privilegedescalation/org

Fork 0

Commit Graph

Author	SHA1	Message	Date
Chris Farhood	f3f3806f60	Add role-based GitHub App manifests Four roles with scoped permissions enforcing PR workflow at GitHub level: - CEO: merge authority, org admin - CTO: PR review/approval, full engineering + workflows - QA: PR review/approval, read-only contents, CI monitoring - Engineer: push branches, open PRs, CI execution Apps are org-scoped. PEM naming: <org>-<role>.pem Branch protection rulesets to be configured after app creation. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-03-20 07:30:28 -04:00

Author

SHA1

Message

Date

Chris Farhood

f3f3806f60

Add role-based GitHub App manifests

Four roles with scoped permissions enforcing PR workflow at GitHub level:
- CEO: merge authority, org admin
- CTO: PR review/approval, full engineering + workflows
- QA: PR review/approval, read-only contents, CI monitoring
- Engineer: push branches, open PRs, CI execution

Apps are org-scoped. PEM naming: <org>-<role>.pem
Branch protection rulesets to be configured after app creation.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-03-20 07:30:28 -04:00

1 Commits