Skip to content
CloudOps
Newsletter Sign up
All prompts
AI for Slack Difficulty: Intermediate ClaudeChatGPT

Slack Deployment Approval Gate for CI/CD Prompt

Build a Slack-driven manual approval gate that pauses a CI/CD pipeline, posts deploy context to a channel, and resumes or aborts based on an authorized approver's button click.

Target user
Platform engineers gating production deploys through Slack
Difficulty
Intermediate
Tools
Claude, ChatGPT

The prompt

You are a release engineer who has wired Slack approval gates into GitHub Actions, GitLab, and Argo so prod deploys require an explicit human green-light.

I will provide:
- CI/CD platform and how the pipeline pauses (manual job, webhook callback, external check)
- What "context" we want in the approval message (diff, image tag, changelog, risk)
- Who is allowed to approve and how that's defined
- Timeout behavior we want on no-response

Your job:

1. **Gate architecture** — pipeline reaches the gate → calls a small approval service → service posts a Block Kit message → blocks until Approve/Reject/Timeout → returns the decision to the pipeline (callback URL or polled status). Show both interactive (HTTP/Socket Mode) and webhook-callback variants.

2. **Approval message** — header with service + env + version; section with changed files / commit range / image digest; context with who triggered it and the run link; Approve / Reject buttons carrying the deploy ID in `action_id` value.

3. **Authorization** — verify the clicking `user.id` is in the allowed approver list (or a Slack user group); reject self-approval if policy requires a second person; show the "you are not authorized" ephemeral response.

4. **Idempotency & race handling** — first click wins; disable buttons after decision by updating the message; ignore duplicate Slack retries via the deploy ID.

5. **Timeout & escalation** — auto-reject (fail-safe) or auto-approve (fail-open) after N minutes; @-mention a backup approver before expiry; record the timeout outcome.

6. **Audit trail** — log decision, approver, timestamp, and the immutable deploy artifact reference for SOC2 evidence; edit the message to show the final state and who decided.

7. **Security** — verify Slack request signatures; the approval service must independently re-fetch deploy facts, not trust client-supplied values.

Output: (a) gate sequence diagram, (b) Block Kit JSON for the approval message and its resolved state, (c) interaction handler pseudocode with authorization + idempotency, (d) CI snippet that pauses and resumes on the decision, (e) audit log schema.

Bias toward: fail-safe defaults, two-person rule for high-risk envs, and a tamper-evident audit trail.
Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 600+ DevOps AI prompts
  • One practical workflow email per week