I built Ota after years of watching the same thing happen: you clone a repo, follow the README, and hit a wall because the project s actual setup changed, while docs and run paths drifted out of sync.
I wanted a reliable way to make the ready-to-run and safe state explicit, not tribal, using an execution contract in `ota.yaml` that humans, CI, and AI agents can use.
So if you want to ask about how Ota works under the hood, how execution contracts are structured, onboarding pain, or where we re taking governed repo execution for AI workflows, I m here.
Ota
Hi Product Hunt! We're excited to be back.
When we first launched Ota, the goal was to make repositories easier to set up and run.
Since then, the problem has changed. Repositories are now executed by developers, CI, automation, and AI coding agents, yet each of them often reconstructs execution differently from READMEs, scripts, workflows, and scattered documentation.
We think repositories have outgrown documentation and CI alone. They now need software execution governance.
Ota gives every repository a governed, machine-readable execution contract for how software should run, what requires verification, what AI agents can safely execute, and what evidence execution should produce.
That is why we are relaunching today.
We would love your thoughts:
Where does execution drift show up most in your projects?
As AI becomes another software executor, what operational truth should every repository expose.
Thanks for checking out Ota
A native GitHub Actions integration would be huge - being able to generate or sync Ota execution contracts directly from a workflow file (or vice versa) would cut down on duplication. Right now teams using GitHub Actions still have to maintain two sources of truth, which kind of defeats the purpose of centralizing the execution contract.
@hsantaknsoaalh Agreed on the duplication problem, but we want the authority to stay one-way rather than create bidirectional sync ambiguity.
`ota.yaml` should remain canonical. Ota can inspect existing GitHub Actions workflows as onboarding evidence, while CI consumes contract-owned install and verification truth. We now also have an opt-in PR gate that fails when Ota establishes contract-to-CI drift.
Here is an intentional drift-failure demonstration: https://github.com/bobaikato/kylrix/pull/1. Its normal native and container checks pass, while the dedicated Contract-to-CI drift gate intentionally fails because the workflow restates Ota bootstrap truth instead of consuming it from the contract.
The stronger next step is generating a thin GitHub Actions projection from the contract, so workflow YAML becomes an adapter rather than another source of execution truth.
Which would help you more initially: importing an existing workflow into a reviewable contract candidate, or generating the minimal GitHub workflow from an existing `ota.yaml`?
@hsantaknsoaalh Another question: Would you want Ota to generate the entire workflow, or only contract-owned verification jobs while your team retains triggers, permissions, and deployment jobs?
Would love to see a GitHub PR check that fails when the execution contract in Ota drifts from what the actual workflow files do, basically a built-in diff alert. Catches the exact problem you are solving but without anyone having to remember to run a compare.
Ota
@murathyzm Yes. Ota now has an opt-in GitHub PR gate that runs automatically and fails when it establishes drift between the repo's execution contract and its CI workflows.
Here is a live demonstration: Kylrix PR #1. Its Ubuntu, macOS, and Windows native checks and Ubuntu container check are green. Only the dedicated Contract-to-CI drift gate is intentionally red, with `OTA_CI_BOOTSTRAP_TRUTH_DUPLICATED`, because the workflow restates Ota bootstrap truth instead of consuming it from the contract. Which drift causes you the most pain: install/bootstrap, missing verification, or changed verification commands?
Having a single machine-readable contract that both my team and AI agents can reference actually cut my onboarding time for new repos in half this week. Surprised how cleanly it slots into existing CI without rewrites.
finally something that stops the ai from just guessing at how to run my repo. the execution contract idea feels super practical honestly
Ota
@rdvantunzwcz1 That's exactly what we were going for. Ota is not another layer of abstraction, just a clear contract the repo can speak for itself through. Really glad it lands that way. What does your current setup look like?
Congrats on the launch. For me, it's most common in longer context chats and typically when I ask the LLM to perform the execution of a process like an OTA update or dependency management.
Ota
@abiodunt97 That's the gap Ota sits in: giving the agent a contract to work against instead of letting it infer from context that's already stretched thin. Is it usually a specific type of dependency or execution step where you see it go wrong most?