CostGuard CI/CD validation CLI — shift-left cost governance for cloud infrastructure
Project description
CostGuard CLI
Shift-left cost governance for CI/CD pipelines. One command validates your Terraform plan against cost policies, budget limits, and guardrails — before infrastructure is deployed.
Install
pip install costguard-cli
Usage
# Validate a Terraform plan
costguard-validate --plan plan.json --format terminal
# Post results as PR/MR comment (auto-detects GitLab/GitHub/Azure DevOps)
costguard-validate --plan plan.json --format markdown --post-comment
# Use cached result across pipeline stages
costguard-validate --cached costguard-result.json --format html --output-file report.html
Configuration
| Option | Env Variable | Description |
|---|---|---|
--api-url |
COSTGUARD_API_URL |
CostGuard API endpoint |
--api-key |
COSTGUARD_API_KEY |
API authentication key |
--budget-code |
COSTGUARD_BUDGET_CODE |
Budget code to validate against (e.g. CS-FY2026-M01) |
Output Formats
| Format | Use Case |
|---|---|
terminal |
Local development, CI logs |
markdown |
PR/MR comments |
html |
Executive reports, artifacts |
json |
Machine-readable, integrations |
Exit Codes
| Code | Decision | Meaning |
|---|---|---|
| 0 | ALLOW | Deployment permitted |
| 1 | BLOCK | Deployment blocked by guardrails |
| 2 | WARN | Deployment allowed with warnings |
| 3 | ERROR | Validation could not complete |
CI/CD Integration
GitLab CI
costguard:
script:
- pip install costguard-cli
- terraform show -json plan.tfplan > plan.json
- costguard-validate --plan plan.json --format terminal --post-comment
variables:
COSTGUARD_API_URL: $COSTGUARD_API_URL
COSTGUARD_API_KEY: $COSTGUARD_API_KEY
GitHub Actions
- name: CostGuard Validation
env:
COSTGUARD_API_URL: ${{ secrets.COSTGUARD_API_URL }}
COSTGUARD_API_KEY: ${{ secrets.COSTGUARD_API_KEY }}
run: |
pip install costguard-cli
terraform show -json plan.tfplan > plan.json
costguard-validate --plan plan.json --format terminal --post-comment
Azure DevOps
- script: |
pip install costguard-cli
terraform show -json plan.tfplan > plan.json
costguard-validate --plan plan.json --format terminal --post-comment
env:
COSTGUARD_API_URL: $(COSTGUARD_API_URL)
COSTGUARD_API_KEY: $(COSTGUARD_API_KEY)
How It Works
- Reads
plan.json(output ofterraform show -json) - Sends it to the CostGuard API
- Receives cost breakdown, policy violations, budget status, and AI recommendations
- Formats and displays results
- Exits with appropriate code so the pipeline can ALLOW, WARN, or BLOCK
No cloud credentials required — the CLI only reads the plan file. All resource details are already in the Terraform plan output.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file costguard_cli-2.0.1.tar.gz.
File metadata
- Download URL: costguard_cli-2.0.1.tar.gz
- Upload date:
- Size: 25.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
85e9ef3eae668523a5384973d8c411c91bf73b48d15fe84835137915500f7406
|
|
| MD5 |
e4d1b4a2e262fd164094b5a727d3b51f
|
|
| BLAKE2b-256 |
88025127b339836133f8ff75dad8b028b0b00501a6bd5fbbf89a84bdb523d793
|
File details
Details for the file costguard_cli-2.0.1-py3-none-any.whl.
File metadata
- Download URL: costguard_cli-2.0.1-py3-none-any.whl
- Upload date:
- Size: 28.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b0ccbede45e7f63ddd25ae7a2a37f4cba238434dd4941a58ef54e5ae8a141303
|
|
| MD5 |
e7675a12e165984512c783d01616ac16
|
|
| BLAKE2b-256 |
51faf5afc096ae089258fd4e5d3ec1b781c58a462e716fd05362912cda8d382a
|
