dark/agent_deply
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: dark:main
Branches Tags
dark:main
dark:feature/agentic-upgrade
...
pull from: dark:feature/agentic-upgrade
Branches Tags
dark:main
dark:feature/agentic-upgrade

1 Commits
main ... feature/ag

Author SHA1 Message Date
dark
4c9be85684 冲突代码~ 2026-06-04 10:04:23 +08:00
16 changed files with 582 additions and 17 deletions
Show Stats Expand all files Collapse all files

11
README.md
View File

@ -23,6 +23,7 @@ pam_deploy_graph/
fake_runner.py # 测试用 runner不访问真实环境
output_parser.py # 解析 key=value、MCP JSON、待确认回滚标记
skill_policy.py # 从 PAM_AUTO_DEPLY_SKILL.md 加载 Skill 策略
tool_catalog.py # 统一 action tool schema、tool 摘要和计划动作归一化
config_writer.py # 生成脚本 action 所需 config 文件
checkpoint_store.py # 业务 checkpoint JSON 读写
params_loader.py # 读取 JSON 或 config.txt 风格参数文件
@ -68,6 +69,7 @@ packaging/
- 实现人工确认入口:`confirm --decision approve|reject` 只处理待确认回滚。
- 实现 checkpoint 自动保存和 `resume` 续跑:全局步骤、成功 IP、单 IP 已完成 action 会跳过。
- 实现 LLM structured output 骨架:意图识别、参数抽取、部署计划生成。
- 增加 LLM 双模式决策:`fixed_runtime``agentic_skill`,并把模式决策结构化输出纳入 analyze/chat 主链路。
- 实现 OpenAI-compatible 真实 LLM client支持 `base_url` / `model` 配置,`api_key` 可为空。
- 固化真实 LLM 提示词:意图识别、参数抽取、部署计划生成均要求 JSON structured output。
- 增加规则 fallback `RuleBasedLlmClient`,用于本地开发和测试。
@ -82,6 +84,11 @@ packaging/
- chat 在开发环境可选启用 `rich` / `prompt_toolkit`PyInstaller 打包环境默认使用普通文本输入,避免交互兼容问题。
- chat 执行前会归一化参数并展示实际写入脚本配置的值;`script_only` / `hybrid_node_mcp` 会提前检查 `ZIP_FILE_PATH` 是否存在。
- chat 执行中会播报每个 action 的开始、完成或失败action 执行失败会停在当前 checkpoint不再误报 LangGraph 不可用。
- `SkillPolicy` 不再只是加载元数据;已接入 LLM prompt、planned actions 归一化和 runtime 动作裁剪。
- 新增统一 action tool schema脚本 action 与 MCP action 通过同一套受控 tool 描述暴露给 LLM。
- `AgentState` 已引入 `execution_mode``planned_actions``mode_reason` 等字段,支持“按计划动作子集执行”。
- 增加 action 后 LLM/规则诊断,可通过 `--analyze-actions``llm action-analysis on` 显式开启。
- 添加基础测试,当前本地结果为 `54 passed, 2 skipped`
- 每个 action 完成后都会进入一次 LLM/规则审核;如果审核建议停止,流程会暂停并给出建议,等待用户 `resume`
- `--analyze-actions``llm action-analysis on` 改为只控制是否把详细审核结果写入 `events`,不再控制审核是否执行。
- chat 会播报 action 审核开始、审核完成和审核失败,避免黑盒执行。
@ -269,6 +276,9 @@ python -m pam_deploy_graph.cli chat --config doc_scripts/config.txt.example --st
```text
PAM> 请用 MCP 预演部署 HET PAM Node 版本 2.0.5,不要动环境
PAM> analyze 请按 skill 自主编排并自动选择工具,帮我排查 HET PAM Node 部署异常
- mode: agentic_skill
- mode_reason: 用户明确要求按 skill 自主编排,或任务更偏探索/诊断。
PAM> preview
PAM> set VERSION_NUMBER=2.0.6
PAM> load params runtime/override.txt
@ -290,6 +300,7 @@ PAM> resume
PAM> exit
```
`chat` 默认仍要求在会话内显式输入 `run`,并确认参数、目标 IP 范围和最终执行后才会执行 action。输入 `你好``hello` 这类问候不会触发 LLM/结构化分析;需要分析部署需求时可直接描述部署任务,或显式使用 `analyze <需求>`。分析阶段现在会额外输出 `mode``mode_reason``planned_actions`,用于区分 `fixed_runtime``agentic_skill`。如果某个 IP 失败,会通过 LangGraph interrupt 暂停并提示输入 `approve``reject [原因]`,确认后恢复同一个图线程继续执行。`chat` 也支持 `--llm-base-url` / `--llm-api-key` / `--llm-model``--mcp-config``--analyze-actions`
`chat` 默认仍要求在会话内显式输入 `run`,并确认参数、目标 IP 范围和最终执行后才会执行 action。输入 `你好``hello` 这类问候不会触发 LLM/结构化分析;需要分析部署需求时可直接描述部署任务,或显式使用 `analyze <需求>`。每个 action 完成后都会自动进入一次 LLM/规则审核,并播报审核开始/结束;如果审核建议停止或审核本身失败,流程会暂停并输出建议,等待用户决定是否 `resume``--analyze-actions` 仅控制详细审核结果是否写入 `events`。执行中可按 `Ctrl+C` 中断chat 会保存当前 checkpoint 并把流程标记为 `user_interrupted``set KEY=VALUE``load params <路径>` 会把更新同步到当前运行 state、`config.txt` 和 checkpoint。`chat` 也支持 `--llm-base-url` / `--llm-api-key` / `--llm-model` / `--llm-action-analysis-prompt-file``--mcp-config``--analyze-actions`
预演:

61
docs/todo.md
View File

@ -22,3 +22,64 @@
- [x] 对 LLM 输入做脱敏,禁止把 `CLIENT_SECRET`、token、Authorization、完整日志原文发送给模型。
- [x] 每个 action 都会执行审核;`--analyze-actions``llm action-analysis on` 只控制是否把详细审核结果写入 `events`
- [x] 支持通过 `--llm-action-analysis-prompt-file`、环境变量或 chat 命令热加载自定义 action 审核提示词。
- [x] 通过 `--analyze-actions``llm action-analysis on` 显式开启,真实部署默认不启用。
## 双模式 Agent 改造
- [x] 明确双模式入口:`fixed_runtime``agentic_skill`,由 LLM 基于用户意图、风险和任务类型先做模式决策。
- [x] 为 LLM 增加模式决策 structured output schema至少输出`mode``reason``risk_level``requires_confirmation`
- [x] 保留固定 runtime 为默认主链路:标准部署、高风险动作、回滚和批量升级优先走确定性流程。
- [x] 仅在诊断类、探索类、半结构化任务,或用户明确要求“按 skill 自主编排”时进入 `agentic_skill` 模式。
## Skill 驱动执行
- [x] 将 `PAM_AUTO_DEPLY_SKILL.md` 从“只加载元数据”升级为真正驱动执行的规则源。
- [x] 让 `SkillPolicy` 进入 LLM prompt明确 allowed actions、required params、required confirmations、forbidden actions。
- [x] 让 `SkillPolicy` 进入 runtime/graph 路由,用于裁剪不可执行 action而不是只挂在 `PamDeployAgent.skill_policy` 上。
- [ ] 支持把 skill 中的执行顺序、确认点、回滚约束映射到 LangGraph 节点和边。
- [ ] 评估是否需要把 markdown skill 拆成“机器可读配置 + 人类可读说明”双文件结构,降低解析歧义。
## Tool Schema 收口
- [x] 不给 LLM 原始 shell 或 powershell 执行权限,只允许调用受控 typed tools。
- [x] 把现有脚本 action 统一抽象为标准 tool schema例如 `create_version``upload_package``publish_version``get_online_ips``upgrade_ip``verify_ip``rollback_ip`
- [x] 把 MCP action 统一抽象为同一套 tool schema避免“大模型看见的是脚本”和“大模型看见的是 MCP tool”两套接口。
- [ ] 为每个 tool 明确入参、出参、是否幂等、是否高风险、是否需要人工确认。
- [ ] 在 tool 层增加白名单、步数限制、超时限制和调用次数限制,避免 agentic 模式失控。
## MCP 与 LLM 协同
- [ ] 明确 MCP 在 agentic 模式中的角色:作为 LLM 可调用 tool而不是仅作为固定 runtime 的后端。
- [ ] 为 MCP tool 增加面向 LLM 的描述信息,至少包含用途、必填参数、成功返回字段、失败语义。
- [ ] 支持在 agentic 模式下先 `list_tools` 再做工具匹配,但最终仍映射回受控 action/tool schema。
- [ ] 评估是否需要增加 MCP tool 结果摘要层,避免把原始复杂返回直接喂回 LLM。
## LangGraph Workflow 收敛
- [ ] 合并当前 `graph.py``langgraph_runtime.py` 的职责,避免维护两套相近的部署图工厂。
- [ ] 在 LangGraph 中补齐完整工作流:`analyze -> clarify -> decide_mode -> confirm -> execute -> diagnose -> resume`
- [ ] 将人工确认点从“只覆盖 rollback”扩展到模式切换、高风险 tool 调用、关键参数缺失修正等场景。
- [ ] 为 `agentic_skill` 模式增加 LangGraph tool loop 节点,而不是仅复用当前固定 action 图。
- [ ] 明确单进程 LangGraph checkpointer 和跨进程业务 checkpoint 的职责边界,避免双状态源混乱。
## Chat 交互升级
- [x] 在 chat 中增加“当前模式”展示,让用户知道当前是固定 runtime 还是 agentic skill。
- [ ] 在 chat 中增加模式切换确认,例如从固定 runtime 切到 agentic 模式前提示风险和限制。
- [ ] 在 chat 中展示大模型最近一次 tool 决策摘要,包括原因、目标 action/tool 和关键参数。
- [ ] 为 agentic 模式增加中途打断、继续、回退到固定 runtime 的命令能力。
## 安全与可观测性
- [ ] 为 agentic 模式增加完整审计日志用户输入、LLM 决策、tool 调用、tool 返回、确认记录。
- [ ] 在高风险 tool 调用前增加统一确认策略,不允许 LLM 自行越过人工确认直接执行。
- [ ] 对发送给 LLM 的 tool 返回做脱敏和截断,避免把脚本原始日志、敏感配置和 token 直接暴露给模型。
- [ ] 增加失败保护:当 LLM structured output 非法、模式决策异常或 tool loop 超限时自动降级回固定 runtime。
## 测试与验收
- [x] 增加双模式决策测试,覆盖固定 runtime 与 agentic skill 的分流条件。
- [x] 增加 skill 约束测试,确认 forbidden action、required confirmation、required params 会真正生效。
- [ ] 增加 agentic tool loop 测试,验证 LLM 只能调用白名单工具,不能执行任意命令。
- [ ] 增加 MCP + LLM 协同测试,验证 MCP tools 可以被统一 schema 包装并参与自主编排。
- [ ] 补充文档,明确当前项目是“固定 runtime 为主agentic skill 为辅”的演进路线,而不是直接替代现有部署流。

118
pam_deploy_graph/agent.py
View File

@ -17,11 +17,23 @@ from .checkpoint_store import save_checkpoint
from .config_writer import write_config
from .constants import DEFAULT_PARAMS, GLOBAL_ACTION_SEQUENCE, IP_ACTION_SEQUENCE, REQUIRED_PARAMS
from .fake_runner import FakeActionRunner
from .llm import LlmClient, RuleBasedLlmClient, validate_deploy_plan, validate_intent_result
from .llm import LlmClient, RuleBasedLlmClient, validate_deploy_plan, validate_intent_result, validate_mode_decision
from .mcp_runner import McpActionRunner
from .models import (
ActionResult,
AgentExecutionMode,
AgentState,
ExecutionStrategy,
LlmDeployPlan,
LlmIntentResult,
LlmModeDecision,
LlmParamResult,
SkillPolicy,
)
from .models import ActionResult, AgentState, ExecutionStrategy, LlmActionAnalysis, LlmDeployPlan, LlmIntentResult, LlmParamResult
from .script_runner import ScriptActionRunner, select_script_entry
from .skill_policy import load_skill_policy
from .tool_catalog import normalize_planned_actions, tool_summaries
REQUIRED_ACTION_VALUES = {
"upload-package": ("HASH_CODE",),
@ -76,23 +88,67 @@ class PamDeployAgent:
strategy: ExecutionStrategy,
) -> LlmDeployPlan:
"""根据参数、意图和执行策略生成部署计划。"""
plan = self.llm_client.generate_plan(params=params, intent=intent, strategy=strategy)
plan = self.llm_client.generate_plan(
params=params,
intent=intent,
strategy=strategy,
skill_policy=self._skill_policy_payload(self.skill_policy),
tool_summaries=self.tool_summaries(strategy),
)
validate_deploy_plan(plan)
return plan
def decide_execution_mode(
self,
*,
text: str,
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
) -> LlmModeDecision:
"""根据用户请求、skill 约束和工具能力决定执行模式。"""
allowed_modes = list(self.skill_policy.allowed_execution_modes)
decision = self.llm_client.decide_execution_mode(
text=text,
params=params,
intent=intent,
strategy=strategy,
allowed_modes=allowed_modes,
tool_summaries=self.tool_summaries(strategy),
)
validate_mode_decision(decision, allowed_modes)
return decision
def tool_summaries(self, strategy: ExecutionStrategy) -> list[dict[str, str]]:
"""返回当前 skill 和策略下允许暴露给 LLM 的 tool 摘要。"""
return tool_summaries(self.skill_policy, strategy)
def analyze_request(self, text: str, base_params: dict[str, Any] | None = None) -> dict[str, Any]:
"""完成意图识别、参数抽取和计划生成,供 analyze/chat 使用。"""
intent = self.understand_request(text)
params = self.extract_params(text, base_params)
strategy = self._choose_strategy(intent.strategy_preference)
plan = self.generate_plan(
params={**DEFAULT_PARAMS, **params.extracted_params},
merged_params = {**DEFAULT_PARAMS, **params.extracted_params}
mode_decision = self.decide_execution_mode(
text=text,
params=merged_params,
intent=intent.intent,
strategy=strategy,
)
plan = self.generate_plan(
params=merged_params,
intent=intent.intent,
strategy=strategy,
)
plan.planned_actions = normalize_planned_actions(
plan.planned_actions,
policy=self.skill_policy,
mode=mode_decision.mode,
)
return {
"intent": intent,
"params": params,
"mode_decision": mode_decision,
"plan": plan,
}
@ -116,12 +172,17 @@ class PamDeployAgent:
*,
params: dict[str, Any],
execution_strategy: ExecutionStrategy = "hybrid_node_mcp",
execution_mode: AgentExecutionMode = "fixed_runtime",
run_id: str | None = None,
script_entry: str | None = None,
config_path: str | None = None,
trace_file_path: str | None = None,
checkpoint_path: str | None = None,
target_ips: list[str] | None = None,
planned_actions: list[str] | None = None,
mode_reason: str = "",
mode_risk_level: str = "medium",
mode_requires_confirmation: bool = True,
) -> AgentState:
"""创建一次运行所需的 AgentState并写入脚本配置文件。"""
normalized = self.normalize_params(params)
@ -131,6 +192,11 @@ class PamDeployAgent:
actual_config_path = _absolute_path(config_path or runtime_dir / f"config_{actual_run_id}.txt")
actual_trace_path = _absolute_path(trace_file_path or Path("logs") / f"api_trace_{actual_run_id}.log")
write_config(normalized, actual_config_path)
normalized_actions = normalize_planned_actions(
planned_actions or [],
policy=self.skill_policy,
mode=execution_mode,
)
return AgentState(
run_id=actual_run_id,
params=normalized,
@ -142,6 +208,11 @@ class PamDeployAgent:
trace_file_path=str(actual_trace_path),
checkpoint_path=checkpoint_path or "",
target_ips=target_ips or [],
execution_mode=execution_mode,
planned_actions=normalized_actions,
mode_reason=mode_reason,
mode_risk_level=mode_risk_level, # type: ignore[arg-type]
mode_requires_confirmation=mode_requires_confirmation,
)
def pause_state(
@ -192,6 +263,7 @@ class PamDeployAgent:
lines = [
"## PAM 部署预览",
"",
f"- 执行模式: fixed_runtime",
f"- 执行策略: {strategy}",
f"- PAM_HOME: {home_backend}",
f"- PAM_NODE: {node_backend}",
@ -220,6 +292,7 @@ class PamDeployAgent:
def next_global_action(self, state: AgentState) -> str | None:
"""返回下一个未完成的全局 action。"""
for action in self._planned_global_actions(state):
if state.paused:
return None
for action in GLOBAL_ACTION_SEQUENCE:
@ -353,6 +426,9 @@ class PamDeployAgent:
if state.pending_confirmation or state.paused:
self._save_checkpoint(state)
return None
planned_ip_actions = self._planned_ip_actions(state)
if not planned_ip_actions:
return None
self._resolve_target_ips(state)
for ip in state.target_ips:
ip_state = state.ip_states.get(ip)
@ -378,7 +454,7 @@ class PamDeployAgent:
state.ip_states[ip] = ip_state
completed_steps = ip_state.setdefault("completed_steps", [])
for action in IP_ACTION_SEQUENCE:
for action in planned_ip_actions:
if action not in completed_steps:
return ip, action
@ -801,7 +877,9 @@ class PamDeployAgent:
"""生成给 LLM action 分析使用的脱敏状态摘要。"""
return {
"run_id": state.run_id,
"execution_mode": state.execution_mode,
"execution_strategy": state.execution_strategy,
"planned_actions": state.planned_actions,
"completed_global_steps": state.completed_global_steps,
"online_ip_count": len(state.online_ips),
"target_ips": state.target_ips,
@ -851,7 +929,9 @@ class PamDeployAgent:
lines = [
"## PAM 智能部署报告",
"",
f"- 执行模式: {state.execution_mode}",
f"- 执行策略: {state.execution_strategy}",
f"- 模式原因: {state.mode_reason or '-'}",
f"- 机场: {state.params['AIRPORT_CODE']}",
f"- 应用: {state.params['APP_NAME']}",
f"- 模块: {state.params['MODULE_NAME']}",
@ -861,6 +941,7 @@ class PamDeployAgent:
f"- 成功: {success}",
f"- 失败: {failed}",
f"- 待确认: {state.pending_confirmation or '-'}",
f"- 计划动作: {', '.join(state.planned_actions) if state.planned_actions else '-'}",
f"- 暂停状态: {'' if state.paused else ''}",
f"- 暂停原因: {state.pause_reason or '-'}",
"",
@ -879,6 +960,33 @@ class PamDeployAgent:
)
return "\n".join(lines)
def _planned_global_actions(self, state: AgentState) -> list[str]:
"""返回当前 state 下应执行的全局 action 列表。"""
if state.planned_actions:
return [action for action in state.planned_actions if action in GLOBAL_ACTION_SEQUENCE]
return list(GLOBAL_ACTION_SEQUENCE)
def _planned_ip_actions(self, state: AgentState) -> list[str]:
"""返回当前 state 下应执行的逐 IP action 列表。"""
if state.planned_actions:
return [action for action in state.planned_actions if action in IP_ACTION_SEQUENCE]
return list(IP_ACTION_SEQUENCE)
def _skill_policy_payload(self, policy: SkillPolicy) -> dict[str, Any]:
"""把 SkillPolicy 转成可发送给 LLM 的简化 JSON。"""
return {
"name": policy.name,
"description": policy.description,
"allowed_execution_modes": list(policy.allowed_execution_modes),
"allowed_modes": list(policy.allowed_modes),
"allowed_actions": list(policy.allowed_actions),
"required_confirmations": list(policy.required_confirmations),
"required_params": list(policy.required_params),
"action_sequence": list(policy.action_sequence),
"ip_action_sequence": list(policy.ip_action_sequence),
"forbidden_actions": list(policy.forbidden_actions),
}
def _absolute_path(path: str | Path) -> Path:
"""把传给脚本的文件路径转换为绝对路径,避免 cwd 切换后读错文件。"""

5
pam_deploy_graph/graph.py
View File

@ -29,12 +29,17 @@ def build_langgraph(agent: PamDeployAgent | None = None, flow: GraphFlow = "depl
agent_state = runtime.create_state(
params=state["params"],
execution_strategy=state.get("execution_strategy", "hybrid_node_mcp"),
execution_mode=state.get("execution_mode", "fixed_runtime"),
run_id=state.get("run_id"),
script_entry=state.get("script_entry"),
config_path=state.get("config_path"),
trace_file_path=state.get("trace_file_path"),
checkpoint_path=state.get("checkpoint_path"),
target_ips=state.get("target_ips"),
planned_actions=state.get("planned_actions"),
mode_reason=state.get("mode_reason", ""),
mode_risk_level=state.get("mode_risk_level", "medium"),
mode_requires_confirmation=state.get("mode_requires_confirmation", True),
)
return {"agent_state": agent_state}

45
pam_deploy_graph/interactive.py
View File

@ -18,6 +18,7 @@ from .langgraph_runtime import LangGraphDeploymentRuntime, LangGraphRunResult
from .llm import build_llm_client
from .llm.rule_based import RuleBasedLlmClient
from .mcp_factory import build_mcp_runner_from_config
from .models import AgentExecutionMode, AgentState, ExecutionStrategy
from .models import AgentState, ExecutionStrategy
from .params_loader import load_params_file
@ -69,6 +70,7 @@ class InteractiveCliSession:
self.agent = agent
self.params = dict(params)
self.strategy = strategy
self.execution_mode: AgentExecutionMode = "fixed_runtime"
self.checkpoint_path = checkpoint_path or _default_checkpoint_path()
self.target_ips = list(target_ips or [])
self.input = _build_prompt_input(input_func)
@ -186,9 +188,11 @@ class InteractiveCliSession:
self.last_analysis = result
param_result = result["params"]
intent_result = result["intent"]
mode_decision = result["mode_decision"]
plan = result["plan"]
self.params = dict(param_result.extracted_params)
self.strategy = _choose_strategy(intent_result.strategy_preference, self.strategy)
self.execution_mode = mode_decision.mode
user_ips = param_result.extracted_control.get("user_specified_ips")
if isinstance(user_ips, list):
@ -198,8 +202,12 @@ class InteractiveCliSession:
safe_payload = redact_mapping({key: asdict(value) for key, value in result.items()})
self.output("已生成结构化理解:")
self.output(f"- intent: {intent_result.intent}")
self.output(f"- mode: {mode_decision.mode}")
self.output(f"- strategy: {self.strategy}")
self.output(f"- mode_reason: {mode_decision.reason}")
self.output(f"- summary: {plan.summary}")
if plan.planned_actions:
self.output("- planned_actions: " + ", ".join(plan.planned_actions))
if param_result.missing_required_params:
self.output("- missing: " + ", ".join(param_result.missing_required_params))
if self.target_ips:
@ -322,6 +330,7 @@ class InteractiveCliSession:
self.checkpoint_path = str(checkpoint)
self.params = dict(self.state.params)
self.strategy = self.state.execution_strategy
self.execution_mode = self.state.execution_mode
self.target_ips = list(self.state.target_ips)
self.graph_runtime = None
self.output(f"已加载 checkpoint: {checkpoint}")
@ -381,8 +390,13 @@ class InteractiveCliSession:
self.state = self.agent.create_state(
params=self.params,
execution_strategy=self.strategy,
execution_mode=self.execution_mode,
checkpoint_path=self.checkpoint_path,
target_ips=self.target_ips,
planned_actions=self._current_planned_actions(),
mode_reason=self._current_mode_reason(),
mode_risk_level=self._current_mode_risk_level(),
mode_requires_confirmation=self._current_mode_requires_confirmation(),
)
self.graph_runtime = None
self._execute_current_state()
@ -407,6 +421,7 @@ class InteractiveCliSession:
return
self.state = load_agent_state(checkpoint)
self.state.checkpoint_path = self.state.checkpoint_path or str(checkpoint)
self.execution_mode = self.state.execution_mode
if self.state.paused:
self.state = self.agent.resume_state(self.state)
if self.graph_runtime and self.graph_runtime.waiting_confirmation:
@ -534,6 +549,36 @@ class InteractiveCliSession:
if self.state.pending_confirmation:
self._print_confirmation()
def _current_planned_actions(self) -> list[str]:
"""返回当前分析结果中的 planned actions没有分析结果时返回空列表。"""
if not self.last_analysis:
return []
plan = self.last_analysis.get("plan")
if plan is None:
return []
return list(getattr(plan, "planned_actions", []))
def _current_mode_reason(self) -> str:
"""返回最近一次模式决策原因。"""
if not self.last_analysis:
return ""
decision = self.last_analysis.get("mode_decision")
return str(getattr(decision, "reason", ""))
def _current_mode_risk_level(self) -> str:
"""返回最近一次模式决策风险等级。"""
if not self.last_analysis:
return "medium"
decision = self.last_analysis.get("mode_decision")
return str(getattr(decision, "risk_level", "medium"))
def _current_mode_requires_confirmation(self) -> bool:
"""返回最近一次模式决策是否要求确认。"""
if not self.last_analysis:
return True
decision = self.last_analysis.get("mode_decision")
return bool(getattr(decision, "requires_confirmation", True))
def _confirm(self, *, approved: bool, note: str = "") -> None:
"""处理 approve/reject 命令。"""
if self.state is None:

3
pam_deploy_graph/llm/__init__.py
View File

@ -4,7 +4,7 @@ from .base import LlmClient
from .factory import build_llm_client
from .openai_compatible import OpenAICompatibleLlmClient
from .rule_based import RuleBasedLlmClient
from .validators import validate_deploy_plan, validate_intent_result
from .validators import validate_deploy_plan, validate_intent_result, validate_mode_decision
__all__ = [
"LlmClient",
@ -13,4 +13,5 @@ __all__ = [
"build_llm_client",
"validate_deploy_plan",
"validate_intent_result",
"validate_mode_decision",
]

16
pam_deploy_graph/llm/base.py
View File

@ -10,6 +10,7 @@ from pam_deploy_graph.models import (
LlmActionAnalysis,
LlmDeployPlan,
LlmIntentResult,
LlmModeDecision,
LlmParamResult,
)
@ -31,10 +32,25 @@ class LlmClient(Protocol):
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
skill_policy: dict[str, Any],
tool_summaries: list[dict[str, Any]],
) -> LlmDeployPlan:
"""根据参数和意图生成部署计划。"""
...
def decide_execution_mode(
self,
*,
text: str,
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
allowed_modes: list[str],
tool_summaries: list[dict[str, Any]],
) -> LlmModeDecision:
"""决定进入固定 runtime 还是 agentic skill 模式。"""
...
def analyze_action_result(
self,
*,

37
pam_deploy_graph/llm/openai_compatible.py
View File

@ -20,10 +20,10 @@ from pam_deploy_graph.constants import (
REQUIRED_PARAMS,
SENSITIVE_KEYS,
)
from pam_deploy_graph.models import ExecutionStrategy, LlmDeployPlan, LlmIntentResult, LlmParamResult
from pam_deploy_graph.models import ExecutionStrategy, LlmDeployPlan, LlmIntentResult, LlmModeDecision, LlmParamResult
from pam_deploy_graph.models import ActionResult, LlmActionAnalysis
from .prompts import ACTION_ANALYSIS_PROMPT, INTENT_PROMPT, PARAM_PROMPT, PLAN_PROMPT, SYSTEM_PROMPT
from .prompts import ACTION_ANALYSIS_PROMPT, INTENT_PROMPT, MODE_PROMPT, PARAM_PROMPT, PLAN_PROMPT, SYSTEM_PROMPT
JsonTransport = Callable[[str, dict[str, str], dict[str, Any], float], dict[str, Any]]
@ -107,6 +107,8 @@ class OpenAICompatibleLlmClient:
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
skill_policy: dict[str, Any],
tool_summaries: list[dict[str, Any]],
) -> LlmDeployPlan:
"""调用 LLM 生成部署计划。"""
payload = self._complete_json(
@ -115,6 +117,8 @@ class OpenAICompatibleLlmClient:
"params": _redact_sensitive(params),
"intent": intent,
"execution_strategy": strategy,
"skill_policy": skill_policy,
"tool_summaries": tool_summaries,
"allowed_actions": list(ALLOWED_ACTIONS),
"global_action_sequence": list(GLOBAL_ACTION_SEQUENCE),
"ip_action_sequence": list(IP_ACTION_SEQUENCE),
@ -129,6 +133,35 @@ class OpenAICompatibleLlmClient:
execution_strategy=_string(payload, "execution_strategy", strategy), # type: ignore[arg-type]
)
def decide_execution_mode(
self,
*,
text: str,
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
allowed_modes: list[str],
tool_summaries: list[dict[str, Any]],
) -> LlmModeDecision:
"""调用 LLM 决定本次任务进入固定 runtime 或 agentic skill。"""
payload = self._complete_json(
MODE_PROMPT,
{
"user_text": text,
"params": _redact_sensitive(params),
"intent": intent,
"execution_strategy": strategy,
"allowed_modes": allowed_modes,
"tool_summaries": tool_summaries,
},
)
return LlmModeDecision(
mode=_string(payload, "mode", "fixed_runtime"), # type: ignore[arg-type]
reason=_string(payload, "reason", ""),
risk_level=_string(payload, "risk_level", "medium"), # type: ignore[arg-type]
requires_confirmation=bool(payload.get("requires_confirmation", True)),
)
def analyze_action_result(
self,
*,

17
pam_deploy_graph/llm/prompts.py
View File

@ -24,6 +24,23 @@ INTENT_PROMPT = """根据用户输入识别意图和执行偏好。
}
"""
MODE_PROMPT = """根据用户输入、参数、执行策略和可用工具,决定本次任务应进入固定 runtime 还是 agentic skill 模式。
输出 JSON schema
{
"mode": "fixed_runtime|agentic_skill",
"reason": "...",
"risk_level": "low|medium|high",
"requires_confirmation": true
}
决策原则
- 标准部署批量升级回滚高风险变更默认优先 fixed_runtime
- 诊断类探索类半结构化任务或用户明确要求 skill 自主编排/自主调用工具可选 agentic_skill
- 不能因为用户提到 MCP 就自动选择 agentic_skillMCP 也可以作为 fixed_runtime 的后端
- 只有在允许模式集合中选择 mode
"""
PARAM_PROMPT = """从用户输入中抽取 PAM 部署参数和控制信息。
输出 JSON schema

55
pam_deploy_graph/llm/rule_based.py
View File

@ -9,13 +9,14 @@ from __future__ import annotations
import re
from typing import Any
from pam_deploy_graph.constants import GLOBAL_ACTION_SEQUENCE, REQUIRED_PARAMS
from pam_deploy_graph.constants import GLOBAL_ACTION_SEQUENCE, IP_ACTION_SEQUENCE, REQUIRED_PARAMS
from pam_deploy_graph.models import (
ActionResult,
ExecutionStrategy,
LlmActionAnalysis,
LlmDeployPlan,
LlmIntentResult,
LlmModeDecision,
LlmParamResult,
)
@ -116,6 +117,8 @@ class RuleBasedLlmClient:
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
skill_policy: dict[str, Any],
tool_summaries: list[dict[str, Any]],
) -> LlmDeployPlan:
"""生成确定性的部署计划和风险提示。"""
if strategy == "hybrid_node_mcp":
@ -139,14 +142,62 @@ class RuleBasedLlmClient:
if strategy == "hybrid_node_mcp":
risk_notes.append("PAM_HOME 当前没有 MCP 能力HOME 阶段仍会调用脚本 action。")
if intent == "query_node_ips":
planned_actions = ["get-token", "get-node-url", "get-online-ips"]
elif intent == "rollback":
planned_actions = ["rollback-ip", "verify-ip", "download-log"]
elif intent == "deploy":
planned_actions = [*GLOBAL_ACTION_SEQUENCE, *IP_ACTION_SEQUENCE]
else:
planned_actions = list(GLOBAL_ACTION_SEQUENCE)
return LlmDeployPlan(
summary=summary,
risk_notes=risk_notes,
planned_actions=list(GLOBAL_ACTION_SEQUENCE),
planned_actions=planned_actions,
requires_confirmation=intent in ("deploy", "query_node_ips", "rollback"),
execution_strategy=strategy,
)
def decide_execution_mode(
self,
*,
text: str,
params: dict[str, Any],
intent: str,
strategy: ExecutionStrategy,
allowed_modes: list[str],
tool_summaries: list[dict[str, Any]],
) -> LlmModeDecision:
"""根据关键词规则决定进入固定 runtime 或 agentic skill。"""
lowered = text.lower()
requested_agentic = any(
word in lowered for word in ("自主编排", "按 skill", "自动选择工具", "自动决策", "toolcall", "agentic")
)
diagnostic_intent = any(word in lowered for word in ("诊断", "排查", "分析异常", "帮我看看", "explore"))
high_risk_intent = intent in ("deploy", "rollback") or any(word in lowered for word in ("批量", "升级", "回滚"))
mode = "fixed_runtime"
reason = "标准部署和高风险动作默认走固定 runtime。"
risk_level = "high" if high_risk_intent else "medium"
requires_confirmation = True
if requested_agentic or diagnostic_intent:
mode = "agentic_skill"
reason = "用户明确要求按 skill 自主编排,或任务更偏探索/诊断。"
risk_level = "medium"
if mode not in allowed_modes:
mode = allowed_modes[0] if allowed_modes else "fixed_runtime"
reason = "原始模式不在 skill 允许集合内,已回退到允许模式。"
return LlmModeDecision(
mode=mode, # type: ignore[arg-type]
reason=reason,
risk_level=risk_level, # type: ignore[arg-type]
requires_confirmation=requires_confirmation,
)
def analyze_action_result(
self,
*,

14
pam_deploy_graph/llm/validators.py
View File

@ -3,9 +3,11 @@
from __future__ import annotations
from pam_deploy_graph.constants import ALLOWED_ACTIONS
from pam_deploy_graph.models import LlmDeployPlan, LlmIntentResult
from pam_deploy_graph.models import LlmDeployPlan, LlmIntentResult, LlmModeDecision
VALID_INTENTS = {"deploy", "show_usage", "preview", "query_node_ips", "rollback"}
VALID_EXECUTION_MODES = {"fixed_runtime", "agentic_skill"}
VALID_RISK_LEVELS = {"low", "medium", "high"}
FORBIDDEN_TEXT = ("bash ", "powershell ", "deploy.sh", "deploy.ps1", "CLIENT_SECRET=")
@ -27,3 +29,13 @@ def validate_deploy_plan(plan: LlmDeployPlan) -> None:
forbidden = [item for item in FORBIDDEN_TEXT if item.lower() in lowered]
if forbidden:
raise ValueError(f"计划包含禁止出现的可执行文本: {', '.join(forbidden)}")
def validate_mode_decision(result: LlmModeDecision, allowed_modes: list[str] | None = None) -> None:
"""校验模式决策结果是否合法。"""
if result.mode not in VALID_EXECUTION_MODES:
raise ValueError(f"非法执行模式: {result.mode}")
if result.risk_level not in VALID_RISK_LEVELS:
raise ValueError(f"非法风险等级: {result.risk_level}")
if allowed_modes and result.mode not in allowed_modes:
raise ValueError(f"模式 {result.mode} 不在允许集合内")

34
pam_deploy_graph/models.py
View File

@ -7,10 +7,13 @@ from typing import Any, Literal
BackendName = Literal["mcp", "script", "fake"]
ExecutionStrategy = Literal["hybrid_node_mcp", "script_only", "fake"]
AgentExecutionMode = Literal["fixed_runtime", "agentic_skill"]
IntentName = Literal["deploy", "show_usage", "preview", "query_node_ips", "rollback"]
ModePreference = Literal["MCP", "API脚本", "未指定"]
StrategyPreference = Literal["hybrid_node_mcp", "script_only", "fake", "未指定"]
ActionAnalysisSeverity = Literal["info", "low", "medium", "high"]
ModeDecisionRisk = Literal["low", "medium", "high"]
ToolScope = Literal["global", "ip"]
@dataclass(slots=True)
@ -29,6 +32,21 @@ class ActionResult:
error_summary: str = ""
@dataclass(slots=True)
class ActionToolSpec:
"""面向 LLM 和 runtime 的统一 action tool 描述。"""
name: str
action: str
scope: ToolScope
description: str
risk_level: ModeDecisionRisk = "medium"
requires_confirmation: bool = False
required_runtime_fields: tuple[str, ...] = ()
required_param_fields: tuple[str, ...] = ()
preferred_backend: str = ""
@dataclass(slots=True)
class SkillPolicy:
"""从 Skill 文档提取出的部署策略约束。"""
@ -36,6 +54,7 @@ class SkillPolicy:
name: str
source_path: str
description: str = ""
allowed_execution_modes: tuple[AgentExecutionMode, ...] = ("fixed_runtime", "agentic_skill")
allowed_modes: tuple[str, ...] = ("MCP", "API脚本")
allowed_actions: tuple[str, ...] = ()
required_confirmations: tuple[str, ...] = (
@ -89,6 +108,16 @@ class LlmDeployPlan:
execution_strategy: StrategyPreference = "未指定"
@dataclass(slots=True)
class LlmModeDecision:
"""LLM 给出的执行模式决策。"""
mode: AgentExecutionMode = "fixed_runtime"
reason: str = ""
risk_level: ModeDecisionRisk = "medium"
requires_confirmation: bool = True
@dataclass(slots=True)
class LlmActionAnalysis:
"""LLM 或规则对单次 action 结果的诊断建议。"""
@ -117,6 +146,7 @@ class AgentState:
trace_file_path: str = ""
node_mcp_server_name: str = ""
node_mcp_tool_names: dict[str, str] = field(default_factory=dict)
execution_mode: AgentExecutionMode = "fixed_runtime"
completed_global_steps: list[str] = field(default_factory=list)
hash_code: str = ""
node_url: str = ""
@ -127,6 +157,10 @@ class AgentState:
last_success_step: str = ""
last_failed_step: str = ""
checkpoint_path: str = ""
planned_actions: list[str] = field(default_factory=list)
mode_reason: str = ""
mode_risk_level: ModeDecisionRisk = "medium"
mode_requires_confirmation: bool = True
paused: bool = False
pause_reason: str = ""
review_context: dict[str, Any] = field(default_factory=dict)

119
pam_deploy_graph/skill_policy.py
View File

@ -2,6 +2,7 @@
from __future__ import annotations
import re
from pathlib import Path
from .constants import (
@ -15,7 +16,7 @@ from .models import SkillPolicy
def load_skill_policy(path: str | Path) -> SkillPolicy:
"""读取 Skill markdown 头部信息,并填充 action/参数策略"""
"""读取 Skill markdown,并提取真正参与执行的策略约束"""
skill_path = Path(path)
text = skill_path.read_text(encoding="utf-8")
name = "pam-auto-deply"
@ -30,13 +31,121 @@ def load_skill_policy(path: str | Path) -> SkillPolicy:
elif line.startswith("description:"):
description = line.split(":", 1)[1].strip()
parsed_actions = _parse_allowed_actions(text)
action_sequence = _parse_action_sequence(text)
ip_action_sequence = tuple(action for action in action_sequence if action in IP_ACTION_SEQUENCE) or IP_ACTION_SEQUENCE
global_sequence = tuple(action for action in action_sequence if action in GLOBAL_ACTION_SEQUENCE) or GLOBAL_ACTION_SEQUENCE
required_confirmations = _parse_required_confirmations(text)
forbidden_actions = _parse_forbidden_actions(text)
required_params = _parse_required_params(text)
return SkillPolicy(
name=name,
source_path=str(skill_path),
description=description,
allowed_actions=ALLOWED_ACTIONS,
required_params=REQUIRED_PARAMS,
allowed_actions=parsed_actions or ALLOWED_ACTIONS,
required_params=required_params or REQUIRED_PARAMS,
optional_params=DEFAULT_PARAMS.copy(),
action_sequence=GLOBAL_ACTION_SEQUENCE,
ip_action_sequence=IP_ACTION_SEQUENCE,
required_confirmations=required_confirmations or ("params", "target_scope", "rollback"),
action_sequence=global_sequence,
ip_action_sequence=ip_action_sequence,
forbidden_actions=forbidden_actions or ("script-main-flow", "auto-rollback", "modify-deploy-scripts"),
)
def _parse_allowed_actions(text: str) -> tuple[str, ...]:
"""从 skill 文档的 action 表中提取允许的 action。"""
section = _section_body(text, "### 6.3 可用 action")
if not section:
return ()
actions: list[str] = []
for raw_line in section.splitlines():
line = raw_line.strip()
if not line.startswith("|"):
continue
parts = [item.strip() for item in line.strip("|").split("|")]
if not parts or parts[0] in ("action", "---"):
continue
action = parts[0].strip("` ")
if action in ALLOWED_ACTIONS and action not in actions:
actions.append(action)
return tuple(actions)
def _parse_action_sequence(text: str) -> tuple[str, ...]:
"""从主流程章节提取推荐执行顺序。"""
section = _section_body(text, "### 4.1 正式部署主流程")
if not section:
return ()
found: list[str] = []
for action in [*GLOBAL_ACTION_SEQUENCE, *IP_ACTION_SEQUENCE]:
if re.search(rf"\b{re.escape(action)}\b", section) and action not in found:
found.append(action)
return tuple(found)
def _parse_required_confirmations(text: str) -> tuple[str, ...]:
"""从强制确认点章节提取确认类型。"""
section = _section_body(text, "### 4.2 主流程中的强制确认点")
if not section:
return ()
confirmations: list[str] = []
keyword_map = {
"参数确认": "params",
"目标 ip": "target_scope",
"部署范围": "target_scope",
"回滚": "rollback",
"间隔策略": "interval_policy",
}
lowered = section.lower()
for keyword, name in keyword_map.items():
if keyword in lowered or keyword in section:
confirmations.append(name)
return tuple(dict.fromkeys(confirmations))
def _parse_forbidden_actions(text: str) -> tuple[str, ...]:
"""从禁止事项章节提取禁止项。"""
section = _section_body(text, "### 7.5 明确禁止的做法")
if not section:
return ()
forbidden: list[str] = []
if "脚本主流程" in section:
forbidden.append("script-main-flow")
if "自动执行回滚" in section or "自动回滚" in section:
forbidden.append("auto-rollback")
if "修改脚本" in section or "自动生成" in section:
forbidden.append("modify-deploy-scripts")
return tuple(dict.fromkeys(forbidden))
def _parse_required_params(text: str) -> tuple[str, ...]:
"""从参数表提取必填脚本字段。"""
section = _section_body(text, "### 3.1 必填业务参数")
if not section:
return ()
params: list[str] = []
for raw_line in section.splitlines():
line = raw_line.strip()
if not line.startswith("|"):
continue
parts = [item.strip() for item in line.strip("|").split("|")]
if len(parts) < 3 or parts[0] in ("规范字段", "---"):
continue
script_field = parts[1].strip("` ")
required_flag = parts[2]
if script_field in REQUIRED_PARAMS and required_flag == "":
params.append(script_field)
return tuple(params)
def _section_body(text: str, heading: str) -> str:
"""提取指定 markdown heading 到下一同级 heading 之间的正文。"""
marker = f"{heading}\n"
if marker not in text:
return ""
_, tail = text.split(marker, 1)
matches = list(re.finditer(r"^###\s+", tail, flags=re.MULTILINE))
if matches:
return tail[: matches[0].start()]
return tail

35
tests/test_agent_flow.py
View File

@ -55,6 +55,41 @@ def test_run_deploy_flow_success(tmp_path: Path):
assert all(item["status"] == "SUCCESS" for item in state.ip_states.values())
def test_agentic_state_uses_planned_actions_subset(tmp_path: Path):
agent = PamDeployAgent(fake_runner=FakeActionRunner())
state = agent.create_state(
params=PARAMS,
execution_strategy="fake",
execution_mode="agentic_skill",
planned_actions=["get-token", "get-node-url", "get-online-ips"],
config_path=str(tmp_path / "config.txt"),
)
agent.run_deploy_flow(state)
assert state.execution_mode == "agentic_skill"
assert state.planned_actions == ["get-token", "get-node-url", "get-online-ips"]
assert state.completed_global_steps == ["get-token", "get-node-url", "get-online-ips"]
assert state.ip_states == {}
def test_fixed_runtime_state_also_respects_planned_actions_subset(tmp_path: Path):
agent = PamDeployAgent(fake_runner=FakeActionRunner())
state = agent.create_state(
params=PARAMS,
execution_strategy="fake",
execution_mode="fixed_runtime",
planned_actions=["get-token", "get-node-url", "get-online-ips"],
config_path=str(tmp_path / "config.txt"),
)
agent.run_deploy_flow(state)
assert state.execution_mode == "fixed_runtime"
assert state.completed_global_steps == ["get-token", "get-node-url", "get-online-ips"]
assert state.ip_states == {}
def test_create_state_writes_absolute_script_config_path_and_normalized_zip(tmp_path: Path):
package_path = tmp_path / "pkg.zip"
params = {**PARAMS, "ZIP_FILE_PATH": str(package_path)}

22
tests/test_llm_structured.py
View File

@ -44,7 +44,29 @@ def test_analyze_request_returns_structured_objects():
)
payload = {key: asdict(value) for key, value in result.items()}
assert payload["intent"]["intent"] == "preview"
assert payload["mode_decision"]["mode"] == "fixed_runtime"
assert payload["plan"]["execution_strategy"] == "hybrid_node_mcp"
assert payload["plan"]["planned_actions"][:3] == ["get-token", "create-version", "upload-package"]
def test_rule_based_mode_decision_can_choose_agentic_skill():
agent = PamDeployAgent()
result = agent.analyze_request(
"请按 skill 自主编排并自动选择工具,帮我排查 HET PAM Node 部署异常",
{
"HOME_BASE_URL": "https://x",
"CLIENT_ID": "id",
"CLIENT_SECRET": "s",
"AIRPORT_CODE": "HET",
"APP_NAME": "PAM",
"MODULE_NAME": "Node",
"VERSION_NUMBER": "2.0.5",
"ZIP_FILE_PATH": "C:/pkg.zip",
},
)
assert result["mode_decision"].mode == "agentic_skill"
assert "自主编排" in result["mode_decision"].reason
def test_analyze_payload_can_be_redacted():

7
tests/test_skill_policy.py
View File

@ -6,6 +6,11 @@ from pam_deploy_graph.skill_policy import load_skill_policy
def test_load_skill_policy_from_doc():
policy = load_skill_policy(Path("doc_scripts/PAM_AUTO_DEPLY_SKILL.md"))
assert policy.name == "pam-auto-deply"
assert "fixed_runtime" in policy.allowed_execution_modes
assert "get-token" in policy.allowed_actions
assert "CLIENT_SECRET" in policy.required_params
assert "params" in policy.required_confirmations
assert "rollback" in policy.required_confirmations
assert "script-main-flow" in policy.forbidden_actions
assert policy.action_sequence[0] == "get-token"
assert "upgrade-ip" in policy.ip_action_sequence