Tutorial: Database Change with Risk-Based Approval Flow
Overview
Custom Approval enables organizations to implement approval workflows for database operations including schema and data changes, database creation, data export, and role requests. You define conditions and approval nodes directly on each approval flow to determine when it applies and who needs to approve.Key Features
- Condition-based routing: Define conditions on each approval flow to match specific changes
- Multi-stage approvals: Chain multiple approval nodes in sequence
- Role-based authorization: Leverage built-in or custom roles for approvals
- First-match-wins ordering: Drag-and-drop to reorder flows; the first matching flow applies
- No approval required: Optionally skip approval for certain changes
How Approval Works
The Approval Process
- Condition Matching: When a request is created, Bytebase evaluates the approval flows in order under the matching source type. The first flow whose condition matches is used
- Fallback: If no flow matches under the source type, the Fallback source type flows are evaluated as a catch-all. You can also add a catch-all flow at the end of each source type (with a broad or empty condition) to serve as a per-source-type fallback
- Sequential Approval: Approvers review and approve each node in order
- Execution: After all approvals, the request proceeds to execution (for example, deployment, database creation, data export, or role change)
Source Types
Approval flows are organized by source type:| Source | Description |
|---|---|
| Change Database | DDL and DML operations (schema changes and data modifications) |
| Create Database | Database creation operations |
| Export Data | Data export operations |
| Request Role | Role/permission request operations |
| Fallback | Catch-all flows when no source-specific flow matches |
Conditions
Each approval flow uses a condition expression built from variables like environment, project, database engine, SQL type, and affected rows. The available variables depend on the source type, and the condition builder dropdown in the UI shows all options.For Change Database, a
risk_level variable ("HIGH", "MODERATE", "LOW") is also available. It is automatically calculated by Bytebase based on the statement type. See Risk Center for details.Configuration
Navigate to CI/CD > Custom Approval. Approval flows are grouped by source type. For each source type, click Add Rule to create a new approval flow.Creating an Approval Flow
- Title (required): Name the flow descriptively (e.g., “Production DDL Review”)
- Description: Optionally describe when and why this flow applies
- Condition (required): Define when this flow triggers. You can build conditions using the visual condition builder, or click Add raw expression to write a CEL expression directly. Combine multiple conditions with Add condition or group them with Add condition group
- Approval nodes: Add one or more approval stages. Each node specifies a required role (built-in or custom role). Toggle No approval required to skip manual approval for matching changes
Ordering and Priority
Flows are evaluated in order (top to bottom) under each source type. The first matching flow wins. Drag-and-drop to reorder flows. Place more specific conditions above broader ones. If no source-specific flow matches, fallback flows are evaluated.Preset Templates
When creating a flow, preset templates are available for common scenarios. Click a template to populate the title, condition, and approval nodes automatically.Examples
| Source | Condition | Approval Nodes |
|---|---|---|
| Change Database | resource.environment_id == "prod" | Project Owner -> DBA |
| Change Database | resource.environment_id == "dev" | No approval required |
| Create Database | resource.environment_id == "prod" | DBA |
| Export Data | resource.table_name == "salary" | Project Owner |
| Request Role | resource.environment_id == "prod" | Project Owner -> DBA |
Related Settings
- Self-approval — allow issue creators to approve their own changes (disabled by default)
- Rollout policy — configure automatic vs manual rollout and plan check enforcement