Build CI/CD Overview

GOVERN Build — CI/CD Governance

Shift-left governance: run assessments and policy checks on every build, not just in production.

The Governance Gate

A governance gate blocks deployment if the AI system fails compliance checks:

Code Push → CI Build → GOVERN Assessment → Pass? → Deploy
                                           ↓
                                        Fail → Block + Finding

GitHub Actions

name: Governance Check
on: [push, pull_request]
jobs:
  govern:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: GOVERN Assessment
        uses: archetypal-ai/govern-action@v1
        with:
          api-key: ${{ secrets.GOVERN_API_KEY }}
          org-id: ${{ secrets.GOVERN_ORG_ID }}
          framework: nist-rmf
          fail-on: critical

GitLab CI

govern-check:
  image: archetypal/govern-probe:latest
  stage: test
  script:
    - govern assess --framework nist-rmf --fail-on critical
  variables:
    GOVERN_API_KEY: $GOVERN_API_KEY
    GOVERN_ORG_ID: $GOVERN_ORG_ID

Gate Types

Gate	What It Checks	Fail Condition
Assessment	Run full framework assessment	Score below threshold
Policy	Check against active policies	Any policy violation
Drift	Compare to production baseline	Drift score > threshold
Custom	Your own rules via .govern.yaml	Custom conditions