CostGuard CI/CD validation CLI — shift-left cost governance for cloud infrastructure

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for skyxops from gravatar.com skyxops

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: LicenseRef-Proprietary
    SPDX License Expression
  • Author: SKYXOPS
  • Tags costguard , cost , governance , finops , cloud , terraform , cloudformation , iac , ci-cd , budget , guardrails , skyxops
  • Requires: Python >=3.9
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

CostGuard CLI

Shift-left cost governance for CI/CD pipelines. One command validates your Terraform or CloudFormation plan against cost policies, budget limits, and guardrails — before infrastructure is deployed.

Install

pip install costguard-cli

Quick Start

costguard-validate --plan plan.json --budget-code CS-FY2026-BU105-M03 --post-comment

Configuration

Env Variable Description Required
COSTGUARD_API_KEY API authentication key Yes
COSTGUARD_API_URL API endpoint (default: https://api.skyxops.com) No
COSTGUARD_BUDGET_CODE Budget code for validation (use --skip-budget for pricing-only) No

CI/CD Integration

GitLab CI

Required CI/CD variables:

Variable How to set Purpose
COSTGUARD_API_KEY Settings → CI/CD → Variables (masked) API auth
GITLAB_TOKEN Project/Group Access Token with api scope Post MR comments

Note: CI_JOB_TOKEN cannot post MR comments — GitLab restricts it to read-only. Create a Project Access Token (Settings → Access Tokens → api scope) or a Group Access Token for all projects in the group.

stages:
  - cost-review

costguard-review:
  stage: cost-review
  image: python:3.12-slim
  script:
    - pip install --quiet costguard-cli
    - costguard-validate --plan plan.json --post-comment
  allow_failure:
    exit_codes:
      - 2
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"

GitHub Actions

Required secrets: COSTGUARD_API_KEY. GITHUB_TOKEN is auto-provided.

- name: CostGuard Validation
  env:
    COSTGUARD_API_KEY: ${{ secrets.COSTGUARD_API_KEY }}
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  run: |
    pip install -q costguard-cli
    costguard-validate --plan plan.json --post-comment

Azure DevOps

Required variables: COSTGUARD_API_KEY, SYSTEM_ACCESSTOKEN.

- script: |
    pip install -q costguard-cli
    costguard-validate --plan plan.json --post-comment
  env:
    COSTGUARD_API_KEY: $(COSTGUARD_API_KEY)
    SYSTEM_ACCESSTOKEN: $(System.AccessToken)

Output Formats

Format Flag Use Case
Terminal --format terminal CI logs (default)
Markdown --format markdown PR/MR comments
HTML --format html Executive reports
JSON --format json Integrations

Exit Codes

Code Decision Pipeline Effect
0 ALLOW Continues
1 BLOCK Stops
2 WARN Continues (use allow_failure: exit_codes: [2])
3 ERROR Stops

Comment Behavior

--post-comment is idempotent: creates one comment on first run, updates it on re-push. No duplicates. Works on GitLab MRs, GitHub PRs, and Azure DevOps PRs.

How It Works

  1. Reads plan file (Terraform plan.json or CloudFormation changeset)
  2. Sends to CostGuard API for pricing, budget validation, and guardrail checks
  3. Displays cost breakdown, AI recommendations, and decision
  4. Posts result as MR/PR comment (if --post-comment)
  5. Exits with decision code so the pipeline can ALLOW, WARN, or BLOCK

No cloud credentials required — the CLI only reads the plan file.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for skyxops from gravatar.com skyxops

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: LicenseRef-Proprietary
    SPDX License Expression
  • Author: SKYXOPS
  • Tags costguard , cost , governance , finops , cloud , terraform , cloudformation , iac , ci-cd , budget , guardrails , skyxops
  • Requires: Python >=3.9
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

2.7.0

2.6.0

2.5.0

2.4.0

2.3.0

2.2.0

2.1.0

2.0.16

2.0.15

2.0.14

2.0.13

2.0.11

2.0.10

2.0.9

2.0.8

This version

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

costguard_cli-2.0.7.tar.gz (27.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

costguard_cli-2.0.7-py3-none-any.whl (30.0 kB view details)

Uploaded Python 3

File details

Details for the file costguard_cli-2.0.7.tar.gz.

File metadata

  • Download URL: costguard_cli-2.0.7.tar.gz
  • Upload date:
  • Size: 27.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.2

File hashes

Hashes for costguard_cli-2.0.7.tar.gz
Algorithm Hash digest
SHA256 66e6a6662e1639da78e8ec3d7fee0aac0a4ccbc9db658b06f78c3384576f3381
MD5 c9d5bc51da5db24e8654d52c23c228a9
BLAKE2b-256 1ebe1637d45378a3250e285c94e627c5428be9479d4fae646f91d25d5cfd3204

See more details on using hashes here.

File details

Details for the file costguard_cli-2.0.7-py3-none-any.whl.

File metadata

  • Download URL: costguard_cli-2.0.7-py3-none-any.whl
  • Upload date:
  • Size: 30.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.2

File hashes

Hashes for costguard_cli-2.0.7-py3-none-any.whl
Algorithm Hash digest
SHA256 8aff5b3b60c3826805cd3871ebca91fe9c72fa070972a01d0a906be134d88b76
MD5 4d33b8f2863b73b4a8b46a7e332e8474
BLAKE2b-256 cfb9693f1efb57bf78ab5f0bb43f083e6b78e9a625a1cf710167d67d5a1a2d44

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page