Read-only repository analysis
Detect frameworks, build commands, environment requirements, and deployment shape in an isolated checkout without changing the worktree, remotes, or history.
When development is done, hand the Git repository to AgentMesh Deploy. It locks the commit, analyzes the stack, selects providers, and compiles a plan. Real changes happen only after you approve cost, database migration, DNS, and production cutover. Product repositories stay read-only; deployment state stays in an independent control plane.
Domains, servers, databases, email, environment variables, CI/CD, migrations, health checks, and rollback are scattered across vendor consoles. AgentMesh Deploy turns them into one reviewable, approvable, recoverable release chain.
AgentMesh Deploy does not install a sidecar into product repositories. It creates an isolated checkout from a locked commit and stores Manifest, Plan, Approval, Evidence, and Run objects in an external Control Home. Required source changes are emitted only as patch proposals.
Product repositories are read-only inputs. Provider changes require external plans, approvals, and evidence.
Every action binds the same Commit, Graph, and plan fingerprint. After interruption, the agent reconciles provider facts before deciding whether to resume or hand control to a human.
Detect frameworks, build commands, environment requirements, and deployment shape in an isolated checkout without changing the worktree, remotes, or history.
Turn a high-level launch configuration into deterministic runtime, database, DNS, and email adapter actions.
Network, provider mutations, cost, database migration, and production cutover are authorized independently.
Inspect schema, classify SQL, capture snapshot or backup evidence, then apply a migration bound to the expected target version.
Coordinate site routing and Resend domain records through reviewed change sets without fuzzy matches or unrelated record replacement.
Persist intent before mutation and receipt after it. Resume reconciles existing resources before any replay.
v0.2.0 publishes six core adapter contracts. Credentials are consumed only through Secret Refs; tokens, connection strings, and private keys never enter plans, runs, state, or logs.
Automation should remove repetitive cross-vendor work, not remove accountability. Humans remain only at decisions that carry identity, money, data, or production risk.
Analyze source, inspect provider capabilities, compare architecture options, and calculate expected resources and mutations.
Create vendor accounts, complete identity or payment steps, issue least-privilege tokens, and choose a secret backend.
Create isolated projects, deploy the locked commit, and verify HTTPS, API, database version, and email-domain state.
Approve paid plans, domain purchases, migrations, restores, and any operation that may affect existing data.
Persist immutable receipts, detect drift, reconcile uncertain writes, and generate exact recovery steps.
Approve production DNS, real email sending, traffic cutover, resource deletion, and destructive database operations.
The CLI returns structured nextActions. A receiving agent does not need to guess the next command or improvise across six vendor consoles.
Provide a local repository or remote Git URL. AgentMesh Deploy records the source and locks an immutable commit.
Detect the stack, compare Vercel, Railway, Neon, and Supabase options, then ask you to approve provider and budget choices.
Create least-privilege tokens following CLI guidance and store only references to Keychain, 1Password, or another backend.
After Sandbox Profile, Approval, and Preflight, create isolated resources and verify the locked commit.
Review database, DNS, email, and rollback evidence before any production change.
$ gh release download v0.2.0 --repo jiyangnan/AgentMesh-Deploy-Agent --pattern 'agentmesh-deploy-*.tgz' $ npm install --global ./agentmesh-deploy-0.2.0.tgz $ agentmesh-deploy version 0.2.0 $ agentmesh-deploy project add --repo /path/to/product --id my-saas --name "My SaaS" --json $ agentmesh-deploy analyze my-saas --json nextActions → review configuration → connect providers → sandbox preflight
keychain://, op://, or custom secret:// references. Raw values never enter Plan, Run, State, Receipt, or logs.Read the installation and agent guidance in the public repository. Start with read-only analysis and a sandbox before approving real provider changes.