_delimit_deploy_impl
Dispatch to eight deploy operations (plan, build, publish, verify, rollback, status, site, npm). Orchestrates container lifecycle, static site deploys, or npm publishing from one call.
Instructions
Unified deployment entry point — dispatches to one of eight actions (Pro).
When to use: as the single MCP-registered deploy surface (delimit_deploy) when the caller wants to pick the deploy operation by name in one call rather than choosing a specific delimit_deploy_* alias. Covers the full container chain (plan -> build -> publish -> verify -> rollback), the deploy-state read (status), and the two non-container ship paths (site / npm). When NOT to use: from internal code paths or when you want the operation's behavior and gate to surface at the right name — prefer the specific alias (delimit_deploy_plan, delimit_deploy_build, delimit_deploy_publish, delimit_deploy_verify, delimit_deploy_rollback, delimit_deploy_status, delimit_deploy_site, delimit_deploy_npm). For a pure runtime health check use delimit_obs_status; for a pre-deploy smoke test use delimit_test_smoke; for release-tracking metadata use delimit_release_status.
Sibling contrast: each delimit_deploy_ wrapper is a thin alias over this implementation (they exist so the action's docstring lives at the right name). This is the dispatch core. The "plan" action additionally shares logic with delimit_deploy_plan via the internal _deploy_plan_chain helper.
Side effects: ALL actions are gated by require_premium — unlicensed callers receive a license payload and no backend call is made. Errors are deterministic: an unrecognized action returns {"error": "Unknown action ''. Valid: ..."} before any gate or backend call. Per action:
"plan": delegates to _deploy_plan_chain (gate key "deploy_plan"). Read-mostly but ORCHESTRATES a chain: a worktree-sanity precheck, then delimit_security_audit (FAIL-CLOSED — halts with status="blocked" on audit error or any critical finding without producing a plan), then the deploy-bridge plan, then a best-effort delimit_gov_evaluate. Produces no deploy artifact itself.
"build": gate "deploy_build". WRITES locally — shells out to the container builder (consumes local disk/CPU for image layers). No network push at this step.
"publish": gate "deploy_publish". NETWORK WRITE — pushes previously built images to the configured container registry.
"verify": gate "deploy_verify". Read-only network PROBES (HTTP health checks, container/dependency inspection) of a deployed revision. May return partial results on backends without health endpoints.
"rollback": gate "deploy_rollback". MUTATES the running environment to point at to_sha (reversal-only).
"status": gate "deploy_status". READ-ONLY query of the deploy state store. No write, no probe.
"site": project_path is path-sanitized FIRST (an escape returns {"error": ...} before the gate). gate "deploy_site". LOCAL git ops (add/commit/push) + a NETWORK Vercel build trigger.
"npm": gate "deploy_npm". A PRODUCTION DEPLOY — bumps package.json (LOCAL write), runs prepublishOnly, npm pack, then npm publish (a publicly-visible NETWORK write, effectively not undoable). dry_run=True suppresses only the final publish; the bump and pack still run. Every result is wrapped via _with_next_steps for orchestrator hints.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| action | No | Which deploy operation to perform. One of "plan", "build", "npm", "publish", "site", "status", "verify", "rollback". Default "status". Case/space-insensitive (lowered + stripped). Other values return a deterministic {"error": ...}. | status |
| app | No | Application name / project key in the deploy backend. Used by "plan", "build", "publish", "verify", "rollback", "status". Required for a real container operation. (Ignored by "site" and "npm".) | |
| env | No | Target environment, typically "staging" or "production". Used by "plan", "verify", "rollback", "status". | |
| git_ref | No | Git ref (branch/tag/SHA). Used by "plan", "build", "publish", "verify". Default None = backend HEAD; drives the image tag for "build". | |
| to_sha | No | SHA to roll back to. Used by "rollback" only. None lets the backend select the previous deployed SHA. | |
| project_path | No | Path to the project. Used by "site" and "npm". Default "." (cwd). For "site" it is sanitized and must not escape the workspace root; for "npm" it must contain a package.json. | . |
| message | No | Git commit message. Used by "site" only. | |
| bump | No | Semver bump "patch" (default) / "minor" / "major". Used by "npm" only. | patch |
| tag | No | npm dist-tag. Used by "npm" only. Default "latest"; use "next" or a custom tag to avoid auto-installing the new version for existing users. | latest |
| dry_run | No | If True, run the npm chain without the final publish. Used by "npm" only. Default False. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||