Skip to content

feat(agent/agentcontainers): implement sub agent injection #18245

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(agent/agentcontainers): implement sub agent injection #18245

wants to merge 5 commits into from

Conversation

mafredri
Copy link
Member

@mafredri mafredri commented Jun 5, 2025
edited
Loading

This change adds support for sub agent creation and injection into dev
containers.

TODO:

  • Pass the correct access URL to sub agent
  • Add integration test
  • Use correct directory for sub agent (requires on-disk devcontainer.json parsing, follow-up PR)
  • Parse .customizations.coder.devcontainer.name from docker container label (materialized devcontainer.json on creation, follow-up PR)
  • Add support for downloading agent binaries for different architectures (follow-up PR)
  • Make sure there are reduced capabilities for sub-agents (e.g. no containers API, follow-up PR)

Updates coder/internal#621

  1. chore(agent): update agent proto client #18242
  2. feat(agent/agentcontainers): refactor Lister to ContainerCLI and implement new methods #18243
  3. feat(agent/agentcontainers): add Exec method to devcontainers CLI #18244
  4. 👉🏻 feat(agent/agentcontainers): implement sub agent injection #18245

This was referenced Jun 5, 2025
Merged
Merged
Merged
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-3 branch from d49f84e to 011a8aa Compare June 5, 2025 12:51
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch from 91ff08e to 3960774 Compare June 5, 2025 12:52
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-3 branch from 011a8aa to 63f93bc Compare June 5, 2025 13:59
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch from 3960774 to 1cf1905 Compare June 5, 2025 13:59
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-3 branch from 63f93bc to 0deaab8 Compare June 6, 2025 08:44
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch from 1cf1905 to f190036 Compare June 6, 2025 08:44
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-3 branch from 0deaab8 to 8796ba3 Compare June 6, 2025 09:30
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch 2 times, most recently from dc146ab to d1447f3 Compare June 6, 2025 09:45
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-3 branch from 8796ba3 to adbfd45 Compare June 6, 2025 11:20
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch from d1447f3 to 3547372 Compare June 6, 2025 11:27
Base automatically changed from mafredri/feat-agent-devcontainer-injection-3 to main June 6, 2025 11:39
@mafredri
feat(agent/agentcontainers): implement sub agent injection
7358ee0 
This change adds support for sub agent creation and injection into dev
containers.

Closes coder/internal#621
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch from 3547372 to 7358ee0 Compare June 6, 2025 11:39
@mafredri mafredri force-pushed the mafredri/feat-agent-devcontainer-injection-4 branch from a8e4495 to eb29bba Compare June 6, 2025 15:59
@mafredri
Copy link
Member Author

mafredri commented Jun 6, 2025

I'm still working on an integration test and the existing mocks are being a PITA (think those are about sorted now though). Promoting this to "ready for review" to get some feedback on the approach @DanielleMaywood @johnstcn.

(Also going to break out the "follow-up PR" tasks into new issues before merging this.)

@mafredri mafredri marked this pull request as ready for review June 6, 2025 16:14
johnstcn
johnstcn reviewed Jun 6, 2025
View reviewed changes
Copy link
Member

@johnstcn johnstcn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still have to read some more but adding my comments so far.

agent/agentcontainers/api.go
Comment on lines +35 to +39
// Destination path inside the container, we store it in a fixed location
// under /.coder-agent/coder to avoid conflicts and avoid being shadowed
// by tmpfs or other mounts. This assumes the container root filesystem is
// read-write, which seems sensible for dev containers.
coderPathInsideContainer = "/.coder-agent/coder"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

agent/agentcontainers/api.go
if err := api.cleanupSubAgents(api.ctx); err != nil {
api.logger.Error(api.ctx, "cleanup subagents failed", slog.Error(err))
} else {
api.logger.Debug(api.ctx, "subagent cleanup complete")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: consistency

Suggested change
api.logger.Debug(api.ctx, "subagent cleanup complete")
api.logger.Debug(api.ctx, "cleanup subagents complete")

agent/agentcontainers/api.go
if _, injected := api.injectedSubAgentProcs[dc.Container.ID]; !injected && dc.Status == codersdk.WorkspaceAgentDevcontainerStatusRunning {
err := api.injectSubAgentIntoContainerLocked(ctx, dc)
if err != nil {
api.logger.Error(ctx, "inject subagent into container failed", slog.Error(err))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggest also logging container ID

agent/agentcontainers/api.go
Comment on lines +1093 to +1099
err := api.dccli.Exec(agentCtx, dc.WorkspaceFolder, dc.ConfigPath, agentPath, []string{"agent"},
WithContainerID(container.ID),
WithRemoteEnv(
"CODER_AGENT_URL="+api.subAgentURL,
"CODER_AGENT_TOKEN="+agent.AuthToken.String(),
),
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it make more sense to background this? If the parent agent ends up crashing and being restarted, we'll lose the sub-agents and have to re-inject them. We can keep track of the expected PID in e.g. /.coder-agent/pid

agent/agentcontainers/api.go
Comment on lines +1009 to +1011
if _, err := api.ccli.ExecAs(ctx, container.ID, "root", "setcap", "cap_net_admin+ep", coderPathInsideContainer); err != nil {
logger.Warn(ctx, "set CAP_NET_ADMIN on agent binary failed", slog.Error(err))
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will probably fail unless the container is running as privileged or has the specific CAP_NET_ADMIN privilege set on the container?

agent/agentcontainers/api.go
Comment on lines +1002 to +1005
// Make sure the agent binary is executable so we can run it.
if _, err := api.ccli.ExecAs(ctx, container.ID, "root", "chmod", "+x", coderPathInsideContainer); err != nil {
return xerrors.Errorf("set agent binary executable: %w", err)
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we also need to chown the binary so that it's readable by the default container user?

agent/agentcontainers/api.go

logger.Info(ctx, "starting subagent in dev container")

err := api.dccli.Exec(agentCtx, dc.WorkspaceFolder, dc.ConfigPath, agentPath, []string{"agent"},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we try to execute this as a non-root user?

agent/agentcontainers/api.go
Comment on lines +879 to +882
injected := make(map[uuid.UUID]bool, len(api.injectedSubAgentProcs))
for _, proc := range api.injectedSubAgentProcs {
injected[proc.agent.ID] = true
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This could probably be a map[uuid.UUID]struct{} instead, and then below on line 888 just check for _, found := injected[agent.ID]

agent/agentcontainers/api.go
Comment on lines +887 to +899
for _, agent := range agents {
if injected[agent.ID] {
continue
}
err := api.subAgentClient.Delete(ctx, agent.ID)
if err != nil {
api.logger.Error(ctx, "failed to delete agent",
slog.Error(err),
slog.F("agent_id", agent.ID),
slog.F("agent_name", agent.Name),
)
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we set an upper bound on deletion attempts and raise if more than say 3 attempts fail?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johnstcn johnstcn johnstcn left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@mafredri mafredri

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mafredri @johnstcn