On this page

Drift Detection — How it would work
Problem & goals
User journeys
High-level design
Shapes (provisional)
Open questions

Status: Planned

Drift Detection — How it would work

Problem & goals

Detect when real-world resources drift from the last applied configuration.
Provide safe, read-only detection with clear surfacing in CLI/UI.

User journeys

Configure drift checks per unit or prefix (schedule or on-demand).
View drift status in taco unit status and UI; inspect drift details.

High-level design

Read-only checks that fetch remote resource state via providers.
Store minimal drift metadata alongside unit records; do not block writes.
Respect locks, rate limits, and provider quotas.

Shapes (provisional)

API: POST /v1/drift/check (on-demand), GET /v1/units/:id/drift (status).
Status values: unknown | clean | drifted; timestamps; summary.

Open questions

Scheduling window; integration with remote runs for remediation.
Scope/precision for multi-provider environments.

Note: Subject to change; no timelines implied.

VCS Integration & UI (How it would work)Policies (How it would work)