The iii registry at workers.iii.dev is where published workers live so other iii projects can install them withDocumentation Index
Fetch the complete documentation index at: https://motiadev-feat-improve-erros-if-trigger-does-not-exists.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
iii worker add <name>.
Publish a worker
Publishing a worker uploads its binary or OCI image to the registry, records its semver version, and makes the worker installable by name from any iii project.Version your worker
Workers in the registry follow semver. Patch bumps for bug fixes, minor bumps for additive capability, major bumps for breaking changes to function or trigger signatures.Build binary artifacts for multiple platforms
Binary workers can publish artifacts for multiple platform targets in a single registry entry (macOS arm64/x64, Linux arm64/x64/armv7, Windows arm64/x64/x86). One published version covers every supported host without separate publications per platform.Update or remove a published worker
Bundle workers (tar.gz archives)
Bundle workers are a third artifact kind alongsidebinary and image. The registry serves a
single tar.gz archive that contains the worker’s bundled source plus an iii.worker.yaml
manifest at the archive root. iii worker add <name> downloads, verifies a SHA-256 checksum,
extracts the archive into ~/.iii/workers-bundle/<name>/, and runs it through the existing
libkrun rails (the same sandbox path used by local-path workers, minus the host-side source
watcher).
Use a bundle when:
- You ship a pre-built JavaScript bundle (
esbuild,tsdown,bun build) or a packaged Python worker and don’t want to publish a Docker image. - You want artifacts measured in KB, not MB. Only the bundled source travels in the archive;
the runtime ships with the engine-allowlisted base image (
docker.io/iiidev/node:latestordocker.io/iiidev/python:latest). - You want install to look identical to other registry workers from the user’s perspective
(
iii worker add my-worker, same as binary and OCI).
Registry response shape
archive_url, streams the bytes through a SHA-256 hasher, and compares against
sha256. Mismatches abort the install and delete the downloaded blob immediately.
Archive layout
The archive root MUST containiii.worker.yaml. Anything else sits at runtime-discoverable
paths from the bundle’s perspective.
Manifest contract (iii.worker.yaml)
Bundle manifests use a strict subset of the local-worker manifest. Three fields are explicitly
rejected:
scripts.setup: would execute publisher-supplied shell during install (a supply-chain smuggling vector).scripts.install: same reason. Vendor dependencies into the bundle instead.runtime.base_image: would let a bundle pull an arbitrary OCI image as its rootfs. Bundles use the engine-allowlisted base image instead.
name: must equal the install target (the value passed toiii worker add).scripts.start: a non-empty shell string. The engineexecs this inside the sandbox VM. Example:node bundle.js,python -m worker,bun run bundle.js.
W182 BundleResourceClamped warning when
the request exceeds the cap):
resources.cpus: defaults to2, clamped to4.resources.memory: defaults to2048MiB, clamped to4096MiB.
Archive safety policy
Bundle archives are extracted with tighter limits than OCI layers:| Limit | Value |
|---|---|
| Total uncompressed size | 64 MiB |
| Largest single file | 32 MiB |
| Maximum entry count | 1024 |
| Maximum directory depth | 16 |
| Allowed tar entry types | Regular, Directory |
..
components are rejected with W181 BundleArchiveUnsafe.
Error codes
| Code | Failure |
|---|---|
W142 | Archive download failed (HTTP error, unexpected content-type, size cap, sha256 mismatch). |
W180 | Manifest rejected (forbidden field like scripts.setup or runtime.base_image). |
W181 | Archive contains unsafe entries (symlink, hardlink, traversal, oversized, too many entries). |
W182 | Resource request exceeded engine cap; install proceeded with clamped values (warn, not fail). |
W183 | Dependency graph too wide or too deep (max depth 5, max transitive count 32). |