pkg: add cagent

[vvoland]

No description provided.

[crazy-max]

Looking at the Dockerfile: https://github.com/docker/cagent/blob/ab6f7b276b29434623daf733a3d0b524d2d6601d/Dockerfile

I think we can make "static" builds, similar to what has be done for credential helpers:

packaging/pkg/credential-helpers/Dockerfile

Lines 158 to 210 in 29ca532

	# static
	FROM --platform=$BUILDPLATFORM ${DISTRO_IMAGE} AS builder-static-nosdk
	COPY --from=xx / /
	ARG DEBIAN_FRONTEND
	RUN apt-get update && apt-get install -y --no-install-recommends bash ca-certificates file git zip tar \
	dpkg-dev clang make pkg-config
	ENV GOPROXY="https://proxy.golang.org|direct"
	ENV GOPATH="/go"
	ENV PATH="$PATH:/usr/local/go/bin:$GOPATH/bin"
	ENV GOTOOLCHAIN="local"
	ENV GO111MODULE="on"
	ENV CGO_ENABLED="1"
	ARG PKG_NAME
	ARG PKG_REF
	ARG NIGHTLY_BUILD
	WORKDIR /build
	ARG TARGETPLATFORM
	RUN xx-apt-get install -y gcc libsecret-1-dev
	RUN --mount=type=bind,source=scripts/pkg-static-build.sh,target=/usr/local/bin/pkg-static-build \
	--mount=type=bind,from=scripts,source=gen-ver.sh,target=/usr/local/bin/gen-ver \
	--mount=type=bind,from=scripts,source=fix-cc.sh,target=/usr/local/bin/fix-cc \
	--mount=type=bind,from=src,source=/src,target=/usr/local/src/credential-helpers \
	--mount=type=bind,from=gocross,source=/usr/local/go,target=/usr/local/go,rw \
	OUTDIR=/out BUILDDIR=/build SRCDIR=/usr/local/src/credential-helpers pkg-static-build
	FROM builder-static-nosdk AS builder-static-linux
	FROM builder-static-nosdk AS builder-static-windows
	FROM --platform=$BUILDPLATFORM ${DISTRO_IMAGE} AS builder-static-darwin
	COPY --from=xx / /
	ARG DEBIAN_FRONTEND
	RUN apt-get update && apt-get install -y --no-install-recommends bash ca-certificates file git zip tar \
	dpkg-dev clang make pkg-config
	ENV GOPROXY="https://proxy.golang.org|direct"
	ENV GOPATH="/go"
	ENV PATH="$PATH:/usr/local/go/bin:$GOPATH/bin"
	ENV GOTOOLCHAIN="local"
	ENV GO111MODULE="on"
	ENV CGO_ENABLED="1"
	ARG PKG_NAME
	ARG PKG_REF
	ARG NIGHTLY_BUILD
	WORKDIR /build
	ARG TARGETPLATFORM
	RUN xx-apt-get install -y gcc libsecret-1-dev
	RUN --mount=type=bind,source=scripts/pkg-static-build.sh,target=/usr/local/bin/pkg-static-build \
	--mount=type=bind,from=scripts,source=gen-ver.sh,target=/usr/local/bin/gen-ver \
	--mount=type=bind,from=scripts,source=fix-cc.sh,target=/usr/local/bin/fix-cc \
	--mount=type=bind,from=src,source=/src,target=/usr/local/src/credential-helpers \
	--mount=type=bind,from=gocross,source=/usr/local/go,target=/usr/local/go,rw \
	--mount=type=bind,from=osxcross,src=/osxsdk,target=/xx-sdk \
	OUTDIR=/out BUILDDIR=/build SRCDIR=/usr/local/src/credential-helpers pkg-static-build
	FROM builder-static-$TARGETOS AS builder-static

[vvoland]

Windows static binaries need zig and I haven't figured it out why yet 😅

Also we wouldn't be deploying any static binaries to download.docker.com yet.

My main intent here is to provide cagent packages for Linux distros, so the static binaries are not really needed.

The static binaries are already published in releases https://github.com/docker/cagent/releases, so let's not duplicate that.

[crazy-max]

Windows static binaries need zig and I haven't figured it out why yet 😅

zig is not needed, you can rely on xx and install gcc cross package (mingw for windows). This should be enough, like we do for credential helpers:

packaging/pkg/credential-helpers/Dockerfile

Line 175 in 29ca532

RUN xx-apt-get install -y gcc libsecret-1-dev

See https://github.com/docker/packaging/actions/runs/17588609365/job/49963306654#step:7:1106

The static binaries are already published in releases https://github.com/docker/cagent/releases, so let's not duplicate that.

Not sure why cagent would be an exception where for other pkgs we create static binaries like Buildx that also have assets on GitHub. That would be great to be consistent across packages imo.

[vvoland]

We won't be able to use some of the stuff that the cagent pipeline has like: https://github.com/docker/cagent/blob/ab6f7b276b29434623daf733a3d0b524d2d6601d/Dockerfile#L16-L19

There's also some stuff that depends on Docker Desktop, which should probably be omitted for the Linux distro builds: docker/cagent#151

[crazy-max]

We won't be able to use some of the stuff that the cagent pipeline has like: https://github.com/docker/cagent/blob/ab6f7b276b29434623daf733a3d0b524d2d6601d/Dockerfile#L16-L19

There's also some stuff that depends on Docker Desktop, which should probably be omitted for the Linux distro builds: docker/cagent#151

Ok I see, then currently linux packages are broken anyway looking at your PR docker/cagent#151? I guess we wait until your PR is merged so linux pkgs are built with this build tag and we could have static packages as well?

[crazy-max]

docker/cagent#192 should help so we don't need CGO anymore and can do proper static builds

[thaJeztah]

I haven't used cagent; does it use the CLI and/or daemon? We could add a "weak" dependency if it does, e.g. as we did for the model CLI (although that's more clearly a CLI plugin);

Enhances: docker-ce-cli

[crazy-max]

It's not a cli plugin afaik cc @dgageot @rumpl

[rumpl]

I haven't used cagent

😱

It's not a cli plugin no

[thaJeztah]

@rumpl does it have any dependency / recommended installation w.r.t. "if you use this, you should also have docker or docker-cli installed? (mostly trying to see if we need to define some relation between the packages, or it it should be considered fully separate from our other offerings)

[rumpl]

A recommended would be Docker Desktop actually, for pushing and pulling agents.

[thaJeztah]

@rumpl you are a developer at Docker with a deep understanding of of cagent and packaging deb and rpm packages. Write a short description to be used as Description for the official cagent RPM and Deb packages. 🍿

[rumpl]

My agent tells me this:

Short Description (one-line):

Multi-agent AI runtime for orchestrating specialized AI agents with tools and MCP integration

Long Description:

cagent is a powerful multi-agent AI runtime that enables you to create, configure, and
orchestrate specialized AI agents that work together to solve complex problems. Each agent
can be equipped with specific tools, knowledge domains, and capabilities.

Key features:
 * Multi-agent architecture with hierarchical task delegation
 * Declarative YAML-based agent configuration
 * MCP (Model Context Protocol) integration for extensible tooling
 * Support for multiple AI providers (OpenAI, Anthropic, Google Gemini, Docker Model Runner)
 * Built-in reasoning tools (think, todo, memory) for complex problem-solving
 * Docker Hub integration for sharing and distributing agent configurations
 * Event-driven streaming architecture for real-time responses

cagent makes it easy to build agent teams where specialized agents collaborate, each
bringing their own expertise and tools to handle specific aspects of user requests.
Perfect for developers building AI-powered workflows and automation.

[thaJeztah]

/ship-it

[thaJeztah]

(but don't forget adding a . for empty lines, which I think is required for debs/rpms 😂 )

packaging/pkg/docker-cli/deb/control

Lines 27 to 32 in 1ff8587

	Description: Docker CLI: the open-source application container engine
	Docker is a product for you to build, ship and run any application as a
	lightweight container
	.
	Docker containers are both hardware-agnostic and platform-agnostic. This means
	they can run anywhere, from your laptop to the largest cloud compute instance and

[rumpl]

wow :D

[thaJeztah]

Looks like cagent doesn't compile on Windows;

0.286 + go build -trimpath -ldflags '-w -X '\''github.com/docker/cagent/pkg/version.Version=v0.0.0-20251020133613-26330cc'\'' -X '\''github.com/docker/cagent/pkg/version.Commit=26330cc0e1579ab91fd24a3459986256680d8330'\''' -o /build/cagent/cagent.exe .
0.286 /usr/local/src/cagent /build
28.48 # github.com/docker/cagent/pkg/tools/builtin
28.48 pkg/tools/builtin/shell.go:59:4: unknown field Setpgid in struct literal of type syscall.SysProcAttr
28.48 pkg/tools/builtin/shell.go:260:16: undefined: syscall.Kill

[thaJeztah]

Looks to be docker/cagent@832479e;

• Fix: Kill shell-spawned processes when stopping sessions cagent#523

I don't think CI on that repo runs on anything other than Linux? Or is it not meant to be run on mac and windows? 🙈😅

[crazy-max]

Yes opened docker/cagent#562 and seems there is an on-going fix docker/cagent#564