AI Builder Safety Net Walkthrough
This guide walks through the full safety net you can wrap around an AI-built application on OSC: from first deploy through high-availability, automated security audits, staged deployments, and one-command rollback. Follow the steps in order; each one builds on the previous.
Step 1: Deploy Your App
Get your application running on OSC from a git repository. You need a running app before any of the safety features can be activated.
See Deploy or Publish Your Application for the full guide.
Once deployed, OSC assigns your app a public URL and begins health monitoring automatically.
Step 2: Enable High Availability
Turn on high-availability mode so that OSC runs multiple replicas of your app. If one replica fails or is evicted, traffic continues without interruption.
See the High Availability section in Managing Custom Apps for how to enable HA from the web console or via your AI agent.
Example prompt:
Enable high availability for my app called myapp
Step 3: Enable Agentic SDLC
Attach an AI agent to your app. Once enabled, the agent runs on a recurring schedule to review dependencies, open security-fix pull requests, and keep the project moving between your sessions.
See Agentic SDLC for the full setup guide.
Example prompt:
Enable Agentic SDLC for my app called myapp
After enabling, the agent bootstraps a CLAUDE.md context file in your repository and creates a scheduled task. You can monitor both from My Agent Tasks.
Optional but recommended: enable the Security Audit add-on to run weekly vulnerability scans on top of the regular SDLC activity.
Step 4: Enable the Stage/Prod Pipeline
Initialise the two-environment promotion model. OSC creates a stage app (always tracking your main branch) and a prod app (pinned to an explicit version tag). Every merged pull request updates stage automatically; production only advances when you say so.
Example prompt:
Initialise the stage/prod pipeline for my app called myapp
See the Stage/Prod Pipeline section in Agentic SDLC for full details.
Step 5: The AI Opens a PR for Your Review
When the agent finishes work on a feature or fix, it opens a pull request in your repository. The PR appears in the Requests tab of your app in My Apps. You review the plan, then approve, revise, or cancel it.
Nothing reaches production until you explicitly promote it in Step 6.
Step 6: Promote to Production
When the stage app looks good and you are ready to ship, release it to production.
Example prompt:
Release the current stage to production for my app called myapp
The agent tags the repository at the current stage HEAD, pins the prod app to that tag, and updates the running production image. The tag becomes a permanent snapshot you can return to later.
Step 7: Check What Versions Are Deployed
At any point you can inspect which versions exist and which one is currently live in production.
Example prompt:
List available versions for my app myapp
The get-myapp-versions tool returns all released version tags with their commit references and release timestamps. The current production version is highlighted.
Step 8: Roll Back if Something Goes Wrong
If a release causes problems, revert production to the previous version with a single command.
Example prompt:
Roll back myapp to the previous version
Or target a specific version:
Roll back myapp to v1.1.0
The rollback-myapp-prod tool pins the production app to the specified version and restarts it. Stage is unaffected. When you have resolved the issue, run a new release to move production forward again.
See Rollback and Versions for the full rollback guide, including what rollback does and does not affect.
Summary
| Step | What it gives you |
|---|---|
| Deploy | App running with a public URL and health monitoring |
| High availability | Multiple replicas; no single point of failure |
| Agentic SDLC | Ongoing security and dependency management by AI |
| Stage/prod pipeline | Every change goes to staging before production |
| PR review | Human approval gate before any code reaches production |
| Release to prod | Explicit promotion that creates a versioned snapshot |
| Version list | Visibility into what is deployed and when |
| Rollback | One-command revert to any previous production version |