Validate cost, safety, and access before your agent deploys. Sits in your CI/CD pipeline. Zero infrastructure.
$ release-gate run governance.yaml 🚪 release-gate: Governance Validation ================================================================================ CHECK STATUS IMPACT ────────────────────────────────────── ACTION_BUDGET ✓ PASS — BUDGET_SIMULATION ✓ PASS — FALLBACK_DECLARED ✓ PASS — IDENTITY_BOUNDARY ✓ PASS — INPUT_CONTRACT ✓ PASS — ✅ FINAL DECISION: PASS All checks passed. Safe to deploy. ================================================================================
Prevents cost explosions. Set max daily cost and block deployment if exceeded.
Project costs realistically. Accounts for retries, caching, spiky usage. Works with 10+ models.
Ensure safety measures. Require fallback mode, kill switch, team owner, and runbook.
Enforce access control. Require authentication, rate limiting, and data isolation.
Validate schemas. Define required inputs and validate against samples.
AI agents can cost thousands per day and fail in production. release-gate sits between tests and deployment to catch problems early: runaway costs, missing safety measures, and access control gaps.
Development → Testing → release-gate ← [DECISION] → Deployment → Production
↓
✅ All checks pass
⚠️ Warnings (review)
❌ Fails (fix first)
release-gate sits in your CI/CD pipeline between tests and deployment. It's the governance gate that decides: "Is this safe to deploy?"
# In your CI/CD pipeline (.github/workflows, .gitlab-ci.yml, Jenkinsfile)
1. Run tests (your existing test suite)
2. Run release-gate checks
- release-gate run governance.yaml
- If exit code 1: FAIL (block deployment)
- If exit code 10: WARN (needs approval)
- If exit code 0: PASS (deploy)
3. Deploy to production (only if pass/approved)# One command to set it all up
pip install release-gate
release-gate init
# Answers 6 questions, generates:
# - governance.yaml (your configuration)
# - .github/workflows/release-gate.yml (or .gitlab-ci.yml / Jenkinsfile)
# - GOVERNANCE.md (documentation)
# Commit and push - you're done!
git pushSit release-gate in your deployment pipeline to enforce governance across all AI agent deployments. Define policies by team, environment, or risk level.
Enforce per-agent daily budgets across all teams. Prevent runaway costs from affecting other projects.
Ensure every agent has documented fallbacks, runbooks, and ownership. Export governance evidence for audits.
Let teams self-serve with flexible policies. Critical checks block, non-critical checks warn.
Runs in CI/CD. No backend, no dashboards, no user management. Pure governance in code.
# Production: Strict
policy:
fail_on:
- ACTION_BUDGET
- BUDGET_SIMULATION
- FALLBACK_DECLARED
- IDENTITY_BOUNDARY
# Development: Flexible
policy:
fail_on:
- ACTION_BUDGET
warn_on:
- FALLBACK_DECLARED
- IDENTITY_BOUNDARYpip install release-gate
release-gate init
git pushThe init command asks 6 questions and generates your complete governance setup. Takes 5 minutes.