DEV.co
Open-Source DevOps · trstringer

manual-approval

manual-approval is a GitHub Actions plugin that pauses workflows and creates approval issues assigned to specified users or teams before continuing. It offers an alternative to GitHub's native environment-based approval, working on private repositories without Enterprise requirements.

Source: GitHub — github.com/trstringer/manual-approval
655
GitHub stars
153
Forks
Go
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorytrstringer/manual-approval
Ownertrstringer
Primary languageGo
LicenseMIT — OSI-approved
Stars655
Forks153
Open issues29
Latest releasev1.13.1 (2026-06-27)
Last updated2026-07-02
Sourcehttps://github.com/trstringer/manual-approval

What manual-approval is

A Go-based GitHub Action that integrates with GitHub's API to create approval issues, poll for approver responses (matching approval/denial keywords), and conditionally advance or fail workflows. Supports user and org-team approvers, custom approval keywords, and polling configuration.

Quickstart

Get the manual-approval source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/trstringer/manual-approval.gitcd manual-approval# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Private Repo Deployment Gates

Enforce manual approval on private repository deployments without GitHub Enterprise or environment protection rules.

Release Automation with Sign-Off

Pause release pipelines to require team lead or security review approval via GitHub comments before production push.

Multi-Approver Compliance Workflows

Gate infrastructure changes or sensitive operations by requiring approval from multiple approvers (org teams or individual users) with configurable thresholds.

Implementation considerations

  • Approvers must have repository permission to be assigned issues; validation errors (HTTP 402) occur if approvers lack permissions.
  • Approval polling continues until 35-day GitHub Actions timeout or workflow timeout; ensure reasonable approver SLAs and monitoring.
  • Org-team approvers require a GitHub App token with 'read organization members' permission; default GITHUB_TOKEN insufficient.
  • Issue body file must be checked out in the same job; relative paths are relative to repository root.
  • Custom approval/denial keywords can include emojis; copy from GitHub comments for accurate Unicode representation.

When to avoid it — and what to weigh

  • Require Deployment Environment Protection — If your organization already uses GitHub Environments with protection rules and does not need private-repo support, the native feature offers tighter integration.
  • Need Windows Runner Support — Action only supports Linux runners (amd64, arm64, arm/v8); Windows/amd64 runners are explicitly unsupported.
  • Expect Sub-Minute Response Times — Approval polling defaults to 10-second intervals; tight SLA workflows may incur unnecessary API overhead or delays.
  • Have Very Large Approval Documents — Issue body file size is capped at ~125 KB before secondary rate-limit errors; very large approval context requires external documentation links.

License & commercial use

MIT License: permissive, allows commercial and private use without restrictions. Retain license and copyright notice.

MIT License is a standard permissive OSI license. Commercial use, modification, and distribution are permitted; include original license. No warranties or liability guarantees.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityLow
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Requires GitHub token (GITHUB_TOKEN or GitHub App token) passed as secret; ensure token permissions match approver scope. Approval keywords are case-insensitive and do not require cryptographic signing. Org-team support requires GitHub App with member-read permissions—verify app scope and private key handling. No mention of approval log auditing or tamper-resistant storage; approval is recorded in issue comments.

Alternatives to consider

GitHub Environments with Deployment Protection Rules

Native GitHub feature with tighter integration and audit logging; requires GitHub Enterprise for private repos and environment-based workflow design.

Custom Bot/Webhook + CODEOWNERS

Lightweight alternative using status checks and CODEOWNERS; requires custom orchestration and does not provide built-in approval UI.

Snyk/Buildkite Manual Approval Plugins

Alternative CI/CD platforms with native approval steps; platform lock-in required and not GitHub-native.

Software development agency

Build on manual-approval with DEV.co software developers

Add manual-approval to your GitHub Actions workflow to enforce sign-off on sensitive operations—no Enterprise required.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

manual-approval FAQ

Can I use this on private repositories without GitHub Enterprise?
Yes. This is a key advantage over GitHub's native environment protection, which requires Enterprise for private repo approval gates.
What happens if an approver denies the request?
By default (fail-on-denial: true), the workflow fails and halts. Set fail-on-denial: false to allow workflow continuation despite denial.
How do I approve using org teams?
Add 'org-name/team-slug' to the approvers list and provide a GitHub App token with 'read organization members' permission via the secret input.
What is the maximum approval wait time?
35 days (GitHub Actions workflow timeout) or your configured job timeout, whichever is shorter. Keep approver SLAs in mind.

Work with a software development agency

DEV.co helps companies turn open-source tools like manual-approval into production software. Our software development services cover the full lifecycle — architecture, web development, integration, and maintenance — delivered by software developers and web developers who ship. Engage our software development agency to implement or customize it for your open-source devops stack.

Gate your deployments with team approval

Add manual-approval to your GitHub Actions workflow to enforce sign-off on sensitive operations—no Enterprise required.