Support for different agents #90

New Issue

Closed

opened 2026-05-28 01:43:07 -04:00 by didericis · 2 comments

didericis commented 2026-05-28 01:43:07 -04:00

Owner

Copy Link

Copy Source

I want to be able to use codex as well as any other agent harnesses I might want, and I want to be able to customize the agent container to have whatever extra I'd like. The actual agent files should still be provider/bottle agnostic, and be about purpose rather than security. Agent file = guidance. Bottle file = boundaries.

New features:

• custom dockerfile to use for the agent environment (key in the manifest should something like "agent_provider")
• bottle initialization supplies an "agent_template" option somewhere so I can say "this is a bottle for codex" or "this is a bottle for claude" and add the right default egress routes/roles

Things to change:

• Claude code specific routes should not be automatically provided to the egress/those should be included explicitly in the bottle manifest
• Roles/will need a new codex role for supplying auth

Things to look out for:

• We don't want the user to be able to remove tools the agent needs to communicate with the supervisor, pipelock, egress, mcp, etc. In other words the baked in prepare/launch step should ensure the agent container has whatever dependencies it needs.

I want to be able to use codex as well as any other agent harnesses I might want, and I want to be able to customize the agent container to have whatever extra I'd like. The actual agent files should still be provider/bottle agnostic, and be about purpose rather than security. Agent file = guidance. Bottle file = boundaries. ## New features: - custom dockerfile to use for the agent environment (key in the manifest should something like "agent_provider") - bottle initialization supplies an "agent_template" option somewhere so I can say "this is a bottle for codex" or "this is a bottle for claude" and add the right default egress routes/roles ## Things to change: - Claude code specific routes should not be automatically provided to the egress/those should be included explicitly in the bottle manifest - Roles/will need a new codex role for supplying auth ## Things to look out for: - We don't want the user to be able to remove tools the agent needs to communicate with the supervisor, pipelock, egress, mcp, etc. In other words the baked in prepare/launch step should ensure the agent container has whatever dependencies it needs.

didericis added the Kind/Feature label 2026-05-28 01:43:07 -04:00

didericis-codex commented 2026-05-28 01:46:37 -04:00

Collaborator

Copy Link

Copy Source

This makes sense, but I would split it into two layers so agent guidance stays provider-agnostic:

1. Add a bottle-level agent_provider block, roughly { template: codex|claude|custom, dockerfile: <path>? }. Agents keep only purpose/guidance.
2. Move provider defaults into templates: default image/Dockerfile, launch argv, auth env placeholder behavior, and optional starter egress routes. The bottle still owns explicit egress; no hidden Claude routes.
3. Add provider roles: keep claude_code_oauth, add a Codex auth role, and make roles provider-scoped so validation can reject mismatches.
4. Preserve required infrastructure outside the user Dockerfile contract: launcher/prepare should still install or verify CA handling, supervisor MCP wiring, shell/git basics, and sidecar connectivity requirements. Custom Dockerfiles can add tools, not remove the minimum runtime contract.
5. Implement in small PRs: manifest schema + validation first, provider launch abstraction second, then Dockerfile customization and Codex template.

Main concern: avoid making agent_provider another security boundary surface. It should choose the harness/runtime; bottle egress, git, env, and supervise remain the boundary model.

This makes sense, but I would split it into two layers so agent guidance stays provider-agnostic: 1. Add a bottle-level `agent_provider` block, roughly `{ template: codex|claude|custom, dockerfile: <path>? }`. Agents keep only purpose/guidance. 2. Move provider defaults into templates: default image/Dockerfile, launch argv, auth env placeholder behavior, and optional starter egress routes. The bottle still owns explicit egress; no hidden Claude routes. 3. Add provider roles: keep `claude_code_oauth`, add a Codex auth role, and make roles provider-scoped so validation can reject mismatches. 4. Preserve required infrastructure outside the user Dockerfile contract: launcher/prepare should still install or verify CA handling, supervisor MCP wiring, shell/git basics, and sidecar connectivity requirements. Custom Dockerfiles can add tools, not remove the minimum runtime contract. 5. Implement in small PRs: manifest schema + validation first, provider launch abstraction second, then Dockerfile customization and Codex template. Main concern: avoid making `agent_provider` another security boundary surface. It should choose the harness/runtime; bottle `egress`, `git`, `env`, and `supervise` remain the boundary model.

didericis commented 2026-05-28 01:48:15 -04:00

Author

Owner

Copy Link

Copy Source

Looks good. Start a PR for it, create a PRD, and start implementing it.

Looks good. Start a PR for it, create a PRD, and start implementing it.

didericis referenced a pull request that will close this issue 2026-05-28 20:09:29 -04:00

PRD 0026: Agent Provider Templates #91

didericis closed this issue 2026-05-28 20:09:47 -04:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

core-coverage-badge

ratchet-supervise-90

ratchet-manifest-90

ratchet-git-gate-90

ratchet-egress-core-90

ratchet-yaml-subset-90

ratchet-egress-addon-90

cover-global-90

table-drive-dlp-tests

flatten-deep-nesting

decompose-egress-dlp-config

cover-egress-addon-adapter

prd-egress-control-plane

prd-smolmachines-linux

fix-integration-test-failures

fix/macos-container-relative-dockerfile

prd-0054-install-script

commit-bottle-state

pr-211

move-codex-auth-to-contrib

feat/pipelock-skip-scan-extensions

prd-0049-named-labelled-agents

harden-git-gate-shell-rendering

No results found.

Labels

Clear labels

Compat/Breaking

Breaking change that won't be backward compatible

Kind/Bug

Something is not working

Kind/Documentation

Documentation changes

Kind/Enhancement

Improve existing functionality

Kind/Feature

New functionality

Kind/Security

This is security issue

Kind/Testing

Issue or pull request related to testing

Priority

Critical

1

The priority is critical

Priority

High

2

The priority is high

Priority

Low

4

The priority is low

Priority

Medium

3

The priority is medium

Reviewed

Confirmed

1

Issue has been confirmed

Reviewed

Duplicate

2

This issue or pull request already exists

Reviewed

Invalid

3

Invalid issue

Reviewed

Won't Fix

3

This issue won't be fixed

Status

Abandoned

3

Somebody has started to work on this but abandoned work

Status

Blocked

1

Something is blocking this issue or pull request

Status

Need More Info

2

Feedback is required to reproduce issue or to continue work

No Label Kind/Feature

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

didericis-claude (didericis (claude)) didericis-codex (didericis (codex)) didericis-gemma (gemma) didericis

No Assignees

2 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: didericis/bot-bottle#90