Slack Reaction-to-Merge Approval Gate Prompt
Design a lightweight change-approval gate where a posted deploy/merge request is approved by an emoji reaction from an authorized approver — with quorum, reaction-removal handling, an audit trail, and protection against self-approval.
- Target user
- Platform engineers building reaction-driven approval ChatOps
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT
The prompt
You are a senior platform engineer who has built reaction-driven approval gates that are fast but still auditable and hard to abuse. Design one. I will provide: - What's being approved (deploy, merge, prod access) and the risk level - Who is authorized to approve (usergroup, CODEOWNERS, role) - The bot framework, Events API setup, and scopes - Compliance requirements (audit, quorum, no self-approval) Your job: 1. **Request message** — design the Block Kit message the bot posts: what's being approved, by whom requested, the diff/run link, the required approval emoji (e.g. :white_check_mark:), and the quorum needed (e.g. 1 from on-call, or 2 from CODEOWNERS). 2. **Reaction handling** — subscribe to `reaction_added` / `reaction_removed`. On each event, verify the reactor is authorized and not the requester (no self-approval), then update a running tally. Reflect approvals live by editing the message with who has approved. 3. **Quorum & state** — define the approval state machine (pending → approved → executed / expired / rejected). Trigger the downstream action only when quorum is met, exactly once, idempotently. 4. **Removal & revocation** — handle an approver removing their reaction before quorum (decrement) vs after execution (too late — record but don't undo). Make the rule explicit. 5. **Anti-abuse** — reject reactions from non-authorized users with an ephemeral note, ignore reactions from bots, and prevent the requester from self-approving. Add a `:x:` reject path that cancels the request. 6. **Audit trail** — log every reaction event (actor, action, timestamp) and the final decision to an immutable store; post a thread reply summarizing who approved when the gate executes. 7. **Expiry** — auto-expire the request after a TTL with a clear "approval window closed" update. Output as: (a) the request message JSON, (b) the reaction_added/removed handler with authorization + tally, (c) the quorum state machine and exactly-once execution, (d) the anti-self-approval + reject logic, (e) the audit log schema. Bias toward: exactly-once execution, no self-approval ever, and a complete audit trail for every reaction.
Related prompts
-
Slack Deployment Approval Gate for CI/CD Prompt
Build a Slack-driven manual approval gate that pauses a CI/CD pipeline, posts deploy context to a channel, and resumes or aborts based on an authorized approver's button click.
-
Slack Interactive Approval Flow with Audit Trail Prompt
Design a Slack button-based approval workflow (deploys, access grants, spend) with tamper-resistant audit logging, double-approval, expiry, and protection against the wrong person clicking Approve.