Deliver
Golden paths, the software catalog, scaffolding, and releases. The paved road for building and shipping services.
Reference
The terms, in plain language.
Platform engineering and AI-native delivery carry a lot of jargon, and not everyone in the room shares the same definition. Here is how IntegraCI uses these terms, written so you can read one entry and move on. Each definition stays concrete: what it is, and why it matters when you ship.
A
- AI gateway
- A single governed entry point for every model call. Requests pass through policy checks, budgets, and usage logging, so AI use stays auditable instead of scattered across teams.
- Air-gapped
- An install with no path to the public internet. IntegraCI can run fully self-hosted in a network like this, so regulated and high-security teams keep their data inside their own boundary.
- Audit trail
- A write-once, tamper-evident record of what the platform did and who approved it. Each entry is cryptographically chained to the one before it, so quiet edits show and you can export evidence on demand.
C
- Chaos engineering
- Deliberately injecting failure into a running system to prove it recovers, before real users feel an outage. IntegraCI orchestrates a chaos tool such as Litmus as a pipeline step and can gate a release on the recovery evidence.
- ChatOps
- Running operations from the chat tool your team already uses, so incidents, approvals, and notifications flow where the conversation happens. IntegraCI links chat identity to your single sign-on and surfaces events in a unified inbox.
- Configuration & secrets management
- Handling application configuration and sensitive values such as keys and tokens in a controlled, scoped way rather than in plain files. IntegraCI scopes variables at global, environment, or service level, masks secret values, and can point a tenant at its own vault.
- Connector
- An integration to a tool you already run: your CI, scanners, cloud, or identity provider. You connect your own accounts. IntegraCI ships a broad library of connectors and orchestrates them rather than replacing them.
D
- Data subject rights (DSR)
- The rights a person holds over their personal data under privacy law, such as getting a copy or asking for it to be erased. IntegraCI lets a tenant owner export their data or trigger an auditable right-to-be-forgotten deletion, with a confirmation step so erasure is never an accidental click.
- Deployment window
- A defined period when deploys are allowed or frozen, such as a change-freeze over a holiday or release. IntegraCI enforces blackout windows at the deploy gate, so a release that lands inside a frozen window is held automatically.
- DORA metrics
- Four delivery measures from the DevOps Research and Assessment programme: deployment frequency, lead time for changes, change failure rate, and time to restore service. They track how fast and how safely you ship.
F
- Feature flag
- A switch that turns a piece of functionality on or off without redeploying, so you can ship a version and decide when to release it. IntegraCI runs flag changes through the same approvals as the rest of delivery, so turning a feature on in production is a governed action.
G
- GitOps
- A way of running infrastructure where a Git repository holds the desired state and a controller reconciles the live system to match it. Changes go through pull requests, so deployments are reviewable and reversible.
- Golden path
- A paved, opinionated route for a common task such as creating a service or shipping to production. It bakes in your standards, so a developer gets a working, compliant setup without assembling it by hand.
H
- HITL approval
- Human-in-the-loop approval. A person reviews and signs off before a sensitive or automated action proceeds. AI agents and risky operations pause for a human decision instead of acting on their own.
- Hybrid connectivity
- Reaching tools that live inside a private network from a control plane outside it, without opening inbound access. IntegraCI uses an outbound-only bridge agent that enrolls from inside the network and dials out, so secrets stay on the customer edge.
I
- Internal Developer Platform
- A platform that gives developers self-service access to the tools, environments, and workflows they need to build and run software, with the standards and guardrails of the organisation built in.
M
- MLOps
- The practice of building, shipping, and operating machine-learning models with the same discipline as software delivery. IntegraCI authors ML pipelines as code, renders them to engines like Argo and Kubeflow, and gates models through a registry with approval workflows.
P
- Platform Orchestrator
- The component that coordinates the steps behind a request, such as provisioning, scans, approvals, and deploys. It runs the workflow across your connected tools so the right things happen in the right order.
- Policy as code
- A policy engine evaluates rules written as code against each request or deployment. Your policies become versioned, testable files that gate actions automatically, instead of guidance someone has to remember.
- Provenance / SLSA
- Provenance is verifiable evidence of how an artifact was built and from what source. SLSA (Supply-chain Levels for Software Artifacts) is a framework of levels that describe how trustworthy that build process is.
R
- Risk assessment
- A structured review of what could go wrong in a system or a data flow, such as a threat model or a data-protection impact assessment (DPIA). IntegraCI can draft these with AI as a starting point and records a human sign-off as evidence.
- RLS
- Row-level security, a database feature that decides which rows a query can touch at the database layer. IntegraCI enforces tenant isolation with row-level security, so one tenant cannot read another tenant's data even if app code slips.
S
- SBOM
- A software bill of materials: a list of the components and dependencies inside a build. It lets you answer "are we affected?" when a new vulnerability lands, because you already know what shipped.
- Scorecard
- A summary of how a service measures up against the checks you care about, such as security, ownership, and reliability. It turns scattered signals into one readable score teams can act on.
- Service mesh governance
- Setting the security and resilience rules for service-to-service traffic, such as mutual TLS, retries, timeouts, and circuit breaking, as policy rather than hand-edited config. IntegraCI renders those rules to concrete mesh resources you can preview before applying.
- SLO
- A service level objective: a target for how reliable a service should be, for example a percentage of successful requests over a window. It sets the bar that alerting and error budgets are measured against.
- Software catalog
- A live inventory of your services, APIs, and resources, with ownership and metadata attached. It answers what exists, who owns it, and how it connects, so nothing runs unaccounted for.
T
- Tenant isolation
- Keeping each customer or team's data and secrets separate so they never cross. In IntegraCI the boundary is enforced in the database itself, and a request with no tenant gets nothing back rather than everything.
- Test data management
- Controlling the data used in non-production environments so raw production records, including personal data, do not leak into testing. IntegraCI can require masked or synthetic data per environment and checks it at the deploy gate.
W
- WAAP (Web App & API Protection)
- Protection for web applications and APIs against common attacks, an evolution of the web application firewall (WAF) that also covers API traffic. IntegraCI can require WAF coverage on a service as a condition of release and gate the deploy on it.
No terms match your search.
How it fits together
Six pillars these terms hang off.
Most of the words above belong to one of six jobs IntegraCI does: shipping it, keeping it good, keeping it safe, keeping it running, keeping it accountable, and running AI under control.
Quality
Scorecards, test automation, code quality, and quality gates. The bar every service is measured against.
Secure
Policy gates, scanned supply chain, access governance, and tenant isolation. The guardrails that decide what is allowed to ship.
Operate
DORA metrics, SLOs, incidents, observability, and cost. The daily work of running services in production.
Govern
Policy as code, the audit trail, compliance evidence, and approvals. The proof that the rules held when it mattered.
AI
The AI gateway, copilot, AIOps, and governed agents. AI across the lifecycle, every action under policy and human approval.
See these terms at work.
Definitions only go so far. Request a demo and watch the golden paths, policy gates, and audit trail run on your own services, or read the docs for the detail behind each one.