Test Governance API Gates

This workflow helps you test a governance API designed for systems with multiple agents. It verifies that the API is operational and that compliance gates correctly reject invalid requests and accept valid ones.

What the workflow does

1. Checks if the governance API is online.
2. Retrieves the current list of active agents.
3. Sends an invalid request missing required data to confirm it is rejected.
4. Submits a valid artifact to confirm it is accepted and queued for compliance checking.

What you need

• A deployed governance API, with the base URL configured in the workflow.
• Network access to the API endpoints.

How the workflow works

1. Manual Trigger: Start the workflow manually.
2. API Health Check: Sends a GET request to the governance API's health endpoint to confirm it is up.
3. Get Active Agents: Fetches the active agents and their roles from the API.
4. Test Gate Rejection: Sends a POST request with missing artifact data to test that the governance gate denies it. This step is allowed to fail as an expected result.
5. Submit Valid Artifact: Sends a complete POST request with a valid artifact to test that the gate accepts it and queues the check.

Configuration

Make sure to update the base URL in the HTTP request nodes to point to your governance API deployment. Use the placeholder <base-url> in the URLs, for example:

Replace <base-url> with your actual API endpoint when deploying.

Output

The workflow returns API responses for each step, showing the health status, the active agents, the rejection confirmation, and the acceptance confirmation.

Notes

• The rejection test expects a failure response, which confirms that your governance gate is enforcing compliance correctly.
• Adjust API endpoints accordingly if your deployment uses different paths or port numbers.