mirror of
https://github.com/microsoft/agent-framework.git
synced 2026-06-16 21:04:09 +08:00
b03cb324d5
* initial work on code_mode * updated samples * updates to codeact * udpated codeact * Draft CodeAct ADR and sample updates Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * initial implementation and adr and feature * Python: Limit Hyperlight wasm backend to Python <3.14 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Python: Fix CI for Hyperlight CodeAct PR Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Python: Run Hyperlight integration when available Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Python: Address Hyperlight review feedback Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Python: Simplify Hyperlight file mount inputs Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Python: Accept Path host paths in Hyperlight mounts Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Python: Fix Hyperlight mount typing for CI Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * temp run integration test * Python: Strengthen Hyperlight real sandbox tests Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * added additional tests * Python: Simplify Hyperlight CodeAct API Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * set tests as non-integration * Retry Hyperlight allowed-domain registration Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Gate Hyperlight integration tests by runtime support Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix Hyperlight skip test on Python 3.14 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Delay Hyperlight runtime probe until test execution Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Relax Hyperlight Windows integration stdout assertion Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Scan Hyperlight output directory for artifacts Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Retry Hyperlight output artifact collection Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Harden Hyperlight integration output assertions Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Retry Hyperlight read-back check in integration test Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Simplify Hyperlight integration write assertion Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Avoid pathlib in Hyperlight integration sandbox Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use socket network check in Hyperlight sandbox Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Replace blocked Azure AI Search blog link Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Clarify Hyperlight guest stdlib limits Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use _socket in Hyperlight integration sandbox Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Handle Hyperlight mounted file paths Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Broaden Hyperlight sandbox path fallbacks Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Search Hyperlight guest mounts recursively Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Split Hyperlight mount coverage Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Split Hyperlight live network tests Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix Hyperlight file-write test on Windows Enable the sandbox filesystem by providing a workspace_root so /output is mounted. Remove os.path.exists assertion (unsupported in WASM guest) and fix Content data assertion to use .uri. Skip the network integration test on Windows where the WASM sandbox lacks the encodings.idna codec. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR review: ADR intro, manual wiring sample, doc clarifications - Add CodeAct introduction section to ADR for unfamiliar readers - Clarify 'less runtime efficient' con with specific overhead description - Add note in Python impl doc clarifying ADR vs impl doc split - Explain why before_run hooks must be per-run (CRUD, concurrency, approval) - Rename code_interpreter variable to codeact in E2E sample - Add manual static wiring sample (codeact_manual_wiring.py) - Add 'when to use which pattern' guidance to samples README Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Address PR #5185 review comments and add .NET CodeAct design doc - Fix async callback: _make_sandbox_callback returns sync wrapper with thread + asyncio.run() bridge (was broken with real Wasm FFI) - Fix stale output: clear output_dir before each sandbox.run() call - Fix blocking event loop: _run_code now async with asyncio.to_thread() - Revert _agents.py options['tools'] injection (unnecessary; provider uses context.extend_tools()) - Revert SessionContext.options docstring back to read-only - Add real-sandbox test fixtures (shared/restored/fresh) - Add 8 new real-sandbox tests for callback round-trip, stale output, event loop non-blocking, basic execution, stdout/stderr, errors, snapshot/restore, and tool registration - Add comprehensive .NET HyperlightCodeActProvider design document Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Update hyperlight README with code snippets and remove Public API section Replace bare export list with Quick Start code examples covering the context provider, standalone tool, manual static wiring, and file mounts / network access patterns. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
133 lines
4.0 KiB
Markdown
133 lines
4.0 KiB
Markdown
# agent-framework-hyperlight
|
|
|
|
Alpha Hyperlight-backed CodeAct integrations for Microsoft Agent Framework.
|
|
|
|
## Installation
|
|
|
|
```bash
|
|
pip install agent-framework-hyperlight --pre
|
|
```
|
|
|
|
This package depends on `hyperlight-sandbox`, the packaged Python guest, and the
|
|
Wasm backend package on supported platforms. If the backend is not published for
|
|
your current platform yet, `execute_code` will fail at runtime when it tries to
|
|
create the sandbox.
|
|
|
|
## Quick start
|
|
|
|
### Context provider (recommended)
|
|
|
|
Use `HyperlightCodeActProvider` to automatically inject the `execute_code` tool
|
|
and CodeAct instructions into every agent run. Tools registered on the provider
|
|
are available inside the sandbox via `call_tool(...)` but are **not** exposed as
|
|
direct agent tools.
|
|
|
|
```python
|
|
from agent_framework import Agent, tool
|
|
from agent_framework_hyperlight import HyperlightCodeActProvider
|
|
|
|
@tool
|
|
def compute(operation: str, a: float, b: float) -> float:
|
|
"""Perform a math operation."""
|
|
ops = {"add": a + b, "subtract": a - b, "multiply": a * b, "divide": a / b}
|
|
return ops[operation]
|
|
|
|
codeact = HyperlightCodeActProvider(
|
|
tools=[compute],
|
|
approval_mode="never_require",
|
|
)
|
|
|
|
agent = Agent(
|
|
client=client,
|
|
name="CodeActAgent",
|
|
instructions="You are a helpful assistant.",
|
|
context_providers=[codeact],
|
|
)
|
|
|
|
result = await agent.run("Multiply 6 by 7 using execute_code.")
|
|
```
|
|
|
|
### Standalone tool
|
|
|
|
Use `HyperlightExecuteCodeTool` directly when you want full control over how the
|
|
tool is added to the agent. This is useful when mixing sandbox tools with
|
|
direct-only tools on the same agent.
|
|
|
|
```python
|
|
from agent_framework import Agent, tool
|
|
from agent_framework_hyperlight import HyperlightExecuteCodeTool
|
|
|
|
@tool
|
|
def send_email(to: str, subject: str, body: str) -> str:
|
|
"""Send an email (direct-only, not available inside the sandbox)."""
|
|
return f"Email sent to {to}"
|
|
|
|
execute_code = HyperlightExecuteCodeTool(
|
|
tools=[compute],
|
|
approval_mode="never_require",
|
|
)
|
|
|
|
agent = Agent(
|
|
client=client,
|
|
name="MixedToolsAgent",
|
|
instructions="You are a helpful assistant.",
|
|
tools=[send_email, execute_code],
|
|
)
|
|
```
|
|
|
|
### Manual static wiring
|
|
|
|
For fixed configurations where provider lifecycle overhead is unnecessary, build
|
|
the CodeAct instructions once and pass them to the agent at construction time:
|
|
|
|
```python
|
|
execute_code = HyperlightExecuteCodeTool(
|
|
tools=[compute],
|
|
approval_mode="never_require",
|
|
)
|
|
|
|
codeact_instructions = execute_code.build_instructions(tools_visible_to_model=False)
|
|
|
|
agent = Agent(
|
|
client=client,
|
|
name="StaticWiringAgent",
|
|
instructions=f"You are a helpful assistant.\n\n{codeact_instructions}",
|
|
tools=[execute_code],
|
|
)
|
|
```
|
|
|
|
### File mounts and network access
|
|
|
|
Mount host directories into the sandbox and allow outbound HTTP to specific
|
|
domains:
|
|
|
|
```python
|
|
from agent_framework_hyperlight import HyperlightCodeActProvider, FileMount
|
|
|
|
codeact = HyperlightCodeActProvider(
|
|
tools=[compute],
|
|
file_mounts=[
|
|
"/host/data", # shorthand — same path in sandbox
|
|
("/host/models", "/sandbox/models"), # explicit host → sandbox mapping
|
|
FileMount("/host/config", "/sandbox/config"), # named tuple
|
|
],
|
|
allowed_domains=[
|
|
"api.github.com", # all methods
|
|
("internal.api.example.com", "GET"), # GET only
|
|
],
|
|
)
|
|
```
|
|
|
|
## Notes
|
|
|
|
- This package is intentionally separate from `agent-framework-core` so CodeAct
|
|
usage and installation remain optional.
|
|
- Alpha-package samples live under `packages/hyperlight/samples/`.
|
|
- `file_mounts` accepts a single string shorthand, an explicit `(host_path,
|
|
mount_path)` pair, or a `FileMount` named tuple. The host-side path in the
|
|
explicit forms may be a `str` or `Path`. Use the explicit two-value form when
|
|
the host path differs from the sandbox path.
|
|
- `allowed_domains` accepts a single string target such as `"github.com"` to
|
|
allow all backend-supported methods, an explicit `(target, method_or_methods)`
|
|
tuple such as `("github.com", "GET")`, or an `AllowedDomain` named tuple.
|