Compliance-as-Code

Enforce AI compliance in your CI/CD pipeline. Add a .regseal.yml file to your repository and validate it on every push.

1. Create `.regseal.yml`

Add this file to the root of your repository. It declares your model’s compliance requirements.

.regseal.ymlyaml

version: 1

model:
  name: "Fraud Detection Pipeline"
  version: "3.1.0"
  architecture: "XGBoost + LSTM ensemble"

compliance:
  frameworks:
    - eu-ai-act
    - nist-ai-rmf
  minimum_score: 80
  require_attestation: true

registry:
  slug: "huggingface-my-org-fraud-detection"
  auto_register: true

Field Reference

version: Schema version. Must be 1.
model.name: Human-readable model name. Used for registry lookup if no slug is provided.
model.version: Model version string (optional).
compliance.frameworks: Regulatory frameworks: eu-ai-act, colorado-ai-act, nist-ai-rmf, iso-42001, pqc.
compliance.minimum_score: CI fails if the model’s compliance score is below this value (0-100).
compliance.require_attestation: If true, CI fails unless the model has an active cryptographic attestation.
registry.slug: Registry entry slug for lookup. Falls back to model.name if omitted.

2. Add the GitHub Action

Create .github/workflows/compliance.yml in your repository:

.github/workflows/compliance.ymlyaml

name: AI Compliance Check

on:
  push:
    branches: [main]
  pull_request:

jobs:
  compliance:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install yq
        run: sudo snap install yq

      - name: Verify AI Compliance
        run: |
          RESULT=$(curl -s -X POST https://regseal.ai/api/v1/registry/validate \
            -H "x-api-key: ${{ secrets.REGSEAL_API_KEY }}" \
            -H "Content-Type: application/json" \
            -d "$(yq -o=json .regseal.yml)")

          VALID=$(echo "$RESULT" | jq -r '.data.valid')

          if [ "$VALID" != "true" ]; then
            echo "::error::Compliance check failed"
            echo "$RESULT" | jq '.data.errors[]' -r 2>/dev/null
            exit 1
          fi

          echo "Compliance check passed"
          echo "$RESULT" | jq '.data.model'

3. Example CI Output

Pass

CI Outputshell

Compliance check passed
{
  "slug": "huggingface-my-org-fraud-detection",
  "status": "verified",
  "score": 85,
  "attestation": {
    "hash": "a1b2c3...",
    "frameworks": ["eu-ai-act", "nist-ai-rmf"],
    "issuedAt": "2026-03-15T00:00:00.000Z",
    "expiresAt": "2026-09-15T00:00:00.000Z"
  }
}

Fail

CI Outputshell

::error::Compliance check failed
Compliance score 72 is below the required minimum of 80.

JSON Schema

For IDE autocomplete and validation, reference the JSON Schema in your editor:

.regseal.yml (with schema reference)yaml

# yaml-language-server: $schema=https://regseal.ai/regseal-yml-schema.json
version: 1
model:
  name: "My Model"
compliance:
  minimum_score: 80

Schema URL: https://regseal.ai/regseal-yml-schema.json

Get your API key

Create a free RegSeal account to get an API key for CI/CD integration.

Create Account

Compliance-as-Code

Enforce AI compliance in your CI/CD pipeline. Add a .regseal.yml file to your repository and validate it on every push.

1. Create `.regseal.yml`

Add this file to the root of your repository. It declares your model’s compliance requirements.

.regseal.ymlyaml

version: 1

model:
  name: "Fraud Detection Pipeline"
  version: "3.1.0"
  architecture: "XGBoost + LSTM ensemble"

compliance:
  frameworks:
    - eu-ai-act
    - nist-ai-rmf
  minimum_score: 80
  require_attestation: true

registry:
  slug: "huggingface-my-org-fraud-detection"
  auto_register: true

Field Reference

version: Schema version. Must be 1.
model.name: Human-readable model name. Used for registry lookup if no slug is provided.
model.version: Model version string (optional).
compliance.frameworks: Regulatory frameworks: eu-ai-act, colorado-ai-act, nist-ai-rmf, iso-42001, pqc.
compliance.minimum_score: CI fails if the model’s compliance score is below this value (0-100).
compliance.require_attestation: If true, CI fails unless the model has an active cryptographic attestation.
registry.slug: Registry entry slug for lookup. Falls back to model.name if omitted.

2. Add the GitHub Action

Create .github/workflows/compliance.yml in your repository:

.github/workflows/compliance.ymlyaml

name: AI Compliance Check

on:
  push:
    branches: [main]
  pull_request:

jobs:
  compliance:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install yq
        run: sudo snap install yq

      - name: Verify AI Compliance
        run: |
          RESULT=$(curl -s -X POST https://regseal.ai/api/v1/registry/validate \
            -H "x-api-key: ${{ secrets.REGSEAL_API_KEY }}" \
            -H "Content-Type: application/json" \
            -d "$(yq -o=json .regseal.yml)")

          VALID=$(echo "$RESULT" | jq -r '.data.valid')

          if [ "$VALID" != "true" ]; then
            echo "::error::Compliance check failed"
            echo "$RESULT" | jq '.data.errors[]' -r 2>/dev/null
            exit 1
          fi

          echo "Compliance check passed"
          echo "$RESULT" | jq '.data.model'

3. Example CI Output

Pass

CI Outputshell

Compliance check passed
{
  "slug": "huggingface-my-org-fraud-detection",
  "status": "verified",
  "score": 85,
  "attestation": {
    "hash": "a1b2c3...",
    "frameworks": ["eu-ai-act", "nist-ai-rmf"],
    "issuedAt": "2026-03-15T00:00:00.000Z",
    "expiresAt": "2026-09-15T00:00:00.000Z"
  }
}

Fail

CI Outputshell

::error::Compliance check failed
Compliance score 72 is below the required minimum of 80.

JSON Schema

For IDE autocomplete and validation, reference the JSON Schema in your editor:

.regseal.yml (with schema reference)yaml

# yaml-language-server: $schema=https://regseal.ai/regseal-yml-schema.json
version: 1
model:
  name: "My Model"
compliance:
  minimum_score: 80

Schema URL: https://regseal.ai/regseal-yml-schema.json

Get your API key

Create a free RegSeal account to get an API key for CI/CD integration.

Create Account

Compliance-as-Code

1. Create .regseal.yml

Field Reference

2. Add the GitHub Action

3. Example CI Output

Pass

Fail

JSON Schema

Get your API key

Compliance-as-Code

1. Create .regseal.yml

Field Reference

2. Add the GitHub Action

3. Example CI Output

Pass

Fail

JSON Schema

Get your API key

1. Create `.regseal.yml`

1. Create `.regseal.yml`