FabricFabricHarness
CLI

fh build

Compile the workspace and emit a deployment manifest.

fabric-harness build [--target <target>] [options]

Compiles .fabricharness/agents/ and emits a deployment artifact under .fabricharness/build/<target>/, plus a manifest.json that downstream tools can consume.

Targets

TargetOutput
node (default)dist/server.mjs Node HTTP server with /health, /manifest, and POST /agents/:agent/:id.
temporal-workerA worker entrypoint that registers Fabric workflows + activities against a Temporal task queue.
dockerDockerfile + Node bundle ready for docker build.
cloudflareWorker entrypoint, Durable Object session store, Sandbox container binding, wrangler.jsonc.
foundry-hosted-agentDockerfile, azure.yaml, infra/main.bicep, foundry-agent.yaml, server bundle.

Options

FlagDescription
--out <dir>Override the output directory (default .fabricharness/build/<target>).
--no-cleanSkip cleaning the output directory before emit.
--sbomEmit a CycloneDX SBOM via Syft when available.
--sbom-requiredFail if Syft is missing.
--provenanceEmit provenance.json for the build artifact.
--attestationEmit attestation.intoto.jsonl with a manifest digest subject.
--sign-provenanceSign provenance.json via cosign sign-blob. Implies --provenance.
--signing-key <path|env://VAR>cosign key path or env reference (default env://COSIGN_PRIVATE_KEY).
--docker-buildRun docker build after emitting --target docker.
--docker-pushRun docker push after --docker-build.
--docker-tag <tag>Tag for the built/pushed image.
--image-sbomEmit an image SBOM via Syft.
--image-sbom-requiredFail if image SBOM cannot be produced.

Examples

Node server artifact

fh build --target node
node .fabricharness/build/node/dist/server.mjs

Docker image with SBOM

fh build --target docker --docker-build --docker-tag myorg/agents:latest --sbom --image-sbom

Cloudflare scaffold

fh build --target cloudflare
cd .fabricharness/build/cloudflare
npm install @cloudflare/sandbox @fabric-harness/cloudflare @fabric-harness/sdk
npx wrangler dev

Foundry Hosted Agent scaffold

fh build --target foundry-hosted-agent
cd .fabricharness/build/foundry-hosted-agent
azd up

Signed provenance + attestation

export COSIGN_PRIVATE_KEY=$(cat cosign.key)
fh build --target node --provenance --sign-provenance --attestation

What's in manifest.json

  • The Fabric Harness version and target,
  • a list of agents with their schemas, models, and triggers,
  • declared sandbox backend(s),
  • session-store backend, if configured,
  • digest of the artifact,
  • optional provenance/attestation metadata.

The CLI exposes manifests in two ways: fh builds lists every emitted manifest, and the deployed Node/Cloudflare server exposes GET /manifest.

See also: Build manifest, fh builds, fh verify-attestation.

fh agents and fh describe

List and inspect workspace agents.

fh dev

Start a local HTTP/SSE dev server for the workspace.

On this page

TargetsOptionsExamplesNode server artifactDocker image with SBOMCloudflare scaffoldFoundry Hosted Agent scaffoldSigned provenance + attestationWhat's in manifest.json