Approvals

Updated 1 week ago by Michael Katz

Your Workflows can include Approval steps, which require deployments to receive approval before they can proceed. This topic covers:

Intended Audience

  • DevOps

Approval Options

Workflow Approval steps work much like Approval stages in Pipelines. The same approval mechanisms are available:

  • Jira Service Desk
  • ServiceNow
  • Harness UI
  • Custom Shell Script

This topic includes a Shell Script–based example. For details about the other mechanisms, see the Pipelines topic.

Shell Script–based Approvals

You can add approval steps in Workflows that rely on custom shell scripts. Your scripts can test for conditions that you define, and then approve or reject the deployment's progress accordingly.

As for all approval mechanisms, click Add Step in your Workflow to insert the Approval step:

From the resulting Add Command dialog, select Approval:

This opens the Approval dialog with default settings:

This dialog displays different fields, depending on your selection in the Ticketing System drop-down. For this example, set Ticketing System to Custom Shell Script:

This form of the dialog displays the following fields:

  • Ticketing System – Here, we've selected Custom Shell Script.
  • Script – Type into this field to replace the placeholder comments with your script. See Sample Script below for guidelines.
  • Retry Interval (sec) – Enter how long Harness should wait between attempts to successfully execute the script.
  • Timeout (min) – Enter how long Harness should wait for the approval before stopping the Pipeline's deployment.

Using the sample script below, your completed dialog would look something like this before you click SUBMIT:

Sample Script

Here is an example of an approval script. From the placeholder comments, note that:

  • Your script must ultimately export the environment variable HARNESS_APPROVAL_STATUS—yielding a ${HARNESS_APPROVAL_STATUS} value of APPROVED or REJECTED.
  • Harness initializes this environment variable for you. Your script is not responsible for initialization, only export.
  • Your script should be idempotent.
  • Your script should follow bash conventions.
curl "http://www.example.com/" > temp.txt
echo $?
if [ "$?" -eq "0" ]
then
export result=APPROVED;
echo $result;
else
echo "no response available. Will try in next iteration";
fi

export HARNESS_APPROVAL_STATUS=$result;

When you deploy the Workflow, the Approval step will attempt to execute your script:

Once the script executes successfully and exports a ${HARNESS_APPROVAL_STATUS} value of APPROVED, the Approval step is green in Deployments, and the deployment continues:

Once deployment is complete, the Details panel will display a log of the script's execution:

You now have a script-based approval in your Workflow that ensures that nothing is deployed without meeting the script's conditions.


How did we do?