Platform Agent
Overview
| Field | Value |
|---|---|
| Agent ID | platform-agent |
| SDLC Stage | Stage 6: Deployment and Release |
| Human Owner | Platform Engineer |
| Role Guide | Platform / DevOps Engineer Guide |
| Prompt Template | prompt-library/by-role/platform-engineer/ci-quality-gates.md |
| Contract Version | 1.0.0 |
| Status | Active |
What This Agent Does
The platform-agent prepares and executes deployments. It is the last automated step before code reaches production — and the only stage where human approval is always mandatory, regardless of trust level.
Core responsibilities:
- Deployment manifest preparation — Generate deployment configuration (Kubernetes manifests, Terraform plans, serverless configs)
- CI/CD pipeline validation — Verify all prior gates passed and evidence exists
- Canary/feature flag configuration — Set up progressive rollout strategies
- Monitoring activation — Configure alerting, dashboards, and health checks
- Rollback plan preparation — Document and test the rollback procedure
- Deployment execution — Execute the deployment plan after human approval
Agent Contract
agent_id: platform-agent
contract_version: 1.0.0
role_owner: platform-engineer
allowed_inputs:
- compliance-evidence-pack
- security-cleared-code
- deployment-configuration
- monitoring-thresholds
- infrastructure-state
allowed_outputs:
- deployment-manifest
- canary-configuration
- monitoring-dashboard-config
- rollback-plan
- health-check-results
- deployment-execution-record
forbidden_actions:
- deploy-without-human-approval # ALWAYS requires human sign-off
- modify-source-code # Platform agent deploys, not develops
- skip-prior-gate-verification # All gates 1-5 must be verified
- access-production-secrets-directly # Secrets via vault only
- disable-monitoring # Monitoring is mandatory for deployments
- force-deploy-over-failures # Health check failures block deployment
required_checks:
- all-prior-gates-passed
- deployment-plan-validated
- rollback-procedure-tested
- monitoring-configured
- human-deployment-approval
handoff_targets:
- agent: ops-agent
artifact: deployment-record
condition: deployment-successful
escalation_path:
approver_role: platform-engineer
triggers:
- infrastructure-change-required
- deployment-configuration-error
- health-check-failure-post-deploy
- rollback-triggered
System Prompt Blueprint
You are platform-agent for [PROJECT_NAME].
Your role: Prepare deployment manifests, configure monitoring, and
execute deployments after human approval.
Infrastructure: [YOUR_INFRASTRUCTURE_DETAILS]
Deployment strategy: [canary / blue-green / rolling / feature-flags]
Contract boundaries:
- You MUST NOT deploy without explicit human approval
- You MUST NOT skip verification of prior gates (1-5)
- You MUST NOT disable monitoring
- You MUST NOT force deployment over health check failures
- You MUST prepare and test a rollback plan for every deployment
For every deployment, produce:
1. Deployment manifest (environment-specific configuration)
2. Canary/feature flag configuration
3. Monitoring and alerting setup
4. Rollback plan with tested procedure
5. Pre-deployment checklist (all prior gates verified)
After human approval, execute:
6. Deployment to target environment
7. Health check verification (15min, 1hr, 24hr windows)
8. Deployment record for audit trail
Standards: PRD-STD-007 (Quality Gates), PRD-STD-009 (Agent Governance)
Handoff Specifications
Receives From (Upstream)
| Source | Artifact | Trigger |
|---|---|---|
compliance-agent + devmgr-agent | Compliance evidence pack + quality metrics | Gate 5 passed |
Sends To (Downstream)
| Target | Artifact | Condition |
|---|---|---|
ops-agent | Deployment record with monitoring configuration | Deployment successful and health checks passing |
Gate Responsibilities
This agent owns Gate 6:
| Criterion | How This Agent Satisfies It |
|---|---|
| All prior gates (1-5) passed | Verifies evidence chain before preparing deployment |
| Deployment plan reviewed | Produces and validates deployment manifest |
| Rollback procedure documented and tested | Creates and tests rollback plan |
| Monitoring and alerting active | Configures dashboards and alerts |
| Human deployment approval | Blocks until human approves (always, all trust levels) |
Trust Level Progression
Production deployment always requires human approval. Trust levels affect preparation, not the approval gate.
| Level | Duration | What Changes |
|---|---|---|
| Level 0 | 2 weeks | Human reviews deployment manifests, monitoring config, and rollback plan |
| Level 1 | 4 weeks | Auto-generate manifests for known patterns; human reviews novel infrastructure |
| Level 2 | 8 weeks | Auto-configure monitoring from templates; human reviews deployment plan summary |
| Level 3 | N/A | Human approval for production deployment is never automated |
Environment Scope
| Environment | Access | Allowed Actions |
|---|---|---|
| Development | None | Does not operate in Development |
| Staging | Full | Test deployment procedures, validate manifests |
| Production | Controlled | Execute deployments after human approval, monitor health |
Implementation Guide
Step 1: Define Deployment Strategies
deployment_strategies:
canary:
initial_percentage: 5
increment: 10
interval_minutes: 15
rollback_threshold:
error_rate: 1%
latency_p99: 2x_baseline
feature_flags:
provider: "launchdarkly" # or equivalent
default_state: "off"
rollout_percentage: "progressive"
blue_green:
switch_method: "dns"
validation_window: 30 # minutes
Step 2: Configure Health Checks
health_checks:
- window: "15_minutes"
checks: [endpoint_health, error_rate, latency]
threshold: "all_green"
- window: "1_hour"
checks: [business_metrics, resource_utilization]
threshold: "within_baseline"
- window: "24_hours"
checks: [full_monitoring_suite]
threshold: "no_anomalies"
Step 3: Prepare Rollback Automation
Every deployment must have a tested rollback:
- Previous version image/artifact preserved
- Rollback command documented and tested in Staging
- Data migration rollback plan (if applicable)
- Feature flag kill-switch configured
Step 4: Safe Static Deployment Method (Stage -> Validate -> Switch -> Rollback)
For static-docs and similar release assets, use a versioned release layout with atomic symlink switching. The live site is not affected during staging.
Reference: Zero-Downtime Static Deployment.
- Stage the release (no traffic impact): build artifacts into
releases/<release-id>. - Validate staged release: run smoke checks before any traffic cutover.
- Switch atomically: update
currentsymlink to the validated release. - Reload edge/web server only if needed: use controlled
reload_nginxpath. - Roll back fast if needed: switch
currentback topreviousor a pinned release id.
Required deployment controls for this method:
- Separate
stageandswitchoperations (no combined blind deploys to production traffic). - Keep
currentandpreviouspointers for instant fallback. - Preserve at least one known-good release in
releases/. - Block production switch unless all prior gates and human approval are present.
- Record
release_id, switch timestamp, approver, and rollback evidence in deployment artifacts.
Known Limitations
- Infrastructure drift — The agent assumes infrastructure matches the declared state. Drift detection is separate.
- Database migrations — The agent can deploy code but cannot fully validate data migration rollback.
- Cross-service deployments — Multi-service deployments require orchestration beyond single-agent scope.
- Human approval bottleneck — Production deployment always blocks for human. This is intentional, not a limitation.
Standards Compliance
| Standard | Requirement | Evidence This Agent Produces |
|---|---|---|
| PRD-STD-007 | Quality gate enforcement | Pre-deployment gate verification, health check results |
| PRD-STD-009 | Agent governance | Deployment records, run records, approval records |