Add policy engine example scripts for agent permissions testing [CC-18, CC-19, CC-20, CC-21]#691
Open
vhrahulkumar wants to merge 12 commits into
Open
Add policy engine example scripts for agent permissions testing [CC-18, CC-19, CC-20, CC-21]#691vhrahulkumar wants to merge 12 commits into
vhrahulkumar wants to merge 12 commits into
Conversation
… interface (digitalocean#682) * Create hosted-agent sessions from an agents.yaml manifest The harness-api backend provisions a session entirely from the agent spec, so replace the legacy JSON create(agent_kind=...) with create_from_manifest(), which uploads the manifest verbatim as Content-Type: application/x-yaml. The spec defines the runtime adapter, sandbox, env vars, and egress; there are no other arguments. - Add create_from_manifest() to the sync and async session clients, sharing manifest-normalization and YAML media-type helpers. - Remove the now-unsupported create(agent_kind=...) path. - Point the create_session.py example at a spec file and add session_e2e.py demonstrating the full create -> attach (send a prompt, stream SSE back) -> destroy flow. - Cover manifest upload in the sync and new async unit tests; drop the legacy create test. * regenerate fix * fix --------- Co-authored-by: SSharma-10 <shivanisharma@digitalocean.com>
Four standalone scripts exercising the permissions block:
- policy_auto_allow.py — touch * → allow runs without HITL
- policy_auto_deny.py — ls * → deny blocks without HITL prompt
- policy_hitl_ask.py — defaultAction: ask gates unmatched commands;
tests both approve and reject resolution paths
- policy_write_interception.py — Write/Edit (non-Bash) tool intercepted
under defaultAction: ask
All scripts load the base AGENT_SPEC, inject a permissions block, and
assert pass/fail without external YAML files.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds four standalone Python scripts to
examples/agents/that exercise thepermissions:block of the agent spec (policy engine). These were written and validated against production microVM as part of the pydo PR #680 UAT.Reference Doc
policy_auto_allow.pytouch * → allowexecutes without any HITL promptpolicy_auto_deny.pyls * → denyblocks the command automatically, no promptpolicy_hitl_ask.pydefaultAction: askgates an unmatched command; tests both approve and reject resolution pathspolicy_write_interception.pydefaultAction: askHow the scripts work
AGENT_SPECYAML, injects apermissions:block, and creates a short-lived session (auto-destroyed on exit).PASS/FAILwith a reason and exit non-zero on failure, so they can be wired into a test runner.