refactor(agent): dedupe harness and command workflows

2026-05-09 02:18:25 +00:00 · 2026-02-16 14:52:09 +00:00
parent 04892ee230
commit f717a13039
204 changed files with 7366 additions and 11540 deletions
--- a/src/agents/pi-tools-agent-config.e2e.test.ts
+++ b/src/agents/pi-tools-agent-config.e2e.test.ts
@@ -27,6 +27,64 @@ describe("Agent-specific tool filtering", () => {
    stat: async () => null,
  };

+  async function withApplyPatchEscapeCase(
+    opts: { workspaceOnly?: boolean },
+    run: (params: {
+      applyPatchTool: ToolWithExecute;
+      escapedPath: string;
+      patch: string;
+    }) => Promise<void>,
+  ) {
+    const workspaceDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-pi-tools-"));
+    const escapedPath = path.join(
+      path.dirname(workspaceDir),
+      `escaped-${process.pid}-${Date.now()}-${Math.random().toString(16).slice(2)}.txt`,
+    );
+    const relativeEscape = path.relative(workspaceDir, escapedPath);
+
+    try {
+      const cfg: OpenClawConfig = {
+        tools: {
+          allow: ["read", "exec"],
+          exec: {
+            applyPatch: {
+              enabled: true,
+              ...(opts.workspaceOnly === false ? { workspaceOnly: false } : {}),
+            },
+          },
+        },
+      };
+
+      const tools = createOpenClawCodingTools({
+        config: cfg,
+        sessionKey: "agent:main:main",
+        workspaceDir,
+        agentDir: "/tmp/agent",
+        modelProvider: "openai",
+        modelId: "gpt-5.2",
+      });
+
+      const applyPatchTool = tools.find((t) => t.name === "apply_patch");
+      if (!applyPatchTool) {
+        throw new Error("apply_patch tool missing");
+      }
+
+      const patch = `*** Begin Patch
+*** Add File: ${relativeEscape}
+escaped
+*** End Patch`;
+
+      await run({
+        applyPatchTool: applyPatchTool as unknown as ToolWithExecute,
+        escapedPath,
+        patch,
+      });
+    } finally {
+      await fs.rm(escapedPath, { force: true });
+      await fs.rm(workspaceDir, { recursive: true, force: true });
+    }
+  }
+
  it("should apply global tool policy when no agent-specific policy exists", () => {
    const cfg: OpenClawConfig = {
      tools: {
@@ -118,96 +176,23 @@ describe("Agent-specific tool filtering", () => {
  });

  it("defaults apply_patch to workspace-only (blocks traversal)", async () => {
-    const workspaceDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-pi-tools-"));
-    const escapedPath = path.join(
-      path.dirname(workspaceDir),
-      `escaped-${process.pid}-${Date.now()}-${Math.random().toString(16).slice(2)}.txt`,
-    );
-    const relativeEscape = path.relative(workspaceDir, escapedPath);
-
-    try {
-      const cfg: OpenClawConfig = {
-        tools: {
-          allow: ["read", "exec"],
-          exec: {
-            applyPatch: { enabled: true },
-          },
-        },
-      };
-
-      const tools = createOpenClawCodingTools({
-        config: cfg,
-        sessionKey: "agent:main:main",
-        workspaceDir,
-        agentDir: "/tmp/agent",
-        modelProvider: "openai",
-        modelId: "gpt-5.2",
-      });
-
-      const applyPatchTool = tools.find((t) => t.name === "apply_patch");
-      if (!applyPatchTool) {
-        throw new Error("apply_patch tool missing");
-      }
-
-      const patch = `*** Begin Patch
-*** Add File: ${relativeEscape}
-+escaped
-*** End Patch`;
-
-      await expect(
-        (applyPatchTool as unknown as ToolWithExecute).execute("tc1", { input: patch }),
-      ).rejects.toThrow(/Path escapes sandbox root/);
+    await withApplyPatchEscapeCase({}, async ({ applyPatchTool, escapedPath, patch }) => {
+      await expect(applyPatchTool.execute("tc1", { input: patch })).rejects.toThrow(
+        /Path escapes sandbox root/,
+      );
      await expect(fs.readFile(escapedPath, "utf8")).rejects.toBeDefined();
-    } finally {
-      await fs.rm(escapedPath, { force: true });
-      await fs.rm(workspaceDir, { recursive: true, force: true });
-    }
+    });
  });

  it("allows disabling apply_patch workspace-only via config (dangerous)", async () => {
-    const workspaceDir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-pi-tools-"));
-    const escapedPath = path.join(
-      path.dirname(workspaceDir),
-      `escaped-allow-${process.pid}-${Date.now()}-${Math.random().toString(16).slice(2)}.txt`,
+    await withApplyPatchEscapeCase(
+      { workspaceOnly: false },
+      async ({ applyPatchTool, escapedPath, patch }) => {
+        await applyPatchTool.execute("tc2", { input: patch });
+        const contents = await fs.readFile(escapedPath, "utf8");
+        expect(contents).toBe("escaped\n");
+      },
    );
-    const relativeEscape = path.relative(workspaceDir, escapedPath);
-
-    try {
-      const cfg: OpenClawConfig = {
-        tools: {
-          allow: ["read", "exec"],
-          exec: {
-            applyPatch: { enabled: true, workspaceOnly: false },
-          },
-        },
-      };
-
-      const tools = createOpenClawCodingTools({
-        config: cfg,
-        sessionKey: "agent:main:main",
-        workspaceDir,
-        agentDir: "/tmp/agent",
-        modelProvider: "openai",
-        modelId: "gpt-5.2",
-      });
-
-      const applyPatchTool = tools.find((t) => t.name === "apply_patch");
-      if (!applyPatchTool) {
-        throw new Error("apply_patch tool missing");
-      }
-
-      const patch = `*** Begin Patch
-*** Add File: ${relativeEscape}
-+escaped
-*** End Patch`;
-
-      await (applyPatchTool as unknown as ToolWithExecute).execute("tc2", { input: patch });
-      const contents = await fs.readFile(escapedPath, "utf8");
-      expect(contents).toBe("escaped\n");
-    } finally {
-      await fs.rm(escapedPath, { force: true });
-      await fs.rm(workspaceDir, { recursive: true, force: true });
-    }
  });

  it("should apply agent-specific tool policy", () => {