Extension & Roadmap¶
The DevOps / GitOps Platform is designed to grow without breaking. New providers, deployment targets, and delivery capabilities are added as new services, workers, and events — never by mutating existing contracts. This page describes the extension principles and the forward roadmap.
Target Architecture — Final-State Design
The roadmap items below extend the final-state architecture. They follow the same naming conventions and event envelope as the current platform.
Extension Principles¶
- Open/closed by event — extend behavior by adding new event subscribers and workers, not by editing existing aggregates.
- Provider abstraction — SCM, registry, and cloud providers sit behind anti-corruption adapters (Azure DevOps today, GitHub optional) so new providers plug in without domain changes.
- Additive APIs — new endpoints and versioned events only; breaking changes ship as a new version running side by side.
- Pulumi-first IaC — new infrastructure capabilities are authored as Pulumi (.NET/C#) programs; Bicep remains a legacy alternative only.
- Tenant-safe by default — every extension inherits tenant isolation and governance gates.
Future Services¶
| Candidate Service | Purpose |
|---|---|
ProgressiveDeliveryService |
First-class canary/feature-flag orchestration with automated analysis. |
PolicyAsCodeService |
Compile and enforce delivery policies (OPA/Rego-style) as versioned artifacts. |
EphemeralEnvironmentService |
Spin up/tear down preview environments per pull request. |
CostGuardService |
Pre-apply cost estimation and budget gates on Pulumi previews. |
SupplyChainAttestationService |
SLSA provenance and SBOM generation/verification. |
MultiCloudProvisioningService |
Extend Pulumi provisioning beyond Azure (AWS/GCP) for portability. |
Future Workers¶
ProgressiveRolloutWorker— drive canary steps and automated rollback from live metrics.EphemeralEnvWorker— manage preview-environment lifecycle keyed to PR state.SbomGenerationWorker— produce and attach SBOMs to builds and images.CostEstimationWorker— annotate infrastructure previews with cost deltas.DriftRemediationWorker— propose and apply fixes for persistent GitOps drift.
Future APIs¶
POST /environments/ephemeral— request a preview environment for a PR.POST /policies/evaluate— evaluate a delivery policy bundle against a release.POST /attestations— record/verify supply-chain provenance.GET /releases/{releaseId}/cost-estimate— return projected infrastructure cost.
Marketplace Opportunities¶
Reusable assets published to the Marketplace:
- Curated pipeline templates per module archetype (microservice, gateway, UI, library, worker).
- Pulumi component libraries (network, data, observability stacks) as versioned packages.
- Deployment-strategy blueprints (blue/green, canary) with health-gate presets.
- Policy bundles for common compliance regimes.
Agent Opportunities¶
The DevOps & Release agent cluster grows alongside the platform (see the DevOps, Deployment & Delivery Agents Overview):
- Release Strategy Agent — selects deployment strategy from risk, change size, and history.
- Cost Optimization Agent — recommends infrastructure changes from CostGuard signals.
- Drift Remediation Agent — autonomously proposes and applies drift fixes within policy.
- Incident Responder Agent — correlates failed deployments with telemetry and drives rollback.
- Supply-Chain Compliance Agent — verifies attestations and blocks non-compliant releases.
Pillar Alignment¶
- Reusability — extensions are packaged as marketplace assets and shared across tenants.
- Autonomy — new agents extend autonomous delivery to strategy, cost, and remediation.
- Governance — policy-as-code and attestation deepen governance as the platform grows.