Governed deploys

Deploys are product operations, not local provider commands. A deploy must produce an operation_run, public health evidence and a rollback target.

For Kubernetes resources, the worker writes a governed change to weppa-platform-gitops; Flux reconciles the cluster from GitHub.

For Cloudflare Workers Static Assets, the worker uses an allowlisted adapter, records the artifact and provider version, validates the public URL and stores the rollback target.

In both cases, the operator gets the same outcome: evidence and a decision, not a hidden provider command.