feat(ai): teach rule agent cross-endpoint workflow patterns#732
Open
tangcent wants to merge 1 commit into
Open
feat(ai): teach rule agent cross-endpoint workflow patterns#732tangcent wants to merge 1 commit into
tangcent wants to merge 1 commit into
Conversation
Add a Workflow-Pattern Catalog (auth-token chaining, static auth, per-request injection, HMAC signing, 401-refresh) to the knowledge base, agent preamble, Magic instruction, and external skill. The agent now detects producing + consuming endpoints and proposes complete rule bundles (method.additional.header + postman.test/prerequest + http.call.after) wired by a shared env-var name. Runtime enablers (narrowly scoped, 401-refresh only): - ScriptHttpClient.executeSync — synchronous HTTP callable from Groovy scripts - mutable HttpRequestWrapper — retried request can carry a refreshed token - thread-local recursion guard caps nested script-driven calls Env-var name reuse resolves from existing rule files via get_existing_rules_for_key (not the Environments panel): the panel holds runtime values, and even its keys can leak vendor/infrastructure hints into the LLM transcript. No new rule keys, no new pm.* surface, no change to EnvironmentService / RequestExecutor / EndpointBuilder. Backed by catalog-content, binding, crypto-interop, mutable-retry, and ambient-perception tests.
Contributor
|
📦 Plugin has been packaged for this PR. You can download |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## master #732 +/- ##
=============================================
+ Coverage 64.146% 64.191% +0.045%
=============================================
Files 375 376 +1
Lines 21398 21422 +24
Branches 5262 5266 +4
=============================================
+ Hits 13726 13751 +25
+ Misses 5754 5750 -4
- Partials 1918 1921 +3
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 1 file with indirect coverage changes Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a Workflow-Pattern Catalog to the rule-authoring agent's knowledge base, so it can detect and build cross-endpoint workflow patterns (not just single-endpoint custom-pattern shapes): auth-token chaining, static auth, per-request injection, HMAC signing, and 401-refresh.
The agent now recognises producing endpoints (e.g.
/loginreturning a token) and consuming endpoints, and proposes a complete rule bundle —method.additional.header+postman.test/postman.prerequest+http.call.after— wired by a shared env-var name, in a singlepropose_rule_contentcall.Changes
Knowledge / prompt (canonical:
rule-guide.md, mirrored to preamble + external skill)postman.testfires after response /postman.prerequestbefore request; shared-env-var name; never strip legitimate auth fields).agent-preamble.md: condensed workflow-detection section + perceive→reason→act guidance.Runtime enablers (narrowly scoped, 401-refresh only)
ScriptHttpClient.executeSync— synchronous HTTP callable from Groovy scripts (runBlocking, dedicated dispatcher).HttpRequestWrapper— the retried request can carry a refreshedAuthorizationheader.Env-var name reuse — resolved from existing rules, not the Environments panel. The agent greps
${...}out of existingmethod.additional.headervalues viaget_existing_rules_for_key, defaulting toAuthorization. The panel holds runtime values (out of scope for a rule-authoring agent), and even its keys can leak vendor/infrastructure hints (e.g.STRIPE_SECRET_KEY) into the transcript sent to the LLM provider.No new rule keys, no new
pm.*surface, no change toEnvironmentService/RequestExecutor/EndpointBuilder.Test plan
RuleGuideWorkflowCatalogTest— catalog anchor strings present;postman.test(notprerequest) for token extraction; scope note present.ScriptHttpClientTest—executeSyncreturns response, no deadlock on background thread.Jsr223CryptoInteropTest—HmacSHA256interop from agroovy:rule (Resolves Open Question support export api from spring to postman #1).Jsr223ScriptParserBindingTest/PmScriptExecutorBindingTest—httpClientbinding scoped to rule scripts only.HttpClientScriptInterceptorTest— retry sends the mutated request; recursion-depth guard caps nested calls.AmbientPerceptionTest/SystemPromptBuilderTest— ambient contract pinned (locale hint; no env-var surface).EasyApiAssistantSkillTest— external skill mirrors canonical knowledge base.All targeted tests green (
./gradlew test --tests "*RuleGuideWorkflowCatalogTest*" --tests "*ScriptHttpClientTest*" --tests "*AmbientPerceptionTest*" --tests "*SystemPromptBuilderTest*" ...).Design notes
RuleGuideWorkflowCatalogTest).Spec:
.spec/ai-workflow-patterns/(local; not in this PR).