Treeship
CLI reference

approve / deny

Review and act on pending approval requests.

treeship pending

List all pending approval requests.

treeship pending

Output:

Pending approvals (2)

  1. kubectl apply -f deploy.yaml
     label: deploy to prod  |  requested 2m ago
     hint: treeship approve 1

  2. stripe charge --amount 500
     label: charge customer acme  |  requested 5m ago
     hint: treeship approve 2

Use the numbered index to approve or deny a specific request.

treeship approve

Approve a pending request by number.

treeship approve 1

This creates an approval artifact, generates a single-use nonce, and passes it back to the requesting agent. The agent can then include the nonce in its action attestation to prove it had authorization.

treeship deny

Deny a pending request by number.

treeship deny 2

This creates a denial artifact. The requesting agent receives the denial and should not proceed with the action.

Approvals are single-use. If the same nonce is used in two action attestations, the second one will fail verification. This is enforced in the Rust core and cannot be bypassed.

Edit on GitHub

package

Inspect and verify .treeship session packages offline.

install / uninstall

Install and remove shell hooks for automatic attestation.

On this page

treeship pendingtreeship approvetreeship deny