code_deploy

Run a deployment from the current yaver code target or from an explicitly selected repo/machine. Supports direct host deploys to TestFlight, Play internal testing, Convex, Cloudflare, or combined all, plus optional GitHub/GitLab CI fallback. machine=auto asks Yaver to choose the best machine for ...

Server Yaver yaver-cli
Category Execute
Risk class High
Parameters 120 required

What code_deploy does on Yaver

AI agents invoke code_deploy to trigger actions in Yaver. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.

ParameterTypeRequiredDescription
app string Optional explicit app/project name override
tag string GitHub release tag for artifact upload mode
file string Optional artifact path for CI upload/release mode
branch string CI branch (default main)
ci_repo string Optional CI repo identifier; auto-detected from git when omitted
machine string Optional executor machine: local, auto, or a device id/name
surface string
targets array Optional explicit deploy target list; overrides surface
workflow string GitHub Actions workflow filename when ci_provider=github
device_id string Optional remote device ID
repo_path string Optional explicit repo path on the selected machine
distribute boolean When true, multi-target deploys may choose different machines per target

Parameters from the server's own tool schema.

Why code_deploy needs a policy

code_deploy triggers real processes with real consequences. An agent gone sideways doesn't fire it once — it starts dozens of builds, sends mass notifications, or burns through compute before anyone looks up.

Risk signalsAccepts file system path (file) · High parameter count (14 properties)

Questions about code_deploy

What does the code_deploy tool do? +

Run a deployment from the current yaver code target or from an explicitly selected repo/machine. Supports direct host deploys to TestFlight, Play internal testing, Convex, Cloudflare, or combined all, plus optional GitHub/GitLab CI fallback. machine=auto asks Yaver to choose the best machine for the target; distribute=true lets multi-target deploys fan out across different machines to reduce CI cost and load hot spots. It is categorised as a Execute tool in the Yaver MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

What parameters does code_deploy accept? +

code_deploy accepts 12 parameters: app, tag, file, branch, ci_repo, machine, surface, targets, workflow, device_id, repo_path, distribute. The full parameter table on this page comes from the server's own tool schema.

How do I enforce a policy on code_deploy? +

Register the Yaver MCP server in PolicyLayer and add a rule for code_deploy: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Yaver. Nothing to install.

What risk level is code_deploy? +

code_deploy is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit code_deploy? +

Yes. Add a rate_limit block to the code_deploy rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block code_deploy completely? +

Set action: deny in the PolicyLayer policy for code_deploy. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides code_deploy? +

code_deploy is provided by the Yaver MCP server (yaver-cli). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.