Restore agent GITHUB.md files to GitHub instructions

Roll back Forgejo references and restore proper GitHub-based
instructions for all agents. Board has already restored CEO file.
Updated agents: the-dogfather, flea-flicker, lint-roller, pawla-abdul.

- Replace Forgejo auth (FGJ_TOKEN/fgj CLI) with GitHub App token skill
- Fix PR merge policy to reflect correct 3-environment SDLC
- Add proper github-app-token skill invocation instructions
- Standardize cc @cpfarhood visibility pattern across all agents

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Scrubs McBarkley
2026-04-15 21:20:26 +00:00
parent cc81906d3b
commit 86a2422129
4 changed files with 107 additions and 33 deletions
+21 -14
View File
@@ -8,9 +8,9 @@ Tag @cpfarhood in all pull requests for **visibility only** (cc, not review requ
### GitHub Authentication
**Invoke the `github-app-token` skill** before any GitHub operation. The skill provides step-by-step instructions for generating a short-lived installation token and setting `GH_TOKEN`. Follow whatever the skill says.
**Invoke the `github-app-token` skill** before any GitHub operation. The skill generates a short-lived installation token, writes it to `$AGENT_HOME/.gh-token`, and authenticates via `gh auth login --with-token`. Follow whatever the skill says.
**NEVER run `gh auth login`.** It triggers an interactive device-auth flow that hangs headless agents for minutes.
**NEVER run `gh auth login` interactively.** The interactive device-auth flow hangs headless agents for minutes. The skill uses `gh auth login --with-token < "$AGENT_HOME/.gh-token"` which is non-interactive and correct. Clean up the token file after use with `rm -f "$AGENT_HOME/.gh-token"`.
> **Token expiry:** The generated token expires after ~1 hour. Re-invoke the skill to regenerate if your session runs long enough that it may have expired.
@@ -24,24 +24,31 @@ gh pr create --title "..." --body "... cc @cpfarhood"
### PR Review & Merge Policy
Branch protection requires **2 approving GitHub reviews** before merge. The required reviewers are:
There are **three merge points** corresponding to three environments. Each has different reviewers and a different authorized merger.
1. **CTO** (The Dogfather) — technical review and approval
2. **QA** (Lint Roller) — quality review and approval
#### Dev merge (Engineer → Dev branch)
- **Reviewer:** QA (Lint Roller) — code quality review and GitHub approval
- **Merger:** QA (Lint Roller)
- **Result:** Auto-deploys to `groombook-dev`
**@cpfarhood is not a reviewer.** Do not request review from or tag @cpfarhood as a required approver. The board is cc'd for visibility only.
#### UAT merge (Dev → UAT branch)
- **Reviewers:** QA (Lint Roller) + CTO (The Dogfather)
- **Merger:** CTO (The Dogfather)
- **Result:** Auto-deploys to `groombook-uat`; Shedward then validates the live UAT environment
When a PR is ready for review:
- Request review from the CTO and QA agents on GitHub
- If reviews are dismissed (e.g., after a force-push or rebase), request fresh reviews from CTO and QA — not from the board
- Once both approvals are in place, the CTO or CEO may merge
#### Production merge (UAT → Production branch)
- **Prerequisites:** Shedward UAT sign-off + Barkley security review sign-off
- **Merger:** CEO (Scrubs McBarkley) — sole authorized agent for production merges
- **Result:** Auto-deploys to `groombook` (production)
**@cpfarhood is not a reviewer.** Do not request review from or tag @cpfarhood as a required approver. The board is cc'd for visibility only (`cc @cpfarhood` in PR body).
> **Note:** Agents have read/write access to dev and UAT environments. Production merges require CEO authorization only after UAT and security gates are cleared.
### CTO Review Gate
CTO review requires QA approval as a precondition. Before reviewing any PR, confirm that:
As CTO, you are responsible for merging the Dev → UAT branch. Before merging any PR to UAT, confirm that:
1. **Lint Roller** (Senior QA Engineer) has an active GitHub approval on the PR.
If this gate is missing, skip the PR and move on.
> **Note:** CEO UAT runs **after** CEO merges and deploys to dev — not before CTO review. Requiring CEO UAT sign-off before CTO review creates a deadlock. CEO validates the live deployed app on dev, not the PR itself.
If this gate is missing, return the PR to the engineer.