Agent control plane Structured SSH · Git receipts · Human inspection
← All updates
Releases 0.1.34–0.1.55 June 13, 2026

GitOps is the receipt layer for agents

How the per-user gitops repo became the audit trail for apps, routes, addons, and user-visible platform writes.

Mechanics relies on GitOps because agents need a receipt layer. A command can be short, but the result should still be inspectable as files, commits, diffs, and reconciled resources.

The user got a gitops repo

0.1.34 replaced per-app Argo CD Application creation with a per-user private gitops repository. Mechanics seeds an apps/ tree and an Argo CD ApplicationSet discovers applications from that tree. App creation became a GitOps write first, and app deletion became removal of the app directory so Argo CD can prune the live resources.

This also separated source repositories from deployment declarations. The app's code and image live in the source repo and registry; the desired runtime state lives in the tenant's GitOps repo.

Network state got its own area

0.1.38 moved Mechanics-managed routes into network/routes/<app>/ and reconciled them through a dedicated network Application. Routes no longer had to live beside workload manifests, and app deletion could clean up the Mechanics-owned route files without touching user-authored networking elsewhere.

Authorship became a safety boundary

0.1.39 added user-commit protection. Before Mechanics overwrites or deletes a GitOps file, it checks whether the last commit was a Mechanics-authored commit. If a human edited the file directly, the command refuses and shows the conflicting commit unless the caller passes --force.

Mechanics-generated commit messages also became structured, using shapes like mechanics(app.create): add app manifests. That makes it possible to tell machine-authored platform writes apart from human edits without guessing.

Addons joined the same model

0.1.55 added an addons/ tree and a per-tenant addons Application. Creating a database means committing a CloudNativePG manifest to GitOps. Later addon types use the same contract: manifests in Git, reconciliation by Argo CD, readiness read from Kubernetes, and connection information printed through SSH.

The important part is consistency. Apps, routes, and addons are different resource types, but the platform record is the same: a tenant-scoped GitOps file written by a named command and reconciled by Argo CD.

Agents get compact verbs. Humans get commits, paths, diffs, and reconciliation state.