readyblockedneeds helpallepicskb

Make agentd persistent runtime hermetic (drop AGENTD_AGENT_COMMAND)

t-794·WorkTask·
·
·
Created4 days ago·Updated4 days ago·pipeline runs →

Dependencies

Description

Edit

Persistent agent runtime currently depends on AGENTD_AGENT_COMMAND (resolved from PATH and written into each per-agent env file), which is non-hermetic and can drift after deploy.

Implement a hermetic Nix-based runtime path so persistent sessions always execute an agent binary that is shipped as part of the agentd deployment/runtime closure, without AGENTD_AGENT_COMMAND in env files.

Scope:

  • remove AGENTD_AGENT_COMMAND from persistent env generation and runtime script usage
  • make persistent wrapper resolve a bundled agent path deterministically (no PATH lookup drift)
  • ensure shipped/deployed agentd can execute persistent agents without external PATH assumptions
  • update docs/tests and deployment helper(s) accordingly

Acceptance:

  • persistent runtime script no longer references AGENTD_AGENT_COMMAND
  • newly generated per-agent env files no longer include AGENTD_AGENT_COMMAND
  • end-to-end persistent agent start/send/restart works with bundled runtime path
  • deployment instructions for agentd reflect hermetic behavior

Git Commits

c9281bcefeat(agentd): bundle agent runtime and drop AGENTD_AGENT_COMMAND
Coder Agent4 days ago4 files
Review This Task

Timeline (8)

🔄[human]Open → InProgress4 days ago
💬[human]4 days ago

Implemented in commit c9281bce.

Changes:

  • Omni/Agentd.hs: added so agentd ships with agent as local runtime dep.
  • Omni/Agentd.hs: daemon startup now resolves bundled agent command path and passes absolute path into DaemonConfig.
  • Omni/Agentd/Daemon.hs: added and .
  • Omni/Agentd/Daemon.hs: persistent exec script now takes baked agent path arg and no longer references AGENTD_AGENT_COMMAND.
  • Omni/Agentd/Daemon.hs: per-agent env writer no longer emits AGENTD_AGENT_COMMAND.
  • Omni/Agentd/SPEC.md: documented baked bundled agent runtime behavior.
  • Omni/Ide/deploy-agentd.sh: removed AGENTD_AGENT_COMMAND manifest env wiring.

Validation:

  • typecheck.sh Omni/Agentd/Daemon.hs
  • typecheck.sh Omni/Agentd.hs
  • bild --test Omni/Agentd/Daemon.hs
  • bild --test Omni/Agentd.hs
  • lint Omni/Agentd.hs Omni/Agentd/Daemon.hs Omni/Ide/deploy-agentd.sh Omni/Agentd/SPEC.md

Runtime smoke:

  • created+started temporary persistent session
  • verified ~/.config/agentd-agents/hermetic-smoke.env has no AGENTD_AGENT_COMMAND
  • verified ~/.config/agentd-agents/agentd-agent-exec now execs absolute /nix/store/...-agent/bin/agent path
  • sent prompt and confirmed response + checkpoint write succeeded
  • removed temporary session cleanly

Note:

  • filed follow-up bug t-795 for a tooling warning in typecheck.sh jq parsing when LocalRun rundeps are present.
💬[human]4 days ago

Implemented in commit c9281bce.

Changes:

  • Omni/Agentd.hs: added -- : run Omni/Agent.hs so agentd ships with agent as local runtime dep.
  • Omni/Agentd.hs: daemon startup now resolves bundled agent command path and passes absolute path into DaemonConfig.
  • Omni/Agentd/Daemon.hs: added -- : run Omni/Agent.hs and resolveBundledAgentCommand.
  • Omni/Agentd/Daemon.hs: persistent exec script now takes baked agent path arg and no longer references AGENTD_AGENT_COMMAND.
  • Omni/Agentd/Daemon.hs: per-agent env writer no longer emits AGENTD_AGENT_COMMAND.
  • Omni/Agentd/SPEC.md: documented baked bundled agent runtime behavior.
  • Omni/Ide/deploy-agentd.sh: removed AGENTD_AGENT_COMMAND manifest env wiring.

Validation:

  • typecheck.sh Omni/Agentd/Daemon.hs
  • typecheck.sh Omni/Agentd.hs
  • bild --test Omni/Agentd/Daemon.hs
  • bild --test Omni/Agentd.hs
  • lint Omni/Agentd.hs Omni/Agentd/Daemon.hs Omni/Ide/deploy-agentd.sh Omni/Agentd/SPEC.md

Runtime smoke:

  • created+started temporary persistent session hermetic-smoke
  • verified ~/.config/agentd-agents/hermetic-smoke.env has no AGENTD_AGENT_COMMAND
  • verified ~/.config/agentd-agents/agentd-agent-exec now execs absolute /nix/store/...-agent/bin/agent path
  • sent prompt and confirmed response + checkpoint write succeeded
  • removed temporary session cleanly

Note:

  • filed follow-up bug t-795 for tooling warning in typecheck.sh jq parsing when LocalRun rundeps are present.
🔄[human]InProgress → Review4 days ago
💬[human]4 days ago

Ran deploy + restart rollout on live host. Shipped Omni/Agentd.hs via Omni/Ide/ship.sh (manifest now agentd rev c9281bce, store /nix/store/f2lcm43vhiax4slh52bq24l5736q3jdk-agentd). Restarted persistent agents: sd-coder, cfg-coder, omni-coder, intent-coder, paracoder. Verified all now status=running systemd=active. Verified generated runtime assets are hermetic: agentd-agent-exec uses absolute /nix/store/.../agent/bin/agent and no AGENTD_AGENT_COMMAND in exec/env files.