OP·0001 partitionpayments-staging operatorenvoy.host.green-bastion specimen — not your operation

Synth Ops · The Debrief

The intelligence is in the planning. The execution is deterministic.

A Claude extension that plans operations against real infrastructure, hands you the plan in plain language, and executes only what you approve — exactly as approved. Every decision logged. Reference implementation of the MCP Contract structure.

awaiting approval
The plan

What the envoy thinks it should do.

Free-form planning, read-only against your real environment. Nothing has executed yet. The reasoning column to the right of each step is what the envoy was thinking when it added that line — verbatim, no scrubbing.

  1. 01 succeeded

    Verify artifact integrity

    sha256sum payments-api-3.4.1.tar.gz | grep -F 7a4f…d29c
  2. 02 succeeded

    Drain traffic from blue pool

    aws elbv2 modify-target-group --target-group-arn "$BLUE_TG" --health-check-path /quiesce
  3. 03 succeeded

    Run schema migration · 2026_04_26_001

    psql $DB_URL -f migrations/2026_04_26_001_add_idem_key.sql
  4. 04 running

    Deploy payments-api to green pool

    ssh deploy@green-01 'sudo systemctl reload payments-api.service'
  5. 05 pending

    Cut DNS · drain blue pool

    aws route53 change-resource-record-sets --hosted-zone-id $ZONE --change-batch …
server envoy

Approve as shown and the plan executes verbatim. Modify the plan and the envoy re-plans. There is no third option — execution never re-reasons.

From the run log

The debrief is the point.

Three notes from the envoy's reasoning trace, written for the on-call engineer who'll inherit this incident at 2 a.m. and needs to know what was decided and why. Verbatim, no editor.

  1. t+00:14

    Considered batching steps 02 and 04 to reduce wall time. Rejected: a failure mid-batch loses the explicit rollback boundary between drain and deploy. Wall time is cheap; auditability is not.

  2. t+00:18

    $DB_URL resolved from partition payments-staging. Confirmed against the partition's expected host before issuing the migration. No cross-partition variable bleed.

  3. t+00:21

    Awaiting approval. Plan is fully formed; all variables resolved; rollback handlers staged. Will not execute step 04 until a human approves the plan as displayed.

Wire it up

Clone the repo.
Point Claude at it. Run an operation.

Source on GitHub jmfullerton96/synthops public · in development
  1. i. git clone https://github.com/jmfullerton96/synthops
  2. ii. Configure your MCP host to load the bundled server. The README walks through Claude Desktop and the local .mcpb path.
  3. iii. In Claude, say “deploy payments-api to staging.” Synth plans, you review, you approve, it runs.
  4. iv. Read the debrief. Decide whether the next operation wants the same envoy or a different partition. Repeat.

Free. Public source. Bring your own LLM provider. Bring your own infrastructure. Synth doesn't host either.

watch list

Synth Ops is moving. If you'd rather not track a build that changes weekly, leave a forwarding address and I'll write you when there's news.

Notify me

The first Synth still works.

synth-deploy/synth is the original — a standalone deployment server with its own envoy, its own UI, and a hard-won architecture learned over ~500 commits. It is not abandoned. It is on the shelf while this Claude-native pivot proves itself, and the two may yet merge. Use it if you want operations without leaving your own tooling, or if you want to bring an LLM provider that isn't Claude.

Status Frozen, public, working. Provider Any LLM. Successor This page.

§ appendix · operation manifest

Specification & notes

runtime
Inside Claude. The MCP server is a process on your machine; the envoy is a process on the target. There is no Synth cloud to log into.
operation types
deploy · maintain · query · investigate · trigger · composite. All six run the same pipeline: plan → approve → execute → explain.
contract
Planning reasons freely; execution does not re-reason. Approve a plan and it runs verbatim. Mid-flight failures roll back, never improvise.
partitions
Optional logical scopes. $DB_URL from the staging partition does not leak into a production operation. Operations work without partitions; with them, variables never bleed across.
build status
in development The page above is what the system aims to be, not a screenshot of polish that isn't there yet. The original synth-deploy/synth is more polished and on the shelf.
customization
Tuning Synth Ops to a specific stack — your handlers, your partitions, your envoy hosts — joe@jibeworks.com.