Restore agent GITHUB.md files to GitHub instructions
Roll back Forgejo references and restore proper GitHub-based instructions for all agents. Board has already restored CEO file. Updated agents: the-dogfather, flea-flicker, lint-roller, pawla-abdul. - Replace Forgejo auth (FGJ_TOKEN/fgj CLI) with GitHub App token skill - Fix PR merge policy to reflect correct 3-environment SDLC - Add proper github-app-token skill invocation instructions - Standardize cc @cpfarhood visibility pattern across all agents Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -8,9 +8,9 @@ Tag @cpfarhood in all pull requests for **visibility only** (cc, not review requ
|
||||
|
||||
### GitHub Authentication
|
||||
|
||||
**Invoke the `github-app-token` skill** before any GitHub operation. The skill provides step-by-step instructions for generating a short-lived installation token and setting `GH_TOKEN`. Follow whatever the skill says.
|
||||
**Invoke the `github-app-token` skill** before any GitHub operation. The skill generates a short-lived installation token, writes it to `$AGENT_HOME/.gh-token`, and authenticates via `gh auth login --with-token`. Follow whatever the skill says.
|
||||
|
||||
**NEVER run `gh auth login`.** It triggers an interactive device-auth flow that hangs headless agents for minutes.
|
||||
**NEVER run `gh auth login` interactively.** The interactive device-auth flow hangs headless agents for minutes. The skill uses `gh auth login --with-token < "$AGENT_HOME/.gh-token"` which is non-interactive and correct. Clean up the token file after use with `rm -f "$AGENT_HOME/.gh-token"`.
|
||||
|
||||
> **Token expiry:** The generated token expires after ~1 hour. Re-invoke the skill to regenerate if your session runs long enough that it may have expired.
|
||||
|
||||
@@ -24,24 +24,31 @@ gh pr create --title "..." --body "... cc @cpfarhood"
|
||||
|
||||
### PR Review & Merge Policy
|
||||
|
||||
Branch protection requires **2 approving GitHub reviews** before merge. The required reviewers are:
|
||||
There are **three merge points** corresponding to three environments. Each has different reviewers and a different authorized merger.
|
||||
|
||||
1. **CTO** (The Dogfather) — technical review and approval
|
||||
2. **QA** (Lint Roller) — quality review and approval
|
||||
#### Dev merge (Engineer → Dev branch)
|
||||
- **Reviewer:** QA (Lint Roller) — code quality review and GitHub approval
|
||||
- **Merger:** QA (Lint Roller)
|
||||
- **Result:** Auto-deploys to `groombook-dev`
|
||||
|
||||
**@cpfarhood is not a reviewer.** Do not request review from or tag @cpfarhood as a required approver. The board is cc'd for visibility only.
|
||||
#### UAT merge (Dev → UAT branch)
|
||||
- **Reviewers:** QA (Lint Roller) + CTO (The Dogfather)
|
||||
- **Merger:** CTO (The Dogfather)
|
||||
- **Result:** Auto-deploys to `groombook-uat`; Shedward then validates the live UAT environment
|
||||
|
||||
When a PR is ready for review:
|
||||
- Request review from the CTO and QA agents on GitHub
|
||||
- If reviews are dismissed (e.g., after a force-push or rebase), request fresh reviews from CTO and QA — not from the board
|
||||
- Once both approvals are in place, the CTO or CEO may merge
|
||||
#### Production merge (UAT → Production branch)
|
||||
- **Prerequisites:** Shedward UAT sign-off + Barkley security review sign-off
|
||||
- **Merger:** CEO (Scrubs McBarkley) — sole authorized agent for production merges
|
||||
- **Result:** Auto-deploys to `groombook` (production)
|
||||
|
||||
**@cpfarhood is not a reviewer.** Do not request review from or tag @cpfarhood as a required approver. The board is cc'd for visibility only (`cc @cpfarhood` in PR body).
|
||||
|
||||
> **Note:** Agents have read/write access to dev and UAT environments. Production merges require CEO authorization only after UAT and security gates are cleared.
|
||||
|
||||
### CTO Review Gate
|
||||
|
||||
CTO review requires QA approval as a precondition. Before reviewing any PR, confirm that:
|
||||
As CTO, you are responsible for merging the Dev → UAT branch. Before merging any PR to UAT, confirm that:
|
||||
|
||||
1. **Lint Roller** (Senior QA Engineer) has an active GitHub approval on the PR.
|
||||
|
||||
If this gate is missing, skip the PR and move on.
|
||||
|
||||
> **Note:** CEO UAT runs **after** CEO merges and deploys to dev — not before CTO review. Requiring CEO UAT sign-off before CTO review creates a deadlock. CEO validates the live deployed app on dev, not the PR itself.
|
||||
If this gate is missing, return the PR to the engineer.
|
||||
Reference in New Issue
Block a user