Deploy Agent Atlas with Docker
Prerequisites
- Docker 20.10+
- A data-plane repo checked out locally (if not baking the catalog into the image)
Published image
Agent Atlas publishes a multi-arch (linux/amd64, linux/arm64) image to the GitHub Container Registry on every release:
ghcr.io/rebeccapowell/agent-atlas
Image tags
| Tag | When created | Notes |
|---|---|---|
latest | Stable releases only | Updated on every non-pre-release |
1.2.3 | Every release | Exact version |
1.2 | Every release | Major.minor |
1 | Every release | Major |
sha-<short> | Every release | Short Git SHA for traceability |
Images include an SBOM and a provenance attestation generated by the build pipeline.
Quick Start
1. Pull the published image
docker pull ghcr.io/rebeccapowell/agent-atlas:latest
Production tip: Pin to a specific version tag for reproducible deployments, for example
ghcr.io/rebeccapowell/agent-atlas:1.2.3.
2. Run with a mounted catalog directory
docker run -d \
-p 8080:8080 \
-v /path/to/your/data-plane-repo:/catalog:ro \
-e Atlas__CatalogPath=/catalog \
-e Atlas__Oidc__Issuer=https://your-idp.example.com \
-e Atlas__Oidc__Audience=api://agent-atlas \
-e Atlas__PlatformPermissions__Claim=scp \
--name agent-atlas \
ghcr.io/rebeccapowell/agent-atlas:latest
3. Verify itβs running
curl http://localhost:8080/healthz
curl http://localhost:8080/v1/tools
Building from source
If you need a custom build or want to build from a local checkout, build the image directly:
docker build -t agent-atlas:local .
docker run -d \
-p 8080:8080 \
-v /path/to/your/data-plane-repo:/catalog:ro \
-e Atlas__CatalogPath=/catalog \
-e Atlas__Oidc__Issuer=https://your-idp.example.com \
-e Atlas__Oidc__Audience=api://agent-atlas \
-e Atlas__PlatformPermissions__Claim=scp \
--name agent-atlas \
agent-atlas:local
Configuration
All configuration can be passed as environment variables using the __ separator for nested config:
| Variable | Default | Description |
|---|---|---|
Atlas__CatalogPath | /catalog | Path to the mounted data-plane repo |
Atlas__CatalogStrict | true | Fail on catalog parse errors |
Atlas__Oidc__Issuer | - | OIDC issuer URL |
Atlas__Oidc__Audience | api://agent-atlas | Expected JWT audience |
Atlas__PlatformPermissions__Claim | scp | JWT claim for permissions |
Atlas__ExecLimits__MaxSteps | 50 | Max plan steps per execution |
Atlas__ExecLimits__MaxCalls | 50 | Max HTTP calls per execution |
Atlas__ExecLimits__MaxSeconds | 30 | Max wall-clock seconds per execution |
Baking the catalog into the image
Alternatively, copy your data-plane repo into the image at build time:
FROM ghcr.io/rebeccapowell/agent-atlas:latest
COPY --chown=app:app ./my-data-plane-repo /catalog