Introduction In Stage 4A, I built a CLI tool (swiftdeploy) that generates infrastructure from a single file (manifest.yaml). In Stage 4B, I extended it to include: Observability (metrics) Policy enforcement (OPA) Auditing (history + reports) The goal was simple but strict: The system must refuse to deploy or promote if it is unsafe. This meant moving from just “running containers” to building a system that can think and decide before acting. ⸻ Architectural Overview manifest.yaml ↓ Enter fullscreen mode Exit fullscreen mode swiftdeploy CLI ↓ Enter fullscreen mode Exit fullscreen mode docker-compose + nginx ↓ Enter fullscreen mode Exit fullscreen mode Docker Network ↓ Enter fullscreen mode Exit fullscreen mode [ NGINX ] → [ APP (/metrics) ] ↓ metrics ↓ CLI ↓ OPA Enter fullscreen mode Exit fullscreen mode At a high level: manifest.yaml is the single source of truth swiftdeploy CLI reads it and generates: docker-compose.yml nginx.conf Docker runs: API service Nginx (reverse proxy) OPA (policy engine) flow: CLI…