Governed CI/CD pipeline demonstrating policy-driven delivery, GitOps releases, supply-chain integrity, and risk-based governance practices using a full-stack reference application.