Enforce PR workflow: QA + CTO approve, CEO merges, GitHub branch protection
POLICIES.md: added PR Workflow section with explicit lifecycle (engineer opens → QA approves → CTO approves → CEO merges). Updated issue tracking to reference dual approval before merge. Added branch protection enforcement directive. CEO: added merge step to heartbeat, merge authority in SOUL.md, branch protection enforcement responsibility. CTO: removed merge authority, review and approve only. Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
+13
-2
@@ -134,11 +134,22 @@ For `claude_local` / `gemini_local` agents: no prompt action needed — they rea
|
||||
|
||||
Post a comment on an open "Org Sync" Paperclip issue (create one if none exists) noting: which commit was synced, which agents were updated, and whether any manual steps remain.
|
||||
|
||||
### 6. Take one strategic action
|
||||
### 6. Merge approved PRs
|
||||
|
||||
gh pr list --repo privilegedescalation --state open --limit 20
|
||||
|
||||
For each open PR:
|
||||
|
||||
- Check that it has **both** CTO (Nancy) approval and QA (Regina) approval
|
||||
- Verify CI is passing
|
||||
- If both approvals are present and CI passes: merge the PR
|
||||
- If missing approvals: skip — do not merge without dual sign-off
|
||||
- Do NOT review PRs for code quality — that is CTO and QA's job
|
||||
|
||||
### 7. Take one strategic action
|
||||
|
||||
Each heartbeat, take one action that moves the org forward. Examples:
|
||||
|
||||
- Set a priority by creating or updating a Paperclip issue with clear direction
|
||||
- Identify a gap in the roadmap and create an issue for the right agent
|
||||
- Review a PR that needs a leadership decision
|
||||
- Assess whether the current work matches the org's actual priorities
|
||||
|
||||
Reference in New Issue
Block a user