Concept | Sign-off process¶
A sign-off process ensures that model versions and bundles have the proper approval before being deployed. Let’s see how the sign-off process works in Dataiku Govern.
In the standard workflow, model versions and bundles have the sign-off process built into certain steps. You can recognize the sign-off step(s) in the workflow by its tagged state.
Types of reviews¶
There are two types of reviews: feedback reviews and final approvals.
Feedback reviews are optional. You do not need any feedback reviews to have a final approval. However, they are useful if you want input on how to make improvements. Feedback reviews also provide additional information to help Final Approvers make informed decisions.
Only the final approval is checked by the Deployer node. You can add multiple approvers, but only one final approval can be submitted in the process for the Deployer node to recognize the approval.
Both feedback reviews and final approvals provide a history of authorization that keeps processes transparent, traceable, and accountable.
You can add specific reviewers in the parent project of the model version or bundle that you plan to deploy. In the project overview, edit the Sign-off reviewers and approvers section to assign users and/or groups to the sign-off.
By default, Dataiku Govern includes IT & Operations, Risk & Compliance, and Business reviewers. You can change this in the Blueprint Designer if using Advanced Dataiku Govern.
Starting the review¶
In the sign-off step of the workflow, you can initiate the sign-off. The feedback review is started when you select Request Feedback.
The Request feedback window provides checkboxes to choose whether or not to send an email notification to reviewers. The requests will become active regardless of what you choose here.
The final approval process is started when you select Request Final Approval.
Adding a review¶
To submit a review, you can click the link in the email or open the sign-off step in the relevant Dataiku item. Once you have submitted your review, you can edit it, delete it, or add an additional review. Note that you cannot add more than one final approval.
If you know that someone else is better suited to review or approve the item, you can delegate the review. In other words, you can request that someone else review it.
Importantly, the Final Approver sets the sign-off status to Approved, Rejected, or Abandoned.
If the sign-off is Abandoned, you can select one of the following options:
Reset sign-off, which removes any previous data and starts the sign-off process over again.
Cancel abandon, which “undoes” the abandonment and restores all prior reviews.
If you are not ready to give the final approval and wish to return to the feedback stage of the sign-off, you can select Go back to feedback stage from the vertical dot menu.
How does the sign-off in Dataiku Govern affect deployment? Well, that depends on the Govern Policy in your instance.
The Govern Policy is defined in the Deployer node. There are three possible Govern Policies:
Prevent the deployment of unapproved packages.
Warn and ask for confirmation before deploying unapproved packages.
Always deploy without checking.
If Dataiku Govern and Dataiku Deploy have not been linked and a Govern Policy has not been chosen, an administrator can configure this using the reference documentation on sign-offs.
After a certain amount of time, you might want to start the sign-off process again to check for and prevent something like deployment bias. To do this, you can reset the sign-off. This removes any previous sign-off history and restarts the process.
Schedule reset (Advanced License Only)¶
You can also schedule regular sign-off resets.
To create the schedule, you can either create a schedule in the sign-off itself for an item, or create a schedule in the Blueprint Designer. When creating a schedule in the Blueprint Designer, be mindful that the schedule will be applied to any Govern item that uses that blueprint.