You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
policy.yaml is now opt-in: the file is built and copied into the
image only when --with-policy is passed. Without the flag no
policy file is staged and the COPY instruction is omitted from
the Containerfile.
Signed-off-by: Philippe Martin <phmartin@redhat.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Copy file name to clipboardExpand all lines: README.md
+7-2Lines changed: 7 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ The tool assembles the image in layers — base image, agent installation, agent
15
15
-**Inference settings** (`--inference`) — inference provider definition is added to settings files.
16
16
-**Endpoint override** (`--endpoint`) — optional custom URL for inference provider is set in inference provider definition.
17
17
-**Model** (`--model`) — default model is baked into the agent's settings files.
18
-
4.**OpenShell policy** — `/etc/openshell/policy.yaml`shipped with every image.
18
+
4.**OpenShell policy**(`--with-policy`) — `/etc/openshell/policy.yaml`copied into the image only when `--with-policy` is passed.
19
19
-**Base policy** — Git operations over HTTPS and the GitHub REST API.
20
20
-**Agent network rules** — agent-specific endpoints are added by `--agent`.
21
21
-**Inference network rules** — LLM backend endpoints are added by `--inference`.
@@ -332,11 +332,15 @@ When `--model` is also given, the top-level `"model"` field is added (as `"ollam
332
332
333
333
## Sandbox policy
334
334
335
-
Every image built by this tool includes `/etc/openshell/policy.yaml`. This file is read by the OpenShell runtime and defines the sandbox security policy for the container:
335
+
Pass `--with-policy` to include `/etc/openshell/policy.yaml` in the image. Without this flag, no policy file is written and the image contains no OpenShell policy. The policy file is read by the OpenShell runtime and defines the sandbox security policy for the container:
336
336
337
337
-**Filesystem policy** — which paths are read-only, read-write, or inaccessible to the `sandbox` user.
338
338
-**Network policies** — which binaries are allowed to connect to which hosts and ports.
339
339
340
+
```sh
341
+
openshell-image-builder --agent claude --inference anthropic --with-policy myimage:latest
342
+
```
343
+
340
344
The policy is built in four layers, merged in order:
341
345
342
346
1.**Base** ([`assets/policy.yaml`](assets/policy.yaml)) — general-purpose tooling: Git operations over HTTPS and the GitHub REST API via `gh`.
0 commit comments