chungyeong/dev-puppeteer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0e61b2d9073d2e826dd934790223f55a51415eb9
dev-puppeteer/my-deepagent/tests/unit/test_audit.py
chungyeong 733c9be0bd feat(my-deepagent): v0.1.0 Step 6~15 — REPL/Budget/Recovery/Audit/Pricing + real OpenRouter E2E 
Step 6  — Distribution: init/login/logout/keys/doctor CLI, platformdirs data dirs,
          OS keyring (Keychain/Secret Service/Credential Store), first-run governance
          consent, secret resolution chain (config→env→keyring), ko/en i18n catalog
          via MYDEEPAGENT_LANG.
Step 7  — WorkflowEngine: phase loop, ArtifactWatcherMiddleware (write_file/edit_file
          detection), jsonschema 2020-12 validation + 1 repair retry, approval gate,
          final report compose (JSON + Markdown). FK-safe persistence ordering.
          RunEventType + run_idempotency_key per plan v2.0 §13.1.
Step 8  — Budget guardrails: BudgetTracker (SQLite WAL ledger, block/warn_continue/
          prompt policies, per-run + per-day + per-persona-daily scopes), cost preview
          before run (rich table), CostMiddleware wired with pre-call assert + post-call
          record. CLI: budget / stats --by model|persona|day / costs.
Step 9  — Crash recovery + concurrency: sweep_orphan_runs() at startup (frees the
          ux_active_run_repo_base partial unique slot), `runs list/show/resume` CLI,
          SIGTERM/SIGINT graceful shutdown (30s grace then cancel), auto-sweep before
          new phase.
Step 10 — Interactive REPL: `mydeepagent` (no subcommand) launches prompt_toolkit REPL
          with --agent/--model overrides, slash commands (/help /quit /agent /model
          /clear /stats /budget /runs), @file-ref expansion (repo-root containment),
          CostMiddleware-wired per-session metering.
Step 11 — Audit log + secret scrubbing: append-only {state_dir}/audit.jsonl per tool
          call, AuditToolMiddleware with file_recorder, structlog _scrub_processor
          redacting OpenRouter/Anthropic/OpenAI/LangSmith/GitHub/GitLab keys + Bearer
          tokens before stderr/JSON sinks.
Step 12 — Doctor 8-check + OpenRouter pricing fetch: 8-check doctor (python/uv/git/
          workspace_root/config+governance/openrouter_api_key/openrouter_ping+pricing
          upsert/disk+sqlite integrity), `mydeepagent pricing` cache view, run preview
          reads persisted model_pricing with static seed fallback.
Step 15 — End-to-end real OpenRouter integration: tests/integration/test_e2e_workflow.py
          runs spec-and-review@1 (spec → review → verify) end-to-end against real
          OpenRouter DeepSeek in ~71s for ~$0.05 per run. BindingOverride pins all 3
          roles to DeepSeek personas to sidestep the langchain-openai + Anthropic-via-
          OpenRouter tool_calls.args JSON-string ValidationError (known v0.1.0 limit).
          New personas: openrouter-deepseek-spec-writer@1, openrouter-deepseek-code-
          reviewer@1 (+ fake-reviewer@1 fixture). _build_envelope inlines the JSON
          Schema so the LLM sees exact required fields. _record_llm_call fills every
          NOT NULL LlmCallRow column. CostMiddleware probes both usage_metadata and
          response_metadata.token_usage (prompt_tokens/completion_tokens fallback).
          dev/review-finding-batch@1 artifact schema added.

Known v0.1.0 limits documented in CHANGELOG:
- usage_metadata sometimes empty on OpenRouter-forwarded responses (recorder still
  fires, row persisted, but tokens may read 0). v0.2 will probe more response shapes.
- Anthropic via OpenRouter currently fails with tool_calls.args JSON-string vs dict
  ValidationError in langchain-openai → DeepSeek workaround required.
- `runs resume <run_id>` is a stub (exit-2 hint only).

Gates: ruff check / ruff format --check / mypy --strict / 574 pytest PASS (5.29s)
plus 1 E2E PASS (71.21s, real OpenRouter, ~\$0.05).

--no-verify used: lefthook still TS-only (TS code in packages/ pending removal per
plan-v4-draft.md Step 0).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 16:32:46 +09:00

129 lines
4.1 KiB
Python
Raw Blame History

"""Unit tests for src/my_deepagent/audit.py."""
from __future__ import annotations
import json
import os
from pathlib import Path
from typing import Any
import pytest
from my_deepagent.audit import (
append_audit_record,
audit_path,
make_audit_recorder,
read_audit_records,
)
# ---------------------------------------------------------------------------
# audit_path
# ---------------------------------------------------------------------------
def test_audit_path_returns_correct_location(tmp_path: Path) -> None:
expected = tmp_path / "audit.jsonl"
assert audit_path(tmp_path) == expected
# ---------------------------------------------------------------------------
# append_audit_record
# ---------------------------------------------------------------------------
def test_append_audit_record_creates_file_with_one_line(tmp_path: Path) -> None:
record: dict[str, Any] = {"tool_name": "read_file", "args": {"path": "x.py"}}
append_audit_record(tmp_path, record)
target = audit_path(tmp_path)
assert target.is_file()
lines = [ln for ln in target.read_text(encoding="utf-8").splitlines() if ln.strip()]
assert len(lines) == 1
parsed = json.loads(lines[0])
assert parsed["tool_name"] == "read_file"
assert "ts" in parsed
def test_append_audit_record_accumulates_multiple_records(tmp_path: Path) -> None:
for i in range(5):
append_audit_record(tmp_path, {"seq": i})
records = read_audit_records(tmp_path)
assert len(records) == 5
seqs = [r["seq"] for r in records]
assert seqs == list(range(5))
def test_append_audit_record_file_permission_is_0600(tmp_path: Path) -> None:
append_audit_record(tmp_path, {"tool_name": "test"})
target = audit_path(tmp_path)
mode = os.stat(target).st_mode & 0o777
assert mode == 0o600
def test_append_audit_record_adds_ts_field(tmp_path: Path) -> None:
append_audit_record(tmp_path, {"tool_name": "execute"})
records = read_audit_records(tmp_path)
assert len(records) == 1
assert "ts" in records[0]
# ts should be a non-empty ISO string
assert len(records[0]["ts"]) > 0
# ---------------------------------------------------------------------------
# read_audit_records
# ---------------------------------------------------------------------------
def test_read_audit_records_returns_empty_when_file_missing(tmp_path: Path) -> None:
result = read_audit_records(tmp_path)
assert result == []
def test_read_audit_records_returns_empty_for_empty_file(tmp_path: Path) -> None:
target = audit_path(tmp_path)
target.write_text("", encoding="utf-8")
result = read_audit_records(tmp_path)
assert result == []
def test_read_audit_records_with_limit_returns_last_n(tmp_path: Path) -> None:
for i in range(10):
append_audit_record(tmp_path, {"seq": i})
result = read_audit_records(tmp_path, limit=3)
assert len(result) == 3
# should be the last 3 records (seq 7, 8, 9)
assert result[0]["seq"] == 7
assert result[1]["seq"] == 8
assert result[2]["seq"] == 9
def test_read_audit_records_skips_corrupted_lines(tmp_path: Path) -> None:
target = audit_path(tmp_path)
# Write one valid + one corrupt + one valid line
valid1 = json.dumps({"tool_name": "first"}) + "\n"
corrupt = "NOT_VALID_JSON{\n"
valid2 = json.dumps({"tool_name": "third"}) + "\n"
target.write_text(valid1 + corrupt + valid2, encoding="utf-8")
records = read_audit_records(tmp_path)
assert len(records) == 2
assert records[0]["tool_name"] == "first"
assert records[1]["tool_name"] == "third"
# ---------------------------------------------------------------------------
# make_audit_recorder
# ---------------------------------------------------------------------------
@pytest.mark.asyncio
async def test_make_audit_recorder_writes_record(tmp_path: Path) -> None:
recorder = make_audit_recorder(tmp_path)
await recorder({"tool_name": "write_file", "args": {"path": "out.txt"}})
records = read_audit_records(tmp_path)
assert len(records) == 1
assert records[0]["tool_name"] == "write_file"
Reference in New Issue View Git Blame Copy Permalink