🐛 🔧 ✅ 🚀

"Analyze, Fix, Test, and Release"

One prompt. Six connectors. From Jira bug to production deploy.

A bug is assigned to you. The AI reads the code, fixes it, pushes to GitHub, runs the pipeline, tests on staging, and promotes to production.

First, Let's Understand What's Happening

💬 You get a Jira notification and type:
"JIRA-4521 is assigned to me. Analyze the bug, fix the code, test it, and release to production."

That's the entire interaction. You don't open Jira. You don't open VS Code. You don't run tests manually. You don't SSH into servers. You just tell the AI what you want done.

🤖 The AI does 8 things automatically:
🐛
1. Reads the bug
Pulls Jira ticket details
🔍
2. Analyzes code
Finds the broken file on GitHub
🔧
3. Fixes the code
GitHub Copilot generates fix
⬆️
4. Pushes to GitHub
Creates branch + PR
⚙️
5. Runs pipeline
Triggers Azure DevOps CI/CD
🧪
6. Tests on dev cluster
Deploys to your personal K8s
🏭
7. Promotes to staging
Group-level staging cluster
🚀
8. Releases to prod
Org production cluster
☁️ The cluster hierarchy (who has access to what)

Every developer has their own test cluster. Each team has a shared staging cluster. The company has one production cluster.

👤
Dev Clusters (per-user)
alice-dev-aks bob-dev-aks carol-dev-aks
Your sandbox — break anything
👥
Staging Clusters (per-team)
eng-staging-aks platform-staging-aks
Team integration testing
🏢
Production (org-wide)
prod-east-aks prod-west-aks
Manager approval required

Credentials for each cluster are stored in the vault. The AI uses the same cascade as travel: your cluster → team cluster → production cluster.

📋 Policies control what's allowed
🏢 Org Policy
"All prod deploys need manager approval"
"No deployments on Fridays after 2pm"
"Rollback if error rate > 5%"
👥 Team Policy
"Engineering: staging must pass before prod"
"All PRs need 1 reviewer"
"Run integration tests on staging"
👤 User Preferences
"Use my fork for PRs"
"Always run security scan"
"Notify me on Slack"

The Complete Architecture

🧠 AI Hub
"JIRA-4521 is assigned to me. Analyze, fix, test, and release."
alice@acme.comEngineeringdeveloper
🤖 Agent + MCP Server
LLM orchestrates across 6 plugins with 40+ tools. Enforces policies from RAG before every action.
Jira
Read tickets, update status, add comments
GitHub
Read code, create branch, open PR
Copilot
Analyze code, generate fix
ADO
Trigger pipeline, check build
K8s
Deploy, check pods, rollback
Monitor
Check metrics, error rates
Vault (Cluster Credentials)
👤 cw-pvt-alice-k8s-kubeconfig → alice-dev-aks
👥 cw-grp-engineering-k8s-kubeconfig → eng-staging-aks
🏢 cw-org-k8s-kubeconfig → prod-east-aks
RAG (Deploy Policies)
🏢 "No Friday deploys after 2pm"
👥 "Staging must pass before prod"
👤 "Always run security scan"

Step-by-Step: What the Agent Does

Step 1 🐛 Read the Jira ticket Jira Plugin
jira-get-issue(key="JIRA-4521")
Bug: "Payment service returns 500 when amount is zero"
File: src/payments/charge.py:line 42
Priority: P1 • Assigned: alice@acme.com
jira-update-status(key="JIRA-4521", status="In Progress")
Step 2 🔍 Analyze the code on GitHub GitHub Plugin
github-get-file(repo="acme/payment-service", path="src/payments/charge.py")
Reads the file. Finds line 42: amount_cents = int(amount * 100)
Problem: When amount=0, Stripe API rejects the call with 500.
Need: add validation before calling Stripe.
Step 3 🔧 Generate the fix Copilot Plugin
copilot-fix(file="src/payments/charge.py", issue="Validate amount > 0 before Stripe call")
-   amount_cents = int(amount * 100)
+   if amount <= 0:
+      return {"error": "Amount must be greater than zero"}
+   amount_cents = int(amount * 100)
Step 4 ⬆️ Push to GitHub + Open PR GitHub Plugin
github-create-branch(repo="acme/payment-service", branch="fix/JIRA-4521-zero-amount")
github-commit-file(branch="fix/JIRA-4521-zero-amount", file="src/payments/charge.py", message="Fix zero amount validation (JIRA-4521)")
github-create-pr(title="Fix: Payment 500 on zero amount", body="Closes JIRA-4521", base="main")
PR #287 created. Vault resolved Alice's GitHub PAT from private vault.
Step 5 ⚙️ Trigger CI/CD Pipeline ADO Plugin
ado-trigger-pipeline(project="PaymentService", pipeline="ci-build", branch="fix/JIRA-4521-zero-amount")
Triggers Azure DevOps build pipeline.
✅ Build passed • ✅ Unit tests passed (247/247) • ✅ Security scan clean
Step 6 🧪 Deploy to Alice's dev cluster K8s Plugin
k8s-deploy(cluster="alice-dev-aks", image="acme/payment-service:fix-4521", namespace="payments")
Vault resolves: cw-pvt-alice-k8s-kubeconfigalice-dev-aks credentials
✅ Pods healthy • ✅ Smoke test passed • POST /charge {amount:0}{"error":"Amount must be greater than zero"}
Step 7 🏭 Promote to staging K8s Plugin
📋 Policy check: "Engineering: staging must pass integration tests before prod"
k8s-deploy(cluster="eng-staging-aks", image="acme/payment-service:fix-4521", namespace="payments")
Vault resolves: cw-grp-engineering-k8s-kubeconfigeng-staging-aks credentials
✅ Integration tests passed (38/38) • ✅ Load test OK • ✅ Error rate: 0%
Step 8 🚀 Release to production K8s + Monitor Plugins
📋 Policy check: "All prod deploys need manager approval" → Alice is developer, not manager
⚠️ Requires approval. Agent sends request to #eng-releases Slack channel.
✅ Manager approves. Agent proceeds.
k8s-deploy(cluster="prod-east-aks", image="acme/payment-service:fix-4521", namespace="payments")
monitor-watch(service="payment-service", duration="5m", threshold="error_rate < 1%")
Vault resolves: cw-org-k8s-kubeconfigprod-east-aks credentials
✅ Rolling deploy • ✅ Error rate 0.02% • ✅ Latency normal
jira-update-status(key="JIRA-4521", status="Done")
jira-add-comment(key="JIRA-4521", body="Fixed in PR #287. Deployed to prod-east-aks.")
🤖 Agent Response:
JIRA-4521 resolved! Here's the summary:

🐛 Bug: Payment 500 on zero amount
🔧 Fix: Added validation if amount <= 0 in charge.py
⬆️ PR: #287 merged to main
⚙️ Pipeline: Build passed, 247 unit tests green
🧪 Dev: Tested on alice-dev-aks ✅
🏭 Staging: 38 integration tests passed on eng-staging-aks ✅
🚀 Production: Deployed to prod-east-aks, error rate 0.02% ✅
📝 Jira: JIRA-4521 → Done

Policies applied: staging-before-prod (team), manager approval for prod (org), security scan (user pref).

Same Bug, Different People, Different Clusters

👤 Alice Engineering • Developer
Dev cluster: alice-dev-aks (personal) → Staging: eng-staging-aks (team) → Prod: ⚠️ Needs manager approval
GitHub: Alice's PAT • Jira: Alice's token • ADO: Org pipeline key
👤 Bob Platform Team • Senior Engineer
Dev cluster: bob-dev-aks → Staging: platform-staging-aks (different team!) → Prod: ⚠️ Needs approval
Different team = different staging cluster — vault cascade picks the right one automatically
👤 Manager Mike Engineering • Manager
Dev cluster: mike-dev-aks → Staging: eng-staging-aks → Prod:Auto-approved (manager role)
Managers can deploy directly to prod — policy check passes automatically
👤 Intern Ivan Engineering • Intern
Dev cluster: ivan-dev-aks → Staging:BLOCKED — Intern policy: "Cannot deploy to staging or prod"
Agent: "Your intern policy doesn't allow staging/prod deployments. Ask your mentor to review and deploy."

Deep Dive: Every Network Call

35+ calls in ~30 seconds. Here are the key ones.

🔐 Auth + Discovery
1 Browser → Keycloak — OIDC login → JWT with email, groups, roles
2 Agent → MCPtools/list → discovers 40+ tools from 6 plugins
3 Agent → EngineGET /api/plugins → fetches system_prompts (deploy policies)
🐛 Bug Analysis
4 MCP → Jira APIGET /rest/api/3/issue/JIRA-4521 (Alice's Jira token from vault)
5 MCP → GitHub APIGET /repos/acme/payment-service/contents/src/payments/charge.py
6 MCP → Azure OpenAI — Copilot analyzes code + generates fix diff
⬆️ Push + Pipeline
7 MCP → GitHub API — Create branch, commit file, open PR #287
8 MCP → ADO APIPOST /_apis/pipelines/12/runs (org-level ADO token from vault)
9 MCP → ADO API — Poll build status until complete (build passed)
🧪 Deploy Chain: Dev → Staging → Prod
10 Vault cascadecw-pvt-alice-k8s-kubeconfigalice-dev-aks
11 MCP → K8s APIkubectl apply to alice-dev-aks • smoke tests pass
12 RAG search — "deploy staging policy" → [GROUP_POLICY] "staging must pass before prod" ✅
13 Vault cascadecw-grp-engineering-k8s-kubeconfigeng-staging-aks
14 MCP → K8s API — Deploy to eng-staging-aks • integration tests pass
15 RAG search — "prod deploy policy" → [ORG_POLICY] "manager approval required"
16 MCP → Slack API — Request approval in #eng-releases
17 Vault cascadecw-org-k8s-kubeconfigprod-east-aks
18 MCP → K8s API — Deploy to prod-east-aks • rolling update
19 MCP → Datadog API — Watch error rate for 5 minutes (0.02% < 1%) ✅
20 MCP → Jira API — Update JIRA-4521 → Done + add comment
Total: ~35 calls • Vault lookups: ~15 • External APIs: 12 (Jira, GitHub, ADO, K8s×3, Datadog, Slack) • LLM: 4 • RAG: 3 • Time: ~30 seconds

What Makes This Different

CapabilityTraditional DevOpsOther AI ToolsContextWeaver
Bug to production❌ Hours: Jira → IDE → Git → PR → Pipeline → Deploy⚠️ Copilot fixes code, you do the rest✅ One sentence: analyze, fix, test, release
Per-user clusters✅ Manual kubeconfig management❌ No cluster awareness✅ Vault cascade: user → team → prod
Policy enforcement✅ Hardcoded pipeline gates❌ No policy awareness✅ RAG-based: ingest from any data source, instant enforcement
Multi-tool orchestration❌ Separate tools, manual flow⚠️ Single-tool (just code)✅ Jira + GitHub + ADO + K8s + Monitor in one flow
Approval workflows✅ Pipeline gates❌ No approval concept✅ Policy-aware: blocks + requests approval automatically
Rollback safety✅ Manual rollback❌ No deployment awareness✅ Auto-monitors error rate, auto-rollback if threshold exceeded
Different teams, different rules⚠️ Separate pipeline configs❌ Same for everyone✅ Engineering vs Platform vs QA — different clusters and policies

The Bigger Picture: A Lego System for Any Service

DevOps is just one combination. Every popular application — Jira, Salesforce, Slack, SAP, Workday, ServiceNow — can become a connector. Every connector can be:

🔧 Built New
Direct API connector
Stripe, Gmail, GitHub
🔄 Proxied from MCP
Point to any MCP server
Expedia, Amadeus, any MCP
➕ Extended & Combined
N connectors per plugin
DevOps = Jira+GitHub+K8s

🧱 Build. Proxy. Extend. Combine. — Unlimited Possibilities.

B2B enterprise (DevOps, ITSM, ERP) or B2C consumer (travel, shopping, finance) — same platform, same security, infinite combinations.

The Bottom Line

One sentence. Six connectors. From Jira bug to production deploy.
The AI read the ticket, analyzed the code, generated the fix, pushed to GitHub,
ran the pipeline, tested on dev, validated on staging, and released to production.
Different people, different clusters, different policies — all automatic.

DevOps is one Lego creation. Travel booking is another. Healthcare, finance, HR, logistics —
any service can be assembled from connectors, with enterprise-grade security at every level.

Back to About Travel Planner Scenario
© 2026 ContextWeaver — Enterprise RAG & Agentic AI Platform