Cassian Gate
A deterministic validation gate for network changes
Runs your proposed change in a controlled environment, asserts real network behavior, and returns PASS or FAIL — with auditable artifacts you can attach to a PR or CI job.
Example run
Every run writes results.json. That file is the authoritative artifact — not the terminal output.
Run from a clone of the repository (see Try it below) — topologies/ ships in the repo, not the pipx wheel.
Install
pipx install cassian-gate
Try it
git clone https://github.com/cassian-gate/cassian-gate.git cd cassian-gate cassian doctor cassian test topologies/first-run-proof-minimal.yaml
First run pulls container images (about 500 MB) and may take several minutes. Subsequent runs complete in under a minute on the proof topologies.
To see the gate catch a real failure: cassian test topologies/first-run-proof-fail-catching.yaml
What it does
- Behavior, not config text. Boots your topology, runs your change, asserts what actually happens — BGP sessions, route propagation, policy, reachability, failover.
- Deterministic verdicts. Binary PASS/FAIL. Clean exit codes. No risk scores, no "probably fine," no AI deciding whether your change is safe.
- CI-safe by design. Clean-state execution. Authoritative artifacts. Drops into GitHub Actions or GitLab CI as a single job.
- Catches real failures. Route leaks, policy misconfigs, failover bugs, convergence issues, grey failures like packet loss and latency.
Latest release — v2.1
- Actionable failure output, guaranteed. Every failed invariant now renders the observed state that made it fail; every rejected input says what was wrong, where, and what would be valid — straight from the deterministic engine, no AI surface required.
- User-defined invariants. Declare your own check as a read-only command plus a typed assertion, run through the same verdict machinery as a built-in.
- More BGP coverage. New
bgp_communityandbgp_as_pathinvariants bring the built-in catalog to fifteen types. - Tagged runs, audit-grade evidence, brownfield importer. Selective execution with
cassian test --tag, tamper-checkableresults.jsonfields, and an offline first-importer for NetBox-derived topologies.
Full write-up: What's new in v2.1 →
Scope — v2
Cassian Gate v2 validates FRR-based topologies — FRR plus host and firewall nodes. The engine is runtime-agnostic by design; SONiC is the next NOS (Phase 2), scoped by a strategic reassessment before it begins.
Cassian Gate does not auto-remediate, does not replace monitoring, does not run against live infrastructure, and does not use AI for pass/fail decisions. AI is advisory only.