Designing Agent Architecture and SDLC Integration
Learn how agentic systems use GitHub workflows to build software safely.
Learning objectives
By the end of this module, you will be able to:
- Map agent responsibilities to SDLC stages and define architectural boundaries
- Define structured agent tasks using inputs, outputs, and success criteria
- Separate planning, reasoning, and execution to create inspectable and reliable workflows
- Implement pull request-based governance using templates, checks, CODEOWNERS, rules, and environments
- Design reliable workflows using outputs, contexts, triggers, and cross-job handoffs
- Operate agent systems safely using observability, tool governance, secrets boundaries, hooks, and reliability patterns
Prerequisites
Before getting started, you should have:
- A GitHub account and familiarity with repositories, branches, and pull requests
- Basic experience with GitHub Actions workflows and status checks
- A general understanding of the software development lifecycle (SDLC) (planning, implementation, validation, deployment)
- Awareness of repository governance concepts, such as required reviews, CODEOWNERS, and branch protection
Some enforcement controls (for example, rulesets/branch protection and required checks) require repository or organization administrator permissions to configure.
This module focuses on repository-level architecture (pull requests, checks, and rules). In practice, agent systems also include environment-level controls such as network access restrictions. For example, GitHub Copilot cloud agent uses a configurable firewall to limit external access. These controls define what the agent can access at runtime, while PR-based governance defines what changes are accepted.
For more information, see: Customize the agent firewall for Copilot cloud agent.