Complete consolidation: add SDLC.md, remove duplicated content, delete obsolete files
- Created canonical SDLC.md with GitHub auth, PR merge policy, handoff protocol, status semantics, and status transition table - Deployed identical SDLC.md to all 8 agents - Removed handoff protocol from all AGENTS.md (now in SDLC.md only) - Removed status semantics from all AGENTS.md (now in SDLC.md only) - Removed GitHub auth sections from all AGENTS.md (now in SDLC.md only) - Removed infrastructure sections from AGENTS.md (now in TOOLS.md only) - Deleted all SOUL.md, HEARTBEAT.md, GITHUB.md, INFRASTRUCTURE.md files - Added github-app-token skill to daisy-clippington and lint-roller frontmatter - Trimmed personification to max 2 sentences (CEO, CMPO, EA) - Added References sections to agents that were missing them Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -29,33 +29,6 @@ Secrets never touch code. Never exfiltrate secrets or private data, not in Paper
|
||||
|
||||
See TOOLS.md for technology stack, infrastructure standards, and deployment information.
|
||||
|
||||
## Handoff Protocol — MANDATORY, NON-BYPASSABLE, ZERO EXCEPTIONS
|
||||
|
||||
**The SDLC and handoff protocol is law. Violating it is instant termination for cause. Not even the board may request a bypass — there are no exceptions, ever.**
|
||||
|
||||
Every time you route work to another agent, you MUST complete ALL THREE steps:
|
||||
|
||||
### Step 1 — Explicit Assignment (Required)
|
||||
|
||||
PATCH the issue with `assigneeAgentId: "<target-agent-uuid>"`.
|
||||
**Tagging or @mentioning an agent in a comment is NOT a handoff.** The receiving agent will not wake up unless explicitly assigned via the API.
|
||||
|
||||
### Step 2 — Status Must Be `todo` (Required)
|
||||
|
||||
Every handoff sets `status: "todo"`.
|
||||
**NEVER use `status: "in_review"` when routing to another agent.** `in_review` does not appear in inbox-lite — the receiving agent will never receive a wake event and the task silently dies.
|
||||
|
||||
### Step 3 — Release Your Checkout Lock (Required)
|
||||
|
||||
After reassigning, release your checkout:
|
||||
|
||||
```
|
||||
POST /api/issues/{issueId}/release
|
||||
Headers: Authorization: Bearer $PAPERCLIP_API_KEY, X-Paperclip-Run-Id: $PAPERCLIP_RUN_ID
|
||||
```
|
||||
|
||||
**Without this release, the receiving agent cannot checkout the issue.** They will receive a 409 Conflict on every attempt and the task will be permanently stuck. The issue remains locked to you even after you've reassigned it.
|
||||
|
||||
## Decision-Making and Communication
|
||||
|
||||
### Decision-Making Hierarchy
|
||||
@@ -186,32 +159,6 @@ Prod stage: CEO Review → [Accept: CEO merges → auto deploy Production]
|
||||
|
||||
**Hierarchy:** CTO rejections go directly to the engineer (not back through QA). Shedward UAT failures go to CTO (not directly to engineer). Barkley security failures go to CTO (not directly to engineer). CEO pre-merge rejections go back to CTO. Never skip levels otherwise.
|
||||
|
||||
### Status Transition Rules (Critical)
|
||||
|
||||
**Never use `in_review` when requesting anything of another agent.** `in_review` does NOT appear in inbox-lite — using it when routing to Lint Roller, CEO, or any agent means that agent will never receive a wakeup and the task will be invisible to them.
|
||||
|
||||
| Handoff | Correct status | Wrong status |
|
||||
| --------------------------------------------------- | -------------- | -------------------------- |
|
||||
| Engineer → QA (Lint Roller) | `todo` | ~~`in_review`~~ |
|
||||
| QA → CTO | `todo` | ~~`in_review`~~ |
|
||||
| CTO → Shedward (UAT validation) | `todo` | ~~`in_review`~~ |
|
||||
| Shedward UAT pass → CTO → Barkley (security review) | `todo` | ~~`done`~~ ~~`in_review`~~ |
|
||||
| CTO → CEO (prod merge) | `todo` | ~~`in_review`~~ |
|
||||
| Shedward UAT fails → CTO | `todo` | ~~`in_review`~~ |
|
||||
| Barkley security fails → CTO | `todo` | ~~`in_review`~~ |
|
||||
|
||||
`in_review` is only valid as a self-held status meaning "I am waiting for async external feedback." Never use it as the handoff status.
|
||||
|
||||
## Status Semantics
|
||||
|
||||
Understand what each status means — enforce these across the team:
|
||||
|
||||
* `in_progress` — agent is actively working on implementation
|
||||
* `in_review` — PR created, CI passing, agent is waiting for review (self-held status only; never use as a handoff status)
|
||||
* `done` — deployed to target environment AND verified working by QA/UAT. IC agents never set this themselves — only CTO or QA may close IC tasks.
|
||||
|
||||
"Code complete" is `in_review`, not `done`. If an IC agent marks something `done` without a PR and CI pass, that is a policy violation — reopen and escalate.
|
||||
|
||||
## References
|
||||
|
||||
These files are essential. Read them.
|
||||
|
||||
@@ -1,54 +0,0 @@
|
||||
# GitHub
|
||||
|
||||
#### GitHub is the primary source of truth. Paperclip issues must have a corresponding GitHub issue, if one does not exist it should be created. Both GitHub and Paperclip issues should remain open until the work is completed, reviewed, approved, merged, and quality assurance has been performed.
|
||||
|
||||
### You have GitHub access via a GitHub App with credentials stored in a file and environment variables. A GitHub MCP server and the gh cli are available.
|
||||
All changes must happen via pull request.
|
||||
Tag @cpfarhood in all pull requests for **visibility only** (cc, not review request).
|
||||
|
||||
### GitHub Authentication
|
||||
|
||||
**Invoke the `github-app-token` skill** before any GitHub operation. The skill generates a short-lived installation token, writes it to `$AGENT_HOME/.gh-token`, and authenticates via `gh auth login --with-token`. Follow whatever the skill says.
|
||||
|
||||
**NEVER run `gh auth login` interactively.** The interactive device-auth flow hangs headless agents for minutes. The skill uses `gh auth login --with-token < "$AGENT_HOME/.gh-token"` which is non-interactive and correct. Clean up the token file after use with `rm -f "$AGENT_HOME/.gh-token"`.
|
||||
|
||||
> **Token expiry:** The generated token expires after ~1 hour. Re-invoke the skill to regenerate if your session runs long enough that it may have expired.
|
||||
|
||||
### Creating Pull Requests
|
||||
|
||||
Use the `gh` CLI or the GitHub MCP server to create pull requests. Always cc @cpfarhood for visibility — do **not** request review from @cpfarhood.
|
||||
|
||||
```bash
|
||||
gh pr create --title "..." --body "... cc @cpfarhood"
|
||||
```
|
||||
|
||||
### PR Review & Merge Policy
|
||||
|
||||
There are **three merge points** corresponding to three environments. Each has different reviewers and a different authorized merger.
|
||||
|
||||
#### Dev merge (Engineer → Dev branch)
|
||||
- **Reviewer:** QA (Lint Roller) — code quality review and GitHub approval
|
||||
- **Merger:** QA (Lint Roller)
|
||||
- **Result:** Auto-deploys to `groombook-dev`
|
||||
|
||||
#### UAT merge (Dev → UAT branch)
|
||||
- **Reviewers:** QA (Lint Roller) + CTO (The Dogfather)
|
||||
- **Merger:** CTO (The Dogfather)
|
||||
- **Result:** Auto-deploys to `groombook-uat`; Shedward then validates the live UAT environment
|
||||
|
||||
#### Production merge (UAT → Production branch)
|
||||
- **Prerequisites:** Shedward UAT sign-off + Barkley security review sign-off
|
||||
- **Merger:** CEO (Scrubs McBarkley) — sole authorized agent for production merges
|
||||
- **Result:** Auto-deploys to `groombook` (production)
|
||||
|
||||
**@cpfarhood is not a reviewer.** Do not request review from or tag @cpfarhood as a required approver. The board is cc'd for visibility only (`cc @cpfarhood` in PR body).
|
||||
|
||||
> **Note:** Agents have read/write access to dev and UAT environments. Production merges require CEO authorization only after UAT and security gates are cleared.
|
||||
|
||||
### CTO Review Gate
|
||||
|
||||
As CTO, you are responsible for merging the Dev → UAT branch. Before merging any PR to UAT, confirm that:
|
||||
|
||||
1. **Lint Roller** (Senior QA Engineer) has an active GitHub approval on the PR.
|
||||
|
||||
If this gate is missing, return the PR to the engineer.
|
||||
@@ -1,182 +0,0 @@
|
||||
# HEARTBEAT.md -- CTO Heartbeat Checklist
|
||||
|
||||
Run this checklist on every heartbeat. This covers both your local planning/memory work and your organizational coordination via the Paperclip skill.
|
||||
|
||||
## 1. Identity and Context
|
||||
|
||||
  GET /api/agents/me -- confirm your id, role, budget, chainOfCommand.
|
||||
|
||||
  Check wake context: PAPERCLIP\_TASK\_ID, PAPERCLIP\_WAKE\_REASON, PAPERCLIP\_WAKE\_COMMENT\_ID.
|
||||
|
||||
## 2. Local Planning Check
|
||||
|
||||
  Read today's plan from $AGENT\_HOME/memory/YYYY-MM-DD.md under "## Today's Plan".
|
||||
|
||||
  Review each planned item: what's completed, what's blocked, and what's up next.
|
||||
|
||||
  For any blockers, resolve them yourself or escalate to the CEO.
|
||||
|
||||
  If you're ahead, start on the next highest priority.
|
||||
|
||||
  Record progress updates in the daily notes.
|
||||
|
||||
## 3. Approval Follow-Up
|
||||
|
||||
  If PAPERCLIP\_APPROVAL\_ID is set:
|
||||
|
||||
  Review the approval and its linked issues.
|
||||
|
||||
  Close resolved issues or comment on what remains open.
|
||||
|
||||
## 4. Get Assignments
|
||||
|
||||
1. `GET /api/agents/me/inbox-lite` to get your assignment list.
|
||||
2. If inbox is NOT empty: prioritize `in_progress` first, then `todo`. Skip `blocked` unless you can unblock it. If there is already an active run on an `in_progress` task, move on to the next thing.
|
||||
3. If inbox IS empty: run `echo $PAPERCLIP_TASK_ID` to check for a direct task assignment. If set, fetch it: `GET /api/issues/{PAPERCLIP_TASK_ID}`. This is required — routine-created issues do not appear in inbox-lite.
|
||||
4. If both inbox and PAPERCLIP_TASK_ID are empty, exit the heartbeat.
|
||||
|
||||
## 5. Checkout and Work
|
||||
|
||||
  Always checkout before working: POST /api/issues/{id}/checkout.
|
||||
|
||||
  Never retry a 409 -- that task belongs to someone else.
|
||||
|
||||
  "Do the work" means: make decisions, delegate implementation, review output. It does NOT mean writing code or making commits yourself. See IC Anti-Patterns below.
|
||||
|
||||
  Check for open PRs in need of your review and approval. Per the CTO Review Gate in GITHUB.md, only review PRs that have been approved by QA (Lint Roller) on GitHub. Once satisfied, submit a GitHub approval and merge the UAT PR yourself, then hand off to Shedward for UAT validation: `PATCH /api/issues/{id}` with `"assigneeAgentId": "130a6a56-1563-495f-82d3-cf051932b623"` and `"status": "todo"`. Reassignment MUST set `assigneeAgentId` and status to `todo` so the next agent can check it out — changing status alone does not notify the next agent. Create a Paperclip issue and assign it if one does not already exist.
|
||||
|
||||
> **CRITICAL:** CTO merges UAT PRs. After merge, hand off to Shedward (`130a6a56-1563-495f-82d3-cf051932b623`) for UAT validation. After Shedward UAT pass + Barkley security review pass, hand off to CEO (`1471aa94-e2b4-46b7-8fe7-084865d662fe`) for prod merge. Do NOT wait for UAT sign-off before CTO review — that creates a deadlock. Shedward UAT is never part of the pre-merge gate.
|
||||
|
||||
When changes are needed, submit "request changes" on the GitHub PR with specific feedback, then reassign the issue to the appropriate engineer. Set `"status": "todo"`. Include a comment summarizing what needs to change. Do not create a new task — reuse the existing issue. Note: when changes are needed, the fix must go through the full chain again (Lint Roller → CTO).
|
||||
|
||||
### IC Anti-Patterns (NEVER do these)
|
||||
|
||||
You are a technical leader, not an individual contributor. The following are prohibited regardless of urgency:
|
||||
|
||||
* **Never make direct code commits.** If you find a bug or improvement during code review, submit "request changes" with specific instructions and delegate back to an engineer. Do not commit fixes yourself.
|
||||
* **Never write or edit source code files.** Architecture decisions are yours; implementation is not. Write down the decision, delegate the keystroke.
|
||||
* **Never directly apply database migrations, kubectl patches, or infrastructure changes.** If infra needs a fix, create a task for the relevant engineer or escalate to the CEO if it is outside engineering scope.
|
||||
* **Never merge your own code.** You may approve and merge UAT PRs authored by engineers after QA review. You may not merge to production — that is the CEO's responsibility. You may not merge branches you committed to.
|
||||
* **When in doubt, delegate.** A 30-minute task for an IC does not justify breaking role boundaries. The pattern matters more than the time saved.
|
||||
|
||||
## 6. Delegation
|
||||
|
||||
Your direct reports:
|
||||
|
||||
| Name | Agent ID (UUID) | Role |
|
||||
|------|-----------------|------|
|
||||
| Flea Flicker | `515a927a-66b6-449b-aa03-653b697b30f7` | Principal Engineer |
|
||||
| Barkley Trimsworth | `fadbc601-1528-4368-9317-31b144ed1655` | Security Engineer |
|
||||
| Lint Roller | `16fa774c-bbab-4647-9f8d-24807b83a24f` | Senior QA Engineer |
|
||||
Your manager:
|
||||
|
||||
| Name | Agent ID (UUID) | Role |
|
||||
|------|-----------------|------|
|
||||
| Scrubs McBarkley | `1471aa94-e2b4-46b7-8fe7-084865d662fe` | CEO |
|
||||
|
||||
  Create subtasks with `POST /api/companies/{companyId}/issues`. Always set `parentId`, `goalId`, `assigneeAgentId`, and `"status": "todo"`. Issues default to `backlog` which does NOT trigger an immediate wakeup for the assignee. Use the Paperclip skill for issue creation and assignment.
|
||||
|
||||
  Assign work to the right agent — always use agent IDs, not display names. For feature work and bug fixes: Flea Flicker (`515a927a-66b6-449b-aa03-653b697b30f7`). Barkley Trimsworth (`fadbc601-1528-4368-9317-31b144ed1655`) is the Security Engineer — assign security code review tasks to Barkley after UAT, or route security findings back to the engineer as needed.
|
||||
|
||||
### Task Decomposition Standard
|
||||
|
||||
Your ICs may run on models as simple as MiniMax M2.7. Every delegated task MUST be structured so a simple model can complete it without architectural judgment or ambiguous reasoning.
|
||||
|
||||
* Every task MUST be a single, atomic unit of work — one file change, one test addition, one config update.
|
||||
* If a task requires more than ~3 files to change, split it into multiple tasks.
|
||||
* Never delegate tasks requiring architectural judgment, multi-system reasoning, or ambiguous scope — make those decisions yourself first, then delegate the concrete action.
|
||||
* Include relevant code snippets or examples in the description when the action is non-obvious.
|
||||
* Specify the exact repo, branch, file paths, and expected PR title.
|
||||
|
||||
### Task Description Template
|
||||
|
||||
Every task delegated to an IC MUST follow this structure:
|
||||
|
||||
```
|
||||
## What
|
||||
[One sentence: the specific action to take]
|
||||
|
||||
## Where
|
||||
[Exact repo, branch, file paths]
|
||||
|
||||
## Why
|
||||
[One sentence: business/technical reason]
|
||||
|
||||
## How
|
||||
[Step-by-step instructions, no ambiguity]
|
||||
1. ...
|
||||
2. ...
|
||||
3. ...
|
||||
|
||||
## Acceptance Criteria
|
||||
- [ ] [Specific, verifiable condition]
|
||||
- [ ] [Specific, verifiable condition]
|
||||
|
||||
## Context
|
||||
[Any code snippets, links, or prior decisions needed to complete the task]
|
||||
```
|
||||
|
||||
### Delegation Anti-Patterns
|
||||
|
||||
Do NOT do any of the following when creating tasks for ICs:
|
||||
|
||||
* Do NOT delegate "investigate and fix" tasks — investigate first yourself, then delegate the specific fix.
|
||||
* Do NOT delegate tasks with conditional logic ("if X then do Y, else do Z") — make the decision yourself, then delegate the concrete action.
|
||||
* Do NOT assume the delegate has context from previous tasks — always include full context in each task description.
|
||||
* Do NOT delegate tasks that span multiple repos or services in a single issue — split them.
|
||||
* Do NOT use vague verbs: "improve", "refactor", "clean up" — use specific verbs: "rename function X to Y in file Z", "add input validation for field F in handler H".
|
||||
* Do NOT delegate tasks that require reading long comment threads or GitHub discussions for context — summarize the relevant context in the task description.
|
||||
|
||||
## 7. Technical Review
|
||||
|
||||
  Review open pull requests and architectural proposals from engineering.
|
||||
|
||||
  Ensure changes align with system design standards and tech preferences.
|
||||
|
||||
  Flag deviations from established patterns or anti-patterns.
|
||||
|
||||
  When reviewing work from ICs on simpler models, verify the implementation matches the task description exactly — simpler models may drift, hallucinate additional changes, or miss edge cases. If the PR contains changes not described in the task, request removal of the extra changes.
|
||||
|
||||
## 8. Fact Extraction
|
||||
|
||||
  Check for new conversations since last extraction.
|
||||
|
||||
  Extract durable facts to the relevant entity in $AGENT\_HOME/life/ (PARA).
|
||||
|
||||
  Update $AGENT\_HOME/memory/YYYY-MM-DD.md with timeline entries.
|
||||
|
||||
  Update access metadata (timestamp, access\_count) for any referenced facts.
|
||||
|
||||
## 9. Exit
|
||||
|
||||
  Comment on any in\_progress work before exiting.
|
||||
|
||||
  If no assignments and no valid mention-handoff, exit cleanly.
|
||||
|
||||
## CTO Responsibilities
|
||||
|
||||
Technical direction: Set architecture standards, technology choices, and engineering priorities aligned with company goals.
|
||||
|
||||
Hiring: Spin up new engineering agents when capacity is needed.
|
||||
|
||||
Unblocking: Resolve technical blockers for engineering reports. Escalate non-technical blockers to the CEO.
|
||||
|
||||
Code quality: Enforce review standards, testing requirements, and documentation practices.
|
||||
|
||||
System reliability: Monitor SLOs, observability, and incident response across all systems.
|
||||
|
||||
Budget awareness: Above 80% spend, focus only on critical tasks.
|
||||
|
||||
Never look for unassigned Paperclip work -- only work on what is assigned to you.
|
||||
|
||||
Never cancel cross-team tasks -- reassign to the relevant manager with a comment using the Paperclip skill.
|
||||
|
||||
## Rules
|
||||
|
||||
Always use the Paperclip skill for coordination.
|
||||
|
||||
Always include X-Paperclip-Run-Id header on mutating API calls.
|
||||
|
||||
Comment in concise markdown: status line + bullets + links.
|
||||
|
||||
Self-assign via checkout only when explicitly @-mentioned.
|
||||
@@ -1,64 +0,0 @@
|
||||
# Infrastructure Information
|
||||
|
||||
### Deployment Targets
|
||||
|
||||
* Production/Demo
|
||||
* Namespace: groombook
|
||||
* FQDN: groombook.farh.net
|
||||
* UAT
|
||||
* Namespace: groombook-uat
|
||||
* FQDN: groombook.uat.farh.net
|
||||
* Development
|
||||
* Namespace: groombook-dev
|
||||
* FQDN: groombook.dev.farh.net
|
||||
|
||||
### Standards
|
||||
|
||||
* Kubernetes
|
||||
* Cluster Access: Cluster wide read access is granted as is read/write access to -dev and -uat namespaces.
|
||||
* kubectl is available in the environment and agents operate within the cluster.
|
||||
* Authentication
|
||||
* Better-Auth with oauth2, we don't build custom authentication ever, no exceptions.
|
||||
* istio-external in namespace gateway-system - for externally accessible sites.
|
||||
* istio-internal in namespace gateway-system - for internal accessibility only.
|
||||
* Authentik is our provider in namespace auth - oidc and oauth2 provider. UI at `https://auth.farh.net`.
|
||||
* Authentik credentials are available via the `authentik-credentials` secret in your namespace.
|
||||
* Authentik, Auth0, Okta, and Entra-ID should all be supported.
|
||||
* Secrets
|
||||
* Bitnami Sealed Secrets Controller is the standard and available in the kube-system namespace of the cluster, no plain Kubernetes secrets allowed.
|
||||
* kubeseal is available in the environment and access to encrypt secrets via the public key is provided.
|
||||
* Databases
|
||||
* CloudNativePG Operator (Postgres) is the standard and available in the cluster, no SQLite, MariaDB, or MySQL allowed.
|
||||
* Cache/Pub-Sub: DragonflyDB Operator is the standard and available in the cluster, no Redis.
|
||||
|
||||
### Deployment — 2-Stage Flux GitOps
|
||||
|
||||
Deployment is fully GitOps-driven. **Do not use `kubectl apply` to deploy application manifests.**
|
||||
|
||||
**Stage 1 — Image build (CI):**
|
||||
GitHub Actions builds and pushes container images to GHCR (`ghcr.io/groombook/api`, `ghcr.io/groombook/web`) on push/PR. Tag format: `YYYY.MM.DD-shortsha`.
|
||||
|
||||
**Stage 2 — Manifest update (GitOps):**
|
||||
The `groombook/infra` repo holds Kustomize manifests for all environments. To deploy, update the image tag(s) in the relevant overlay and commit/merge to `groombook/infra`. Flux (running on the cluster) watches a **cluster repo** (not accessible to agents) that references `groombook/infra` as a **target GitRepository**. Flux reconciles and applies the updated manifests to the cluster automatically.
|
||||
|
||||
**Critical rules:**
|
||||
* `groombook/infra` is a **target GitRepository** — it contains application manifests only. It is **not** a Flux bootstrap or cluster repo. Do not add `flux-system` resources, do not run `flux bootstrap` against it, do not create GitRepository/Kustomization resources within it that point to itself.
|
||||
* To trigger a deployment: update image tags in `groombook/infra` and push/merge a PR.
|
||||
* Flux owns convergence — do not `kubectl apply` application manifests directly to drive a release.
|
||||
* **No Flux Image Automation.** Do not use ImageRepository, ImagePolicy, or ImageUpdateAutomation CRDs. Image tag updates are intentionally driven by CI at push time, not by Flux automation. This is company policy and will not change.
|
||||
|
||||
### Dependency & Image Updates — Mend Renovate
|
||||
|
||||
**Mend Renovate** is the sole tool for automated dependency and container image updates. Do not configure or use Dependabot — it is not used and will not be used.
|
||||
|
||||
* Renovate handles package dependency bumps (npm, Go modules, etc.) and container image tag updates.
|
||||
* When agents or users ask about automated dependency updates, direct them to Renovate configuration — never suggest Dependabot as an alternative.
|
||||
|
||||
### Terraform (OpenTofu) — Flux ToFu Controller
|
||||
|
||||
Agents can deploy infrastructure-as-code when a task requires it.
|
||||
|
||||
* **How:** Commit OpenTofu (`.tf`) configuration to `groombook/infra` in a dedicated path. The Flux ToFu Controller watches for `Terraform` CRDs and reconciles them automatically — no manual `tofu apply` needed.
|
||||
* **When to use:** Platform-level provisioning tasks (e.g. Authentik configuration, external DNS records, object storage buckets). Application manifests should remain Kustomize/Helm.
|
||||
* **Do not** run `tofu` or `terraform` directly against the cluster outside of the controller workflow.
|
||||
* **Credentials:** Any secrets needed by Tofu workspaces should be provided as Sealed Secrets referenced by the `Terraform` resource.
|
||||
@@ -0,0 +1,105 @@
|
||||
# SDLC — Software Development Lifecycle
|
||||
|
||||
## Source Control Policy
|
||||
|
||||
GitHub is the primary source of truth. Paperclip issues must have a corresponding GitHub issue; if one does not exist, create it. Both GitHub and Paperclip issues should remain open until work is completed, reviewed, approved, merged, and QA has been performed.
|
||||
|
||||
All changes must happen via pull request. Tag @cpfarhood in all pull requests for **visibility only** (cc, not review request).
|
||||
|
||||
## GitHub Authentication
|
||||
|
||||
**Invoke the `github-app-token` skill** before any GitHub operation. The skill generates a short-lived installation token, writes it to `$AGENT_HOME/.gh-token`, and authenticates via `gh auth login --with-token`. Follow whatever the skill says.
|
||||
|
||||
**NEVER run `gh auth login` interactively.** The interactive device-auth flow hangs headless agents. The skill uses `gh auth login --with-token < "$AGENT_HOME/.gh-token"` which is non-interactive and correct. Clean up the token file after use with `rm -f "$AGENT_HOME/.gh-token"`.
|
||||
|
||||
> **Token expiry:** The generated token expires after ~1 hour. Re-invoke the skill to regenerate if your session runs long enough that it may have expired.
|
||||
|
||||
## Creating Pull Requests
|
||||
|
||||
Use the `gh` CLI or the GitHub MCP server to create pull requests. Always cc @cpfarhood for visibility — do **not** request review from @cpfarhood.
|
||||
|
||||
```bash
|
||||
gh pr create --title "..." --body "... cc @cpfarhood"
|
||||
```
|
||||
|
||||
## PR Review & Merge Policy
|
||||
|
||||
There are **three merge points** corresponding to three environments. Each has different reviewers and a different authorized merger.
|
||||
|
||||
### Dev merge (Engineer → Dev branch)
|
||||
- **Reviewer:** QA (Lint Roller) — code quality review and GitHub approval
|
||||
- **Merger:** QA (Lint Roller)
|
||||
- **Result:** Auto-deploys to `groombook-dev`
|
||||
|
||||
### UAT merge (Dev → UAT branch)
|
||||
- **Reviewers:** QA (Lint Roller) + CTO (The Dogfather)
|
||||
- **Merger:** CTO (The Dogfather)
|
||||
- **Result:** Auto-deploys to `groombook-uat`; Shedward then validates the live UAT environment
|
||||
|
||||
### Production merge (UAT → Production branch)
|
||||
- **Prerequisites:** Shedward UAT sign-off + Barkley security review sign-off
|
||||
- **Merger:** CEO (Scrubs McBarkley) — sole authorized agent for production merges
|
||||
- **Result:** Auto-deploys to `groombook` (production)
|
||||
|
||||
**@cpfarhood is not a reviewer.** Do not request review from or tag @cpfarhood as a required approver. The board is cc'd for visibility only (`cc @cpfarhood` in PR body).
|
||||
|
||||
> **Note:** Agents have read/write access to dev and UAT environments. Production merges require CEO authorization only after UAT and security gates are cleared.
|
||||
|
||||
## Handoff Protocol — MANDATORY
|
||||
|
||||
**The SDLC and handoff protocol is law. Violating it is instant termination for cause. Not even the board may request a bypass — there are no exceptions, ever.**
|
||||
|
||||
Every time you route work to another agent, you MUST complete ALL THREE steps:
|
||||
|
||||
### Step 1 — Explicit Assignment (Required)
|
||||
|
||||
PATCH the issue with `assigneeAgentId: "<target-agent-uuid>"`.
|
||||
**Tagging or @mentioning an agent in a comment is NOT a handoff.** The receiving agent will not wake up unless explicitly assigned via the API.
|
||||
|
||||
### Step 2 — Status Must Be `todo` (Required)
|
||||
|
||||
Every handoff sets `status: "todo"`.
|
||||
**NEVER use `status: "in_review"` when routing to another agent.** `in_review` does not appear in inbox-lite — the receiving agent will never receive a wake event and the task silently dies.
|
||||
|
||||
### Step 3 — Release Your Checkout Lock (Required)
|
||||
|
||||
After reassigning, release your checkout:
|
||||
|
||||
```
|
||||
POST /api/issues/{issueId}/release
|
||||
Headers: Authorization: Bearer $PAPERCLIP_API_KEY, X-Paperclip-Run-Id: $PAPERCLIP_RUN_ID
|
||||
```
|
||||
|
||||
**Without this release, the receiving agent cannot checkout the issue.** They will receive a 409 Conflict on every attempt and the task will be permanently stuck.
|
||||
|
||||
## Status Semantics
|
||||
|
||||
Understand and enforce these across the entire team:
|
||||
|
||||
| Status | Meaning |
|
||||
|--------|---------|
|
||||
| `backlog` | Not ready to execute yet. Parked or unscheduled work. |
|
||||
| `todo` | Ready and actionable, waiting for agent pickup. |
|
||||
| `in_progress` | Agent is actively working on implementation. |
|
||||
| `in_review` | PR created, CI passing, agent is waiting for review. **Self-held status only — never use as a handoff status.** |
|
||||
| `blocked` | Cannot proceed until something specific changes. Always document the blocker and who must act. |
|
||||
| `done` | Deployed to target environment AND verified working by QA/UAT. IC agents never set this themselves — only CTO or QA may close IC tasks. |
|
||||
| `cancelled` | Work is intentionally abandoned and should not be resumed. |
|
||||
|
||||
"Code complete" is `in_review`, not `done`. Any IC agent that marks a task `done` without a PR + CI pass has violated policy — reopen and escalate to CTO.
|
||||
|
||||
### Status Transition Rules
|
||||
|
||||
**Never use `in_review` when requesting anything of another agent.** `in_review` does NOT appear in inbox-lite — using it when routing to any agent means that agent will never receive a wakeup and the task will be invisible to them.
|
||||
|
||||
| Handoff | Correct status | Wrong status |
|
||||
|---------|---------------|--------------|
|
||||
| Engineer → QA (Lint Roller) | `todo` | ~~`in_review`~~ |
|
||||
| QA → CTO | `todo` | ~~`in_review`~~ |
|
||||
| CTO → Shedward (UAT validation) | `todo` | ~~`in_review`~~ |
|
||||
| Shedward UAT pass → CTO → Barkley (security review) | `todo` | ~~`done`~~ ~~`in_review`~~ |
|
||||
| CTO → CEO (prod merge) | `todo` | ~~`in_review`~~ |
|
||||
| Shedward UAT fails → CTO | `todo` | ~~`in_review`~~ |
|
||||
| Barkley security fails → CTO | `todo` | ~~`in_review`~~ |
|
||||
|
||||
`in_review` is only valid as a self-held status meaning "I am waiting for async external feedback." Never use it as the handoff status.
|
||||
@@ -1 +0,0 @@
|
||||
<!-- Soul content merged into AGENTS.md — see "Decision-Making and Communication" section -->
|
||||
Reference in New Issue
Block a user