DevOps & Security¶
Location: inception_devops/
The DevOps layer brings infrastructure-as-code discipline to AI agent deployments. It covers container packaging for OCI and Terraform automation for the security components agents depend on.
Container assets (containers/)¶
What's included¶
Pre-built Docker assets and shell scripts for packaging each agent type into a container image and pushing it to OCI Container Registry (OCIR).
Build a container image:
Valid <agent-name> values correspond to each deployable service:
cd inception_devops/containers
./build.sh mcp-sqlcl # SQLcl MCP server
./build.sh mcp-object-storage # Object Storage MCP server
./build.sh mcp-adw # ADW MCP server
./build.sh invoice-automation-backend # Invoice automation FastAPI + agents
./build.sh smart-dispatch-backend # Smart dispatch FastAPI + agents
Push to OCIR:
./push.sh <region>.ocir.io/<tenancy>/<repo>:<tag>
# Example:
./push.sh us-chicago-1.ocir.io/mytenancy/inception/mcp-sqlcl:latest
Standardised runtime¶
Each container image includes:
- Python 3.13 base with the correct dependency set
- Environment variable injection at startup (no hardcoded config)
- Health check endpoint for OCI Container Instances and Kubernetes liveness probes
- Structured log output compatible with OCI Logging
Security infrastructure (security/)¶
Terraform: DB Token Exchange Function¶
Module: security/terraform-get-db-token-function/
This Terraform module provisions the OCI Function that performs the IAM DB token exchange — the core security primitive that lets agents authenticate to Oracle ADB as the end user without shared credentials.
Resources provisioned:
| Resource | Purpose |
|---|---|
| OCI Function | Runs the token exchange logic (IDCS token → IAM DB token) |
| IAM policy | Grants the function permission to call IAM token exchange endpoint |
| VCN subnet | Network isolation for the function |
| OCI Logging | Captures function invocation logs for audit |
| Application config | Environment variables for IDCS domain, client credentials |
Deploy:
cd inception_devops/security/terraform-get-db-token-function
terraform init
terraform plan -out=tfplan
terraform apply tfplan
Outputs include:
- Function OCID for wiring into MCP server config
- Endpoint URL for the token exchange call
- IAM policy OCID for audit reference
Why Terraform here¶
Without IaC, every environment (dev, staging, prod) drifts. The token exchange function requires coordinated IAM policies, network config, and logging — getting one wrong breaks the entire auth chain. Terraform ensures every environment is identical and changes are version-controlled.
Deployment checklist¶
For a full production deployment of the platform:
□ Build container images for each service (MCP servers, FastAPI backend)
□ Push images to OCIR
□ Run Terraform to provision security infrastructure
□ Configure API Gateway with IDCS auth policies
□ Set environment variables in OCI Container Instances or Kubernetes secrets
□ Verify token exchange end-to-end: SSO → IAM → DB token → ADW query
□ Enable OCI Logging and connect to LangFuse for observability
□ Run MCP server regression tests against deployed endpoints
Rollback and recovery¶
If a deployment fails after the container is pushed but before the API Gateway is updated, the previous container version remains running. To restore explicitly:
# Re-tag and push the last known-good image
docker tag <image-id> <region>.ocir.io/<tenancy>/<repo>:stable
./push.sh <region>.ocir.io/<tenancy>/<repo>:stable
# Update the container instance to the stable tag via OCI CLI
oci container-instances container-instance update \
--container-instance-id $INSTANCE_ID \
--containers '[{"imageUrl":"<region>.ocir.io/<tenancy>/<repo>:stable"}]'
For Terraform resources, rollback by reverting the .tf changes and running terraform apply again. State is version-controlled — drift is detectable with terraform plan.
Security posture¶
The DevOps layer enforces the same defence-in-depth model used by the recipes:
| Layer | Mechanism |
|---|---|
| Network | VCN private subnets; agents never on public internet |
| Identity | OCI IAM; no static passwords in containers |
| Secrets | OCI Vault; referenced by OCID, never stored in code |
| Audit | OCI Logging + LangFuse; every agent action traceable |
| Access | VPD at DB layer; agents can only see what their role permits |