CLI & CI/CD Drift Gate

Released: January 5, 2026

A new way to use Controlinfra without ever opening the dashboard. The open-source CLI runs in your CI pipeline, talks to the Controlinfra API, and exits non-zero when drift exceeds the rules you set.

New

• controlinfra CLI (open source, github.com/controlinfra/cli). Installable via curl controlinfra.com/cli/install.sh | bash for Mac/Linux. Binary releases per platform.
• controlinfra drift-gate command. Runs a Terraform validation pipeline (terraform init, plan, drift comparison) and exits 0 / non-zero based on configured drift thresholds. Drop it into a GitHub Actions / GitLab CI / CircleCI step and fail deploys with measurable drift.
• Configurable thresholds. Specify max allowed drifts by severity (--max-critical 0 --max-high 2). Useful for staging gates that allow some low-severity drift while blocking critical changes.

Why this matters

Detection at scan time is post-facto — the drift already happened. The CLI shifts the check left into the deployment pipeline itself, so untracked changes can't ship without an explicit approval. Same drift engine the dashboard uses, called from your CI.