Terms of Service

Effective Date: March 9, 2026

1. Acceptance of Terms

By accessing or using COMET (CANFAR Orchestration for Managed Environment Transfers), you agree to be bound by these Terms of Service. COMET is a deployment automation tool designed for scientists and researchers working with the Canadian Advanced Network for Astronomical Research (CANFAR) infrastructure. If you do not agree to these terms, you should not use the service.

2. Description of Service

COMET provides a web-based wizard that helps users configure continuous integration and continuous deployment (CI/CD) pipelines from GitHub or GitLab repositories to CANFAR. The service generates SSH key pairs, manages repository secrets or CI/CD variables, and commits workflow and template files that enable automated deployments. Users can choose templates (including None, CanDIAmazing, and Generic starters), preview or edit files before committing, and select or create deployment branches. COMET supports both tooling deployments (via rsync) and container deployments (via the Harbor registry). COMET also offers optional AI-assisted features such as template fitting, deterministic template filtering, test coverage estimation, and unit test generation. For existing repositories, COMET may overwrite files with matching paths if you proceed without renaming, excluding, or editing them first.

3. Intended Use

COMET is provided exclusively for research, academic, and scientific purposes in connection with CANFAR infrastructure. You are solely responsible for the code, data, and artifacts you deploy through the service. All deployments must comply with applicable CANFAR policies, your institutional guidelines, and relevant laws. You agree not to use COMET to distribute malicious software, unlawful content, or any material that could harm CANFAR systems or other users. You are responsible for reviewing the files COMET will commit (including template files) and for avoiding unintentional overwrites or license violations.

4. Accounts and Credentials

Use of COMET requires valid CADC credentials for CANFAR access and GitHub and/or GitLab OAuth authorization. If you choose to use Custom AI, you are also responsible for any third-party AI credentials you enter for the current browser session. You are responsible for maintaining the confidentiality of your credentials and for all activities that occur under your accounts. You agree to notify us immediately of any unauthorized use. We recommend rotating secrets periodically and limiting repository permissions to the minimum necessary scope (principle of least privilege). COMET stores GitHub Actions secrets using GitHub's encrypted secrets API and GitLab values through GitLab CI/CD variables; you should review these periodically in your repository settings. If you opt to stay signed in, your session persists only for a limited time window and can be ended by logging out or revoking OAuth access.

5. Intellectual Property

COMET does not claim any ownership rights in the code, data, or other materials you deploy through the service. You retain all rights to your intellectual property. You are responsible for ensuring that any third-party dependencies included in your deployments are properly licensed and that you have the right to deploy such materials to CANFAR.

6. Service Availability

COMET is provided on an "as is" and "as available" basis without warranties of any kind, either express or implied. We do not guarantee uninterrupted or error-free operation. The service depends on external systems including GitHub, GitLab, GitHub Actions, GitLab CI/CD, optional third-party AI providers, and CANFAR infrastructure; outages or changes to these systems may affect COMET functionality. We reserve the right to modify, suspend, or discontinue the service at any time without prior notice.

7. Security and Conduct

You agree to use COMET in accordance with the CANFAR Code of Conduct. You are responsible for reviewing workflow files, template changes, existing-file edits, and any AI-generated output before you apply them to your repository. If you discover a security vulnerability in COMET, please report it promptly to mike.cichonski@utoronto.ca. Do not exploit vulnerabilities or attempt to access systems or data beyond your authorization.

8. Limitation of Liability

To the maximum extent permitted by applicable law, COMET and its maintainers shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of data, loss of profits, or interruption of research activities, arising out of or in connection with your use of the service.

9. Modifications to Terms

We may revise these Terms of Service at any time. Material changes will be reflected on this page with an updated effective date. Your continued use of COMET after any changes constitutes acceptance of the revised terms.

10. Contact

Questions about these Terms of Service may be directed to mike.cichonski@utoronto.ca.