1. Overview
The Agent Build & Packaging Utility (agent-builder): A development-side tool that compiles heavyweight, developer-focused agent configurations into a minimal, secure, versioned deployment package. Also includes other files as needed for a complete upgrade tool.The Agent Deployment Manager (adm): A production-side CLI tool that manages the lifecycle of these packages, including deployment, atomic activation, rollbacks, and auditing.
2. Goals and Scope
Goals: To provide a clear separation between development and production agent configurations. To create self-contained, versioned, and portable deployment packages ("flat packs"). To ensure deployments are atomic and minimize service interruption. To provide a full, auditable history of all deployment and rollback activities. To enable declarative management of required production server files and directories. To enforce security through minimalism and access control.
Non-Goals: This system does not manage the underlying server infrastructure (VMs, containers, networking). It does not manage the installation of the core Python engine or its dependencies. It is not a real-time secrets management system (though it can place pre-defined config files).
3. System Component 1: The Agent Build & Packaging Utility (agent-builder)
Purpose: To consume the full developer configuration and produce a lightweight production deployment package.Inputs: --config <path>: Path to the heavyweight dev_config.json. --entry-points <agent1,agent2,...>: A comma-separated list of the top-level agents to be included. --version <x.y.z>: The semantic version for this build. --output-dir <path>: Directory to save the final package.
Process: Dependency Resolution: The tool starts with the --entry-points and recursively scans all workflow steps to build a complete, minimal set of all required agent dependencies.Configuration Stripping: For each agent in the final dependency set, it creates a lean, execution-only definition by removing keys such as gui_proc_def, gui_manifest, help, and function_def.Asset Collection: It reads the manifest.json from the source directory (if one exists) to find a filesystem_spec. It collects all local files specified in copy_file actions and places them into an assets/ directory within the package.Packaging: It creates a versioned .zip file (e.g., deploy-package-v1.2.0.zip) containing:config.json: The final, stripped-down agent configurations. manifest.json: Metadata about the build, including the filesystem spec. assets/: A directory containing all files needed for copy_file operations.
Output: A single, versioned .zip deployment package.
4. The Deployment Package Specification
/
├── config.json
├── version.json
├── manifest.json
└── assets/
└── rag_data.csv
└── templates/
└── welcome_email.txt
5. The Manifest File Specification (manifest.json)
{
"package_version": "1.2.0",
"build_timestamp_utc": "2023-10-27T14:30:00Z",
"entry_points": [
"daily_finance_report",
"user_onboarding_workflow"
],
"source_info": {
"git_commit_hash": "a1b2c3d4e5f6g7h8",
"build_user": "dev-builder"
},
"filesystem_spec": {
"allowed_base_paths": [ "/var/data/agent_platform/", "/var/log/agent_platform/" ],
"operations": [
{
"action": "create_dir",
"path": "/var/log/agent_platform/finance_reports",
"permissions": "0755"
},
{
"action": "copy_file",
"source": "assets/rag_data.csv",
"destination": "/var/data/agent_platform/rag/finance_data.csv",
"permissions": "0644"
},
{
"action": "copy_file",
"source": "assets/templates/welcome_email.txt",
"destination": "/var/data/agent_platform/templates/welcome_email.txt",
"permissions": "0644"
}
]
}
}
filesystem_spec.allowed_base_paths : A security feature. The adm tool will refuse to perform any operation on a path that does not start with one of these prefixes.filesystem_spec.operations : An ordered list of filesystem actions to be performed by the adm tool upon deployment.
6. System Component 2: The Agent Deployment Manager (adm)
adm deploy <version> --user <username> --reason "<message>" Purpose: Deploys and activates a new version.Workflow: Verifies the existence of packages/deploy-package-v<version>.zip. Performs pre-flight checks: validates zip integrity and manifest.json. Creates a new release directory: releases/<version>/. Unzips the package contents into the new release directory. Executes Filesystem Orchestration: a. Iterates through the filesystem_spec.operations in the manifest. b. For each operation, it verifies the destination path is within the allowed_base_paths. c. It performs the create_dir or copy_file action with the specified permissions. d. If any operation fails, the entire deployment is aborted, the releases/<version>/ directory is cleaned up, and an error is logged. Atomic Activation: Atomically updates the active symlink to point to the new releases/<version>/ directory.Logs the event (user, reason, version, timestamp) and sends notifications.
adm rollback --user <username> --reason "<message>" --deploy "<deployment id>" Purpose: Reverts the active symlink to the previous valid deployment.Workflow: Identifies the last active version if the deployment id is last from the deployment log. Otherwise it finds the file with the given deployment id. Checks to make sure that version is complete and it was also not rolled back.
Says that it is going to do and asks for permission.
Atomically updates the active symlink. The last files that were deployed are deleted.
The previous version is rolled back out to disk.Logs the rollback event and sends notifications.
adm history Purpose: Displays the immutable deployment and rollback log, including dates, users, and reasons.
adm status Purpose: Shows the currently active version and deployment details.
adm prune --keep <N> Purpose: Safely removes old, inactive release directories to free up space, keeping the specified number of recent releases plus the active one.
7. Security Considerations
The adm tool must be run by a specific system user with restricted permissions. The filesystem_spec.allowed_base_paths provides a critical safeguard against directory traversal and modification of sensitive system files. This configuration should be locked down on the production server. Deployment packages should have their checksums verified upon upload and before deployment to ensure integrity. The deployment log provides a non-repudiable audit trail for all changes to the production environment.
No comments:
Post a Comment