commit a2117bc291b54228644b63c5f72b60aa11112c53
Author: Ben Sima <ben@bensima.com>
Date: Thu Jan 1 21:00:17 2026
Omni/Agentd: Add base OCI image for container runtime
Images/Base.nix - Minimal container with:
- agent binary
- busybox (sh, ls, cat, grep, etc.)
- CA certs for HTTPS
Packages.nix - Agent package built via bild.run
Also added busybox and cacert to bild.pkgs whitelist.
Build and load:
bild Omni/Agentd/Images/Base.nix
docker load < _/nix/Omni/Agentd/Images/Base.nix
docker run --rm agent-base agent --help
Task-Id: t-320.2
diff --git a/Omni/Agentd/Images/Base.nix b/Omni/Agentd/Images/Base.nix
new file mode 100644
index 00000000..302d2cc4
--- /dev/null
+++ b/Omni/Agentd/Images/Base.nix
@@ -0,0 +1,37 @@
+#!/usr/bin/env run.sh
+# Base OCI image for agentd
+#
+# Contains: agent + busybox + certs
+#
+# Build:
+# bild Omni/Agentd/Images/Base.nix
+#
+# Load into podman:
+# podman load < _/nix/Omni/Agentd/Images/Base.nix
+#
+# Test:
+# podman run -it agent-base agent --help
+#
+{
+ bild,
+ packages ? import ../Packages.nix {inherit bild;},
+}:
+bild.image {
+ name = "agent-base";
+ tag = "latest";
+ fromImage = null;
+ contents = [
+ packages.agent
+ bild.pkgs.busybox
+ bild.pkgs.cacert
+ ];
+ config = {
+ Cmd = ["/bin/agent"];
+ WorkingDir = "/workspace";
+ Env = [
+ "PATH=/bin"
+ "SSL_CERT_FILE=${bild.pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+ "HOME=/root"
+ ];
+ };
+}
diff --git a/Omni/Agentd/Packages.nix b/Omni/Agentd/Packages.nix
new file mode 100644
index 00000000..aec10df2
--- /dev/null
+++ b/Omni/Agentd/Packages.nix
@@ -0,0 +1,4 @@
+# Agentd packages - built via bild, used in container images
+{bild ? import ../Bild.nix {}}: {
+ agent = bild.run ../Agent.hs;
+}
diff --git a/Omni/Bild.nix b/Omni/Bild.nix
index 140577e6..9067c880 100644
--- a/Omni/Bild.nix
+++ b/Omni/Bild.nix
@@ -113,6 +113,8 @@
bash
bat
bc
+ busybox
+ cacert
cmark
coreutils
universal-ctags