microdao-daarion/config/release_gate_policy.yml

# Release Gate Policy — DAARION.city
#
# Controls strictness of each gate per deployment profile.
#
# Modes:
#   off    — gate is fully skipped (no call, no output)
#   warn   — gate always pass=True; findings become recommendations only
#   strict — gate can fail release (pass=False) when fail_on conditions are met
#
# Profiles: dev | staging | prod
# Set via release_check input `gate_profile` (default: dev).

profiles:
  dev:
    description: "Development: strict for security gates, warn for governance"
    gates:
      pr_review:
        mode: "strict"
      config_lint:
        mode: "strict"
      dependency_scan:
        mode: "strict"
        fail_on_severities: ["CRITICAL", "HIGH"]
      contract_diff:
        mode: "strict"
      threat_model:
        mode: "strict"
      smoke:
        mode: "warn"
      drift:
        mode: "warn"
      slo_watch:
        mode: "warn"
      followup_watch:
        mode: "warn"
        fail_on: ["P0", "P1"]
      privacy_watch:
        mode: "warn"
      cost_watch:
        mode: "warn"
      recurrence_watch:
        mode: "warn"
      risk_watch:
        mode: "warn"
      risk_delta_watch:
        mode: "warn"
      platform_review_required:
        mode: "warn"

  staging:
    description: "Staging: strict security + strict privacy on errors"
    gates:
      pr_review:
        mode: "strict"
      config_lint:
        mode: "strict"
      dependency_scan:
        mode: "strict"
        fail_on_severities: ["CRITICAL", "HIGH"]
      contract_diff:
        mode: "strict"
      threat_model:
        mode: "strict"
      smoke:
        mode: "warn"
      drift:
        mode: "strict"
      slo_watch:
        mode: "strict"        # Don't deploy if SLO currently breached
      followup_watch:
        mode: "strict"
        fail_on: ["P0", "P1"]
      privacy_watch:
        mode: "strict"
        fail_on: ["error"]
      cost_watch:
        mode: "warn"
      recurrence_watch:
        mode: "strict"        # Block staging deploy if P0/P1 high recurrence
        fail_on:
          severity_in: ["P0", "P1"]
          high_recurrence: true
      risk_watch:
        mode: "strict"        # Block staging if score >= fail_at for p0_services
      risk_delta_watch:
        mode: "strict"        # Block staging for p0_services when delta >= fail_delta
      platform_review_required:
        mode: "warn"          # warn-first: never blocks staging by default

  prod:
    description: "Production: maximum strictness across all gates"
    gates:
      pr_review:
        mode: "strict"
      config_lint:
        mode: "strict"
      dependency_scan:
        mode: "strict"
        fail_on_severities: ["CRITICAL", "HIGH", "MEDIUM"]
      contract_diff:
        mode: "strict"
      threat_model:
        mode: "strict"
      smoke:
        mode: "strict"
      drift:
        mode: "strict"
      slo_watch:
        mode: "warn"           # Warn: don't automatically block prod deploys on SLO
      followup_watch:
        mode: "warn"
        fail_on: ["P0"]
      privacy_watch:
        mode: "strict"
        fail_on: ["error"]
      cost_watch:
        mode: "warn"
      recurrence_watch:
        mode: "warn"           # Warn only in prod (accumulate data first)
      risk_watch:
        mode: "warn"           # Warn only in prod
      risk_delta_watch:
        mode: "warn"           # Warn only in prod
      platform_review_required:
        mode: "warn"           # Start conservative in prod

# ─── Defaults (used if profile or gate not found) ────────────────────────────
defaults:
  mode: "warn"
  # privacy_watch default fail_on (for strict mode):
  privacy_fail_on: ["error"]
  # cost_watch is never strict by default
  cost_always_warn: true