Skip to content

Governance Service Architecture

Governance Service is a Go API service deployed as one component of the Governance Platform umbrella chart. It owns the governance workflow data model and exposes APIs consumed by Governance Studio and customer integrations.

DependencyUse
Auth ServiceValidate bearer credentials, API keys, project access, roles, permissions, and DID-key lookups.
Integrity ServiceCreate and resolve integrity statements, governance certificates, CIDs, and lineage-related records.
PostgreSQLStore governance domain data, indicators, evaluations, attachments metadata, and activity logs.
Object storageStore uploaded evidence attachments.
EQTY PDFGenRender policy reports when the optional PDF generation service is enabled.
  1. A user or integration calls Governance Service through the platform ingress.
  2. Middleware validates the bearer credential through Auth Service unless the route is public.
  3. Route handlers enforce organization, project, and role-aware access checks.
  4. Domain services read and write PostgreSQL state.
  5. Workflows that require integrity records call Integrity Service.
  6. Report-generation workflows call EQTY PDFGen when that service is enabled.

For route-level truth, use the service route wiring and handler definitions from the released source ref recorded in the release manifest. Generated API reference must be regenerated from that same release ref.