From fee920a895c958511c3d399a6082cb26b027e126 Mon Sep 17 00:00:00 2001 From: Yoilun Date: Mon, 25 May 2026 16:39:35 +0800 Subject: [PATCH] feat: read codex agent definitions --- cmd/codex-agent-manager/main.go | 8 +- docs/project.md | 10 ++- internal/agents/model.go | 17 ++++ internal/agents/store.go | 148 ++++++++++++++++++++++++++++++++ internal/agents/store_test.go | 102 ++++++++++++++++++++++ internal/server/server.go | 37 ++++++++ internal/server/server_test.go | 58 +++++++++++++ progress.md | 10 +++ task_plan.md | 2 +- 9 files changed, 383 insertions(+), 9 deletions(-) create mode 100644 internal/agents/model.go create mode 100644 internal/agents/store.go create mode 100644 internal/agents/store_test.go create mode 100644 internal/server/server.go create mode 100644 internal/server/server_test.go diff --git a/cmd/codex-agent-manager/main.go b/cmd/codex-agent-manager/main.go index e031d1c..bea1144 100644 --- a/cmd/codex-agent-manager/main.go +++ b/cmd/codex-agent-manager/main.go @@ -5,17 +5,13 @@ import ( "net/http" "codex-agent-manager/internal/app" + "codex-agent-manager/internal/server" ) func main() { cfg := app.DefaultConfig() - mux := http.NewServeMux() - mux.HandleFunc("/api/health", func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Content-Type", "application/json") - _, _ = w.Write([]byte(`{"status":"ok"}`)) - }) fmt.Printf("Codex 智能体管理台监听 http://%s\n", cfg.HTTPAddr) - if err := http.ListenAndServe(cfg.HTTPAddr, mux); err != nil { + if err := http.ListenAndServe(cfg.HTTPAddr, server.New(cfg)); err != nil { panic(err) } } diff --git a/docs/project.md b/docs/project.md index fd6e316..5bf4e2a 100644 --- a/docs/project.md +++ b/docs/project.md @@ -6,7 +6,7 @@ ## Target Architecture -计划架构为:Go 后端提供 localhost HTTP API,Vue 3 + Vite 前端提供中文工作台界面。目标后端将只读访问 Codex SQLite 状态库,安全读取 `.codex` 配置,并仅在用户确认后写回 `.codex/agents/*.toml`。 +计划架构为:Go 后端提供 localhost HTTP API,Vue 3 + Vite 前端提供中文工作台界面。当前后端已提供健康检查和 `.codex/agents/*.toml` 只读读取;目标后端将继续增加只读 SQLite 状态库、安全读取项目配置,并仅在用户确认后写回 `.codex/agents/*.toml`。 ## Configuration @@ -28,12 +28,18 @@ go run ./cmd/codex-agent-manager curl http://127.0.0.1:18083/api/health ``` +读取智能体定义: + +```bash +curl http://127.0.0.1:18083/api/agents +``` + ## Security Boundaries - 不读取 `.codex/auth.json`。 - 不写入 Codex SQLite。 - `.codex/agents/*.toml` 写回必须先备份。 -- 当前后端骨架只实现健康检查和 Codex home 路径边界函数,尚未读取真实 `.codex` 数据文件。 +- 当前 `/api/agents` 只读列出 `.codex/agents` 直属 `.toml` 文件,读取前通过 Codex home 边界和 agent TOML 专用 resolver;坏 TOML 以单条 `invalid` 状态返回,不导致服务崩溃。 ## Known Risks diff --git a/internal/agents/model.go b/internal/agents/model.go new file mode 100644 index 0000000..91cbe75 --- /dev/null +++ b/internal/agents/model.go @@ -0,0 +1,17 @@ +package agents + +import "time" + +type AgentDefinition struct { + ID string `json:"id"` + FilePath string `json:"filePath"` + FileName string `json:"fileName"` + Name string `json:"name"` + Description string `json:"description"` + DeveloperInstructions string `json:"developerInstructions"` + ExtraFields map[string]string `json:"extraFields"` + ModifiedAt time.Time `json:"modifiedAt"` + ParseStatus string `json:"parseStatus"` + ParseError string `json:"parseError,omitempty"` + DraftStatus string `json:"draftStatus"` +} diff --git a/internal/agents/store.go b/internal/agents/store.go new file mode 100644 index 0000000..7dcc966 --- /dev/null +++ b/internal/agents/store.go @@ -0,0 +1,148 @@ +package agents + +import ( + "bufio" + "errors" + "fmt" + "os" + "path/filepath" + "sort" + "strconv" + "strings" + + "codex-agent-manager/internal/codexhome" +) + +type Store struct { + CodexHome string +} + +func (s Store) List() ([]AgentDefinition, error) { + agentsDir, err := codexhome.ResolveInside(s.CodexHome, "agents") + if err != nil { + return nil, err + } + entries, err := os.ReadDir(agentsDir) + if err != nil { + if os.IsNotExist(err) { + return []AgentDefinition{}, nil + } + return nil, err + } + + sort.Slice(entries, func(i, j int) bool { + return entries[i].Name() < entries[j].Name() + }) + + result := make([]AgentDefinition, 0, len(entries)) + for _, entry := range entries { + if entry.IsDir() || !strings.HasSuffix(strings.ToLower(entry.Name()), ".toml") { + continue + } + result = append(result, s.readOne(entry.Name())) + } + return result, nil +} + +func (s Store) readOne(fileName string) AgentDefinition { + path := filepath.Join(s.CodexHome, "agents", fileName) + def := AgentDefinition{ + ID: strings.TrimSuffix(fileName, filepath.Ext(fileName)), + FilePath: path, + FileName: fileName, + ParseStatus: "valid", + DraftStatus: "clean", + ExtraFields: map[string]string{}, + } + + safePath, err := codexhome.ResolveAgentTOML(s.CodexHome, fileName) + if err != nil { + def.ParseStatus = "invalid" + def.ParseError = err.Error() + return def + } + info, statErr := os.Stat(safePath) + if statErr == nil { + def.ModifiedAt = info.ModTime() + } + data, err := os.ReadFile(safePath) + if err != nil { + def.ParseStatus = "invalid" + def.ParseError = err.Error() + return def + } + values, err := parseSimpleTOML(string(data)) + if err != nil { + def.ParseStatus = "invalid" + def.ParseError = err.Error() + return def + } + + def.Name = values["name"] + def.Description = values["description"] + def.DeveloperInstructions = values["developer_instructions"] + for key, value := range values { + if key == "name" || key == "description" || key == "developer_instructions" { + continue + } + def.ExtraFields[key] = value + } + return def +} + +func parseSimpleTOML(input string) (map[string]string, error) { + values := map[string]string{} + scanner := bufio.NewScanner(strings.NewReader(input)) + lineNumber := 0 + for scanner.Scan() { + lineNumber++ + line := strings.TrimSpace(scanner.Text()) + if line == "" || strings.HasPrefix(line, "#") { + continue + } + parts := strings.SplitN(line, "=", 2) + if len(parts) != 2 { + return values, fmt.Errorf("第 %d 行不是有效的键值字段", lineNumber) + } + key := strings.TrimSpace(parts[0]) + raw := strings.TrimSpace(parts[1]) + if key == "" { + return values, fmt.Errorf("第 %d 行缺少字段名", lineNumber) + } + + value, err := parseTOMLString(raw, scanner) + if err != nil { + return values, err + } + values[key] = value + } + if err := scanner.Err(); err != nil { + return values, err + } + return values, nil +} + +func parseTOMLString(raw string, scanner *bufio.Scanner) (string, error) { + if strings.HasPrefix(raw, `"""`) { + block := strings.TrimPrefix(raw, `"""`) + for !strings.Contains(block, `"""`) && scanner.Scan() { + block += "\n" + scanner.Text() + } + if !strings.Contains(block, `"""`) { + return "", errors.New("未闭合的多行字符串") + } + value, trailing, _ := strings.Cut(block, `"""`) + if strings.TrimSpace(trailing) != "" { + return "", errors.New("多行字符串后存在不支持的内容") + } + return value, nil + } + if !strings.HasPrefix(raw, `"`) { + return "", errors.New("仅支持字符串字段") + } + value, err := strconv.Unquote(raw) + if err != nil { + return "", err + } + return value, nil +} diff --git a/internal/agents/store_test.go b/internal/agents/store_test.go new file mode 100644 index 0000000..dfc19a0 --- /dev/null +++ b/internal/agents/store_test.go @@ -0,0 +1,102 @@ +package agents + +import ( + "os" + "path/filepath" + "strings" + "testing" +) + +func TestListAgentsReadsTomlFiles(t *testing.T) { + root := t.TempDir() + agentsDir := filepath.Join(root, "agents") + if err := os.MkdirAll(agentsDir, 0o755); err != nil { + t.Fatal(err) + } + content := `name = "产品经理" +description = "负责产品定义" +developer_instructions = """ +用中文定义产品需求。 +""" +role = "planning" +` + if err := os.WriteFile(filepath.Join(agentsDir, "product-manager.toml"), []byte(content), 0o644); err != nil { + t.Fatal(err) + } + + store := Store{CodexHome: root} + got, err := store.List() + if err != nil { + t.Fatalf("List returned error: %v", err) + } + if len(got) != 1 { + t.Fatalf("agent count = %d, want 1", len(got)) + } + if got[0].ID != "product-manager" || got[0].FileName != "product-manager.toml" { + t.Fatalf("unexpected agent identity: %#v", got[0]) + } + if got[0].Name != "产品经理" || got[0].Description != "负责产品定义" { + t.Fatalf("unexpected agent fields: %#v", got[0]) + } + if strings.TrimSpace(got[0].DeveloperInstructions) != "用中文定义产品需求。" { + t.Fatalf("unexpected developer instructions: %q", got[0].DeveloperInstructions) + } + if got[0].ExtraFields["role"] != "planning" { + t.Fatalf("unexpected extra fields: %#v", got[0].ExtraFields) + } + if got[0].ParseStatus != "valid" || got[0].DraftStatus != "clean" { + t.Fatalf("unexpected statuses: %#v", got[0]) + } +} + +func TestListAgentsReportsParseError(t *testing.T) { + root := t.TempDir() + agentsDir := filepath.Join(root, "agents") + if err := os.MkdirAll(agentsDir, 0o755); err != nil { + t.Fatal(err) + } + if err := os.WriteFile(filepath.Join(agentsDir, "bad.toml"), []byte(`name = "`), 0o644); err != nil { + t.Fatal(err) + } + + store := Store{CodexHome: root} + got, err := store.List() + if err != nil { + t.Fatalf("List should return parse status, not fatal error: %v", err) + } + if len(got) != 1 { + t.Fatalf("agent count = %d, want 1", len(got)) + } + if got[0].ParseStatus != "invalid" || got[0].ParseError == "" { + t.Fatalf("expected invalid parse status, got %#v", got[0]) + } +} + +func TestListAgentsRejectsSensitiveSymlinkTargets(t *testing.T) { + root := t.TempDir() + agentsDir := filepath.Join(root, "agents") + if err := os.MkdirAll(agentsDir, 0o755); err != nil { + t.Fatal(err) + } + if err := os.WriteFile(filepath.Join(root, "auth.json"), []byte(`name = "secret"`), 0o600); err != nil { + t.Fatal(err) + } + if err := os.Symlink("../auth.json", filepath.Join(agentsDir, "leak.toml")); err != nil { + t.Fatal(err) + } + + store := Store{CodexHome: root} + got, err := store.List() + if err != nil { + t.Fatalf("List should report unsafe files per item, not fatal error: %v", err) + } + if len(got) != 1 { + t.Fatalf("agent count = %d, want 1", len(got)) + } + if got[0].ParseStatus != "invalid" { + t.Fatalf("expected unsafe symlink to be invalid, got %#v", got[0]) + } + if strings.Contains(got[0].Name, "secret") || strings.Contains(got[0].ParseError, "secret") { + t.Fatalf("sensitive file content leaked: %#v", got[0]) + } +} diff --git a/internal/server/server.go b/internal/server/server.go new file mode 100644 index 0000000..7405f5c --- /dev/null +++ b/internal/server/server.go @@ -0,0 +1,37 @@ +package server + +import ( + "encoding/json" + "net/http" + + "codex-agent-manager/internal/agents" + "codex-agent-manager/internal/app" +) + +func New(cfg app.Config) http.Handler { + mux := http.NewServeMux() + agentStore := agents.Store{CodexHome: cfg.CodexHome} + + mux.HandleFunc("/api/health", func(w http.ResponseWriter, r *http.Request) { + writeJSON(w, http.StatusOK, map[string]string{"status": "ok"}) + }) + mux.HandleFunc("/api/agents", func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodGet { + writeJSON(w, http.StatusMethodNotAllowed, map[string]string{"error": "方法不允许"}) + return + } + items, err := agentStore.List() + if err != nil { + writeJSON(w, http.StatusInternalServerError, map[string]string{"error": err.Error()}) + return + } + writeJSON(w, http.StatusOK, map[string]any{"items": items}) + }) + return mux +} + +func writeJSON(w http.ResponseWriter, status int, body any) { + w.Header().Set("Content-Type", "application/json") + w.WriteHeader(status) + _ = json.NewEncoder(w).Encode(body) +} diff --git a/internal/server/server_test.go b/internal/server/server_test.go new file mode 100644 index 0000000..6933637 --- /dev/null +++ b/internal/server/server_test.go @@ -0,0 +1,58 @@ +package server + +import ( + "encoding/json" + "net/http" + "net/http/httptest" + "os" + "path/filepath" + "testing" + + "codex-agent-manager/internal/app" +) + +func TestAgentsEndpointReturnsAgentItems(t *testing.T) { + root := t.TempDir() + agentsDir := filepath.Join(root, "agents") + if err := os.MkdirAll(agentsDir, 0o755); err != nil { + t.Fatal(err) + } + content := `name = "代码员" +description = "负责实现" +` + if err := os.WriteFile(filepath.Join(agentsDir, "coder.toml"), []byte(content), 0o644); err != nil { + t.Fatal(err) + } + + req := httptest.NewRequest(http.MethodGet, "/api/agents", nil) + rec := httptest.NewRecorder() + New(app.Config{CodexHome: root, HTTPAddr: "127.0.0.1:0"}).ServeHTTP(rec, req) + + if rec.Code != http.StatusOK { + t.Fatalf("status = %d, body = %s", rec.Code, rec.Body.String()) + } + var body struct { + Items []struct { + ID string `json:"id"` + Name string `json:"name"` + Description string `json:"description"` + ParseStatus string `json:"parseStatus"` + } `json:"items"` + } + if err := json.Unmarshal(rec.Body.Bytes(), &body); err != nil { + t.Fatalf("invalid json: %v", err) + } + if len(body.Items) != 1 || body.Items[0].Name != "代码员" || body.Items[0].ParseStatus != "valid" { + t.Fatalf("unexpected response: %#v", body) + } +} + +func TestAgentsEndpointRejectsUnsupportedMethod(t *testing.T) { + req := httptest.NewRequest(http.MethodPost, "/api/agents", nil) + rec := httptest.NewRecorder() + New(app.Config{CodexHome: t.TempDir(), HTTPAddr: "127.0.0.1:0"}).ServeHTTP(rec, req) + + if rec.Code != http.StatusMethodNotAllowed { + t.Fatalf("status = %d, want %d", rec.Code, http.StatusMethodNotAllowed) + } +} diff --git a/progress.md b/progress.md index f6d4be3..86c0f67 100644 --- a/progress.md +++ b/progress.md @@ -10,6 +10,7 @@ | 2026-05-25 | 1 | review loop | 代码质量审查发现 symlink 绕过、敏感文件大小写、操作域 resolver、`CODEX_HOME` override 问题 | 已按 TDD 修复,并通过最终门禁 | | 2026-05-25 | 1 | review loop | 规格复审发现 `ResolveAgentTOML` 可经 `agents/demo.toml -> ../auth.json` symlink 绕过 forbidden 检查 | 已按 TDD 修复,并通过最终门禁 | | 2026-05-25 | planning | main agent | 修正 task_plan.md 阶段命名,与实施计划 Task 2-7 对齐 | 下一阶段明确为 Agent TOML 只读读取 | +| 2026-05-25 | 2 | coding agent | TDD 实现 Agent TOML 只读读取和 `/api/agents` | 完成;提交 `feat: read codex agent definitions` | ## Test Results @@ -34,6 +35,15 @@ | 2026-05-25 | `go test ./...` | PASS | 全量 Go 测试通过 | | 2026-05-25 | `git diff --check` | PASS | 无 whitespace error | | 2026-05-25 | `git status --short` | PASS | 仅本轮 Phase 1 symlink target 修复文件变更 | +| 2026-05-25 | `go test ./internal/agents` | FAIL | TDD 红灯:`Store` 未定义,`internal/agents/store_test.go` 先于实现创建 | +| 2026-05-25 | `go test ./internal/agents` | PASS | 读取有效 TOML、坏 TOML 单条 invalid、敏感 symlink 不泄漏内容 | +| 2026-05-25 | `go test ./internal/server` | FAIL | TDD 红灯:`New` 未定义,`/api/agents` handler 测试先于实现创建 | +| 2026-05-25 | `go test ./internal/server` | PASS | `/api/agents` 返回 items,非 GET 返回 405 | +| 2026-05-25 | `go test ./...` | PASS | 全量 Go 测试通过 | +| 2026-05-25 | `go test ./internal/agents` | PASS | Required verification | +| 2026-05-25 | `go test ./...` | PASS | Required verification | +| 2026-05-25 | `git diff --check` | PASS | Required verification | +| 2026-05-25 | `git status --short` | PASS | Required verification;Phase 2 文件待提交 | ## Bug Loop diff --git a/task_plan.md b/task_plan.md index 95958ef..f0cceb4 100644 --- a/task_plan.md +++ b/task_plan.md @@ -19,7 +19,7 @@ | --- | --- | --- | --- | | 0 | complete | 项目初始化与风险边界 | 计划文件存在;安全边界明确;不读取 auth.json;不改 .codex | | 1 | complete | Go 项目骨架和安全边界 | 后端健康检查可运行;Codex home 路径边界有测试;未读取真实 `.codex` 数据 | -| 2 | pending | Agent TOML 只读读取 | 能安全读取 `.codex/agents/*.toml`;坏 TOML 不导致崩溃;提供 `/api/agents` | +| 2 | complete | Agent TOML 只读读取 | 能安全读取 `.codex/agents/*.toml`;坏 TOML 不导致崩溃;提供 `/api/agents` | | 3 | pending | 项目配置、运行线程和工作流模型 | 能读取 projects、threads、spawn edges、goals;状态含来源/置信度;工作流不写死固定流程 | | 4 | pending | 中文 UI 只读工作台 | 项目/工作流/智能体视图可浏览;空数据可用 | | 5 | pending | API 集成和只读数据显示 | 前端连接只读 API;显示真实 agent 数据和错误状态 |