Skip to content

Hosted Sandbox Deployment

Huzefaaa2 edited this page May 18, 2026 · 67 revisions

Hosted Sandbox Deployment

CAVRA now includes a GitHub Pages deployment workflow for the static Before the Agent Acts sandbox and evidence console.

Delivered

  • .github/workflows/deploy-sandbox.yml
  • JavaScript validation for config.js and sandbox.js with node --check.
  • Static artifact build from apps/sandbox-ui.
  • Optional CAVRA_PUBLIC_API_BASE_URL Pages config for API-backed scenario runs.
  • Before the Agent Acts sample evidence packaged for the download action.
  • SVG diagram assets included in the artifact.
  • GitHub Pages Actions configuration, artifact upload, and deployment from main.
  • Post-deploy smoke validation for the public page, JavaScript, stylesheet, brand assets, C4 diagram, and downloadable evidence.

How To Use

After merge to main:

gh workflow run deploy-sandbox.yml --repo Huzefaaa2/cavra --ref main

GitHub Pages is enabled for Actions publishing. The public sandbox URL is:

https://huzefaaa2.github.io/cavra/

User Stories

  • As a prospect, I can evaluate the sandbox without credentials.
  • As a CISO, I can inspect decision outcomes and evidence concepts from a browser.
  • As a developer, I can find the Claude Code MCP setup command from the same surface.
  • As a platform evaluator, I can connect the hosted sandbox to a deployed CAVRA API and run backend-generated policy decisions.
  • As a design partner, I can jump from the sandbox to current release notes, release integrity details, and roadmap context.

Enterprise Challenge Solved

The hosted sandbox shortens enterprise review by giving security, platform, and audit stakeholders a consistent demo surface before they install anything. When an API URL is configured, the same page runs real backend scenarios and persists evidence metadata plus activity records. Release-note links keep design-partner demos tied to the latest implementation context.

Next

Add public telemetry-free run counters from persisted backend metadata and add keyless OIDC attestations for release provenance.

Clone this wiki locally