autonomy runtime start

Start the policy-gated tool-execution runtime service

Synopsis

Starts an HTTP service on --listen that evaluates policy before
executing each tool call request.

The active policy bundle is loaded from --policy-dir (default managed cache).
If no bundle is loaded, the runtime is deny-all.

Tool call requests must be POST /v1/tool with a JSON body:
  {"kind":"tool.echo","params":{"message":"hello"}}

Supported tools:
  tool.echo     — returns the "message" param
  tool.http_get — fetches an allowlisted endpoint (params.endpoint)
  tool.shell    — always blocked by policy

When --orchestrator-url (or AUTONOMY_ORCHESTRATOR_URL) is set, a background
release poll loop is started that periodically fetches the latest desired-state
release and emits ai.deployment.lifecycle telemetry events.

When a verified release differs from the currently active lock fingerprint, the
new policy bundle is pulled from the OCI registry, loaded into the managed cache,
and hot-swapped onto the live server without a restart. The active lock fingerprint
is persisted to active-lock.json in the WAL directory and survives daemon restarts.

Activation is fail-closed: if bundle pull or load fails, the current policy
remains active and the next poll cycle will retry.

Usage

autonomy runtime start [flags]

Options

      --allowed-domains string    comma-separated list of allowed endpoint keys for tool.http_get (host[:port] or URL with scheme) (default "api.anthropic.com,ifconfig.me")
      --cosign-pubkey string      cosign public key path for release verification (env: AUTONOMY_COSIGN_PUBKEY)
      --demo                      start with the embedded demo policy (no bundle file required; useful for iterating on agent logic)
      --listen string             TCP address to listen on (default "127.0.0.1:7777")
      --orchestrator-url string   orchestrator base URL for release polling (env: AUTONOMY_ORCHESTRATOR_URL)
      --policy-dir string         managed policy cache root (default: XDG_CACHE_HOME/autonomyops/policy/managed)
      --poll-interval duration    how often to poll the control-plane for new releases (default 30s)
      --release-channel string    release channel to poll (env: AUTONOMY_RELEASE_CHANNEL) (default "stable")
      --wal-dir string            telemetry WAL directory (default: XDG_CACHE_HOME/autonomyops/telemetry)

See also