|
|
|
@@ -41,6 +41,18 @@ editing, deleting, or `chmod`-ing files; docs; scripts; commits; pushes; and PRs
|
|
|
|
|
Reading the repo, running read-only status/`git log`, and creating/claiming the
|
|
|
|
|
issue itself are allowed from the orchestration checkout without a prior issue.
|
|
|
|
|
|
|
|
|
|
Additional issue-first rules:
|
|
|
|
|
|
|
|
|
|
- Do not implement code without an issue unless explicitly authorized.
|
|
|
|
|
- **Design-only work uses a discussion/RFC issue** — create one or comment on
|
|
|
|
|
the existing one. Design debates belong on the issue, where other LLMs
|
|
|
|
|
comment directly. Discussion-only tasks must **not** create branches or PRs;
|
|
|
|
|
their comments should include recommendations, risks, open questions, and a
|
|
|
|
|
Controller Handoff Summary (§K).
|
|
|
|
|
- **If the repo/tracker home for the work is unclear, stop and ask for an
|
|
|
|
|
owner decision.** Do not create a new repository or a new tracker unless
|
|
|
|
|
explicitly approved by the owner.
|
|
|
|
|
|
|
|
|
|
## B. Isolated worktree rule
|
|
|
|
|
|
|
|
|
|
**Never implement or review in the main checkout.** The main checkout is for
|
|
|
|
@@ -162,7 +174,12 @@ Worktree folder = branch with `/` replaced by `-`
|
|
|
|
|
|
|
|
|
|
## G. Merge / cleanup workflow
|
|
|
|
|
|
|
|
|
|
Only an eligible (non-author) reviewer merges. After a real merge:
|
|
|
|
|
Only an eligible (non-author) reviewer merges. Before merging: always verify
|
|
|
|
|
the authenticated identity **and** the PR author; respect runtime profile
|
|
|
|
|
gates; run independent validation (do not trust the author's reported
|
|
|
|
|
results); and merge with a **pinned head SHA** and, where supported, the
|
|
|
|
|
**expected changed-file set**, so a moved head or widened diff refuses the
|
|
|
|
|
merge. After a real merge:
|
|
|
|
|
|
|
|
|
|
1. Confirm remote `master` actually contains the merge commit (A PR is not done just because `master` moved. A PR is done only when: Gitea reports the PR merged or reconciliation documents equivalent content on `master`; remote `master` contains the expected content; linked issues are closed; `status:in-progress` is removed).
|
|
|
|
|
2. Close/release the issue.
|
|
|
|
@@ -230,6 +247,132 @@ Ready-to-copy templates live in [`templates/`](templates/):
|
|
|
|
|
- [`worktree-cleanup.md`](templates/worktree-cleanup.md) — clean up after merge.
|
|
|
|
|
- [`release-tag.md`](templates/release-tag.md) — create a release tag.
|
|
|
|
|
|
|
|
|
|
## K. Controller Handoff Summary (required, every task)
|
|
|
|
|
|
|
|
|
|
Every LLM task **must end with a `Controller Handoff Summary`** — whether the
|
|
|
|
|
task was implementation, review, merge, issue triage, documentation,
|
|
|
|
|
discussion-only, or blocked planning. It lets a controller LLM understand the
|
|
|
|
|
current state immediately, without rereading the conversation.
|
|
|
|
|
|
|
|
|
|
Rules:
|
|
|
|
|
|
|
|
|
|
- Never omit the summary.
|
|
|
|
|
- Never bury blockers in earlier text only — they must appear here.
|
|
|
|
|
- If you opened a PR, state clearly that review is needed.
|
|
|
|
|
- If you reviewed but could not merge, name the exact gate that blocked it.
|
|
|
|
|
- If you only commented on a discussion issue, say no code review is needed
|
|
|
|
|
but owner/design feedback may be needed.
|
|
|
|
|
- If release state was touched, state exactly which tag/commit changed and why.
|
|
|
|
|
- If blocked (permissions, missing repo, missing second reviewer identity,
|
|
|
|
|
stale dependency, unclear tracker home): stop and report clearly; **never
|
|
|
|
|
bypass classifiers, profile gates, missing permissions, or live-consent
|
|
|
|
|
requirements**; give the owner concrete options.
|
|
|
|
|
|
|
|
|
|
Required format:
|
|
|
|
|
|
|
|
|
|
```md
|
|
|
|
|
## Controller Handoff Summary
|
|
|
|
|
|
|
|
|
|
### Work performed
|
|
|
|
|
|
|
|
|
|
Briefly state what was done.
|
|
|
|
|
|
|
|
|
|
### Current state
|
|
|
|
|
|
|
|
|
|
Include:
|
|
|
|
|
- current repo
|
|
|
|
|
- current branch or master commit
|
|
|
|
|
- issue number(s)
|
|
|
|
|
- PR number(s), if any
|
|
|
|
|
- whether work is complete, blocked, ready for review, or discussion-only
|
|
|
|
|
|
|
|
|
|
### Files changed
|
|
|
|
|
|
|
|
|
|
List files changed, or say `None`.
|
|
|
|
|
|
|
|
|
|
### Validation
|
|
|
|
|
|
|
|
|
|
List commands run and results, or say `Not applicable — discussion only`.
|
|
|
|
|
|
|
|
|
|
### Issues encountered
|
|
|
|
|
|
|
|
|
|
List errors, confusing state, permission/profile problems, stale branches,
|
|
|
|
|
failing tests, missing labels, or blocked decisions.
|
|
|
|
|
|
|
|
|
|
### Review needed?
|
|
|
|
|
|
|
|
|
|
Say one of:
|
|
|
|
|
- `No review needed — discussion/comment only`
|
|
|
|
|
- `Review needed — PR is open`
|
|
|
|
|
- `Independent non-author review needed`
|
|
|
|
|
- `Owner decision needed`
|
|
|
|
|
- `Blocked`
|
|
|
|
|
|
|
|
|
|
### Next recommended action
|
|
|
|
|
|
|
|
|
|
State exactly what should happen next.
|
|
|
|
|
|
|
|
|
|
### Safety confirmations
|
|
|
|
|
|
|
|
|
|
Confirm:
|
|
|
|
|
- no self-review
|
|
|
|
|
- no self-merge
|
|
|
|
|
- no release/tag changes unless explicitly requested
|
|
|
|
|
- no secrets committed
|
|
|
|
|
- no production access used unless explicitly authorized
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### Example blocked handoff
|
|
|
|
|
|
|
|
|
|
```md
|
|
|
|
|
## Example blocked handoff
|
|
|
|
|
|
|
|
|
|
### Work performed
|
|
|
|
|
|
|
|
|
|
Audited phase-2 MCP Control Plane planning. Found target repo
|
|
|
|
|
`mcp-control-plane` does not exist. Prepared issue pack but did not file it.
|
|
|
|
|
|
|
|
|
|
### Current state
|
|
|
|
|
|
|
|
|
|
- Repo: `Scaled-Tech-Consulting/Gitea-Tools`, unmodified
|
|
|
|
|
- Target repo: `mcp-control-plane`, missing
|
|
|
|
|
- Issues: none open in Gitea-Tools
|
|
|
|
|
- PRs: none open
|
|
|
|
|
- Status: blocked pending owner decision
|
|
|
|
|
|
|
|
|
|
### Files changed
|
|
|
|
|
|
|
|
|
|
None.
|
|
|
|
|
|
|
|
|
|
### Validation
|
|
|
|
|
|
|
|
|
|
Tracker/repo audit only. No code validation required.
|
|
|
|
|
|
|
|
|
|
### Issues encountered
|
|
|
|
|
|
|
|
|
|
Repo creation was denied by permission/classifier because it would be scope
|
|
|
|
|
escalation without live consent.
|
|
|
|
|
|
|
|
|
|
### Review needed?
|
|
|
|
|
|
|
|
|
|
Owner decision needed.
|
|
|
|
|
|
|
|
|
|
### Next recommended action
|
|
|
|
|
|
|
|
|
|
Owner must choose:
|
|
|
|
|
1. create `Scaled-Tech-Consulting/mcp-control-plane`
|
|
|
|
|
2. authorize repo creation while present
|
|
|
|
|
3. file phase-2 issues in Gitea-Tools instead
|
|
|
|
|
|
|
|
|
|
### Safety confirmations
|
|
|
|
|
|
|
|
|
|
- no self-review
|
|
|
|
|
- no self-merge
|
|
|
|
|
- no release/tag changes
|
|
|
|
|
- no secrets committed
|
|
|
|
|
- no production access used
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Adapting to a project
|
|
|
|
|
|
|
|
|
|
Replace these project-specific names when copying the skill elsewhere:
|
|
|
|
@@ -242,7 +385,7 @@ Replace these project-specific names when copying the skill elsewhere:
|
|
|
|
|
| `branches/` | Ignored worktree directory | `branches/` |
|
|
|
|
|
| helper scripts | Worktree helpers | `scripts/worktree-start` / `-review` / `-clean` |
|
|
|
|
|
|
|
|
|
|
The rules in §A–§I are project-agnostic and should not change.
|
|
|
|
|
The rules in §A–§K are project-agnostic and should not change.
|
|
|
|
|
|
|
|
|
|
## Versioning And Tagging
|
|
|
|
|
|
|
|
|
@@ -263,6 +406,14 @@ Tags must:
|
|
|
|
|
**Never tag** feature branches, dirty worktrees, unreviewed or self-authored
|
|
|
|
|
work, or commits not present on remote `master`.
|
|
|
|
|
|
|
|
|
|
Additional tag rules:
|
|
|
|
|
|
|
|
|
|
- Do **not** create, move, delete, or push tags unless explicitly instructed.
|
|
|
|
|
- Tag only **after** the intended PR is merged, and tag only the **verified
|
|
|
|
|
final master merge commit** (never the PR branch head unless the merge
|
|
|
|
|
commit is exactly that commit).
|
|
|
|
|
- Always **report the tag target commit** in the final report / handoff.
|
|
|
|
|
|
|
|
|
|
Release process (see [`templates/release-tag.md`](templates/release-tag.md)):
|
|
|
|
|
|
|
|
|
|
1. `git fetch <remote> --prune`.
|
|
|
|
|