Blueprint: CI/CD Gatekeeper
Governing Autonomous Coding Agents in Software Supply Chains
Autonomous coding agents (e.g., Devin, OpenDevin) can write, test, and push code. Without governance, an agent might accidentally push vulnerable code or bypass required PR reviews by pushing directly to protected branches.
This blueprint demonstrates how to implement Branch-Level Action Protection.
Architecture
1. Master Policy Definition
{
"name": "cicd-governance-policy",
"priority": 8500,
"rules": [
{
"id": "protect-main-branch",
"effect": "deny",
"principals": ["agent:coding-bot"],
"actions": ["git:push", "git:merge"],
"resources": ["branch/main", "branch/prod"]
},
{
"id": "allow-feature-branches",
"effect": "allow",
"principals": ["agent:coding-bot"],
"actions": ["git:push"],
"resources": ["branch/feature/*"]
}
]
}
2. Implementation
Python Prototype
from openai import OpenAI
client = OpenAI(
api_key="ignored",
base_url="http://cz-gateway:8001/v1",
default_headers={"X-ControlZero-Agent-ID": "coding-bot"}
)
def push_code(branch: str):
try:
response = client.chat.completions.create(
model="gpt-4o",
messages=[{"role": "user", "content": f"Push my changes to {branch}"}],
tools=[{
"type": "function",
"function": {
"name": "git:push",
"parameters": {"type": "object", "properties": {"branch": {"type": "string"}}}
}
}]
)
return "Success: Code Pushed"
except Exception as e:
return f"Governance Intervention: {e}"
# Scenario A: Feature work
print(push_code("feature/add-login")) # ALLOWED
# Scenario B: Direct push to main (Security Violation)
print(push_code("main")) # BLOCKED
3. Validation Checklist
- Branch Regex: Verify that the
branch/*wildcard correctly matches nested feature branches. - Principal Check: Ensure that human developers (group: maintainers) can push to main while the agent is blocked.
- Audit Logs: Verify that blocked push attempts are logged with the specific branch name in the
resourcefield. 埋