Skip to main content

Automated CI/CD Quality Gates

CertOps is designed to be fully integrated into your existing Software Development Life Cycle (SDLC) as an automated "Gatekeeper".

By incorporating the CertOps CLI into your CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins), you can automatically block the deployment of degraded AI models or prompt regressions before they ever reach production.

The CLI Runner

The CertOps command-line interface is the engine that actually reads your certops.yaml manifest, executes the requests against your targets, and triggers the asynchronous evaluation workload on the backend.

Execution Command

To trigger a certification run, use the run command from the root directory containing your certops.yaml:

certops run --host "https://staging.mycompany.com"
  • --host: (Required) This is the dynamic environment injection. CertOps will prepend this host to the relative endpoint defined in your manifest's targets.

The Gatekeeper Pattern

The CertOps CLI is specifically built for CI/CD environments. It operates on a strict Exit Code Policy.

When you execute certops run, the CLI will wait for the entire evaluation matrix (defined in the manifest) to complete.

  1. If ALL blocking: true metrics pass -> The Suite is marked as APPROVED. The CLI exits with Code 0 (Success). Your CI/CD pipeline proceeds to deploy the application.
  2. If ANY blocking: true metric fails -> The Suite is marked as REJECTED. The CLI exists with Code 1 (Failure). Your CI/CD pipeline immediately halts, preventing the regression from being deployed.

Example GitHub Action

Here is a simplified example of how you might inject CertOps into a deployment workflow:

name: AI Quality Gate

on:
  pull_request:
    branches: [ main ]

jobs:
  certify:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - name: Spin up ephemeral staging environment
        run: ./scripts/start-dev-server.sh &
        
      - name: Install CertOps CLI
        run: npm install -g @certops/cli
        
      - name: Run Certification Suite
        env:
          CERTOPS_API_KEY: ${{ secrets.CERTOPS_API_KEY }}
          INTERNAL_ROUTING_KEY: ${{ secrets.INTERNAL_ROUTING_KEY }}
        # This step will FAIL and halt the PR if metrics degrade!
        run: certops run --host "http://localhost:8000"