Instantiate AgenticPolicyCompiler environment from YAML definitions

Author: l46kok

bundle/src/main/java/dev/cel/bundle/CelEnvironment.java

@@ -43,6 +43,7 @@
 import dev.cel.common.types.OptionalType;
 import dev.cel.common.types.SimpleType;
 import dev.cel.common.types.TypeParamType;
+import dev.cel.common.types.TypeType;
 import dev.cel.compiler.CelCompiler;
 import dev.cel.compiler.CelCompilerBuilder;
 import dev.cel.compiler.CelCompilerLibrary;
@@ -69,9 +70,10 @@ public abstract class CelEnvironment {
           "math", CanonicalCelExtension.MATH,
           "optional", CanonicalCelExtension.OPTIONAL,
           "protos", CanonicalCelExtension.PROTOS,
+          "regex", CanonicalCelExtension.REGEX,
           "sets", CanonicalCelExtension.SETS,
           "strings", CanonicalCelExtension.STRINGS,
-          "comprehensions", CanonicalCelExtension.COMPREHENSIONS);
+          "two-var-comprehensions", CanonicalCelExtension.COMPREHENSIONS);
 
   /** Environment source in textual format (ex: textproto, YAML). */
   public abstract Optional<Source> source();
@@ -82,7 +84,7 @@ public abstract class CelEnvironment {
   /**
    * Container, which captures default namespace and aliases for value resolution.
    */
-  public abstract CelContainer container();
+  public abstract Optional<CelContainer> container();
 
   /**
    * An optional description of the environment (example: location of the file containing the config
@@ -186,7 +188,6 @@ public static Builder newBuilder() {
     return new AutoValue_CelEnvironment.Builder()
         .setName("")
         .setDescription("")
-        .setContainer(CelContainer.ofName(""))
         .setVariables(ImmutableSet.of())
         .setFunctions(ImmutableSet.of());
   }
@@ -199,7 +200,6 @@ public CelCompiler extend(CelCompiler celCompiler, CelOptions celOptions)
       CelCompilerBuilder compilerBuilder =
           celCompiler
               .toCompilerBuilder()
-              .setContainer(container())
               .setTypeProvider(celTypeProvider)
               .addVarDeclarations(
                   variables().stream()
@@ -210,6 +210,9 @@ public CelCompiler extend(CelCompiler celCompiler, CelOptions celOptions)
                       .map(f -> f.toCelFunctionDecl(celTypeProvider))
                       .collect(toImmutableList()));
 
+
+      container().ifPresent(compilerBuilder::setContainer);
+
       addAllCompilerExtensions(compilerBuilder, celOptions);
 
       applyStandardLibrarySubset(compilerBuilder);
@@ -349,6 +352,9 @@ public abstract static class VariableDecl {
     /** The type of the variable. */
     public abstract TypeDecl type();
 
+    /** Description of the variable. */
+    public abstract Optional<String> description();
+
     /** Builder for {@link VariableDecl}. */
     @AutoValue.Builder
     public abstract static class Builder implements RequiredFieldsChecker {
@@ -361,6 +367,8 @@ public abstract static class Builder implements RequiredFieldsChecker {
 
       public abstract VariableDecl.Builder setType(TypeDecl typeDecl);
 
+      public abstract VariableDecl.Builder setDescription(String name);
+
       @Override
       public ImmutableList<RequiredField> requiredFields() {
         return ImmutableList.of(
@@ -600,6 +608,9 @@ public CelType toCelType(CelTypeProvider celTypeProvider) {
           CelType keyType = params().get(0).toCelType(celTypeProvider);
           CelType valueType = params().get(1).toCelType(celTypeProvider);
           return MapType.create(keyType, valueType);
+        case "type":
+          checkState(params().size() == 1, "Expected 1 parameter for type, got " + params().size());
+          return TypeType.create(params().get(0).toCelType(celTypeProvider));
         default:
           if (isTypeParam()) {
             return TypeParamType.create(name());
@@ -734,10 +745,14 @@ enum CanonicalCelExtension {
     SETS(
         (options, version) -> CelExtensions.sets(options),
         (options, version) -> CelExtensions.sets(options)),
+    REGEX(
+        (options, version) -> CelExtensions.regex(),
+        (options, version) -> CelExtensions.regex()),
     LISTS((options, version) -> CelExtensions.lists(), (options, version) -> CelExtensions.lists()),
     COMPREHENSIONS(
         (options, version) -> CelExtensions.comprehensions(),
-        (options, version) -> CelExtensions.comprehensions());
+        (options, version) -> CelExtensions.comprehensions())
+    ;
 
     @SuppressWarnings("ImmutableEnumChecker")
     private final CompilerExtensionProvider compilerExtensionProvider;

bundle/src/main/java/dev/cel/bundle/CelEnvironmentYamlParser.java

@@ -243,6 +243,9 @@ private VariableDecl parseVariable(ParserContext<Node> ctx, Node node) {
         case "name":
           builder.setName(newString(ctx, valueNode));
           break;
+        case "description":
+          builder.setDescription(newString(ctx, valueNode));
+          break;
         case "type":
           if (typeDeclBuilder != null) {
             ctx.reportError(
@@ -318,6 +321,9 @@ private FunctionDecl parseFunction(ParserContext<Node> ctx, Node node) {
         case "overloads":
           builder.setOverloads(parseOverloads(ctx, valueNode));
           break;
+        case "description":
+          // TODO: Set description
+          break;
         default:
           ctx.reportError(keyId, String.format("Unsupported function tag: %s", keyName));
           break;
@@ -369,6 +375,9 @@ private static ImmutableSet<OverloadDecl> parseOverloads(ParserContext<Node> ctx
           case "target":
             overloadDeclBuilder.setTarget(parseTypeDecl(ctx, valueNode));
             break;
+          case "examples":
+            // TODO: Set examples
+            break;
           default:
             ctx.reportError(keyId, String.format("Unsupported overload tag: %s", fieldName));
             break;

bundle/src/main/java/dev/cel/bundle/CelEnvironmentYamlSerializer.java

@@ -77,10 +77,9 @@ public Node representData(Object data) {
       if (!environment.description().isEmpty()) {
         configMap.put("description", environment.description());
       }
-      if (!environment.container().name().isEmpty()
-          || !environment.container().abbreviations().isEmpty()
-          || !environment.container().aliases().isEmpty()) {
-        configMap.put("container", environment.container());
+
+      if (environment.container().isPresent()) {
+        configMap.put("container", environment.container().get());
       }
       if (!environment.extensions().isEmpty()) {
         configMap.put("extensions", environment.extensions().asList());

tools/ai/BUILD.bazel

@@ -5,11 +5,21 @@ package(
     default_visibility = ["//visibility:public"],
 )
 
+java_library(
+    name = "agentic_policy_environment",
+    exports = ["//tools/src/main/java/dev/cel/tools/ai:agentic_policy_environment"],
+)
+
 java_library(
     name = "agentic_policy_compiler",
     exports = ["//tools/src/main/java/dev/cel/tools/ai:agentic_policy_compiler"],
 )
 
+alias(
+    name = "ai_environments",
+    actual = "//tools/src/main/resources/environment:ai_environments",
+)
+
 alias(
     name = "test_policies",
     testonly = True,

tools/src/main/java/dev/cel/tools/ai/AgenticPolicyCompiler.java

@@ -2,6 +2,7 @@
 
 import static dev.cel.common.formats.YamlHelper.assertYamlType;
 
+import com.google.protobuf.Descriptors.FileDescriptor;
 import dev.cel.bundle.Cel;
 import dev.cel.common.CelAbstractSyntaxTree;
 import dev.cel.common.formats.ValueString;
@@ -66,7 +67,9 @@ public void visitPolicyTag(
           break;
 
         case "variables":
-          if (!assertYamlType(ctx, id, node, YamlNodeType.LIST)) return;
+          if (!assertYamlType(ctx, id, node, YamlNodeType.LIST)) {
+            return;
+          }
           List<Variable> parsedVariables = new ArrayList<>();
           SequenceNode varList = (SequenceNode) node;
 

tools/src/main/java/dev/cel/tools/ai/AgenticPolicyEnvironment.java

@@ -0,0 +1,155 @@
+package dev.cel.tools.ai;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+
+import com.google.common.base.Ascii;
+import com.google.common.collect.ImmutableCollection;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.io.Resources;
+import com.google.protobuf.Descriptors.FileDescriptor;
+import dev.cel.bundle.Cel;
+import dev.cel.bundle.CelEnvironment;
+import dev.cel.bundle.CelEnvironmentException;
+import dev.cel.bundle.CelEnvironmentYamlParser;
+import dev.cel.bundle.CelFactory;
+import dev.cel.common.CelContainer;
+import dev.cel.common.CelOptions;
+import dev.cel.common.types.CelType;
+import dev.cel.common.types.CelTypeProvider;
+import dev.cel.common.types.OpaqueType;
+import dev.cel.expr.ai.Agent;
+import dev.cel.expr.ai.AgentMessage;
+import dev.cel.expr.ai.AgentMessage.Part;
+import dev.cel.expr.ai.ClassificationLabel;
+import dev.cel.expr.ai.Finding;
+import dev.cel.parser.CelStandardMacro;
+import dev.cel.runtime.CelFunctionBinding;
+import java.io.IOException;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Optional;
+
+final class AgenticPolicyEnvironment {
+
+  private static final CelOptions CEL_OPTIONS =
+      CelOptions.current()
+          .enableTimestampEpoch(true)
+          .populateMacroCalls(true)
+          .build();
+
+  private static final Cel CEL_BASE_ENV =
+      CelFactory.standardCelBuilder()
+          .setContainer(CelContainer.ofName("cel.expr.ai")) // TODO: config?
+          .addFileTypes(Agent.getDescriptor().getFile())
+          .setStandardMacros(CelStandardMacro.STANDARD_MACROS)
+          .setTypeProvider(new AgentTypeProvider())
+          .addFunctionBindings(
+              CelFunctionBinding.from(
+                  "AgentMessage_threatFindings",
+                  ImmutableList.of(AgentMessage.class),
+                  (args) -> getFindings((AgentMessage) args[0], "threats", ClassificationLabel.Category.THREAT)
+              ),
+              CelFunctionBinding.from(
+                  "ai.finding_string_double",
+                  ImmutableList.of(String.class, Double.class),
+                  (args) -> Finding.newBuilder()
+                      .setValue((String) args[0])
+                      .setConfidence((Double) args[1])
+                      .build()
+              ),
+              CelFunctionBinding.from(
+                  "optional_type(list(Finding))_hasAll_list(Finding)",
+                  ImmutableList.of(Optional.class, List.class),
+                  (args) -> hasAllFindings((Optional<List<Finding>>) args[0], (List<Finding>) args[1])
+              )
+          )
+          .setOptions(CEL_OPTIONS)
+          .build();
+
+  private static Optional<List<Finding>> getFindings(AgentMessage msg, String labelName, ClassificationLabel.Category category) {
+    List<Finding> results = new ArrayList<>();
+
+    for (Part part : msg.getPartsList()) {
+      if (part.hasPrompt()) {
+        // TODO: Collect from classification
+        results.add(Finding.newBuilder().setValue("prompt_injection").setConfidence(1.0d).build());
+      } else if (part.hasToolCall()) {
+        // TODO: Collect from classification
+      }
+
+    }
+
+    if (results.isEmpty()) {
+      return Optional.empty();
+    }
+
+    return Optional.of(results);
+  }
+
+  private static boolean hasAllFindings(Optional<List<Finding>> sourceOpt, List<Finding> required) {
+    if (!sourceOpt.isPresent()) {
+      return false;
+    }
+    List<Finding> source = sourceOpt.get();
+
+    return required.stream().allMatch(req ->
+        source.stream().anyMatch(act ->
+            act.getValue().equals(req.getValue()) &&
+                act.getConfidence() >= req.getConfidence()
+        )
+    );
+  }
+
+  static Cel newInstance() {
+    Cel celEnv = CEL_BASE_ENV;
+
+    celEnv = extendFromConfig(celEnv, "environment/agent_env.yaml");
+    celEnv = extendFromConfig(celEnv, "environment/common_env.yaml");
+    return extendFromConfig(celEnv, "environment/tool_call_env.yaml");
+  }
+
+  private static Cel extendFromConfig(Cel cel, String yamlConfigPath) {
+    String yamlEnv;
+    try {
+      yamlEnv = readFile(yamlConfigPath);
+    } catch (IOException e) {
+      String errorMsg = String.format("Failed to read %s: %s", yamlConfigPath, e.getMessage());
+      throw new IllegalArgumentException(errorMsg, e);
+    }
+    try {
+      CelEnvironment env = CelEnvironmentYamlParser.newInstance().parse(yamlEnv);
+      return env.extend(cel, CEL_OPTIONS);
+    } catch (CelEnvironmentException e) {
+      String errorMsg = String.format("Failed to extend CEL environment from %s: %s", yamlConfigPath, e.getMessage());
+      throw new IllegalArgumentException(errorMsg, e);
+    }
+  }
+
+  private static String readFile(String path) throws IOException {
+    URL url = Resources.getResource(Ascii.toLowerCase(path));
+    return Resources.toString(url, UTF_8);
+  }
+
+  private static final class AgentTypeProvider implements CelTypeProvider {
+    private static final OpaqueType AGENT_MESSAGE_SET_TYPE = OpaqueType.create("cel.expr.ai.AgentMessageSet");
+
+    private static final ImmutableSet<CelType> ALL_TYPES = ImmutableSet.of(AGENT_MESSAGE_SET_TYPE);
+
+    @Override
+    public ImmutableCollection<CelType> types() {
+      return ALL_TYPES;
+    }
+    @Override
+    public Optional<CelType> findType(String typeName) {
+      if (typeName.equals(AGENT_MESSAGE_SET_TYPE.name())) {
+        return Optional.of(AGENT_MESSAGE_SET_TYPE);
+      }
+
+      return Optional.empty();
+    }
+  }
+
+  private AgenticPolicyEnvironment() {}
+}

tools/src/main/java/dev/cel/tools/ai/BUILD.bazel

@@ -6,16 +6,17 @@ package(
         "//:license",
     ],
     default_visibility = ["//visibility:public"],
-    #    default_visibility = [
-    #        "//tools/ai:__pkg__",
-    #    ],
+    #        default_visibility = [
+    #            "//tools/ai:__pkg__",
+    #        ],
 )
 
 java_library(
     name = "agentic_policy_compiler",
     srcs = ["AgenticPolicyCompiler.java"],
     deps = [
         ":agent_context_java_proto",
+        ":agentic_policy_environment",
         "//bundle:cel",
         "//common:cel_ast",
         "//common/formats:value_string",
@@ -33,6 +34,28 @@ java_library(
     ],
 )
 
+java_library(
+    name = "agentic_policy_environment",
+    srcs = ["AgenticPolicyEnvironment.java"],
+    resources = ["//tools/ai:ai_environments"],
+    deps = [
+        ":agent_context_extensions_java_proto",
+        ":agent_context_java_proto",
+        "//bundle:cel",
+        "//bundle:environment",
+        "//bundle:environment_exception",
+        "//bundle:environment_yaml_parser",
+        "//common:container",
+        "//common:options",
+        "//common/types",
+        "//common/types:type_providers",
+        "//parser:macro",
+        "//runtime:function_binding",
+        "@maven//:com_google_guava_guava",
+        "@maven//:com_google_protobuf_protobuf_java",
+    ],
+)
+
 proto_library(
     name = "agent_context_proto",
     srcs = ["agent_context.proto"],