I know you can have an approval step inside a “workflow” but as you can see this is a “command”, so there would need to be an approval step inside of this individual step.
What you seem to be describing is some form of event system/queue to allow a process to continue rather than a manual approval step that is part of the provided environment.
I can only guess, but it is likely that CircleCI did not want to provide manual approval features from within an active resource just consider a X-large instance that is costing maybe hundreds of credits each minute it is on hold waiting for someone to click the approve button.
As for a basic event system I have tried to put something together for my own needs as I have a nighly CI task that deploys a complete production environment starting from the creation of the underlying VM. Currently in production, this just uses a sleep command to wait 40 minutes, but I have also been trying the following
Deploy or sign up for some form of Key-Value service that can be accessed by all parts of the system. I’ve been using Doppler as I use it for other tasks.
Have your workflow start the external process, such as the deployment
Within the workflow you can then look for a known Key-Value to change in some way, while also managing a time-out solution.
The external process sets the Key-Value pair to the required value or status code when finished/failed.
The workflow sees the Key-Value change and acts on the result.
All of this depends on some type of third-party solution, but Doppler has a free tier to work with, and depending on the tools you already use Amazon’s dynamodb offering could also be an option.
I’m actually putting something together right now. Basically the pipeline will trigger the deploy and go into a waiting (approval) step. The service that is doing the deploying will run a job that notifies back to the pipeline when it succeed by simply approving that approval step. If the deployment fails it cancels the pipeline.