## Phase 1-3: Control Plane + Contract System - awooop_phase1_control_plane_2026-05-04.sql: 12 張核心表 + RLS - awooop_phase1_batch1_rls_2026-05-04.sql: 全部 FORCE RLS + GRANT - packages/awooop-contracts/: 六合約 JSON Schema + golden fixtures - src/models/awooop_contracts.py: Pydantic v2 contract models(extra=forbid) - src/repositories/contract_repository.py: contract lifecycle(draft→published→active) - src/services/contract_service.py: HMAC publish sig + Redis multi-sig activate - src/services/schema_validator.py: LLM output validator(retry×3, E-SCHEMA-001) ## Phase 2: Tenant Isolation - awooop_phase2_budget_ledger_2026-05-04.sql: budget_ledger + RLS - src/services/budget_service.py: Token Budget Hard Kill 三層防線 - src/core/context.py: PROJECT_ID ContextVar(31 background loop 自動繼承) - src/db/base.py + models.py: project_id 欄位 + RLS set_config 注入 - src/hermes/nl_gateway.py: project_id Redis key 前綴(Phase A 雙寫) - src/services/anomaly_counter.py: per-project 改造(Phase A fallback) ## Phase 4: Platform Shell in Shadow Mode - awooop_phase4_run_state_2026-05-04.sql: run_state + step_journal + idempotency - src/services/run_state_machine.py: 8-state FSM + SKIP LOCKED + stale reaper - src/services/platform_runtime.py: UUID v7 + W3C trace_id + shadow_execute - src/services/audit_sink.py: PII/secret redaction 9 patterns - src/api/v1/platform/runs.py: POST/GET /v1/platform/runs(Router→Service 架構) - src/workers/platform_worker.py: SKIP LOCKED worker + heartbeat + reaper loop - src/main.py: platform router + lifespan worker start/stop ## Phase 5: MCP Gateway 五閘門 - awooop_phase5_mcp_gateway_2026-05-04.sql: 4 表 + RLS - src/plugins/mcp/gateway.py: McpGateway(Gate 1~5, E-MCP-GATE-001~009) - src/plugins/mcp/redaction_middleware.py: 雙層 redaction + 16K 截斷 - src/plugins/mcp/registry.py: __provider name mangling(ADR-116) - src/plugins/mcp/credential_resolver.py: k8s secret ref 解析 - tests/test_mcp_credential_isolation.py: 10 個迴歸測試(secret leak 防再現) ## Phase 6-8: EwoooC + Channel Hub + Approval Token - awooop_phase6_ewoooc_onboarding_2026-05-04.sql: ewoooc tenant + 4 read-only MCP tools - awooop_phase7_channel_hub_2026-05-04.sql: conversation_event + outbound_message - src/services/provider_proxy.py: ProviderProxy + PlatformEnvelope(ADR-115) - src/services/channel_hub.py: Telegram inbound mirror + Progressive Feedback(30s) - src/services/awooop_approval_token.py: HS256 + jti NX replay 防護 + suggest mode Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
106 lines
3.0 KiB
JSON
106 lines
3.0 KiB
JSON
{
|
||
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
||
"$id": "https://awooop.platform/contracts/v1/agent",
|
||
"title": "Agent Contract",
|
||
"description": "AwoooP Agent 合約 — 定義一個 agent 的模型、工具、預算與治理規則",
|
||
"type": "object",
|
||
"required": ["agent_id", "agent_name", "model", "provider"],
|
||
"additionalProperties": false,
|
||
"properties": {
|
||
"agent_id": {
|
||
"type": "string",
|
||
"pattern": "^[a-z0-9][a-z0-9_-]{1,127}$",
|
||
"description": "Agent 識別符(project 內唯一)"
|
||
},
|
||
"agent_name": {
|
||
"type": "string",
|
||
"minLength": 1,
|
||
"maxLength": 256,
|
||
"description": "人類可讀 agent 名稱"
|
||
},
|
||
"model": {
|
||
"type": "string",
|
||
"minLength": 1,
|
||
"maxLength": 128,
|
||
"description": "LLM 模型識別符(如 claude-sonnet-4-6, qwen3:8b)"
|
||
},
|
||
"provider": {
|
||
"type": "string",
|
||
"enum": ["anthropic", "openai", "ollama", "gemini", "nvidia", "openrouter"],
|
||
"description": "LLM Provider"
|
||
},
|
||
"max_tokens": {
|
||
"type": "integer",
|
||
"minimum": 1,
|
||
"maximum": 200000,
|
||
"description": "單次 completion 最大 token 數"
|
||
},
|
||
"temperature": {
|
||
"type": "number",
|
||
"minimum": 0.0,
|
||
"maximum": 2.0,
|
||
"description": "Sampling temperature"
|
||
},
|
||
"system_prompt_ref": {
|
||
"type": "object",
|
||
"required": ["artifact_id", "sha256"],
|
||
"additionalProperties": false,
|
||
"properties": {
|
||
"artifact_id": {"type": "string"},
|
||
"sha256": {
|
||
"type": "string",
|
||
"pattern": "^[0-9a-f]{64}$",
|
||
"description": "System prompt 檔案的 SHA-256 hex digest(ADR-112 artifact integrity)"
|
||
}
|
||
},
|
||
"description": "System prompt artifact reference(必含 sha256)"
|
||
},
|
||
"tools": {
|
||
"type": "array",
|
||
"items": {
|
||
"type": "object",
|
||
"required": ["tool_name"],
|
||
"additionalProperties": true,
|
||
"properties": {
|
||
"tool_name": {"type": "string"},
|
||
"mcp_gateway_id": {"type": "string"},
|
||
"sha256": {
|
||
"type": "string",
|
||
"pattern": "^[0-9a-f]{64}$"
|
||
}
|
||
}
|
||
},
|
||
"description": "Agent 可用工具清單"
|
||
},
|
||
"budget_limit_usd_per_run": {
|
||
"type": ["number", "null"],
|
||
"minimum": 0,
|
||
"description": "單次 run 費用上限(USD);null = 繼承 tenant 預算"
|
||
},
|
||
"require_approval": {
|
||
"type": "boolean",
|
||
"default": false,
|
||
"description": "執行前是否需要人工審核"
|
||
},
|
||
"approval_timeout_seconds": {
|
||
"type": "integer",
|
||
"minimum": 60,
|
||
"maximum": 86400,
|
||
"description": "審核超時秒數(require_approval=true 時有效)"
|
||
},
|
||
"max_parallel_runs": {
|
||
"type": "integer",
|
||
"minimum": 1,
|
||
"maximum": 100,
|
||
"default": 1,
|
||
"description": "最大並行 run 數"
|
||
},
|
||
"tags": {
|
||
"type": "array",
|
||
"items": {"type": "string"},
|
||
"uniqueItems": true,
|
||
"description": "Agent 分類標籤"
|
||
}
|
||
}
|
||
}
|