Policy Test Rollout
Execute this workflow to validate policy behavior before enforcement.
Workflow
- •Require both files:
- •
<policy.yaml> - •
<intent_fixture.json>
- •
- •Run deterministic policy test:
- •
gait policy test <policy.yaml> <intent_fixture.json> --json
- •
- •Parse and report fields:
- •
ok,policy_digest,intent_digest,verdict,reason_codes,violations,summary
- •
- •If rollout simulation is requested, run:
- •
gait gate eval --policy <policy.yaml> --intent <intent_fixture.json> --simulate --json
- •
- •Return structured rollout recommendation:
- •current verdict
- •blocking reasons or required approvals
- •suggested next stage (
observe,require_approval,enforce)
Exit Code Contract
- •
0: allow - •
3: block - •
4: require approval - •
6: invalid input
Safety Rules
- •Never bypass policy test by inferring results from YAML text.
- •For replay workflows, prefer
gait run replay(stub mode default); require explicit unsafe flags for real tool replay. - •Never claim a policy digest or verdict without command output.
- •Keep simulation and enforcement clearly separated in reporting.
Determinism Rules
- •Always use
--jsonoutputs. - •Report exact
reason_codesandviolationsas emitted. - •Preserve fixture-based evaluation flow for repeatability.