Skip to content

v2.1.3

Choose a tag to compare

View all tags
@github-actions github-actions released this 14 Apr 18:08
· 6 commits to main since this release
v2.1.3
415dd55

What's new since v2.0

Policy Decision Point (PDP)

SentinelGate now exposes a Policy Decision Point alongside the MCP Proxy — the same CEL policies, callable from Go, Python, and Node SDKs to govern any protocol (REST, SQL, shell, custom agents that don't
speak MCP). Cooperative enforcement, identical audit trail, no traffic in the path.

Container and deployment ecosystem

Runnable examples and deployment templates for every target a team is likely to ship on:

  • Docker — standalone container, docker-compose demo with filesystem MCP and an agent simulator
  • Kubernetes — namespace, ConfigMap bootstrap, Deployment, Service, kind-based demo running 12 automated scenarios
  • Podman — rootless with SELinux and Quadlet/systemd integration
  • systemd — hardened unit with 18 sandboxing directives
  • Firecracker — microVM init script and rootfs build
  • LXC/LXD — system container with optional systemd integration
  • ECS Fargate — task definition with CloudWatch logging
  • Fly.iofly.toml with persistent volume and automatic TLS
  • Modal — serverless web endpoint with persistent state
  • E2B — cross-compiled SentinelGate running inside an E2B microVM, 10 automated scenarios
  • Daytona — cross-compiled SentinelGate running inside a Daytona sandbox, 10 automated scenarios
  • Claude Code — isolated container where Claude talks to the Anthropic API directly but every file operation goes through SentinelGate

Operations

  • Kill switch — atomic, global emergency stop for every tool call; state persisted across restarts; activate/resume from the dashboard or REST API
  • Readiness probe (/readyz) — verifies bootstrap completion, tool discovery, upstream connectivity, and kill-switch state; ready for K8s and Docker healthchecks
  • File-based bootstrap — auto-apply identities, API keys, upstreams, and policies from bootstrap.json at startup; self-consuming, GitOps-friendly

Policy engine

  • Sandbox profiles — three curated profiles (strict, standard, permissive) loadable via bootstrap with per-field overrides
  • Custom content-scanning patterns — up to 50 user-defined regex patterns on top of the 22 built-in detectors (secrets, PII, prompt-injection markers); persisted in state, managed via REST API
  • Bootstrap-driven policies — create identities, API keys, and CEL policies declaratively from a single config file

Links

Assets 9
Loading