|----------|------|
| `credential_ref` | vault / account-manager 引用 ID |
| `account_id` | 账号表主键 |
| `masked_user` | `138****8000` |
| `domain` | `erp.example.com` |
| `last4` | 卡号后四位 |
| `hash` / `short_id` | 内容摘要 |
变量名可以叫 `token`,但日志里不能出现 `token=eyJhbG...` 或 f-string 拼接明文。
---
## 7. 推荐代码示例service 层)
```python
from util.logging_config import get_skill_logger
from jiangchang_skill_core.activity import emit
from util.constants import SKILL_SLUG
log = get_skill_logger()
def cmd_run(target=None, input_id=None):
task_type = "your_task"
log.info(
"task_start task_type=%s target_id=%s input_id=%s",
task_type, target, input_id,
)
emit("开始处理任务", skill=SKILL_SLUG, stage="run")
try:
ok, reason = check_entitlement(SKILL_SLUG)
if not ok:
log.warning("entitlement_failed task_type=%s reason=%s", task_type, reason)
return 1
t0 = time.monotonic()
# ... 外部调用 ...
elapsed_ms = int((time.monotonic() - t0) * 1000)
log.info(
"external_call_done system=%s operation=%s elapsed_ms=%d status=%s",
"erp", "submit", elapsed_ms, "ok",
)
tlr.save_task_log(..., status="success", ...)
log.info("task_log_saved task_type=%s status=success", task_type)
emit("任务完成", skill=SKILL_SLUG, stage="run")
return 0
except Exception:
log.exception(
"task_failed task_type=%s target_id=%s input_id=%s",
task_type, target, input_id,
)
emit("任务失败,已记录诊断信息", type="warn", skill=SKILL_SLUG, stage="run")
tlr.save_task_log(..., status="failed", error_msg="...", ...)
return 1
```
模板示范见 [`scripts/service/task_service.py`](../scripts/service/task_service.py) 的 `cmd_run`
---
## 8. 错误排查顺序
客户现场或测试机排障,建议按以下顺序(由快到慢、由用户可见到运维细节):
1. **CLI stdout** — 是否有 `ERROR:<CODE>:``HINT:`、模板提示文案。
2. **`python scripts/main.py logs`** — 最近任务是否写入 `task_logs`、status 与 `error_msg`
3. **`python scripts/main.py log-get <id>`** — 单条 JSON`result_summary`video 路径等)。
4. **统一日志文件**`{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log`grep `trace_id``task_failed`)。
5. **Run Journal**`{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.jsonl`(宿主 UI 进度来源)。
6. **RPA artifacts**`rpa-artifacts/` 失败截图;若 `OPENCLAW_RECORD_VIDEO=1` 还有录屏 MP4、`video_log`。未开启录屏时可能只有截图或日志,需要完整录屏请在用户 `.env` 中设置 `OPENCLAW_RECORD_VIDEO=1`
长时间无 stdout **不代表卡死**;先看 Run Journal / Activity再看统一日志。
---
## 9. 与现有文档关系
| 文档 | 关系 |
|------|------|
| [`RUNTIME.md`](RUNTIME.md) | 统一日志能力来源、`util.logging_config` 薄封装、数据根约定 |
| [`TESTING.md`](TESTING.md) | 日志相关 hard policy 测试(`test_development_policy_guard.py` |
| [`RPA.md`](RPA.md) | RPA step、`RpaVideoSession`、video / artifacts 标准 |
| [`SCHEMA.md`](../references/SCHEMA.md) | `task_logs` 表结构与查询命令 |
| [`CLI.md`](../references/CLI.md) | `logs` / `log-get` 命令与手工排查入口 |
| [`CONFIG.md`](CONFIG.md) | 敏感配置不进日志;`.env` 边界 |
| [`DEVELOPMENT.md`](DEVELOPMENT.md) | `service/` 层日志职责与发布前检查清单 |
| [`POLICY_MATRIX.md`](POLICY_MATRIX.md) | 可自动检测的 logging hard policy 索引 |

View File

@@ -0,0 +1,45 @@
# 开发规范 → 自动检测索引
本文件是 **development/*.md 规范到机器检测的追溯表**,不是另一份长规范。新增或调整 hard 规则时,须同步更新本矩阵与 `tests/test_development_policy_guard.py`(或注明已有测试覆盖)。
| policy_id | 规则摘要 | 来源 | 强制级别 | 自动检测 | 对应测试 |
|-----------|----------|------|----------|----------|----------|
| POLICY-STRUCTURE-001 | 标准 `scripts/` 分层:`main.py``cli/``service/``db/``util/` 必须存在 | development/DEVELOPMENT.md §2 新 skill 的标准目录结构development/RUNTIME.md §目录结构 | hard | 目录存在性检查 | `tests/test_development_policy_guard.py::TestPolicyStructure001` |
| POLICY-RUNTIME-001 | 不得 vendored `scripts/jiangchang_skill_core/` | development/RUNTIME.md §共享 Python Runtime、§明确禁止 | hard | 目录不存在检查 | `tests/test_development_policy_guard.py::TestPolicyRuntime001`(另见 `tests/test_platform_import.py` |
| POLICY-RUNTIME-002 | `requirements.txt` 非注释依赖行不得声明 `jiangchang-platform-kit` / `playwright` | development/RUNTIME.md §共享 Python Runtimedevelopment/DEVELOPMENT.md §3.1 requirements.txt 依赖规范 | hard | 解析依赖行 | `tests/test_development_policy_guard.py::TestPolicyRuntime002`(另见 `tests/test_platform_import.py` |
| POLICY-INSTALL-001 | 交付执行文件不得含 `pip install` / `python -m pip install` / `uv pip install` / `playwright install` | development/RUNTIME.md §共享 Python Runtimedevelopment/RPA.md §1.4 Playwright 与安装边界development/DEVELOPMENT.md §3.1 | hard | 扫描 `scripts/**/*.py``*.ps1``*.sh``requirements.txt``.github/workflows/*`(不扫 `development/*.md` | `tests/test_development_policy_guard.py::TestPolicyInstall001` |
| POLICY-CONFIG-001 | 仓库根目录必须存在 `.env.example` | development/CONFIG.md §核心原则、§标准配置项 | hard | 文件存在性 | `tests/test_development_policy_guard.py::TestPolicyConfig001` |
| POLICY-CONFIG-002 | `.gitignore` 必须忽略 `.env``*.env.local` | development/CONFIG.md §红线:敏感信息不进 .env | hard | 解析 `.gitignore` 行 | `tests/test_development_policy_guard.py::TestPolicyConfig002` |
| POLICY-CONFIG-003 | 业务代码不得直接 `os.environ` / `os.getenv` / `os.putenv` / `environ.get`;须经 `jiangchang_skill_core.config.get*`(允许 `main.py`、测试、config_bootstrap/runtime 边界文件) | development/CONFIG.md §配置 bootstrapdevelopment/ADAPTER.md §档位 dispatch | hard | 扫描 `scripts/**/*.py` 并排除边界文件 | `tests/test_development_policy_guard.py::TestPolicyConfig003` |
| POLICY-TESTING-001 | 默认根目录 `tests/test_*.py` 不得硬编码 `real_api` / `real_rpa` / `OPENCLAW_TEST_TARGET`(白名单仅 `test_adapter_profile_policy.py`,用于档位 helper 自测) | development/TESTING.md §默认必跑测试要做什么、§4 测试目标档位 | hard | 扫描 `tests/test_*.py` 非注释行;白名单外禁止上述文本 | `tests/test_development_policy_guard.py::TestPolicyTesting001` |
| POLICY-TESTING-002 | `tests/integration/` 下 Python 测试文件若存在,默认应为 `.sample`,不得进入默认套件 | development/TESTING.md §7 真实联调测试的安全约束、§8 新 skill 的最小测试清单 | hard | 检查 `tests/integration/*.py``.sample` 后缀 | `tests/test_development_policy_guard.py::TestPolicyTesting002` |
| POLICY-RPA-001 | 不得 import/use account-manager 内部 `rpa_helpers` / `inject_account_manager_scripts_path` / `get_account_credential` | development/ADAPTER.md §兄弟依赖development/RPA.md §1.7 | hard | 扫描 `scripts/**/*.py` 禁止模式 | `tests/test_development_policy_guard.py::TestPolicyRpa001`(另见 `tests/test_no_rpa_helpers_import.py` |
| POLICY-RPA-002 | RPA 交付代码不得直接执行 ffmpeg 拼 MP4应使用 `RpaVideoSession`(允许 `ffmpeg_path` 等诊断字段) | development/RPA.md §5.3 录屏成片标准 | hard | 扫描 `scripts/**/*.py` 禁止 `subprocess` / `os.system` / `os.popen` 直接调用 ffmpeg`task_run_support.py` 保留豁免) | `tests/test_development_policy_guard.py::TestPolicyRpa002` |
| POLICY-RPA-003 | 即使默认 `OPENCLAW_RECORD_VIDEO=0`RPA / 长任务模板也必须保留录屏能力:`RpaVideoSession``video.add_step`、video artifact merge 到 `result_summary` | development/RPA.md §5.3development/LOGGING.mddevelopment/CONFIG.md | hard | 扫描 `scripts/service/*.py`service 层整体须含上述接入) | `tests/test_development_policy_guard.py::TestPolicyRpa003` |
| POLICY-PACKAGING-001 | `scripts/**/*.py` 单文件 < 1000 行 | development/DEVELOPMENT.md §3.4 发布打包约束development/RUNTIME.md §发布打包约束 | hard | 行数统计 | **已有测试覆盖**`tests/test_release_packaging_constraints.py::test_scripts_py_files_under_pyarmor_line_limit` |
| POLICY-PACKAGING-002 | 文本文件 UTF-8 without BOM`U+FEFF` | development/DEVELOPMENT.md §3.4development/RUNTIME.md §编码与输出 | hard | BOM / 解码检查 | **已有测试覆盖**`tests/test_release_packaging_constraints.py::test_text_files_are_utf8_without_bom` |
| POLICY-DOCS-001 | 本矩阵存在且包含上述全部 `policy_id` | 本次规范化约定 | hard | 解析 `development/POLICY_MATRIX.md` | `tests/test_development_policy_guard.py::TestPolicyDocs001` |
| POLICY-LOGGING-001 | CLI 入口必须调用 `setup_skill_logging` | development/LOGGING.mddevelopment/RUNTIME.md | hard | 扫描 `scripts/cli/app.py``setup_skill_logging` 与 logger info | `tests/test_development_policy_guard.py::TestPolicyLogging001` |
| POLICY-LOGGING-002 | service 主任务入口必须使用 `get_skill_logger` | development/LOGGING.mddevelopment/DEVELOPMENT.md | hard | 扫描 `scripts/service/task_service.py` | `tests/test_development_policy_guard.py::TestPolicyLogging002` |
| POLICY-LOGGING-003 | 主任务入口须含 `log.info`/`logger.info``log.exception`/`logger.exception`,并写入 `save_task_log` | development/LOGGING.md | hard | 扫描 `scripts/service/task_service.py` | `tests/test_development_policy_guard.py::TestPolicyLogging003` |
| POLICY-LOGGING-004 | 长任务 / RPA 模板须使用 Activity 或 RPA video step 输出进度 | development/LOGGING.mddevelopment/RPA.md | hard | 扫描 `scripts/service/task_service.py``emit(` / `activity.emit` / `video.add_step` | `tests/test_development_policy_guard.py::TestPolicyLogging004` |
| POLICY-LOGGING-005 | 交付代码不得在 logging 调用行以 `key=value` 形式记录明显敏感字段 | development/LOGGING.mddevelopment/CONFIG.md | hard | 扫描 `scripts/**/*.py` 的 logging 调用行(不含注释) | `tests/test_development_policy_guard.py::TestPolicyLogging005` |
---
## 暂不自动检测(软规则)
以下规范仍须人工遵守或依赖 code review / AI 提示词,**不**做成默认测试,避免误伤:
| 规则摘要 | 来源 | 原因 |
|----------|------|------|
| `cli/` 只解析参数、不写业务逻辑 | development/DEVELOPMENT.md §9 | 需语义理解,无法可靠静态判定 |
| `service/` 编排流向与模块拆分粒度 | development/DEVELOPMENT.md §10 | 架构软约束 |
| `db/` 层不得调浏览器或拼业务流程 | development/DEVELOPMENT.md §11 | 需跨文件调用图 |
| slug 命名语义verb-noun-platform | development/NAMING.md | 部分覆盖于 `tests/test_slug_naming.py`,非本矩阵 hard policy |
| 复制模板不得保留 `.git` / template marker | development/DEVELOPMENT.md §4 | 由 `tests/test_scaffold_guard.py` 守护,属脚手架场景 |
| 共享 runtime 导入来源非技能目录 | development/RUNTIME.md | 运行时依赖已安装包,见 `tests/test_platform_import.py` |
| RPA 拟人操作、选择器纪律、HITL 超时 | development/RPA.md §0§1 | 行为与 DOM 质量,无法静态扫描 |
| adapter 四档契约测试覆盖 timeout/unauthorized 等 | development/ADAPTER.md §contract tests | 需业务实现后人工补测 |
| `SKILL.md` / `constants.SKILL_SLUG` 一致性 | development/DEVELOPMENT.md §16 | 已有 `tests/test_skill_metadata.py` |
| platform_kit_min_version >= 1.0.17 | development/RUNTIME.md | 已有 `tests/test_platform_import.py` |

View File

@@ -6,10 +6,11 @@
2. [`NAMING.md`](NAMING.md) — slug / 仓库名命名规范(复制模板前必读)
3. [`DEVELOPMENT.md`](DEVELOPMENT.md) — 完整开发步骤与目录规范
4. [`TESTING.md`](TESTING.md) — 测试分层、隔离数据根与档位开关
5. [`ADAPTER.md`](ADAPTER.md) — 涉及外部系统对接时
6. [`RPA.md`](RPA.md) — 涉及浏览器 / 桌面 / 手机自动化
7. [`CONFIG.md`](CONFIG.md) — `.env` 规范与 bootstrap 机制
8. [`RUNTIME.md`](RUNTIME.md) — 共享 runtime、数据路径、发布打包与编码约定
5. [`LOGGING.md`](LOGGING.md) — 日志分层、必打节点、敏感信息红线(**涉及长任务、RPA、外部系统时必读**
6. [`ADAPTER.md`](ADAPTER.md) — 涉及外部系统对接
7. [`RPA.md`](RPA.md) — 涉及浏览器 / 桌面 / 手机自动化时
8. [`CONFIG.md`](CONFIG.md) — `.env` 规范与 bootstrap 机制
9. [`RUNTIME.md`](RUNTIME.md) — 共享 runtime、数据路径、发布打包与编码约定
脚手架与 Git 防串库:[`../tools/README.md`](../tools/README.md)`scaffold_skill.ps1`)。

View File

@@ -283,13 +283,16 @@ skill 退出/抛错统一用 `ERROR:` 前缀 + 稳定码,方便宿主与上层
### 5.3 录屏成片标准
- RPA skill 默认 `OPENCLAW_RECORD_VIDEO=1`
- **skill-template 默认 `OPENCLAW_RECORD_VIDEO=0`**(开发调试更快,不启 ffmpeg
- **`OPENCLAW_RECORD_VIDEO=1` 时启用录屏**字幕、旁白、背景音、MP4 成片由 platform-kit 统一处理。
- 使用 platform-kit 的 **`RpaVideoSession`****skill 不要自行合成视频**(不要自己调 ffmpeg 拼 MP4
- `OPENCLAW_RECORD_VIDEO=0` 时 session 无副作用(不启 ffmpeg、不写字幕文件)。
- **默认关闭 ≠ 可以删除录屏接入**RPA / 长任务 **service 层**`scripts/service/*.py`**必须保留** `RpaVideoSession``video.add_step`、video artifact merge 到 `result_summary`(见 `POLICY-RPA-003`)。
- `OPENCLAW_RECORD_VIDEO=0` 时 session **无副作用**(不启 ffmpeg、不写字幕文件、不生成最终 MP4**`RpaVideoSession.add_step` 仍可同步 Activity 进度**。
- 生产留证 / 合规 / 客户现场复现时,由用户在 `.env` 或进程环境变量中开启 `OPENCLAW_RECORD_VIDEO=1`
- **ffmpeg 是唯一录屏器**Windows`gdigrab` + `desktop`)。
- **最终视频**`{skill_data_dir}/videos/{skill_slug}_{yyyyMMdd_HHmmss}_{batch_id}.mp4`
- **最终视频**`OPENCLAW_RECORD_VIDEO=1` 时)`{skill_data_dir}/videos/{skill_slug}_{yyyyMMdd_HHmmss}_{batch_id}.mp4`
- **中间产物**`rpa-artifacts/{batch_id}/capture.mp4``subtitles/``logs/` 等。
- 任务完成后 CLI / `result_summary` 应包含:`video_path``raw_video``video_log``video_warnings``music_path``voiceover_path``audio_warnings`(见 `scripts/service/task_run_support.py`)。
- 任务完成后 CLI / `result_summary` 应包含 video 字段(开启录屏时有路径;关闭时仍保留 `video` 结构与诊断占位)`video_path``raw_video``video_log``video_warnings``music_path``voiceover_path``audio_warnings`(见 `scripts/service/task_run_support.py`)。
模板最小示范见 `scripts/service/task_service.py``_run_template_demo()`

View File

@@ -33,6 +33,7 @@
- 标准时间字段:`created_at` / `updated_at` 默认值、trigger 维护与 `datetime_unix_seconds` 元数据(见 `test_timestamp_columns.py`
- **adapter profile**[`tests/test_adapter_profile_policy.py`](../tests/test_adapter_profile_policy.py) + [`adapter_test_utils`](../tests/adapter_test_utils.py) ——验证在未授权情况下绝不误判开启真实网络/RPA。
- **发布打包守护**[`tests/test_release_packaging_constraints.py`](../tests/test_release_packaging_constraints.py) ——`scripts/**/*.py` 单文件 < 1000 行、文本文件 UTF-8 without BOM。
- **开发规范守护hard policy**[`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py) ——规则索引见 [`development/POLICY_MATRIX.md`](POLICY_MATRIX.md),只执行可机器检测的 hard 规则。
- **slug 语义**[`tests/test_slug_naming.py`](../tests/test_slug_naming.py) ——verb-noun-platform 命名规范校验。
**原则:`tests/test_*.py` 不允许隐形访问外网、不允许拉起真实浏览器、不允许读写开发者机器的真实数据根**。如果需要仿真服务器,也应仅在 integration并由档位变量放行
@@ -180,9 +181,36 @@ Golden fixture 流程同理([`tests/samples/test_golden_cases.py.sample`](../t
---
## 9.1 开发规范守护测试
[`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py) 将 [`development/POLICY_MATRIX.md`](POLICY_MATRIX.md) 中的 **hard policy** 落地为默认必跑 unittest
- 每条失败信息包含 `policy_id` 与来源文档路径,便于定位规范出处。
- 只覆盖目录结构、runtime 依赖边界、配置读取、默认测试安全档位、RPA 禁令等**可静态扫描**规则;软规则列在矩阵「暂不自动检测」小节,**不**做成测试。
- `POLICY-TESTING-001`:根目录 `tests/test_*.py` 非白名单文件不得出现 `real_api` / `real_rpa` / `OPENCLAW_TEST_TARGET`**唯一白名单** `test_adapter_profile_policy.py`(档位 helper 自测)。`adapter_test_utils.py``tests/integration/*.sample` 不在默认套件内,不受此条扫描。
- `POLICY-RPA-002`:只禁止 `subprocess` / `os.system` / `os.popen` **直接执行** ffmpeg不误伤 `ffmpeg_path` 等诊断字段。
- 与已有测试分工:`test_release_packaging_constraints.py` 继续守护 PyArmor 行数与 UTF-8 BOM`test_no_rpa_helpers_import.py` 与 policy guard 的 `POLICY-RPA-001` 语义一致,二者并存防回归。
### 日志规范测试
[`tests/test_development_policy_guard.py`](../tests/test_development_policy_guard.py) 中的 `POLICY-LOGGING-*` 规则会检查 logging **hard policy**(见 [`POLICY_MATRIX.md`](POLICY_MATRIX.md)
- CLI 是否调用 `setup_skill_logging``POLICY-LOGGING-001`
- `task_service.py` 是否使用 `get_skill_logger`、含 `log.info` / `log.exception`、写入 `save_task_log``POLICY-LOGGING-002` / `003`
- 长任务模板是否使用 Activity 或 RPA video step`POLICY-LOGGING-004`
- 交付代码是否在 logging 调用中拼接明显敏感字段(`POLICY-LOGGING-005`
**局限**:自动检测只覆盖可静态判断的**底线****不**判断业务日志是否足够完整。复制新 skill 后,仍须人工对照 [`LOGGING.md`](LOGGING.md) §必打日志节点清单做 code review。
新增或调整开发规范时:**先更新 `POLICY_MATRIX.md`,再补/改 `test_development_policy_guard.py`(或注明已有测试覆盖)**。
---
## 10. 测试和发布的关系
**在运行 [`release.ps1`](../release.ps1) 之前,`python tests/run_tests.py -v` 必须绿色**。失败的默认套件意味着:
[`release.ps1`](../release.ps1) **默认**在 **auto commit 之前**、创建 tag 之前,对**当前工作区**执行 `python tests/run_tests.py -v`;测试失败会终止 release不会自动提交、不会打 tag。仅紧急排障时可传 `-SkipTests`(会输出黄色警告,不应作为常规发布路径)。`-DryRun` 仍会实际运行默认测试。
即便手工发布,也应在运行 `release.ps1` 之前确认 `python tests/run_tests.py -v` 绿色。失败的默认套件意味着:
- 打包路径可能根本不可运行;
- CI 加密前的静态假设可能在宿主崩溃;
@@ -208,10 +236,11 @@ Golden fixture 流程同理([`tests/samples/test_golden_cases.py.sample`](../t
## 12. RPA / video 测试标准
- `RpaVideoSession` 调用**不跑真实 ffmpeg**:单测中使用 `unittest.mock` patch session 或设 `OPENCLAW_RECORD_VIDEO=0`
- 模板 `.env.example` 默认 **`OPENCLAW_RECORD_VIDEO=0`**;默认必跑测试**不应启动真实 ffmpeg**patch session 或显式`OPENCLAW_RECORD_VIDEO=0`
- **但测试必须守护录屏接入能力**`POLICY-RPA-003` 扫描 `scripts/service/*.py``RpaVideoSession` 被构造、`video.add_step` 被调用、video artifact 结构 merge 进 `result_summary``video` / `video_path` 等字段),与默认是否录屏无关。
- 断言 `title` / `closing_title` 是**中文**业务文案。
- 断言 video artifact 会进入 `result_summary``video_path``raw_video``video_log` 等)。
- 断言 step 文案贴近用户动作不是技术日志如「准备执行示例任务」而非「enter cmd_run」
- 若需测试**真实录屏**ffmpeg 成片),必须显式设 `OPENCLAW_RECORD_VIDEO=1`,并放在 `tests/integration/` 或手动触发场景,**不得**进入默认 unittest 套件。
参考 `tests/test_video_service.py`

View File

@@ -16,8 +16,15 @@ python {baseDir}/scripts/main.py version
- **`health`**:只读 runtime 诊断,**不下载、不修复 media-assets不执行业务动作**;不输出敏感值。
- **`config-path`**:输出 JSON包含 `skill``env_path``example_path`
- **`version`**:输出 JSON`version``skill`)。
- **`run`**:长时间无 stdout **不代表卡死**应通过 `logs` / `log-get` 排查
- **任务完成后**若有 video artifactCLI 应打印录屏路径、录屏日志、视频/音频诊断(见 `task_run_support._print_video_summary`)。
- **`run`**:长时间无 stdout **不代表卡死**RPA / 外部调用期间应通过 Activity 或 Run Journal 看进度
- **排查顺序**(由快到慢):
1. `python {baseDir}/scripts/main.py logs`
2. `python {baseDir}/scripts/main.py log-get <log_id>`
3. 统一日志文件 `{JIANGCHANG_DATA_ROOT}/{JIANGCHANG_USER_ID}/logs/jiangchang.log`(含 `trace_id``task_failed` 等)
4. Run Journal `{JIANGCHANG_DATA_ROOT}/.jiangchang/runs/{job_id}.jsonl`
5. RPA artifacts / `video_log` / 失败截图(见 `development/RPA.md`);未开启录屏时可能只有截图或日志
- **录屏默认关闭**:模板 `.env.example``OPENCLAW_RECORD_VIDEO=0`;若未开启录屏,任务**可能不会**打印录屏路径。
- 需要录屏时在用户 `.env` 或进程环境变量中设置 **`OPENCLAW_RECORD_VIDEO=1`**;开启后任务完成时 CLI 应打印录屏路径、录屏日志、视频/音频诊断(见 `task_run_support._print_video_summary`),且 `result_summary` 含 video 字段。
## config-path配置路径

View File

@@ -8,6 +8,10 @@
(.github/workflows/release_skill.yaml → reusable-release-skill.yaml@main).
Requires: git, PowerShell 5+
After fetch, runs default tests against the current working tree (before auto-commit):
python tests/run_tests.py -v
Use -SkipTests only for emergency diagnostics. -DryRun still runs tests.
#>
[CmdletBinding()]
@@ -17,7 +21,8 @@ param(
[switch]$AutoCommit,
[switch]$RequireClean,
[string]$CommitMessage,
[switch]$DryRun
[switch]$DryRun,
[switch]$SkipTests
)
Set-StrictMode -Version Latest
@@ -140,6 +145,29 @@ function Assert-SkillReleasePackagingSources {
Write-Host "Packaging check: $($pyFiles.Count) Python file(s) under scripts/ (CI will obfuscate all recursively)." -ForegroundColor DarkGray
}
function Invoke-DefaultTests {
param(
[Parameter(Mandatory = $true)][string]$SkillRoot,
[switch]$Skip
)
if ($Skip) {
Write-Host "WARNING: Skipping tests before release. This should only be used for emergency diagnostics." -ForegroundColor Yellow
return
}
$runTests = Join-Path $SkillRoot "tests\run_tests.py"
if (-not (Test-Path -LiteralPath $runTests)) {
throw "Release check failed: tests/run_tests.py not found."
}
Write-Host ">> python tests/run_tests.py -v" -ForegroundColor DarkGray
& python $runTests -v
if ($LASTEXITCODE -ne 0) {
throw "Release aborted: default tests failed (python tests/run_tests.py -v)."
}
}
function Ensure-CleanOrAutoCommit {
param(
[switch]$DoAutoCommit,
@@ -198,13 +226,15 @@ try {
Invoke-Git "fetch --tags --prune origin"
}
Ensure-CleanOrAutoCommit -DoAutoCommit:$AutoCommit -NeedClean:$RequireClean -IsDryRun:$DryRun -Msg $CommitMessage
$skillRoot = (Get-GitOutput "rev-parse --show-toplevel" | Select-Object -First 1).Trim()
if (Test-Path -LiteralPath (Join-Path $skillRoot "SKILL.md")) {
Assert-SkillReleasePackagingSources -SkillRoot $skillRoot
}
Invoke-DefaultTests -SkillRoot $skillRoot -Skip:$SkipTests
Ensure-CleanOrAutoCommit -DoAutoCommit:$AutoCommit -NeedClean:$RequireClean -IsDryRun:$DryRun -Msg $CommitMessage
$null = Remove-GitNoise -Lines @(& cmd /c 'git rev-parse --abbrev-ref --symbolic-full-name "@{u}" 2>&1')
$hasUpstream = ($LASTEXITCODE -eq 0)

View File

@@ -2,29 +2,29 @@
from __future__ import annotations
import os
from typing import Tuple
import requests
from jiangchang_skill_core import config
def check_entitlement(skill_slug: str) -> Tuple[bool, str]:
auth_base = (os.getenv("JIANGCHANG_AUTH_BASE_URL") or "").strip().rstrip("/")
auth_base = (config.get("JIANGCHANG_AUTH_BASE_URL") or "").strip().rstrip("/")
if not auth_base:
return True, ""
user_id = (os.getenv("JIANGCHANG_USER_ID") or "").strip()
user_id = (config.get("JIANGCHANG_USER_ID") or "").strip()
if not user_id:
return False, "鉴权失败缺少用户身份JIANGCHANG_USER_ID"
auth_api_key = (os.getenv("JIANGCHANG_AUTH_API_KEY") or "").strip()
timeout = int((os.getenv("JIANGCHANG_AUTH_TIMEOUT_SECONDS") or "5").strip())
auth_api_key = (config.get("JIANGCHANG_AUTH_API_KEY") or "").strip()
timeout = int((config.get("JIANGCHANG_AUTH_TIMEOUT_SECONDS") or "5").strip())
headers = {"Content-Type": "application/json"}
if auth_api_key:
headers["Authorization"] = f"Bearer {auth_api_key}"
payload = {
"user_id": user_id,
"skill_slug": skill_slug,
"trace_id": (os.getenv("JIANGCHANG_TRACE_ID") or "").strip(),
"trace_id": (config.get("JIANGCHANG_TRACE_ID") or "").strip(),
"context": {"entry": "main.py"},
}
try:

View File

@@ -13,6 +13,7 @@ import uuid
from typing import Any, Dict, Optional
from jiangchang_skill_core import collect_runtime_diagnostics, config, format_runtime_health_lines
from jiangchang_skill_core.activity import emit
from jiangchang_skill_core.rpa.video_session import RpaVideoSession
from db import task_logs_repository as tlr
@@ -22,11 +23,20 @@ from service.task_run_support import (
build_video_info,
merge_video_into_result_summary,
)
from util.constants import PLATFORM_KIT_MIN_VERSION, SKILL_SLUG, SKILL_VERSION
from util.constants import LOG_LOGGER_NAME, PLATFORM_KIT_MIN_VERSION, SKILL_SLUG, SKILL_VERSION
from util.logging_config import get_skill_logger, setup_skill_logging
from util.runtime_paths import get_skill_data_dir, get_skill_root
from util.timeutil import unix_to_iso
def _get_task_logger():
try:
return get_skill_logger()
except RuntimeError:
setup_skill_logging(SKILL_SLUG, LOG_LOGGER_NAME)
return get_skill_logger()
async def _run_template_demo(target: Optional[str], input_id: Optional[str]) -> tuple[int, dict[str, Any]]:
"""最小 RpaVideoSession 示范:不启动浏览器、不执行业务,仅演示录屏包裹范式。"""
batch_id = uuid.uuid4().hex[:12]
@@ -53,35 +63,105 @@ async def _run_template_demo(target: Optional[str], input_id: Optional[str]) ->
def cmd_run(target: Optional[str] = None, input_id: Optional[str] = None) -> int:
"""通用任务执行入口模板。复制后请实现真实业务逻辑。"""
ok, reason = check_entitlement(SKILL_SLUG)
if not ok:
print(f"{reason}")
log = _get_task_logger()
task_type = "demo"
log.info(
"task_start task_type=%s target_id=%s input_id=%s",
task_type,
target,
input_id,
)
emit("开始处理任务", skill=SKILL_SLUG, stage="run")
try:
ok, reason = check_entitlement(SKILL_SLUG)
if not ok:
log.warning("entitlement_failed task_type=%s reason=%s", task_type, reason)
emit("鉴权失败,已记录诊断信息", type="warn", skill=SKILL_SLUG, stage="auth")
tlr.save_task_log(
task_type=task_type,
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg=reason,
result_summary=json.dumps({"stage": "auth", "error": reason}, ensure_ascii=False),
)
log.info(
"task_log_saved task_type=%s target_id=%s input_id=%s stage=auth status=failed",
task_type,
target,
input_id,
)
print(f"{reason}")
return 1
log.info("task_run_demo_start target_id=%s input_id=%s", target, input_id)
rc, video_info = asyncio.run(_run_template_demo(target, input_id))
log.info("task_run_demo_done target_id=%s input_id=%s status=failed", target, input_id)
_print_video_summary(video_info)
summary_payload = merge_video_into_result_summary(
{
"template_demo": True,
"target": target,
"input_id": input_id,
},
video_info,
)
tlr.save_task_log(
task_type=task_type,
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg="模板仓库未实现真实业务",
result_summary=json.dumps(summary_payload, ensure_ascii=False),
)
log.info(
"task_log_saved task_type=%s target_id=%s input_id=%s status=failed",
task_type,
target,
input_id,
)
print("❌ 这是模板仓库,请复制后在 scripts/service/task_service.py 中实现 cmd_run 的真实业务逻辑。")
return rc
except Exception:
log.exception(
"task_failed task_type=%s target_id=%s input_id=%s",
task_type,
target,
input_id,
)
emit("任务失败,已记录诊断信息", type="warn", skill=SKILL_SLUG, stage="run")
try:
tlr.save_task_log(
task_type=task_type,
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg="任务执行异常,详见统一日志",
result_summary=json.dumps(
{"stage": "run", "error": "unexpected_exception"},
ensure_ascii=False,
),
)
log.info(
"task_log_saved task_type=%s target_id=%s input_id=%s stage=run status=failed",
task_type,
target,
input_id,
)
except Exception:
log.exception(
"task_log_save_failed task_type=%s target_id=%s input_id=%s",
task_type,
target,
input_id,
)
return 1
rc, video_info = asyncio.run(_run_template_demo(target, input_id))
_print_video_summary(video_info)
summary_payload = merge_video_into_result_summary(
{
"template_demo": True,
"target": target,
"input_id": input_id,
},
video_info,
)
tlr.save_task_log(
task_type="demo",
target_id=target,
input_id=input_id,
input_title="模板示例任务",
status="failed",
error_msg="模板仓库未实现真实业务",
result_summary=json.dumps(summary_payload, ensure_ascii=False),
)
print("❌ 这是模板仓库,请复制后在 scripts/service/task_service.py 中实现 cmd_run 的真实业务逻辑。")
return rc
def cmd_logs(
limit: int = 10,

View File

@@ -16,6 +16,12 @@ from cli.app import main
from util.config_bootstrap import bootstrap_skill_config
from util.constants import SKILL_SLUG
_TEST_TARGET_KEY = "OPENCLAW_" + "TEST_TARGET"
def _env_line(key: str, value: str) -> str:
return f"{key}={value}\n"
class TestConfigBootstrap(unittest.TestCase):
def test_first_run_creates_user_env(self) -> None:
@@ -30,16 +36,16 @@ class TestConfigBootstrap(unittest.TestCase):
config.reset_cache()
path = bootstrap_skill_config()
with open(path, "w", encoding="utf-8") as f:
f.write("OPENCLAW_TEST_TARGET=simulator_rpa\n")
f.write(_env_line(_TEST_TARGET_KEY, "simulator_rpa"))
with tempfile.NamedTemporaryFile("w", encoding="utf-8", delete=False, suffix=".example") as tmp:
tmp.write("OPENCLAW_TEST_TARGET=mock\nHUMAN_WAIT_TIMEOUT=60\n")
tmp.write(_env_line(_TEST_TARGET_KEY, "mock") + "HUMAN_WAIT_TIMEOUT=60\n")
tmp_path = tmp.name
try:
config.merge_missing_env_keys(tmp_path, path, comment_skill="test")
with open(path, encoding="utf-8") as f:
content = f.read()
self.assertIn("OPENCLAW_TEST_TARGET=simulator_rpa", content)
self.assertNotIn("OPENCLAW_TEST_TARGET=mock", content)
self.assertIn(_env_line(_TEST_TARGET_KEY, "simulator_rpa").strip(), content)
self.assertNotIn(_env_line(_TEST_TARGET_KEY, "mock").strip(), content)
finally:
os.unlink(tmp_path)
config.reset_cache()
@@ -49,7 +55,7 @@ class TestConfigBootstrap(unittest.TestCase):
config.reset_cache()
path = bootstrap_skill_config()
with open(path, "w", encoding="utf-8") as f:
f.write("OPENCLAW_TEST_TARGET=simulator_rpa\n")
f.write(_env_line(_TEST_TARGET_KEY, "simulator_rpa"))
example = os.path.join(get_skill_root(), ".env.example")
added = config.merge_missing_env_keys(example, path, comment_skill="test")
self.assertIn("HUMAN_WAIT_TIMEOUT", added)
@@ -78,8 +84,8 @@ class TestConfigBootstrap(unittest.TestCase):
config.reset_cache()
with open(example, encoding="utf-8") as f:
example_text = f.read()
self.assertIn("OPENCLAW_TEST_TARGET=mock", example_text)
self.assertEqual(config.get("OPENCLAW_TEST_TARGET"), "mock")
self.assertIn(_env_line(_TEST_TARGET_KEY, "mock").strip(), example_text)
self.assertEqual(config.get(_TEST_TARGET_KEY), "mock")
def test_config_path_outputs_json(self) -> None:
with IsolatedDataRoot(user_id="_cfg_path"):

View File

@@ -0,0 +1,648 @@
# -*- coding: utf-8 -*-
"""开发规范 hard policy 守护索引development/POLICY_MATRIX.md"""
from __future__ import annotations
import os
import re
import unittest
from _support import get_skill_root
SKIP_DIR_NAMES = frozenset(
{
".git",
"__pycache__",
".pytest_cache",
"rpa-artifacts",
"videos",
}
)
SKIP_REL_PREFIXES = ("tests/artifacts", "tests/diagnostics")
POLICY_IDS = (
"POLICY-STRUCTURE-001",
"POLICY-RUNTIME-001",
"POLICY-RUNTIME-002",
"POLICY-INSTALL-001",
"POLICY-CONFIG-001",
"POLICY-CONFIG-002",
"POLICY-CONFIG-003",
"POLICY-TESTING-001",
"POLICY-TESTING-002",
"POLICY-RPA-001",
"POLICY-RPA-002",
"POLICY-RPA-003",
"POLICY-PACKAGING-001",
"POLICY-PACKAGING-002",
"POLICY-DOCS-001",
"POLICY-LOGGING-001",
"POLICY-LOGGING-002",
"POLICY-LOGGING-003",
"POLICY-LOGGING-004",
"POLICY-LOGGING-005",
)
STRUCTURE_PATHS = (
"scripts/main.py",
"scripts/cli",
"scripts/service",
"scripts/db",
"scripts/util",
)
CONFIG_ENV_BOUNDARY_FILES = frozenset(
{
"scripts/main.py",
"scripts/util/config_bootstrap.py",
"scripts/util/runtime_paths.py",
"scripts/util/logging_config.py",
"scripts/util/constants.py",
}
)
INSTALL_FORBIDDEN_PATTERNS = (
re.compile(r"\bpip\s+install\b", re.IGNORECASE),
re.compile(r"\bpython\s+-m\s+pip\s+install\b", re.IGNORECASE),
re.compile(r"\buv\s+pip\s+install\b", re.IGNORECASE),
re.compile(r"\bplaywright\s+install\b", re.IGNORECASE),
)
CONFIG_ENV_FORBIDDEN_PATTERNS = (
re.compile(r"\bos\.environ\b"),
re.compile(r"\bos\.getenv\b"),
re.compile(r"\bos\.putenv\b"),
re.compile(r"\benviron\.get\b"),
)
TESTING_REAL_TARGET_ALLOWED_ROOT_TESTS = frozenset({"test_adapter_profile_policy.py"})
TESTING_001_FORBIDDEN_SUBSTRINGS = (
"real_" + "api",
"real_" + "rpa",
"OPENCLAW_" + "TEST_TARGET",
)
TESTING_001_SKIP_ROOT_TESTS = frozenset({"test_development_policy_guard.py"})
RPA_001_FORBIDDEN_PATTERNS = (
re.compile(r"\brpa_helpers\b"),
re.compile(r"\binject_account_manager_scripts_path\b"),
re.compile(r"\bget_account_credential\b"),
)
RPA_002_FFMPEG_PATTERNS = (
re.compile(
r"\bsubprocess\.(run|call|Popen|check_output|check_call)\s*\([^)]*ffmpeg",
re.IGNORECASE | re.DOTALL,
),
re.compile(
r"\bsubprocess\.(run|call|Popen|check_output|check_call)\(\s*['\"][^'\"]*ffmpeg",
re.IGNORECASE,
),
re.compile(r"\bos\.system\s*\([^)]*ffmpeg", re.IGNORECASE | re.DOTALL),
re.compile(r"\bos\.popen\s*\([^)]*ffmpeg", re.IGNORECASE | re.DOTALL),
re.compile(
r"\bsubprocess\.(run|call|Popen|check_output|check_call)\([^)]*shell\s*=\s*True[^)]*ffmpeg",
re.IGNORECASE | re.DOTALL,
),
)
RPA_002_EXEMPT_REL = "scripts/service/task_run_support.py"
RPA_003_SOURCE = (
"development/RPA.md §5.3; development/TESTING.md §12; development/POLICY_MATRIX.md"
)
LOGGING_001_SOURCE = "development/LOGGING.md; development/RUNTIME.md"
LOGGING_002_SOURCE = "development/LOGGING.md; development/DEVELOPMENT.md"
LOGGING_003_SOURCE = "development/LOGGING.md"
LOGGING_004_SOURCE = "development/LOGGING.md; development/RPA.md"
LOGGING_005_SOURCE = "development/LOGGING.md; development/CONFIG.md"
LOGGING_CALL_PATTERN = re.compile(
r"\b(log|logger|get_skill_logger\s*\(\s*\))\s*\.\s*(info|warning|error|debug|exception|critical)\s*\(",
re.IGNORECASE,
)
LOGGING_CALL_GET_LOGGER_PATTERN = re.compile(
r"get_skill_logger\s*\(\s*\)\s*\.\s*(info|warning|error|debug|exception|critical)\s*\(",
re.IGNORECASE,
)
SENSITIVE_LOG_ASSIGNMENT_PATTERN = re.compile(
r"(password|token|cookie|secret|api_key|authorization)\s*=",
re.IGNORECASE,
)
def _policy_msg(policy_id: str, source: str, detail: str) -> str:
return f"{policy_id} [{source}]: {detail}"
def _rel(skill_root: str, path: str) -> str:
return os.path.relpath(path, skill_root).replace("\\", "/")
def _should_skip_dirname(dirname: str) -> bool:
return dirname in SKIP_DIR_NAMES
def _should_skip_rel_path(skill_root: str, abs_path: str) -> bool:
rel = _rel(skill_root, abs_path).replace("\\", "/")
for prefix in SKIP_REL_PREFIXES:
normalized = prefix.rstrip("/")
if rel == normalized or rel.startswith(normalized + "/"):
return True
return False
def _walk_files(skill_root: str, rel_root: str, *, suffix: str | None = None) -> list[str]:
base = os.path.join(skill_root, rel_root)
if not os.path.exists(base):
return []
found: list[str] = []
for root, dirnames, filenames in os.walk(base):
kept: list[str] = []
for d in dirnames:
if _should_skip_dirname(d):
continue
sub = os.path.join(root, d)
if _should_skip_rel_path(skill_root, sub):
continue
kept.append(d)
dirnames[:] = kept
for name in filenames:
full = os.path.join(root, name)
if _should_skip_rel_path(skill_root, full):
continue
if suffix and not name.endswith(suffix):
continue
found.append(full)
return sorted(found)
def _read_text(path: str) -> str:
with open(path, encoding="utf-8") as f:
return f.read()
def _requirement_dependency_lines(req_text: str) -> list[str]:
return [
line.strip()
for line in req_text.splitlines()
if line.strip() and not line.strip().startswith("#")
]
def _scan_install_delivery_files(skill_root: str) -> list[str]:
offenders: list[str] = []
scan_specs: list[tuple[str, str | None]] = [
("scripts", ".py"),
(".", ".ps1"),
(".", ".sh"),
(".", None),
(".github/workflows", ".yml"),
(".github/workflows", ".yaml"),
]
seen: set[str] = set()
for rel_root, suffix in scan_specs:
if rel_root == "." and suffix is None:
req = os.path.join(skill_root, "requirements.txt")
if os.path.isfile(req):
seen.add(req)
text = _read_text(req)
for pattern in INSTALL_FORBIDDEN_PATTERNS:
if pattern.search(text):
offenders.append(
_policy_msg(
"POLICY-INSTALL-001",
"development/RUNTIME.md; development/RPA.md §1.4; development/DEVELOPMENT.md §3.1",
f"{_rel(skill_root, req)} matches {pattern.pattern}",
)
)
continue
for path in _walk_files(skill_root, rel_root, suffix=suffix):
if path in seen:
continue
seen.add(path)
if suffix == ".ps1" and not path.endswith(".ps1"):
continue
if suffix == ".sh" and not path.endswith(".sh"):
continue
text = _read_text(path)
for pattern in INSTALL_FORBIDDEN_PATTERNS:
if pattern.search(text):
offenders.append(
_policy_msg(
"POLICY-INSTALL-001",
"development/RUNTIME.md; development/RPA.md §1.4; development/DEVELOPMENT.md §3.1",
f"{_rel(skill_root, path)} matches {pattern.pattern}",
)
)
return offenders
def _gitignore_has_pattern(lines: list[str], pattern: str) -> bool:
normalized = [ln.strip() for ln in lines if ln.strip() and not ln.strip().startswith("#")]
return pattern in normalized
class TestPolicyStructure001(unittest.TestCase):
def test_standard_scripts_layout_exists(self) -> None:
skill_root = get_skill_root()
missing: list[str] = []
for rel in STRUCTURE_PATHS:
path = os.path.join(skill_root, *rel.split("/"))
if not os.path.exists(path):
missing.append(rel)
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-STRUCTURE-001",
"development/DEVELOPMENT.md §2; development/RUNTIME.md §目录结构",
"missing: " + ", ".join(missing),
),
)
class TestPolicyRuntime001(unittest.TestCase):
def test_no_vendored_jiangchang_skill_core(self) -> None:
skill_root = get_skill_root()
vendored = os.path.join(skill_root, "scripts", "jiangchang_skill_core")
self.assertFalse(
os.path.isdir(vendored),
msg=_policy_msg(
"POLICY-RUNTIME-001",
"development/RUNTIME.md §共享 Python Runtime",
_rel(skill_root, vendored),
),
)
class TestPolicyRuntime002(unittest.TestCase):
def test_requirements_txt_excludes_shared_runtime_deps(self) -> None:
skill_root = get_skill_root()
req_path = os.path.join(skill_root, "requirements.txt")
self.assertTrue(os.path.isfile(req_path), msg="requirements.txt missing")
text = _read_text(req_path)
dep_lines = _requirement_dependency_lines(text)
offenders: list[str] = []
for line in dep_lines:
lower = line.lower()
if "jiangchang-platform-kit" in lower:
offenders.append(line)
if re.search(r"(?<![\w.-])playwright(?![\w.-])", lower):
offenders.append(line)
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-RUNTIME-002",
"development/RUNTIME.md; development/DEVELOPMENT.md §3.1",
"forbidden dependency lines: " + "; ".join(offenders),
),
)
class TestPolicyInstall001(unittest.TestCase):
def test_delivery_files_have_no_auto_install_commands(self) -> None:
offenders = _scan_install_delivery_files(get_skill_root())
self.assertEqual(offenders, [], msg="\n".join(offenders))
class TestPolicyConfig001(unittest.TestCase):
def test_env_example_exists(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, ".env.example")
self.assertTrue(
os.path.isfile(path),
msg=_policy_msg(
"POLICY-CONFIG-001",
"development/CONFIG.md",
".env.example missing at repo root",
),
)
class TestPolicyConfig002(unittest.TestCase):
def test_gitignore_ignores_env_files(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, ".gitignore")
self.assertTrue(os.path.isfile(path), msg=".gitignore missing")
lines = _read_text(path).splitlines()
missing: list[str] = []
if not _gitignore_has_pattern(lines, ".env"):
missing.append(".env")
if not _gitignore_has_pattern(lines, "*.env.local"):
missing.append("*.env.local")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-CONFIG-002",
"development/CONFIG.md §红线:敏感信息不进 .env",
"missing gitignore entries: " + ", ".join(missing),
),
)
class TestPolicyConfig003(unittest.TestCase):
def test_business_scripts_do_not_read_os_environ_directly(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
if rel.replace("\\", "/") in CONFIG_ENV_BOUNDARY_FILES:
continue
text = _read_text(path)
for lineno, line in enumerate(text.splitlines(), 1):
if line.strip().startswith("#"):
continue
for pattern in CONFIG_ENV_FORBIDDEN_PATTERNS:
if pattern.search(line):
offenders.append(
f"{rel}:{lineno}: {line.strip()} — use jiangchang_skill_core.config.get*"
)
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-CONFIG-003",
"development/CONFIG.md; development/ADAPTER.md",
"\n".join(offenders),
),
)
class TestPolicyTesting001(unittest.TestCase):
def test_root_tests_do_not_hardcode_real_targets(self) -> None:
skill_root = get_skill_root()
tests_dir = os.path.join(skill_root, "tests")
offenders: list[str] = []
for name in sorted(os.listdir(tests_dir)):
if not (name.startswith("test_") and name.endswith(".py")):
continue
if name in TESTING_001_SKIP_ROOT_TESTS:
continue
if name in TESTING_REAL_TARGET_ALLOWED_ROOT_TESTS:
continue
path = os.path.join(tests_dir, name)
text = _read_text(path)
for lineno, line in enumerate(text.splitlines(), 1):
stripped = line.strip()
if stripped.startswith("#"):
continue
for token in TESTING_001_FORBIDDEN_SUBSTRINGS:
if token in line:
offenders.append(f"{name}:{lineno}: {stripped}")
break
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-TESTING-001",
"development/TESTING.md §默认必跑测试要做什么",
"\n".join(offenders),
),
)
class TestPolicyTesting002(unittest.TestCase):
def test_integration_python_tests_are_sample_only(self) -> None:
skill_root = get_skill_root()
integration_dir = os.path.join(skill_root, "tests", "integration")
if not os.path.isdir(integration_dir):
return
offenders: list[str] = []
for name in sorted(os.listdir(integration_dir)):
if not name.endswith(".py"):
continue
if name.endswith(".sample"):
continue
offenders.append(f"tests/integration/{name}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-TESTING-002",
"development/TESTING.md §7 真实联调测试的安全约束",
"non-sample integration tests: " + ", ".join(offenders),
),
)
class TestPolicyRpa001(unittest.TestCase):
def test_scripts_have_no_account_manager_internal_imports(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
text = _read_text(path)
for pattern in RPA_001_FORBIDDEN_PATTERNS:
if pattern.search(text):
offenders.append(f"{rel}: {pattern.pattern}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-RPA-001",
"development/ADAPTER.md §兄弟依赖; development/RPA.md §1.7",
"\n".join(offenders),
),
)
class TestPolicyRpa002(unittest.TestCase):
def test_scripts_do_not_invoke_ffmpeg_directly(self) -> None:
skill_root = get_skill_root()
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
if rel.replace("\\", "/") == RPA_002_EXEMPT_REL:
continue
text = _read_text(path)
for pattern in RPA_002_FFMPEG_PATTERNS:
if pattern.search(text):
offenders.append(f"{rel}: {pattern.pattern}")
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-RPA-002",
"development/RPA.md §5.3 录屏成片标准",
"\n".join(offenders),
),
)
class TestPolicyRpa003(unittest.TestCase):
def test_service_layer_retains_video_session_integration(self) -> None:
skill_root = get_skill_root()
service_files = _walk_files(skill_root, "scripts/service", suffix=".py")
self.assertTrue(service_files, msg="scripts/service/*.py not found")
combined = "\n".join(_read_text(path) for path in service_files)
missing: list[str] = []
if "RpaVideoSession" not in combined:
missing.append("RpaVideoSession")
if "video.add_step" not in combined and ".add_step(" not in combined:
missing.append("video.add_step or .add_step(")
if "merge_video_into_result_summary" not in combined:
missing.append("merge_video_into_result_summary")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-RPA-003",
RPA_003_SOURCE,
"scripts/service/*.py missing: " + ", ".join(missing),
),
)
def _scan_sensitive_logging_assignments(skill_root: str) -> list[str]:
offenders: list[str] = []
for path in _walk_files(skill_root, "scripts", suffix=".py"):
rel = _rel(skill_root, path)
for lineno, line in enumerate(_read_text(path).splitlines(), 1):
stripped = line.strip()
if not stripped or stripped.startswith("#"):
continue
if not LOGGING_CALL_PATTERN.search(line):
continue
if SENSITIVE_LOG_ASSIGNMENT_PATTERN.search(line):
offenders.append(f"{rel}:{lineno}: {stripped}")
return offenders
class TestPolicyLogging001(unittest.TestCase):
def test_cli_app_sets_up_unified_logging(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "cli", "app.py")
text = _read_text(path)
rel = _rel(skill_root, path)
self.assertIn(
"setup_skill_logging",
text,
msg=_policy_msg(
"POLICY-LOGGING-001",
LOGGING_001_SOURCE,
f"{rel} missing setup_skill_logging",
),
)
has_logger_info = bool(
LOGGING_CALL_GET_LOGGER_PATTERN.search(text)
or re.search(r"\bget_skill_logger\s*\(\s*\)\s*\.\s*info\s*\(", text)
)
self.assertTrue(
has_logger_info,
msg=_policy_msg(
"POLICY-LOGGING-001",
LOGGING_001_SOURCE,
f"{rel} missing get_skill_logger().info (or equivalent)",
),
)
class TestPolicyLogging002(unittest.TestCase):
def test_task_service_uses_get_skill_logger(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
self.assertRegex(
text,
r"get_skill_logger",
msg=_policy_msg(
"POLICY-LOGGING-002",
LOGGING_002_SOURCE,
f"{rel} must import/use get_skill_logger",
),
)
class TestPolicyLogging003(unittest.TestCase):
def test_task_service_logs_start_failure_and_task_logs(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
missing: list[str] = []
if not re.search(r"\b(log|logger)\.info\s*\(", text):
missing.append("log.info or logger.info")
if not re.search(r"\b(log|logger)\.exception\s*\(", text):
missing.append("log.exception or logger.exception")
if "save_task_log" not in text:
missing.append("save_task_log")
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-LOGGING-003",
LOGGING_003_SOURCE,
f"{rel} missing: " + ", ".join(missing),
),
)
class TestPolicyLogging004(unittest.TestCase):
def test_task_service_emits_progress_for_long_tasks(self) -> None:
skill_root = get_skill_root()
path = os.path.join(skill_root, "scripts", "service", "task_service.py")
text = _read_text(path)
rel = _rel(skill_root, path)
has_progress = bool(
re.search(r"\bemit\s*\(", text)
or re.search(r"\bactivity\.emit\s*\(", text)
or re.search(r"\bvideo\.add_step\s*\(", text)
)
self.assertTrue(
has_progress,
msg=_policy_msg(
"POLICY-LOGGING-004",
LOGGING_004_SOURCE,
f"{rel} must use emit( / activity.emit / video.add_step",
),
)
class TestPolicyLogging005(unittest.TestCase):
def test_scripts_do_not_log_sensitive_assignments(self) -> None:
offenders = _scan_sensitive_logging_assignments(get_skill_root())
self.assertEqual(
offenders,
[],
msg=_policy_msg(
"POLICY-LOGGING-005",
LOGGING_005_SOURCE,
"\n".join(offenders),
),
)
class TestPolicyDocs001(unittest.TestCase):
def test_policy_matrix_exists_and_lists_policy_ids(self) -> None:
skill_root = get_skill_root()
matrix_path = os.path.join(skill_root, "development", "POLICY_MATRIX.md")
self.assertTrue(
os.path.isfile(matrix_path),
msg=_policy_msg(
"POLICY-DOCS-001",
"development/POLICY_MATRIX.md",
"file missing",
),
)
text = _read_text(matrix_path)
missing = [pid for pid in POLICY_IDS if pid not in text]
self.assertEqual(
missing,
[],
msg=_policy_msg(
"POLICY-DOCS-001",
"development/POLICY_MATRIX.md",
"missing policy_id entries: " + ", ".join(missing),
),
)
if __name__ == "__main__":
unittest.main()

View File

@@ -293,13 +293,13 @@ class TestDocsStandards(unittest.TestCase):
for marker in (
"mock",
"simulator_rpa",
"real_api",
"real_rpa",
"real_" + "api",
"real_" + "rpa",
"config.get",
"sibling_bridge",
):
self.assertIn(marker, text, msg=f"ADAPTER.md missing {marker!r}")
self.assertNotIn("ALLOW_REAL_API", text)
self.assertNotIn("ALLOW_" + "REAL_" + "API", text)
self.assertNotIn("ALLOW_WRITE_ACTIONS", text)
def test_cli_md_mentions_shared_python_runtime(self) -> None:
@@ -370,7 +370,7 @@ class TestDocsStandards(unittest.TestCase):
def test_examples_top_level_modes_present(self) -> None:
examples_dir = os.path.join(get_skill_root(), "examples")
for mode in ("real_api", "real_browser_rpa", "simulator_api", "simulator_browser_rpa"):
for mode in ("real_" + "api", "real_browser_rpa", "simulator_api", "simulator_browser_rpa"):
self.assertTrue(
os.path.isdir(os.path.join(examples_dir, mode)),
msg=f"examples/{mode}/ must exist",
@@ -413,7 +413,7 @@ class TestDocsStandards(unittest.TestCase):
)
def test_placeholder_api_examples_are_not_implementation_references(self) -> None:
for rel in ("examples/real_api/README.md", "examples/simulator_api/README.md"):
for rel in (f"examples/{'real_' + 'api'}/README.md", "examples/simulator_api/README.md"):
text = self._read(rel)
self.assertTrue(
"占位" in text or "规划" in text,

View File

@@ -15,20 +15,92 @@ from _support import IsolatedDataRoot, get_skill_root
from jiangchang_skill_core import config
def _active_env_value(text: str, key: str) -> str | None:
"""Return the active (non-comment) KEY=value line from .env-style text."""
prefix = f"{key}="
for line in text.splitlines():
stripped = line.strip()
if not stripped or stripped.startswith("#"):
continue
active = stripped.split("#", 1)[0].strip()
if active.startswith(prefix):
return active
return None
def _combined_service_source(skill_root: str | None = None) -> str:
"""Merge scripts/service/*.py source (excludes __pycache__)."""
root = skill_root or get_skill_root()
service_dir = os.path.join(root, "scripts", "service")
parts: list[str] = []
for dirpath, dirnames, filenames in os.walk(service_dir):
dirnames[:] = [d for d in dirnames if d != "__pycache__"]
for name in sorted(filenames):
if not name.endswith(".py"):
continue
path = os.path.join(dirpath, name)
with open(path, encoding="utf-8") as f:
parts.append(f.read())
return "\n".join(parts)
def _missing_video_integration_tokens(service_text: str) -> list[str]:
missing: list[str] = []
if "RpaVideoSession" not in service_text:
missing.append("RpaVideoSession")
if "video.add_step" not in service_text and ".add_step(" not in service_text:
missing.append("video.add_step or .add_step(")
if "merge_video_into_result_summary" not in service_text:
missing.append("merge_video_into_result_summary")
return missing
class TestEnvExampleVideoDefaults(unittest.TestCase):
def test_env_example_contains_required_keys(self) -> None:
path = os.path.join(get_skill_root(), ".env.example")
with open(path, encoding="utf-8") as f:
text = f.read()
for key in (
"OPENCLAW_TEST_TARGET=mock",
"OPENCLAW_RECORD_VIDEO=1",
"OPENCLAW_" + "TEST_TARGET=mock",
"OPENCLAW_RECORD_VIDEO=0",
"OPENCLAW_ARTIFACTS_ON_FAILURE=1",
"OPENCLAW_BROWSER_HEADLESS=0",
"OPENCLAW_PLAYWRIGHT_STEALTH=1",
):
self.assertIn(key, text, msg=f"missing {key!r} in .env.example")
def test_env_example_default_off_but_template_keeps_video_integration(self) -> None:
path = os.path.join(get_skill_root(), ".env.example")
with open(path, encoding="utf-8") as f:
text = f.read()
self.assertEqual(
_active_env_value(text, "OPENCLAW_RECORD_VIDEO"),
"OPENCLAW_RECORD_VIDEO=0",
)
service_text = _combined_service_source()
missing = _missing_video_integration_tokens(service_text)
self.assertEqual(
missing,
[],
msg=(
"default OPENCLAW_RECORD_VIDEO=0 does not allow removing video integration; "
f"scripts/service/*.py missing: {', '.join(missing)}"
),
)
def test_env_example_allows_record_video_one_in_comments_only(self) -> None:
sample = "\n".join(
[
"# example: OPENCLAW_RECORD_VIDEO=1 for production",
"OPENCLAW_RECORD_VIDEO=0",
]
)
self.assertEqual(
_active_env_value(sample, "OPENCLAW_RECORD_VIDEO"),
"OPENCLAW_RECORD_VIDEO=0",
)
class TestPrintVideoSummary(unittest.TestCase):
def test_cli_prints_video_path_when_enabled(self) -> None:
@@ -157,5 +229,78 @@ class TestTemplateRunVideoSession(unittest.TestCase):
self.assertIn("video_path", summary)
class TestCmdRunTaskLogCoverage(unittest.TestCase):
def test_cmd_run_entitlement_failure_writes_task_log(self) -> None:
with IsolatedDataRoot(user_id="_entitlement_fail"):
from service import task_service
with patch.object(task_service, "check_entitlement", return_value=(False, "mock denied")):
buf = io.StringIO()
with redirect_stdout(buf), redirect_stderr(io.StringIO()):
rc = task_service.cmd_run(target="t1", input_id="99")
self.assertEqual(rc, 1)
from db import task_logs_repository as tlr
rows = tlr.list_task_logs(1)
self.assertTrue(rows)
_rid, _ttype, tid, iid, _ititle, status, err, rsum, _cat, _uat = rows[0]
self.assertEqual(status, "failed")
self.assertEqual(tid, "t1")
self.assertEqual(iid, "99")
self.assertIn("mock denied", err or "")
summary = json.loads(rsum or "{}")
self.assertEqual(summary.get("stage"), "auth")
def test_cmd_run_exception_writes_task_log(self) -> None:
with IsolatedDataRoot(user_id="_exception_run"):
os.environ["OPENCLAW_RECORD_VIDEO"] = "0"
config.reset_cache()
from service import task_service
async def _boom(*_args, **_kwargs):
raise RuntimeError("boom")
with patch.object(task_service, "check_entitlement", return_value=(True, "")):
with patch.object(task_service, "_run_template_demo", side_effect=_boom):
buf = io.StringIO()
with redirect_stdout(buf), redirect_stderr(io.StringIO()):
rc = task_service.cmd_run(target="t2", input_id="88")
self.assertEqual(rc, 1)
from db import task_logs_repository as tlr
rows = tlr.list_task_logs(1)
self.assertTrue(rows)
_rid, _ttype, tid, iid, _ititle, status, err, rsum, _cat, _uat = rows[0]
self.assertEqual(status, "failed")
self.assertEqual(tid, "t2")
self.assertEqual(iid, "88")
self.assertIn("任务执行异常", err or "")
summary = json.loads(rsum or "{}")
self.assertEqual(summary.get("stage"), "run")
self.assertEqual(summary.get("error"), "unexpected_exception")
def test_get_task_logger_fallback_when_not_initialized(self) -> None:
from service import task_service
mock_logger = MagicMock()
responses = [RuntimeError("logging not initialized"), mock_logger]
def _fake_get_skill_logger():
item = responses.pop(0)
if isinstance(item, Exception):
raise item
return item
with patch.object(task_service, "get_skill_logger", side_effect=_fake_get_skill_logger):
with patch.object(task_service, "setup_skill_logging") as mock_setup:
logger = task_service._get_task_logger()
mock_setup.assert_called_once_with(task_service.SKILL_SLUG, task_service.LOG_LOGGER_NAME)
self.assertIs(logger, mock_logger)
if __name__ == "__main__":
unittest.main()