# yaml-language-server: $schema=https://schema.zeabur.app/template.json
apiVersion: zeabur.com/v1
kind: Template
metadata:
    name: phosphor-agent-runtime
spec:
    description: |
        PHOSPHOR isolated per-run agent runtime. One container per run, fresh
        workspace, default-deny egress, policy bundle + audit endpoint injected
        at deploy time. Used by the PHOSPHOR marketplace to provision
        sandboxed agent instances on demand.
    icon: https://raw.githubusercontent.com/zeabur/service-icons/main/marketplace/docker.svg
    variables:
        - key: AGENT_IMAGE
          type: STRING
          name: Agent Image
          description: Fully-qualified image ref for the agent runner (sandbox + bundle).
        - key: RUN_ID
          type: STRING
          name: Run ID
          description: Unique per-run identifier; used in audit correlation.
        - key: POLICY_BUNDLE_URL
          type: STRING
          name: Policy Bundle URL
          description: Signed URL to the policy manifest for this run.
        - key: POLICY_BUNDLE_SHA256
          type: STRING
          name: Policy Bundle SHA256
          description: Digest of the policy bundle. Runtime refuses to start on mismatch.
        - key: AUDIT_STORE_URL
          type: STRING
          name: Audit Store URL
          description: Internal URL of the PHOSPHOR audit-store service.
        - key: WORKSPACE_TOKEN
          type: PASSWORD
          name: Workspace Token
          description: Short-lived token the runtime uses to fetch its scratch workspace.
        - key: AI_HUB_KEY
          type: AI_HUB_KEY
          name: Zeabur AI Hub Key
          description: Zeabur AI Hub key for LLM calls.
    tags:
        - Agent
        - Sandbox
        - AI
    readme: |
        # PHOSPHOR Agent Runtime

        Generic per-agent runtime container for the PHOSPHOR marketplace.
        Each install spawns one isolated copy of this template with run-specific
        variables injected by the marketplace controller.

        - **Default-deny egress** enforced inside the container
        - **Policy bundle** verified by SHA256 before start
        - **Audit events** streamed to `AUDIT_STORE_URL`
        - **No persistent volumes** — workspace torn down on run completion

        Do not deploy this template by hand; the PHOSPHOR marketplace UI is the
        intended caller. See https://phosphor.zeabur.app for the catalog.
    services:
        - name: agent-runtime
          icon: https://raw.githubusercontent.com/zeabur/service-icons/main/marketplace/docker.svg
          template: PREBUILT_V2
          spec:
            source:
                image: ghcr.io/zeabur/phosphor-runtime:latest
            ports:
                - id: control
                  port: 8080
                  type: TCP
            env:
                AI_HUB_KEY:
                    default: ${AI_HUB_KEY}
                AUDIT_STORE_URL:
                    default: ${AUDIT_STORE_URL}
                POLICY_BUNDLE_SHA256:
                    default: ${POLICY_BUNDLE_SHA256}
                POLICY_BUNDLE_URL:
                    default: ${POLICY_BUNDLE_URL}
                RUN_ID:
                    default: ${RUN_ID}
                SANDBOX_DEFAULT_DENY:
                    default: "true"
                WORKSPACE_TOKEN:
                    default: ${WORKSPACE_TOKEN}
            healthCheck:
                type: TCP
                port: control
            portForwarding:
                enabled: true