01
The repo.
Orchestrator and sub-agents as ADK modules in your version control, with the PR history and the architecture diagram named to your domain.
APPROACH · METHODOLOGY
How We Ship a Production Agent in 6 Weeks.
Discovery, build, evals, governance review, production deploy. The repo, configs, and evals come with you.
Week 1-2
Phase 01
Discovery & data
Week 3-4
Phase 02
Build & evals
Week 5
Phase 03
Staging & governance review
Week 6
Phase 04
Production deploy
Phase 01 · Week 1-2
DISCOVERY & DATA
Week 1-2: Discovery and data.
We arrive with the questions. You arrive with access. By the end of week two, we've named the use case, mapped the data path, and signed off on the security posture before a line of code is written.
#use-case
Use-case scoping.
One workflow, named to your domain. We map the orchestrator topology, identify the tools the agent will call, and write the success metric your CFO already tracks. The output of week one is a one-page architecture diagram and a typed interface contract, both reviewed against your house style.
If the use case is wrong, this is when we say so. We'd rather kill scope in week one than ship something your team won't operate.
#data-identity
Data and identity readiness.
What data the agent reads, where it lives, who owns it, how it's classified. We map the IAM principals, the CMEK keys, the BAA scope where it applies, and the subprocessor list. The output is a data-handling matrix your security review team accepts as the source of truth.
Phase 02 · Week 3-4
BUILD & EVALS
Week 3-4: Build and evals.
Code lands in your repo as pull requests, not zips. The eval harness lands the same week. Both are wired to your CI before the first agent response is generated against real data.
#adk-code
ADK code in your repo.
The orchestrator and its sub-agents land as ADK Python v1.32 modules in a structure your platform team can read on day one. PR-by-PR, reviewed against your style guide. No vendored binaries, no proprietary harness, just the SDK Google publishes.
#evals
Eval harness from sprint one.
Golden-set regressions, agent-trace inspection, and policy-gate assertions wired to your CI by Friday of week three. The harness blocks merges that regress agreed metrics, same shape your code review process already enforces for code, applied to agent behavior. The harness is yours.
Phase 03 · Week 5
STAGING & GOVERNANCE
Week 5: Staging and governance review.
The agent runs in staging against production-shaped data while your security and compliance teams walk the audit binder line by line. By Friday, the registry entry is written and Model Armor is enforcing policy at the gateway.
#registry
Agent Registry enrollment.
Name, owner, policy class, data-handling tier, eval set. The registry entry is the typed inventory your auditor walks through, and the artifact your security team queries before any new tool is added. Not a wiki page. A typed record.
#model-armor
Model Armor policies.
Model Armor is configured as the gateway in front of the agent. Not a sidecar, not a wrapper. The actual ingress. Prompt-injection screening, jailbreak detection, sensitive-data redaction, per-agent allow-lists. Configured against your data classification policy. Every decision is logged; the registry references those logs by agent name.
Phase 04 · Week 6
PRODUCTION DEPLOY
Week 6: Production deploy.
Cutover with rollback. Observability piped to the stack you already operate. The named SE stays on-call through the first 72 hours; your platform team takes the pager from there.
#runtime
Agent Runtime release.
Autoscaled, regionally pinned, with first-class A2A and tool invocation. Terraform modules in your IaC repo. Release pipeline gated by the eval harness; no merge without a green run. A documented rollback that takes ninety seconds.
#observability
Observability handover.
Cloud Logging, OpenTelemetry traces, custom metrics on the four signals that matter for agents: decision latency, tool-call success rate, eval-score drift, and per-decision cost. Wired to the dashboard your on-call already opens. The handover is a one-hour walkthrough; the rest is in the repo.
DELIVERABLES
What you get at the end.
Four artifacts in your organization, owned by your team, documented for the engineers who will operate them.
02
Runtime configuration.
Terraform modules for Agent Runtime, A2A endpoints, IAM bindings, and CMEK keys. Applied in your IaC pipeline.
03
Eval suite.
Golden sets, regression harness, and policy-gate assertions wired to your CI. Owned by your team. Extended by your team.
04
Governance bundle.
Agent Registry entry, Model Armor policy bundle, audit binder, subprocessor list, incident-response runbook.
METHODOLOGY · PDF
Download the methodology PDF.
The full six-week walkthrough. Sample artifacts, sample registry entries, sample evals.
We'll email it from a Resend address. No marketing follow-up unless you ask.
Book a 2-week ADK Pilot.
One agent, one workflow, your code at the end of it. Named SE on the call within two business days.