Skip to content

Go Backend Promotion

Huzefaaa2 edited this page May 21, 2026 · 16 revisions

Go Backend Promotion Gate

CAVRA now has an explicit promotion gate for selecting Go as an optional backend. Python remains the default and authoritative backend unless an operator opts into promoted mode and supplies current promotion evidence.

What Promotion Requires

Promotion readiness requires all of the following:

  • Go runtime readiness is ready.
  • Go deployment readiness is ready.
  • CAVRA_GO_PROMOTION_EVIDENCE points to valid JSON evidence.
  • The evidence records audited parity status as pass.
  • The evidence records deployment status as ready.
  • The evidence records an approved promotion decision.

The public evidence schema is cavra.go-backend-promotion-evidence.v1:

{
  "schema_version": "cavra.go-backend-promotion-evidence.v1",
  "parity_status": "pass",
  "deployment_status": "ready",
  "approved": true,
  "approval_id": "apr_go_backend_promotion",
  "evidence_refs": [
    "go-runtime-parity://ci/run-id",
    "go-deployment-readiness://release/package-id"
  ]
}

Environment Variables

export CAVRA_GO_BACKEND_MODE=promoted
export CAVRA_GO_RUNTIME_PATH=/opt/cavra/bin/cavra-runtime
export CAVRA_GO_RUNTIME_POLICY=/etc/cavra/compiled-policy.json
export CAVRA_GO_RUNTIME_PACKAGE_DIR=/opt/cavra/go-runtime-release
export CAVRA_GO_PROMOTION_EVIDENCE=/etc/cavra/go-backend-promotion-evidence.json

promoted mode fails closed to Python when any promotion input is missing, malformed, stale, or unapproved.

CLI Usage

cavra runtime go-promotion-readiness \
  --mode promoted \
  --runtime-path /opt/cavra/bin/cavra-runtime \
  --policy-path /etc/cavra/compiled-policy.json \
  --package-dir /opt/cavra/go-runtime-release \
  --promotion-evidence-path /etc/cavra/go-backend-promotion-evidence.json \
  --json

Evaluate in promoted mode:

cavra runtime go-pilot-evaluate execute_command "terraform plan" \
  --mode promoted \
  --runtime-path /opt/cavra/bin/cavra-runtime \
  --policy-path /etc/cavra/compiled-policy.json \
  --package-dir /opt/cavra/go-runtime-release \
  --promotion-evidence-path /etc/cavra/go-backend-promotion-evidence.json \
  --json

API Usage

curl http://127.0.0.1:8000/runtime/go-pilot/promotion-readiness
curl http://127.0.0.1:8000/deployment/production-readiness

Production readiness includes a go_backend_promotion section and a go_backend_promotion_gate check. not_requested is acceptable when Go promotion is not configured. needs_attention blocks readiness when promoted mode is requested without complete evidence.

User Stories

  • As a platform owner, I can keep Python authoritative while testing Go in shadow and enforce modes.
  • As a release owner, I can require audited parity and deployment evidence before Go becomes the selected optional backend.
  • As a security reviewer, I can prove promoted mode falls back to Python when promotion evidence is missing.
  • As an auditor, I can attach parity, deployment, and approval references to every promoted backend decision path.

Enterprise Challenge Solved

Runtime backend changes are high-risk because a silent drift can alter enforcement. The promotion gate turns backend selection into an auditable release-control decision with explicit evidence, approval, and rollback-friendly fallback to Python.

Next Work

The next recommended implementation step is to add production rollback controls for promoted Go backend pilots.

Clone this wiki locally