Tendril Agent
Autonomous execution agent that runs Terraform, installs ArgoCD, and streams logs.
Tendril Agent
Tendril is the execution engine. It's a Go binary packaged as a Docker container that runs in AWS ECS Fargate (ARM64). Tendrils claim jobs from the queue, assume temporary cloud credentials, execute Terraform, install ArgoCD, and stream logs back in real-time.
Key Facts
| Property | Value |
|---|---|
| Language | Go |
| Runtime | ECS Fargate (ARM64 / Graviton) |
| Registries | AWS ECR + GitHub Container Registry |
| Versioning | release-please (tendril-v* tags). See Release System. |
| Poll interval | 10 seconds |
| Heartbeat interval | 30 seconds |
| Idle scale-down | After 5 minutes (Scale-to-Zero) |
Two Modes
| Mode | Description |
|---|---|
| Cloud-hosted | ECS Fargate task, managed by the platform. Automatic scaling, no user setup. |
| Self-hosted | User runs the binary on their own machine. For on-prem or air-gapped environments. |
What Tendril Does
Polls for jobs
Every 10 seconds, calls POST /api/jobs/claim. See Job Queue Pattern.
Claims atomically
PostgreSQL claim_next_job() with FOR UPDATE SKIP LOCKED prevents double-execution.
Assumes credentials
STS AssumeRole (AWS), WIF token exchange (GCP), or OIDC federated identity (Azure). See Cloud Credentials.
Executes Terraform
init → plan → apply or destroy. See Job Execution.
Installs ArgoCD
Helm chart deployment with App of Apps pattern. See GitOps & ArgoCD.
Streams logs
Batched POST every 2 seconds → Supabase Realtime → browser. See Log Streaming.
Reports results
Updates job status with execution metadata, timing, and Terraform outputs.
Sends heartbeat
Every 30 seconds to confirm it is alive.
Container Contents
The Docker image (Alpine 3.21, ARM64, non-root user) includes:
| Tool | Purpose |
|---|---|
| Go binary | The Tendril executable |
| Terraform 1.7.4 | Infrastructure provisioning |
| kubectl | Kubernetes cluster access |
| Helm | ArgoCD and component installation |
| AWS CLI | AWS credential handling |
| Google Cloud SDK | GCP credential handling |
| Azure CLI | Azure credential handling |
| Infracost | Cost estimation |
| Infrastructure templates | AWS, GCP, Azure Terraform modules + ArgoCD manifests |