8.4 KiB
8.4 KiB
Phase 2:执行引擎
日期:2026-04-04 状态:待实施
依赖:Phase 1 完成
1. 本阶段目的
实现代码指挥官的核心执行能力:
- AI CLI Adapter:统一接口适配不同 AI CLI
- Sandbox Executor:沙盒环境执行
- Direct Executor:直接执行低风险任务
- Security Classifier:安全分级
2. 详细任务
2.1 AI CLI Adapter
新文件: backend/app/agents/tools/ai_adapter.py
from abc import ABC, abstractmethod
from pathlib import Path
from dataclasses import dataclass
@dataclass
class CodeExecutionResult:
success: bool
message: str
files_created: list[str]
output: str
error: str | None
class AICLIAdapter(ABC):
@property
@abstractmethod
def cli_name(self) -> str:
"""CLI 命令名称,如 'claude', 'gemini'"""
pass
@property
@abstractmethod
def requires_workspace(self) -> bool:
"""是否需要工作目录"""
pass
@abstractmethod
def build_command(self, prompt: str, workspace: Path | None) -> list[str]:
"""构建 CLI 命令"""
pass
@abstractmethod
def parse_output(self, output: str) -> CodeExecutionResult:
"""解析 CLI 输出"""
pass
@abstractmethod
def is_installed(self) -> bool:
"""检查 CLI 是否已安装"""
pass
class ClaudeAdapter(AICLIAdapter):
cli_name = "claude"
requires_workspace = True
def build_command(self, prompt: str, workspace: Path | None) -> list[str]:
return ["claude", "-p", prompt, "--dangerously-skip-permissions"]
# ... 其他方法实现
class GeminiAdapter(AICLIAdapter):
cli_name = "gemini"
requires_workspace = False
# ...
class CodexAdapter(AICLIAdapter):
cli_name = "codex"
# ...
class OpenCodeAdapter(AICLIAdapter):
cli_name = "opencode"
# ...
2.2 Security Classifier
新文件: backend/app/agents/tools/security_classifier.py
from enum import Enum
class RiskLevel(Enum):
LOW = "low" # 直接执行
HIGH = "high" # 沙盒执行
class SecurityClassifier:
HIGH_RISK_KEYWORDS = [
"修改", "编辑", "删除", "移动",
"Jarvis", "backend", "frontend",
"git", "config", ".env",
]
LOW_RISK_KEYWORDS = [
"demo", "示例", "贪食蛇", "俄罗斯方块",
"小游戏", "独立项目", "新项目",
"创建一个", "写一个",
]
def classify(self, task_description: str, target_path: str | None = None) -> RiskLevel:
# 1. 检查高风险关键词
if any(kw in task_description for kw in self.HIGH_RISK_KEYWORDS):
return RiskLevel.HIGH
# 2. 检查目标路径
if target_path and self._is_project_path(target_path):
return RiskLevel.HIGH
# 3. 检查低风险关键词
if any(kw in task_description for kw in self.LOW_RISK_KEYWORDS):
return RiskLevel.LOW
# 4. 默认高风险
return RiskLevel.HIGH
def _is_project_path(self, path: str) -> bool:
# 检查是否指向 Jarvis 项目路径
return "Jarvis" in path or "backend/app" in path
2.3 Sandbox Executor
新文件: backend/app/agents/tools/sandbox_executor.py
import tempfile
import shutil
import asyncio
from pathlib import Path
from dataclasses import dataclass, field
from typing import AsyncGenerator
@dataclass
class SandboxEnvironment:
workspace_path: Path
session_id: str
@staticmethod
async def create() -> "SandboxEnvironment":
"""创建新的沙盒环境"""
temp_dir = tempfile.mkdtemp(prefix="jarvis_code_")
session_id = Path(temp_dir).name
return SandboxEnvironment(
workspace_path=Path(temp_dir),
session_id=session_id,
)
async def cleanup(self):
"""清理沙盒环境"""
if self.workspace_path.exists():
shutil.rmtree(self.workspace_path)
@dataclass
class ExecutionResult:
success: bool
exit_code: int
stdout: str
stderr: str
files_created: list[str] = field(default_factory=list)
class SandboxExecutor:
def __init__(self, adapter: AICLIAdapter, timeout: int = 300):
self.adapter = adapter
self.timeout = timeout
self._sessions: dict[str, SandboxEnvironment] = {}
async def execute(
self,
prompt: str,
session_id: str | None = None
) -> AsyncGenerator[str, None]:
"""执行代码任务,yield 实时输出"""
# 1. 创建或复用沙盒环境
if session_id and session_id in self._sessions:
env = self._sessions[session_id]
else:
env = await SandboxEnvironment.create()
self._sessions[env.session_id] = env
session_id = env.session_id
# 2. 构建命令
cmd = self.adapter.build_command(prompt, env.workspace_path)
# 3. 异步执行,实时 yield 输出
process = await asyncio.create_subprocess_exec(
*cmd,
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.PIPE,
cwd=str(env.workspace_path),
)
# 4. 实时读取输出
while True:
line = await process.stdout.readline()
if not line:
break
yield line.decode()
# 5. 等待完成
await process.wait()
# 6. 收集结果
return ExecutionResult(
success=process.returncode == 0,
exit_code=process.returncode or 0,
stdout=...,
stderr=...,
files_created=self._list_created_files(env.workspace_path),
)
async def cleanup_session(self, session_id: str):
"""清理指定会话"""
if session_id in self._sessions:
await self._sessions[session_id].cleanup()
del self._sessions[session_id]
2.4 Direct Executor
新文件: backend/app/agents/tools/direct_executor.py
class DirectExecutor:
def __init__(self, adapter: AICLIAdapter, timeout: int = 60):
self.adapter = adapter
self.timeout = timeout
async def execute(self, prompt: str) -> ExecutionResult:
"""直接执行,不需要沙盒"""
if not self.adapter.is_installed():
return ExecutionResult(
success=False,
exit_code=-1,
stdout="",
stderr=f"{self.adapter.cli_name} is not installed",
)
cmd = self.adapter.build_command(prompt, None)
process = await asyncio.create_subprocess_exec(
*cmd,
stdout=asyncio.subprocess.PIPE,
stderr=asyncio.subprocess.PIPE,
)
try:
stdout, stderr = await asyncio.wait_for(
process.communicate(),
timeout=self.timeout,
)
return ExecutionResult(
success=process.returncode == 0,
exit_code=process.returncode or 0,
stdout=stdout.decode(),
stderr=stderr.decode(),
)
except asyncio.TimeoutError:
process.kill()
return ExecutionResult(
success=False,
exit_code=-1,
stdout="",
stderr=f"Execution timed out after {self.timeout}s",
)
3. 核心文件清单
| 文件 | 操作 | 说明 |
|---|---|---|
ai_adapter.py |
新增 | 抽象基类 + 4 个具体实现 |
security_classifier.py |
新增 | 安全分级器 |
sandbox_executor.py |
新增 | 沙盒执行器 |
direct_executor.py |
新增 | 直接执行器 |
4. 验收标准
AICLIAdapter可以正确识别 4 种 CLISecurityClassifier能正确分类高低风险SandboxExecutor能创建、执行、清理沙盒DirectExecutor能直接执行低风险任务- 所有执行器支持流式输出
5. 风险与缓解
| 风险 | 缓解 |
|---|---|
| AI CLI 未安装 | is_installed() 检查 + 友好提示 |
| 执行超时 | timeout 参数控制 |
| 沙盒清理遗漏 | 使用 finally 块确保清理 |
6. 依赖关系
Phase 1(基础设施)
↓
本阶段 → Phase 3(Agent 集成)
→ Phase 4(流式交互)