Morton Troope Morton
0 Followers · 0 Following
  • Joined on 2026-01-13
Repositories
2
 Projects Packages Public Activity Starred Repositories

privileged-agent (latest)

Published 2026-02-05 12:59:13 +00:00 by Morton

Installation

docker pull registry.primordium.cloud/morton/privileged-agent:latest
sha256:488f46ffe8542a3e3f2289e84b6c7c35d208ee235203b75ea5a76f1e15033a13

Image Layers

# debian.sh --arch 'amd64' out/ 'trixie' '@1768176000'
ENV PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ENV LANG=C.UTF-8
RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates netbase tzdata ; apt-get dist-clean # buildkit
ENV GPG_KEY=A035C8C19219BA821ECEA86B64E628F8D684696D
ENV PYTHON_VERSION=3.11.14
ENV PYTHON_SHA256=8d3ed8ec5c88c1c95f5e558612a725450d2452813ddad5e58fdb1a53b1209b78
RUN /bin/sh -c set -eux; savedAptMark="$(apt-mark showmanual)"; apt-get update; apt-get install -y --no-install-recommends dpkg-dev gcc gnupg libbluetooth-dev libbz2-dev libc6-dev libdb-dev libffi-dev libgdbm-dev liblzma-dev libncursesw5-dev libreadline-dev libsqlite3-dev libssl-dev make tk-dev uuid-dev wget xz-utils zlib1g-dev ; wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; gpg --batch --verify python.tar.xz.asc python.tar.xz; gpgconf --kill all; rm -rf "$GNUPGHOME" python.tar.xz.asc; mkdir -p /usr/src/python; tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; rm python.tar.xz; cd /usr/src/python; gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; ./configure --build="$gnuArch" --enable-loadable-sqlite-extensions --enable-optimizations --enable-option-checking=fatal --enable-shared $(test "${gnuArch%%-*}" != 'riscv64' && echo '--with-lto') --with-ensurepip ; nproc="$(nproc)"; EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; LDFLAGS="${LDFLAGS:--Wl},--strip-all"; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:-}" ; rm python; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" python ; make install; cd /; rm -rf /usr/src/python; find /usr/local -depth \( \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \) -exec rm -rf '{}' + ; ldconfig; apt-mark auto '.*' > /dev/null; apt-mark manual $savedAptMark; find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "*%s\n", so }' | sort -u | xargs -rt dpkg-query --search | awk 'sub(":$", "", $1) { print $1 }' | sort -u | xargs -r apt-mark manual ; apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; apt-get dist-clean; export PYTHONDONTWRITEBYTECODE=1; python3 --version; pip3 install --disable-pip-version-check --no-cache-dir --no-compile 'setuptools==79.0.1' 'wheel<0.46' ; pip3 --version # buildkit
RUN /bin/sh -c set -eux; for src in idle3 pip3 pydoc3 python3 python3-config; do dst="$(echo "$src" | tr -d 3)"; [ -s "/usr/local/bin/$src" ]; [ ! -e "/usr/local/bin/$dst" ]; ln -svT "$src" "/usr/local/bin/$dst"; done # buildkit
CMD ["python3"]
LABEL maintainer=primordium
LABEL description=Privileged operations agent for secure privilege escalation
RUN /bin/sh -c apt-get update && apt-get install -y --no-install-recommends curl openssh-client sshpass ansible python3-redis ca-certificates gnupg git rsync && install -m 0755 -d /etc/apt/keyrings && curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && chmod a+r /etc/apt/keyrings/docker.gpg && . /etc/os-release && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian ${VERSION_CODENAME:-bookworm} stable" > /etc/apt/sources.list.d/docker.list && apt-get update && apt-get install -y --no-install-recommends docker-ce-cli && rm -rf /var/lib/apt/lists/* # buildkit
RUN /bin/sh -c curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && apt-get install -y nodejs && rm -rf /var/lib/apt/lists/* # buildkit
WORKDIR /app
COPY requirements.txt . # buildkit
RUN /bin/sh -c pip install --no-cache-dir -r requirements.txt # buildkit
COPY agent/ ./agent/ # buildkit
COPY ansible/ansible.cfg /etc/ansible/ansible.cfg # buildkit
COPY ansible/callback_plugins/ /ansible/callback_plugins/ # buildkit
RUN /bin/sh -c mkdir -p /ansible/playbooks /infrastructure # buildkit
ENV PYTHONUNBUFFERED=1
ENV PYTHONPATH=/app:/primordium
ENV AGENT_ID=privileged-agent-1
ENV POSTGRES_HOST=postgres-age
ENV POSTGRES_PORT=5432
ENV POSTGRES_DB=graph_db
ENV POSTGRES_USER=postgres
ENV HEALTH_PORT=8080
ENV ANSIBLE_CONFIG=/etc/ansible/ansible.cfg
ENV ANSIBLE_CALLBACK_PLUGINS=/ansible/callback_plugins
ENV ANSIBLE_PLAYBOOK_PATH=/ansible/playbooks
ENV INFRASTRUCTURE_REPO_PATH=/infrastructure
HEALTHCHECK &{["CMD-SHELL" "curl -f http://localhost:${HEALTH_PORT}/health || exit 1"] "30s" "10s" "5s" "0s" '\x03'}
CMD ["python" "-m" "agent.main"]

Labels

Key Value
description Privileged operations agent for secure privilege escalation
maintainer primordium
Details
Container
2026-02-05 12:59:13 +00:00
4
OCI / Docker
linux/amd64
250 MiB
Versions (6) View all
latest 2026-02-05
71c2912bea08fd55084b4042cb0e01a4b072ab6e 2026-02-05
d098532f6fe93aff950efaadc34059984ee2e597 2026-02-05
394494f06256cd846914398bf3932e9dd18a3681 2026-02-05
292e0a2cc29c1e6dae1c9d12a95d5734b3d1de81 2026-02-05