Roll it out across teams & environments
Getting from one engineer's laptop to an org-wide, always-current catalog is mostly about committing config and scheduling a re-scan — Regixo is a command you run, not a daemon you host. This page covers the unattended refresh, the CI recipe, keeping a hosted record fed, and how to handle multiple repos and environments. It ends with an honest account of what multi-entity does and doesn't do yet.
One laptop to org-wide
The move from a personal run to a repeatable org run is three commits:
- Commit
regixo.yml. With sources (by env-var name), intent, DORA scope and PII policy in the file, any machine — a colleague's or a CI runner — scans the same estate. Secrets stay in the environment. - Make it run headless. Off a TTY, in CI, or with
--yes, every command runs non-interactively: it takes answers from flags, env andregixo.ymland never prompts. A committed config plus--yesis a fully unattended refresh. - Seed the shared standards. Commit a house glossary and PII policy once, then bring them
in on each machine with
regixo catalog import regixo-catalog.json(merge-only — it never downgrades a confirmed answer).
regixo command, including setup, is agent-drivable: a missing required input is a
coded error naming the flag or env var to supply — never a blocking prompt. That's what lets the same
config run in a pipeline as cleanly as on a laptop.Schedule the refresh
regixo watch is a one-shot re-scan you schedule — from cron or CI — not a
hosted daemon that sits running. Each run re-scans, updates the map, appends the change-log, and
flags any signed activity whose core fields moved for re-sign. Two flags make it CI-native:
- --ci
- Prints the change summary as markdown to stdout (pipe it into
$GITHUB_STEP_SUMMARY) and signals a core-field change with exit code 3 — plainwatchkeeps the historic 0/1, so existing scripts are unaffected. - --webhook <url>
- POSTs the change report to a URL. The egress is announced first and carries names and change kinds only — never row values.
“Add Regixo to our GitHub Actions workflow, so every pull request reports what changed in our data.”
Show the commandHide the commandShow the sentenceHide the sentence
$ regixo watch --ci >> "$GITHUB_STEP_SUMMARY"
A ready-made GitHub Actions workflow ships in the repo at
examples/github-actions/regixo-watch.yml — copy it, set your source secrets as Actions
secrets, and a scheduled run posts its summary and fails the job on a core-field change.
The re-sign side of a scheduled change is walked in Keep it current.
Keep a hosted record current
Once a compliance lead has claimed a record on the portal, a paired regixo watch keeps
it fed. Set REGIXO_SYNC_TOKEN (the ingest-only machine token an admin minted) in the
environment and the same scheduled run pushes the refreshed, metadata-only draft to the portal:
“Keep the record we forwarded to our compliance team in sync from CI.”
Your agent fills in everything except the token — you put that in .env yourself.
Show the commandHide the commandShow the sentenceHide the sentence
$ export REGIXO_SYNC_TOKEN='rgx_sync_…' $ regixo watch --ci
The push goes to POST /api/v1/sync authenticated by the token. It carries metadata
only, and the token can only ingest — never unlock, sign or export. The record's “what changed” feed
updates so the compliance team sees the estate moved without anyone re-forwarding a draft.
Multiple repos, environments & networks
Real estates aren't one flat database. Three patterns:
- Multi-repo / multi-service — give each repo its own committed
regixo.ymlscoped to the sources that team owns. Each produces its own map; you decide whether to run them as separate records or merge the maps. - Prod vs staging — keep them as distinct sources (distinct
ids andconnectionRefs). Scanning staging is a safe way to preview a schema change before it reaches production and trips a re-sign. - Inside-network map-merge — when a database can't be reached from where you'd normally
run, run
regixo starton a machine inside that network and merge the maps. It's the same “bring Regixo inside” route the coverage meter points to in Architect your catalog.
Honest limits: multi-entity is not built yet
There is no organisation-level account that groups several records under one company today. The portal's “Your records” view unifies records by the signed-in email — not by organisation — and each record is its own tenant with its own licence. A person who signs multiple records sees them together; two colleagues do not automatically share a company view.
The Enterprise tier (from €18,000, published) is the answer for multi-entity groups
and self-host — but the grouping feature and the self-host regixo serve command
are not built; multi-entity pricing and company-account grouping are on the roadmap, not shipped. And the hosted
portal is not yet hosted — per-tenant DB isolation, EU residency, live Stripe and the real-IdP
SSO run are all launch gates still ahead. Plan around what ships today; treat the rest as roadmap.