Use case · CI/CD
No production change without a signed receipt.
Every terraform apply, every deploy, every release flagged as Class C dispatches HITL before a single resource changes. Receipt written as a CI artifact; verifiable forever.
Coming soon
Worked examples (Terraform Cloud, GitHub Actions, GitLab CI) ship as the CI/CD product surface matures. The principle: the Class C gate is the boundary where governance must be mandatory and signature must be portable.
- synoi-terraform · wraps terraform apply; HITL on production workspaces
- GitHub Actions: `synoi/gate@v1` step blocks until HITL approves
- GitLab CI: same gate, native runner support
- Receipt written to synoi-receipt.json as a CI artifact
- 90-day default retention; configurable per tenant
- Exit code 1 on HITL denial: the apply never runs