Console
The console explains release decisions. It does not replace CI/CD.
Use the console after a gate runs or when a connector reports new evidence. Customer installs expose /console and /settings. Owner is not installed in customer packages.
Overview
Command center: pending gates, held/blocked releases, stale evidence, connector issues, first-passport progress, and next actions.
Releases / Passports
Per-release decision, evidence timeline, decision trace, rollback readiness, approvals, waivers, AI investigation, and export.
Gate
Policy rules, templates, simulator, approvals, waivers, decision history, and post-deploy watch.
Radar
Service/environment health, connector freshness, runtime checks, journey checks, third-party signals, freshness, and confidence.
Metrics
DORA-style metrics, rollback rate, hold reasons, release throughput, approval wait time, connector reliability, and service scorecards.
Integrations
Connector matrix, configured connector health, detected candidates, manual connector fallback, and credential-required states.
Reports / Audit Log
Sanitized JSON, CSV, Markdown exports and governance events. Reports do not include secrets.
Settings
Customer-safe status for license, runtime, OIDC, tokens, connectors, and retention.
Account menu
Logout and account settings live under the account dropdown on desktop and mobile.
Menu-by-menu behavior
MenuOverview
Primary jobTriage release readiness across the workspace.
What users see firstPending gates, held/blocked releases, stale evidence, connector issues, first-passport progress, recent decisions.
What is intentionally hiddenNo broad hidden fan-out or customer evidence on public commercial hosts.
MenuReleases / Passports
Primary jobInspect the truth screen for one release.
What users see firstDecision, trace, evidence timeline, rollback posture, Radar signals, AI investigation, approvals, waivers, export.
What is intentionally hiddenAI never overrides Gate and exports stay sanitized.
MenuGate
Primary jobUnderstand and change decision rules.
What users see firstPolicy builder, rule effects, simulator, approvals, waivers, post-deploy watch.
What is intentionally hiddenGate owns decisions; Radar and Metrics do not.
MenuRadar
Primary jobObserve runtime and ecosystem state.
What users see firstService/env health, connector freshness, runtime checks, journey checks, third-party signals, confidence.
What is intentionally hiddenNo unbounded scraping and no credentialed live-sync claims without credentials.
MenuMetrics
Primary jobImprove release quality over time.
What users see firstDORA-style metrics, rollback rate, hold reasons, approval wait, evidence completeness, scorecards.
What is intentionally hiddenMetrics are analytics, not policy enforcement.
MenuIntegrations
Primary jobCheck connector health and evidence freshness.
What users see firstConnector matrix, health, detected candidates, credential-required status, manual fallback.
What is intentionally hiddenNo secret values in UI.
MenuSettings
Primary jobConfigure customer runtime status and safe controls.
What users see firstSecret-safe service scope, connector health, license, runtime, auth/OIDC, tokens, and retention.
What is intentionally hiddenOwner billing/license issuance app and inline secret editing.
| Menu | Primary job | What users see first | What is intentionally hidden |
|---|---|---|---|
| Overview | Triage release readiness across the workspace. | Pending gates, held/blocked releases, stale evidence, connector issues, first-passport progress, recent decisions. | No broad hidden fan-out or customer evidence on public commercial hosts. |
| Releases / Passports | Inspect the truth screen for one release. | Decision, trace, evidence timeline, rollback posture, Radar signals, AI investigation, approvals, waivers, export. | AI never overrides Gate and exports stay sanitized. |
| Gate | Understand and change decision rules. | Policy builder, rule effects, simulator, approvals, waivers, post-deploy watch. | Gate owns decisions; Radar and Metrics do not. |
| Radar | Observe runtime and ecosystem state. | Service/env health, connector freshness, runtime checks, journey checks, third-party signals, confidence. | No unbounded scraping and no credentialed live-sync claims without credentials. |
| Metrics | Improve release quality over time. | DORA-style metrics, rollback rate, hold reasons, approval wait, evidence completeness, scorecards. | Metrics are analytics, not policy enforcement. |
| Integrations | Check connector health and evidence freshness. | Connector matrix, health, detected candidates, credential-required status, manual fallback. | No secret values in UI. |
| Settings | Configure customer runtime status and safe controls. | Secret-safe service scope, connector health, license, runtime, auth/OIDC, tokens, and retention. | Owner billing/license issuance app and inline secret editing. |
Important fields
What the console is not
Not the deployment engine
CI/CD and GitOps still deploy. Release Passport decides whether promotion is acceptable based on evidence.
Not an unscoped infra scanner
It reads only configured service, namespace, query, app, project, or pipeline scope.
Not the owner admin app
Customer console cannot manage global customers, pricing, package entitlement, or license issuance.