Approval Workflows

Approval workflows gate sensitive mutations. When a mutation route has an approval_config attached, changes do not write directly to the database. Instead, they generate an Approval Request that designated teams review.

The Versioned Stack

An Approval Request maintains an approval_step_nodes array. The active workflow is always the last item in the stack.

Each step has a status state machine:

  • PENDING
  • APPROVED
  • REJECTED
  • REQUEST_FOR_CHANGE

Lock Types and Lifecycle

To prevent race conditions while a request is under review, Minerva uses three lock types:

  1. Schema Lock
  2. Record Delete Lock
  3. Record Mutation Lock

Locks are created when the request is submitted, enforced during conflicting actions, and released when the approval reaches a terminal state.

Supercede Teams

An Approval Config can specify supercede_teams. Members of those teams can bypass the step-by-step flow and instantly approve or reject the entire request.

Post-Approval Execution

When the final step is approved, the system automatically executes the original mutation using a bypass_secret so the operation is not blocked by the rules that triggered the approval path.

Previous Permissions & Approvals Next Blueprint & Codeblocks