ai-workspace-infra/playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
playbooks/roles/ai_agent_runtime
History
Haitao Pan 8fcff61855 fix(ai_agent_runtime): resolver must verify browser actually runs, skip disabled stub 
The Chromium resolver accepted any candidate that merely existed (command -v /
-x), so it selected xfce's intentionally-disabled /usr/local/bin/chromium stub
(exits 126 "Chromium is disabled, use google-chrome") over the working
google-chrome. The later "Check chromium version" verify then failed rc=126.
Latent on fresh hosts (depends on role ordering vs the stub install) and
deterministic on any re-run. Now require `<candidate> --version` to succeed
before accepting, so the stub is skipped and google-chrome is resolved.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-26 10:42:06 +08:00
..
defaults fix: make ai runtime npm installs idempotent 2026-06-16 15:04:14 +08:00
files fix: make ai runtime npm installs idempotent 2026-06-16 15:04:14 +08:00
tasks fix(ai_agent_runtime): resolver must verify browser actually runs, skip disabled stub 2026-06-26 10:42:06 +08:00
README.md fix: make ai runtime npm installs idempotent 2026-06-16 15:04:14 +08:00

README.md

AI Agent Runtime

Provision a Debian-based host for AI agent and AI action execution with one role entrypoint. The role installs:

  • base tools: curl, wget, git, jq, rsync, unzip
  • Node.js runtime for Playwright-based agents
  • Python 3 toolchain for scripts and helpers
  • existing system browser, preferring the live /usr/local/bin/chromium wrapper or Google Chrome before installing browser packages
  • pandoc + XeLaTeX PDF toolchain
  • Chinese fonts for document rendering
  • shared agent skills via roles/agent_skills, including the categorized ../xworkspace-core-skills/skills/ repository source by default

Design constraints:

  • system packages are the primary source of truth
  • global npm packages are managed through /usr/local/sbin/ai-workspace-manage-npm-global-package so repeated installs are idempotent and stale global bin links can be overwritten safely
  • Playwright uses the resolved system browser instead of downloading browsers
  • Chinese PDF rendering is treated as a runtime requirement, not an optional add-on

Global npm package actions:

  • install is the default and only changes the host when a package is missing or an exact pinned version differs
  • reinstall forces the configured package set back into place
  • upgrade, backup, restore, and migrate are reserved action entrypoints for future runtime lifecycle workflows

Default Playwright environment:

  • PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1
  • PLAYWRIGHT_BROWSERS_PATH=0
  • PLAYWRIGHT_CHROMIUM_EXECUTABLE_PATH=/usr/local/bin/chromium when that live wrapper exists

Example:

ansible-playbook -i inventory.ini -l jp-xhttp-contabo.svc.plus setup-ai-agent-skills.yml

setup-ai-agent-skills.yml runs roles/ai_agent_runtime, which installs system dependencies and syncs the current Skill catalog through the embedded roles/agent_skills step in one pass.