wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 3 Packages Projects Releases Wiki Activity
Files
a4d655ea7f050ce22ffc4e893e8fb6da4a5e609f
awoooi/scripts/setup-guardrails.sh
OG T 7478dc0254 feat(phase6-9): Complete modular architecture and Agent Teams 
Phase 6.4 - Modular Architecture:
- Add lewooogo-brain adapters for LLM providers
- Add lewooogo-data dual memory (Redis + PostgreSQL)
- Implement consensus engine for multi-agent decisions
- Add incident memory service for historical context

Phase 9 - Agent Teams (Claude Agent SDK):
- Add base agent class with Claude Sonnet 4 integration
- Implement action planner, blast radius, and security agents
- Add agent API endpoints and proposal workflow
- Integrate ADR-009 OpenClaw Agent Teams architecture

DevOps & CI/CD:
- Add GitHub Actions CI/CD workflows (ci.yaml, cd.yaml)
- Add pre-commit hooks and secrets baseline
- Add docker-compose for local development
- Update Kubernetes network policies

Frontend Improvements:
- Add auto-healing error boundary component
- Update i18n messages for agent features
- Enhance dual-state incident card with execution feedback

Documentation:
- Add 7 ADRs covering MCP, design system, architecture decisions
- Update ARCHITECTURE_MEMORY.md with modular design
- Add GLOBAL_RULES.md and SOUL.md for project identity

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-23 18:40:36 +08:00

139 lines
4.9 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# =============================================================================
# AWOOOI Guardrails Setup Script
# =============================================================================
# Phase 5: 全自動防禦網安裝腳本
#
# Usage: ./scripts/setup-guardrails.sh
#
# This script:
# 1. Installs pre-commit if not present
# 2. Installs Git hooks
# 3. Creates secrets baseline
# 4. Verifies Ollama connection
# =============================================================================
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
echo ""
echo "============================================================"
echo "🛡️ AWOOOI Guardrails Setup"
echo "============================================================"
echo ""
cd "$PROJECT_ROOT"
# -----------------------------------------------------------------------------
# Step 1: Check Python
# -----------------------------------------------------------------------------
echo "📦 Step 1: Checking Python environment..."
if ! command -v python3 &> /dev/null; then
echo "❌ Python 3 not found. Please install Python 3.11+"
exit 1
fi
PYTHON_VERSION=$(python3 --version | cut -d' ' -f2)
echo " Python version: $PYTHON_VERSION"
# -----------------------------------------------------------------------------
# Step 2: Install pre-commit
# -----------------------------------------------------------------------------
echo ""
echo "📦 Step 2: Installing pre-commit..."
if command -v pre-commit &> /dev/null; then
echo " pre-commit already installed: $(pre-commit --version)"
else
pip3 install pre-commit
echo " pre-commit installed: $(pre-commit --version)"
fi
# -----------------------------------------------------------------------------
# Step 3: Install httpx for AI reviewer
# -----------------------------------------------------------------------------
echo ""
echo "📦 Step 3: Installing httpx (for AI reviewer)..."
pip3 install httpx --quiet
echo " httpx installed"
# -----------------------------------------------------------------------------
# Step 4: Install Git hooks
# -----------------------------------------------------------------------------
echo ""
echo "🔗 Step 4: Installing Git hooks..."
pre-commit install
pre-commit install --hook-type commit-msg
echo " Git hooks installed"
# -----------------------------------------------------------------------------
# Step 5: Create secrets baseline
# -----------------------------------------------------------------------------
echo ""
echo "🔒 Step 5: Creating secrets baseline..."
if [ ! -f ".secrets.baseline" ]; then
pip3 install detect-secrets --quiet
detect-secrets scan > .secrets.baseline
echo " .secrets.baseline created"
else
echo " .secrets.baseline already exists"
fi
# -----------------------------------------------------------------------------
# Step 6: Verify Ollama connection
# -----------------------------------------------------------------------------
echo ""
echo "🤖 Step 6: Verifying Ollama connection..."
OLLAMA_URL="http://192.168.0.188:11434/api/tags"
if curl -s --connect-timeout 5 "$OLLAMA_URL" > /dev/null 2>&1; then
echo " ✅ Ollama reachable at 192.168.0.188:11434"
# Check if llama3.2:8b is available
MODELS=$(curl -s "$OLLAMA_URL" | grep -o '"name":"[^"]*"' || echo "")
if echo "$MODELS" | grep -q "llama3.2:8b"; then
echo " ✅ Model llama3.2:8b available"
else
echo " ⚠️ Model llama3.2:8b not found. AI review will fail-open."
fi
else
echo " ⚠️ Cannot reach Ollama. AI review will fail-open."
echo " (This is OK - AI review is optional)"
fi
# -----------------------------------------------------------------------------
# Step 7: Summary
# -----------------------------------------------------------------------------
echo ""
echo "============================================================"
echo "✅ Guardrails Setup Complete!"
echo "============================================================"
echo ""
echo "Installed components:"
echo " 📌 Ruff (Python linting) - Configured in pyproject.toml"
echo " 📌 ESLint (TypeScript) - Configured in packages/eslint-config"
echo " 📌 pre-commit hooks - .pre-commit-config.yaml"
echo " 📌 AI Code Reviewer - scripts/ai_code_reviewer.py"
echo " 📌 Secrets detection - .secrets.baseline"
echo ""
echo "How it works:"
echo " 1. On 'git commit', pre-commit runs automatically"
echo " 2. Ruff checks Python code style"
echo " 3. ESLint checks TypeScript code style"
echo " 4. detect-secrets scans for leaked credentials"
echo " 5. AI reviewer (Ollama) checks for architecture violations"
echo ""
echo "Commands:"
echo " pre-commit run --all-files # Run all checks manually"
echo " pre-commit autoupdate # Update hook versions"
echo " pre-commit uninstall # Remove hooks"
echo ""
Reference in New Issue View Git Blame Copy Permalink