Governance Service Architecture
Governance Service is a Go API service deployed as one component of the Governance Platform umbrella chart. It owns the governance workflow data model and exposes APIs consumed by Governance Studio and customer integrations.
Collaboration Model
Section titled “Collaboration Model”| Dependency | Use |
|---|---|
| Auth Service | Validate bearer credentials, API keys, project access, roles, permissions, and DID-key lookups. |
| Integrity Service | Create and resolve integrity statements, governance certificates, CIDs, and lineage-related records. |
| PostgreSQL | Store governance domain data, indicators, evaluations, attachments metadata, and activity logs. |
| Object storage | Store uploaded evidence attachments. |
| EQTY PDFGen | Render policy reports when the optional PDF generation service is enabled. |
Request Flow
Section titled “Request Flow”- A user or integration calls Governance Service through the platform ingress.
- Middleware validates the bearer credential through Auth Service unless the route is public.
- Route handlers enforce organization, project, and role-aware access checks.
- Domain services read and write PostgreSQL state.
- Workflows that require integrity records call Integrity Service.
- Report-generation workflows call EQTY PDFGen when that service is enabled.
Source of Truth
Section titled “Source of Truth”For route-level truth, use the service route wiring and handler definitions from the released source ref recorded in the release manifest. Generated API reference must be regenerated from that same release ref.