Customer Story How Bitso cut change failure rate 83% while scaling delivery with coding agents
Coding Agents

Your coding agent writes, tests, and fixes in a closed loop.

Signadot gives coding agents everything they need to validate microservices code in their inner loop: ephemeral environments, agent-callable Plans and Skills, and a native MCP server.
No credit card required
Playground cluster available
Trusted by engineering teams worldwide

Agents generate code.
They can't verify it.

Without infrastructure to test against real dependencies, developers become the verification layer and AI productivity gains vanish.
unit.test mocked integration.test no services e2e.test no services

Limited to unit tests

Without real services to run against, agents can verify functions in isolation but never end-to-end behavior across your stack.
Agent · PRs PR #142 awaiting PR #143 awaiting PR #144 awaiting Review queue +12

Slower code reviews

Agents push PRs with minimal validation, leaving reviewers to confirm the code actually works.
code PR merge bug

Bugs surface post-merge

Integration issues only appear after merge, creating slow feedback cycles and disruptive fixes.

Signadot closes the loop

Give your coding agents the tools to write, test, and debug against real dependencies until their code is correct.

Spin up environment

The agent uses Signadot's MCP server to provision an ephemeral environment in your Kubernetes cluster. Local services are wired to live remote dependencies in seconds.

Write code

The agent generates code to make a change to a service.

Build and run locally

Code is built and run on the developer's machine, with traffic routed through the ephemeral environment so the local process talks to real cluster services.

Run E2E / integration tests

Integration and end-to-end tests execute against the ephemeral environment, hitting real services. No mocks, no flakes from missing dependencies.

Debug

When tests fail, the agent reads logs, captures traffic, and inspects environment state to diagnose the issue, then loops back to write the fix. Once tests pass, it publishes a validated PR.

Ephemeral env
Your Machine
Local services
MCP
K8s Cluster
Remote services
ServicesStatus
api-gatewaybaseline
payments-svcactive
auth-svcbaseline
handler.go
14func HandlePayment(w http.ResponseWriter, r *http.Request) {
15 key := r.Header.Get("Idempotency-Key")
16 if cached, ok := store.Get(key); ok {
17 json.NewEncoder(w).Encode(cached)
18 return
19 }
20 if store.IsExpired(key) {
21 http.Error(w, "key expired", 409)
22 return
23 }
24 result := processPayment(r)
25 store.Set(key, result, 24*time.Hour)
26}
~/payments-service
$ go build ./cmd/payments
→ 12 packages compiled in 1.4s
→ binary: ./bin/payments-svc
$ ./bin/payments-svc --env=pr-431
[info] listening on :8080
[info] traffic routed via env/pr-431
[info] connected → postgres@db.svc
[info] connected → redis@cache.svc
[info] connected → kafka@bus.svc
ready, receiving routed traffic
Test Results
checkout.e2epass
auth.e2epass
payment.e2efail
Assertion Error
POST /payments (expired key) returned 500
Expected: 409 Conflict
2 passed · 1 failed · 4.2s
debug · pr-431
Inspecting captured request for payment.e2e...
tail -f logs/payments-svc | grep idem
10:42:01 store.Get(key) → nil, ttl=expired
10:42:01 processPayment() called, missing IsExpired() guard
signadot capture --env pr-431 --route /payments
req POST /payments Idempotency-Key: k_842 (expired)
res 500 internal server error
Root cause: expiry check runs after processing. Reordering checks and looping back.

One cluster. Thousands of agent environments.

Signadot virtualizes environments onto your existing Kubernetes cluster. Every agent gets its own isolated stack, spinning up in seconds. No duplicated infrastructure, no coordination, no contention.
Thousands of agents
Every agent gets an isolated sandbox. Run them in parallel with no coordination or contention.
Seconds to spin up
Virtualized environments share stable dependencies in the cluster. No Docker builds. No cluster duplication.
Full-stack fidelity
Services, message queues, databases, caches - every layer an agent's code touches.
Signadot Plans

Validation, reimagined for coding agents.

Plans give coding agents fast, governed validation in their inner loop, against the real services your code ships into.
01

Define the Actions catalog.

Actions are atomic, deterministic validation building blocks, like request-http, playwright, and k6. The platform team governs which Actions are made available.
Actions catalog on GitHub
signadot/actions request-http playwright k6 check
02

signadot-plan builds a Plan from Actions.

Plans are small validation workflows an agent composes from the available actions. Commit and version them so the same validation is reused across the org.
Skills documentation
agent session > signadot-plan create a plan that walks the checkout flow and verifies the payment is captured drafting from the action catalog… ✓ created plan "checkout-flow" actions: playwright, request-http committed to .signadot/plans/ Run it now against a sandbox? (y/n)
03

signadot-validate scans the library and runs the right one.

signadot-validate reads the diff, picks the matching plan by its selection hint, and runs it in a Sandbox against real services. The agent fixes whatever broke and re-runs until it passes, before any human sees the code.
Plan-based validation quickstart
DIFF signadot-validate picks the matching plan PLAN checkout SANDBOX playwright runs against real services ✓ passed · PR ready for review
Platform-governed action catalog
Platform teams curate the actions available to coding agents, giving them a safe, expressive vocabulary to compose tests from.
Blazing fast, inner-loop ready
Plans run in seconds, fast enough for coding agents to validate every change as they iterate, not at the end of a long pipeline.
Tagged and reusable
Validated plans are tagged with selection hints that tell agents when to run them, so the same validation is rediscovered and rerun across sessions instead of rebuilt every time.

Same prompt. Very different outcomes.

Two agents given the same task. One validates with unit tests and linter. The other validates against live services on a Signadot sandbox, and catches what the first one misses.
Without Signadot
Unit tests & linter
claude - ~/location-service
Ships broken consumers
Unit tests pass. But downstream services crash on the schema change. Agent never sees the failures.
Works with every coding agent
Native MCP Server

Signadot MCP Server

Native Model Context Protocol server that any MCP-compatible agent can use. Agents reach for Sandboxes, route traffic, and inspect cluster state through natural language, alongside the Plans and Skills they call out to.
Sandbox Operations
Create, list, update, and manage sandboxes. Add fork workloads, configure local mappings, and resolve preview endpoints.
Discovery & Infrastructure
List clusters, discover in-cluster workloads and service endpoints, browse available resource plugins and devboxes.
Route Group Management
Create and manage route groups, configure sandbox labels for targeting, and resolve preview endpoints for multi-sandbox routing.
Coding Agent Claude Code, Cursor, etc. MCP SERVER Model Context Protocol Sandboxes Create & manage Fork workloads Preview endpoints Discovery List clusters Find workloads Service endpoints Routing Route groups Sandbox labels Multi-sandbox routing KUBERNETES CLUSTER sb

Coding Agents FAQ

What is a coding agent environment?

A coding agent environment is the runtime where an AI coding agent does its work: the codebase, the services it calls, the dependencies it tests against, and the routing that lets it operate alongside production-shape infrastructure without breaking anything else on the cluster. Signadot provides this environment as a per-task overlay on your existing Kubernetes cluster.

How do I give Claude Code access to real services?

Claude Code connects to Signadot through the native MCP server or the Signadot CLI. The agent calls a single command to create a per-task environment that includes the services it changed plus access to every real service in your cluster. From Claude Code, the agent can run tests, hit real endpoints, and inspect responses against production-shape data.

How does Cursor background agents work with Signadot?

Cursor background agents that run remotely need a real environment to test in. Signadot gives each background agent its own ephemeral environment with full cluster access. The agent spins up the environment, exercises it, and tears it down without contending with developers or other agents.

Does this replace local development for agents?

No. Agents can still run code locally for fast iteration. Signadot sits underneath as the integration target: the place an agent reaches when it needs to talk to a database, hit a downstream service, or run an end-to-end test. Local development and the Signadot environment share the same routing model.

How is this different from giving agents a sandbox VM?

A sandbox VM gives an agent a sealed-off box with no real services. Signadot environments are connected: the agent runs in your real Kubernetes cluster, reaches the real services and dependencies it would hit in production, and tests against production-shape topology. The agent is isolated from other tasks, not from production-shape infrastructure.

Which agents are supported?

Anything that speaks the Model Context Protocol or can shell out to a CLI. Claude Code, Cursor, Codex, Windsurf, Aider, Continue, Zed, and custom in-house agents all work. The MCP server exposes Signadot environment operations as tools the agent can call directly through natural language.

Can a platform team govern what agents can do?

Yes. Environment creation and routing happen through the Signadot control plane, which supports RBAC, audit logs, per-cluster quotas, and resource limits. Platform teams keep the guardrails. Agents get autonomy inside them.

Review verified code, not AI drafts.

Give your coding agents the environments, Plans, and Skills they need to close the loop.