Skip to content

Architecture

The control plane between intent and side effects.

Beecommit adds contract, policy, approvals, and replay between intent and side effects.

Contract-first intake
Policy before risky transitions
Replayable execution history
Observable from request to artifact

System overview

A layered architecture for governed agent execution.

Beecommit sits between a request and the systems that carry side effects.

Open section

System Overview

Architecture Layers

Control

Layer 2 of 7

Contract layer

Intent becomes an explicit contract

The run begins with declared scope, expected outcome, allowed tools, and boundaries for side effects.

1

Objective and expected artifact

2

Scope, tools, and repositories

3

Runtime constraints and boundaries

Each layer answers a specific control question: what is allowed, what should run next, who must approve, and how the run can be inspected later.

Lifecycle of a contract

A contract moves through explicit runtime states.

The run moves through explicit states instead of one opaque agent session.

Open section

Validation happens before orchestration.
Policy can block, downgrade, or require approval.
Approval is a state transition, not an out-of-band comment thread.
Completion, failure, and replay all retain the same evidence surface.

Primary flow

Draft

Draft

A request enters intake with intent, context, and a target outcome.

Validated

Validated

Contract shape, required inputs, and declared boundaries are checked.

Policy checked

Policy checked

Policy rules decide whether the run can proceed, must wait, or is blocked.

Scheduled

Scheduled

The orchestrator creates the managed execution plan and allocates work.

Running

Running

Agent steps and activities execute under tracked state and controlled handoffs.

Waiting approval

Waiting approval

High-risk transitions pause for a human decision before side effects continue.

Terminal states

Completed

Completed

Blocked

Blocked

Failed

Failed

Replayed

Replayed

The point of the lifecycle is to make control visible before and after side effects, not only after something has already happened.

Control plane vs execution plane

Orchestration and side effects are deliberately separated.

Beecommit governs the workflow. Agents and external systems perform the bounded actions.

Open section

Beecommit control plane

Beecommit control plane

This is where contracts, policy, orchestration, approval state, and execution history live.

Contract parsing and validation
Policy evaluation and risk classification
Step scheduling, branching, and retries
Approval checkpoints and operator state
Execution history, replay, and trace inspection

Handoffs and side effects

External execution plane

External execution plane

This is where agents, tools, and enterprise systems perform the work that can cause side effects.

Agent runtime and tool invocations
Repository, CI, and ticketing actions
Environment or delivery system hooks
Artifact creation and external state changes
Policy is enforced before protected transitions.
Approvals happen before merges, deploys, or other production-adjacent actions.
Retries and replay are controlled from the Beecommit side, not improvised inside the agent runtime.
Side effects remain visible because handoffs are explicit.

Policy and governance

Governance becomes part of runtime behavior.

Policy, approvals, and blocked transitions become runtime behavior instead of after-the-fact process.

Open section

Protected branch semantics can map to policy decisions.
Protected environment semantics can require an explicit approval step.
Auditability comes from runtime evidence, not from post-hoc reconstruction.

Policy-as-code

Rules can reason about tools, repos, branches, and environments

Policy checks can be attached to risk classes, target systems, tool use, change budgets, and branch or environment protections.

Strictness levels

Different workflows can carry different control intensity

Low-risk documentation updates and high-risk production-adjacent actions do not need to share the same gate depth or approval policy.

Approval gates

Human review is a native workflow state

Approval is explicit in the runtime, with waiting states, approver identity, and a recorded decision trail.

Blocked actions

Unsafe transitions fail closed instead of continuing optimistically

When a workflow violates a boundary, Beecommit can stop it before the side effect lands in the external system.

Replay, audit, and traceability

The execution path stays inspectable after the workflow ends.

Teams can inspect what happened, why it happened, and who approved it.

Open section

00:00

Contract accepted

The run begins with declared intent, target systems, and scoped constraints.

00:03

Policy decision recorded

Rules classify the run, enforce boundaries, and set approval requirements.

00:08

Execution plan emitted

The orchestrator creates the graph of steps, retries, and handoffs.

00:21

Approval requested

A risky transition pauses with operator-visible context and next action.

00:27

Approval granted

Approver identity and decision reason remain attached to the run history.

00:39

Artifact produced

The workflow lands output in the target system with lineage back to the request.

Later

Replay or inspection

Operators can inspect, replay, or compare the run without losing the prior evidence chain.

Replay is useful because the system remembers both transitions and decisions, not just final output.

What happened
Why the transition was allowed
Who approved the risky step
Which artifact or external effect followed
What a replay should reproduce or re-inspect

Integrations

Beecommit sits inside the engineering stack you already operate.

The control plane fits Git, CI, ticketing, and observability instead of living outside them.

Open section

Source control and review

Repository integrations keep code changes reviewable and traceable rather than letting an agent mutate state in the dark.

CI/CD and delivery

Deployment-adjacent actions can remain gated and policy-aware instead of bypassing existing rollout controls.

Ticketing and planning

The contract can start from the same issue and approval context teams already use to track engineering work.

Observability and evidence export

Operational signals should feed the stack platform teams already use for runtime review and incident analysis.

Beecommit

Contracts, policy, orchestration, approvals, replay, audit, observability.

Source control and review

Repository integrations keep code changes reviewable and traceable rather than letting an agent mutate state in the dark.

GitHubGitLabBitbucketPull request workflows

CI/CD and delivery

Deployment-adjacent actions can remain gated and policy-aware instead of bypassing existing rollout controls.

CI pipelinesEnvironment hooksRelease workflowsDelivery checkpoints

Ticketing and planning

The contract can start from the same issue and approval context teams already use to track engineering work.

JiraLinearInternal ticketingChange requests

Observability and evidence export

Operational signals should feed the stack platform teams already use for runtime review and incident analysis.

LogsMetricsSIEMTracing and event export

Operator experience

Humans stay in control because the workflow remains legible.

Operators can see status, approvals, lineage, and replay context while the run is active or finished.

Open section

Status visibility instead of opaque background work
Approval waiting states with context
Trace browsing and step inspection
Issue-to-PR lineage for reviewable artifacts

Operator console

Workflow state stays visible while the run is live.

approval required

Live status

Running

Current state, active step, policy class, and elapsed time stay visible while the run is in progress.

Approval queue

Waiting approval

High-risk transitions are surfaced with context, affected systems, and the next possible action.

Lineage

Issue → Contract → PR

Request origin and produced artifacts stay connected so teams can browse the full path.

Replay

Ready

Operators can inspect prior decisions and decide whether replay, retry, or closure is the right action.

workflow / contract / bc-20260317-014governed
policy gatepassed
approval checkpointwaiting on platform-owner
artifact lineageISSUE-248 → contract → PR-817

Operator outcomes

Status visibility instead of opaque background work
Approval waiting states with context
Trace browsing and step inspection
Issue-to-PR lineage for reviewable artifacts

Deployment and enterprise readiness

Designed for controlled rollout inside real engineering organizations.

Evaluate Beecommit like platform infrastructure: scope, integrations, and governance model first.

Open section

Multi-team orientation

The operating model assumes multiple projects, teams, workflows, and approval paths rather than a single isolated sandbox.

RBAC-ready thinking

Requesters, operators, and approvers are separate roles in the runtime model, even when a first pilot starts small.

Audit-friendly architecture

Execution evidence, approvals, and artifacts remain reviewable after the run instead of disappearing into chat history.

Integration-first design

The control plane is most useful when it fits existing Git, CI, ticketing, and observability systems.

Controlled rollout model

The product is well suited to narrow pilots that prove governance on one workflow before broader rollout.

Next step

Review one workflow end to end before you expand the surface area.

The right starting point is a bounded workflow with real controls, real approvals, and a clear artifact path. That gives your platform and engineering teams something concrete to evaluate.