u/Initial_Interest5705

Demo (60 sec): https://asciinema.org/a/LDZVa0z3OVdLt7Zv The problem I kept hitting in post-mortems: "What exactly ran before the incident? When? Who authorized it?" CI logs get modified. Git tracks intent, not execution. So I built SEL Deploy: $ sel-deploy run -- kubectl apply -f deploy.yaml ✔ Hash: sel:v1.0:sha256:3541d13b... ✔ Chained to previous deployment ✔ Signed: 2026-03-03 15:40 UTC $ sel-deploy timeline 2026-03-03T15:30:00 → instant post-mortem reconstruction # someone edits a log entry manually $ sel-deploy verify ✘ Hash mismatch — attestation tampered ✘ Chain broken Zero SaaS. Fully local. MIT licensed. Built in Rust on SEL Core (33/33 tests). GitHub: https://github.com/chokriabouzid-star/sel-deploy Would love feedback from SREs — especially around incident response workflows.