Deploy Gate — Block AI Deploys Until a Human Signs (v2)

AI agents can open PRs. They should not deploy to production.

This GitHub Action enforces that boundary.

Deploy Gate blocks high-risk pull requests until a human explicitly approves and signs the action in Permission Protocol.

---

What it does

• Blocks risky PRs with a required status check
• Posts a PR comment with a direct approval link
• Sends the reviewer to Permission Protocol to approve and sign
• Unblocks the PR instantly after approval
• Produces a tamper-evident approval record

---

Why this exists

AI agents can write code, open PRs, and trigger workflows — but they should not have authority to deploy on their own.

Deploy Gate separates:

• Intelligence — the agent proposes the action
• Authority — a human signer approves it

---

Quickstart

Add to your workflow:

- uses: permission-protocol/deploy-gate@v2
  with:
    pp-api-key: ${{ secrets.PP_API_KEY }}

v1.2.0 — Scannable CI Output

Deploy Gate v1.2.0

Improved CI output for faster human action.

• Key actions (approve link, status) now appear first in CI logs
• Diagnostic details moved below the fold
• Cleaner banner formatting

v1.1.0 — Public Action Convergence

Deploy Gate v1.1.0

Converged internal and public action into a single codebase.

• Public action now matches internal battle-tested version
• Auto-creates deploy requests when no receipt exists (pp-request-create-token input)
• Backward compatible — simple usage unchanged

v1.0.0 — Initial Release

Deploy Gate v1.0.0

First public release of the Permission Protocol deploy gate action.

• Blocks merges to main until a human approves via Permission Protocol
• Enforces approval state via GitHub commit status
• Protected-path matching for risk metadata
• 3-minute install with one workflow file and one secret