Rename development flow skill for jojo

2026-05-12 21:50:51 +00:00 · 2026-05-12 21:50:51 +00:00 · 1fb9aa5ed9
commit 1fb9aa5ed9
parent ecf0b7a8f3
8 changed files with 310 additions and 209 deletions
--- a/.codex/skills/codeberg-development-flow/SKILL.md
+++ b/.codex/skills/codeberg-development-flow/SKILL.md
@ -1,73 +0,0 @@
---
-name: codeberg-development-flow
-description: Use when working in this repository on development flow, remotes, Forgejo or Codeberg CLI operations, Forgejo repo creation, branch tracking, commit signing, mirroring, npm trusted publishing, release validation, or publishing @peezy.tech/codex-flows.
---
-
-# Forgejo Development Flow
-
-## Overview
-
-Use Forgejo at `jojo.build` as the primary development forge. Keep Codeberg as a push mirror. Keep GitHub for npm trusted publishing only.
-
-## Core Rules
-
- Treat `origin` as Forgejo: `git@jojo.build:peezy-tech/codex-flows.git`.
- Treat `codeberg` as the Codeberg mirror: `git@codeberg.org:peezy-tech/codex-flows.git`.
- Treat `github` as the GitHub publishing remote: `https://github.com/peezy-tech/codex-flows.git`.
- Keep `main` tracking `origin/main`, not `github/main`.
- Push normal development to Forgejo.
- Configure Forgejo to push-mirror to Codeberg.
- Push to GitHub only when the release workflow must publish to npm.
- Do not add npm tokens to the repo or GitHub secrets. GitHub publishes through trusted publishing.
- Use package name `@peezy.tech/codex-flows`, not `@peezy-tech/codex-flows`.
-
-## Setup Checks
-
-When asked to set up or verify the repo, check:
-
-```bash
-git remote -v
-ssh -T git@jojo.build
-fj --host jojo.build auth list
-gpg --list-secret-keys --keyid-format=long
-git status --short --branch
-```
-
-Expected local key files:
-
-```text
-~/.ssh/id_ed25519_jojo_build.pub
-~/.config/forgejo-keys/matamune-jojo-build-gpg.asc
-```
-
-## Release Workflow
-
-Normal development:
-
-```bash
-git pull
-git push
-```
-
-Before release, run:
-
-```bash
-bun run --filter @peezy.tech/codex-flows release:check
-bun run check:types
-bun run test
-git diff --check
-```
-
-Then:
-
-1. Bump `packages/codex-client/package.json`.
-2. Commit.
-3. Push to Forgejo: `git push`.
-4. Confirm Codeberg mirror has received the commit.
-5. Push to GitHub: `git push github main`.
-6. Run GitHub workflow `.github/workflows/publish-codex-flows.yml` with `confirm_package=@peezy.tech/codex-flows`.
-6. Verify `npm dist-tag ls @peezy.tech/codex-flows`.
-
-## References
-
- Read `references/development-flow.md` for exact setup and command details.
--- a/.codex/skills/codeberg-development-flow/agents/openai.yaml
+++ b/.codex/skills/codeberg-development-flow/agents/openai.yaml
@ -1,4 +0,0 @@
-interface:
-  display_name: "Forgejo Development Flow"
-  short_description: "Forgejo-first development, Codeberg mirroring, and GitHub publishing flow."
-  default_prompt: "Use the Forgejo-first development flow for remotes, branch tracking, Forgejo CLI, signed commits, Codeberg mirroring, GitHub publishing, and npm trusted publishing."
--- a/.codex/skills/codeberg-development-flow/references/development-flow.md
+++ b/.codex/skills/codeberg-development-flow/references/development-flow.md
@ -1,109 +0,0 @@
-# Forgejo Development Flow Reference
-
-## Remotes
-
-```bash
-git remote -v
-# origin    git@jojo.build:peezy-tech/codex-flows.git
-# codeberg  git@codeberg.org:peezy-tech/codex-flows.git
-# github    https://github.com/peezy-tech/codex-flows.git
-```
-
-`main` should track Forgejo:
-
-```bash
-git branch --set-upstream-to=origin/main main
-git status --short --branch
-# ## main...origin/main
-```
-
-Use Forgejo for day-to-day work. Forgejo should push-mirror to Codeberg:
-
-```bash
-git pull
-git push
-git ls-remote codeberg refs/heads/main
-```
-
-Use GitHub only to run npm trusted publishing:
-
-```bash
-git push github main
-gh workflow run publish-codex-flows.yml --repo peezy-tech/codex-flows --ref main -f confirm_package='@peezy.tech/codex-flows'
-```
-
-## Keys
-
-SSH public key:
-
-```text
-~/.ssh/id_ed25519_jojo_build.pub
-```
-
-GPG public key:
-
-```text
-~/.config/forgejo-keys/matamune-jojo-build-gpg.asc
-```
-
-Git signing is expected:
-
-```bash
-git config --global commit.gpgsign true
-git config --global user.signingkey E3B0D5FB2E5CF11FAFB2EA113BB8E7D3B968A324
-```
-
-## Forgejo CLI
-
-`forgejo-cli` is installed as `fj`.
-
-The configured Forgejo login should be visible for `jojo.build`:
-
-```bash
-fj --host jojo.build auth list
-```
-
-If authentication needs to be recreated:
-
-```bash
-fj --host jojo.build auth add-key matamune <token>
-fj --host jojo.build auth use-ssh true
-```
-
-Create the organization repo when missing:
-
-```bash
-fj --host jojo.build org repo create peezy-tech codex-flows \
-  -d "Public monorepo for @peezy.tech/codex-flows" \
-  -S true
-```
-
-Verify the repository:
-
-```bash
-fj --host jojo.build repo view peezy-tech/codex-flows
-git ls-remote origin HEAD refs/heads/main
-```
-
-## Package Release Gate
-
-```bash
-bun run --filter @peezy.tech/codex-flows release:check
-bun run check:types
-bun run test
-git diff --check
-```
-
-Verify npm after GitHub Actions publishing:
-
-```bash
-npm dist-tag ls @peezy.tech/codex-flows
-npm view @peezy.tech/codex-flows version repository --json
-```
-
-## Current Constructed State
-
- Forgejo repo: `https://jojo.build/peezy-tech/codex-flows`
- Codeberg mirror: `https://codeberg.org/peezy-tech/codex-flows`
- GitHub publishing repo: `https://github.com/peezy-tech/codex-flows`
- `origin/main`, `codeberg/main`, and `github/main` should be kept aligned for release commits.
--- a/.codex/skills/jojo-development-flow/SKILL.md
+++ b/.codex/skills/jojo-development-flow/SKILL.md
@ -0,0 +1,111 @@
+---
+name: jojo-development-flow
+description: Use when working in this repository on development flow, remotes, jojo.build operations, Codeberg mirroring, branch tracking, commit signing, jojo Actions, npm trusted publishing, release validation, or publishing @peezy.tech/codex-flows.
+---
+
+# Jojo Development Flow
+
+## Overview
+
+Use `jojo.build` as the canonical development home for `peezy-tech/codex-flows`. Codeberg is a push mirror. GitHub is only for npm trusted publishing.
+
+## Current Structure
+
+- Canonical repo: `https://jojo.build/peezy-tech/codex-flows`
+- Git remote `origin`: `git@jojo.build:peezy-tech/codex-flows.git`
+- Git remote `codeberg`: `git@codeberg.org:peezy-tech/codex-flows.git`
+- Git remote `github`: `https://github.com/peezy-tech/codex-flows.git`
+- `main` tracks `origin/main`.
+- `jojo.build` push-mirrors `main` to Codeberg.
+- GitHub is pushed manually only when npm trusted publishing needs the release workflow.
+
+## Accounts And Access
+
+- Human/admin account: `peezy`
+- Host development worker account: `matamune`
+- Organization: `peezy-tech`
+- Both users are in the `peezy-tech` Owners team.
+- `matamune` is active but is not a site admin.
+- `peezy` is the site admin account and has 2FA enabled.
+
+## Core Rules
+
+- Push normal development to `origin`.
+- Do not treat Codeberg as canonical; use it only as a mirror and recovery remote.
+- Do not treat GitHub as a development remote.
+- Push to GitHub only when the release workflow must publish to npm.
+- Do not add npm tokens to the repo or GitHub secrets. GitHub publishes through trusted publishing.
+- Use package name `@peezy.tech/codex-flows`, not `@peezy-tech/codex-flows`.
+- Before release work, verify `origin/main` and `codeberg/main` are aligned.
+- Keep commits signed when possible, but signed commits are not currently required by branch protection.
+
+## Setup Checks
+
+When asked to set up or verify the repo, check:
+
+```bash
+git remote -v
+git status --short --branch
+ssh -T git@jojo.build
+git ls-remote origin refs/heads/main
+git ls-remote codeberg refs/heads/main
+gpg --list-secret-keys --keyid-format=long
+```
+
+Expected local key files:
+
+```text
+~/.ssh/id_ed25519_codeberg.pub
+~/.config/forgejo-keys/matamune-jojo-build-ssh.pub
+~/.config/forgejo-keys/matamune-jojo-build-gpg.asc
+```
+
+## Jojo CI
+
+`main` is protected on `jojo.build`.
+
+- Owners can push and merge.
+- Required status context: `ci / check (push)`
+- The workflow lives at `.forgejo/workflows/ci.yml`.
+- The runner is `jojo-build-runner-01`.
+
+The CI workflow runs:
+
+```bash
+bun install --frozen-lockfile
+bun run check:types
+bun run test
+bun run --filter @peezy.tech/codex-flows release:check
+```
+
+## Release Workflow
+
+Normal development:
+
+```bash
+git pull
+git push
+```
+
+Before release, run:
+
+```bash
+bun run --filter @peezy.tech/codex-flows release:check
+bun run check:types
+bun run test
+git diff --check
+```
+
+Then:
+
+1. Bump `packages/codex-client/package.json`.
+2. Commit.
+3. Push to jojo: `git push`.
+4. Confirm Codeberg mirror has received the commit.
+5. Push to GitHub: `git push github main`.
+6. Run GitHub workflow `.github/workflows/publish-codex-flows.yml` with `confirm_package=@peezy.tech/codex-flows`.
+7. Verify `npm dist-tag ls @peezy.tech/codex-flows`.
+
+## References
+
+- Read `references/development-flow.md` for exact setup and command details.
--- a/.codex/skills/jojo-development-flow/agents/openai.yaml
+++ b/.codex/skills/jojo-development-flow/agents/openai.yaml
@ -0,0 +1,4 @@
+interface:
+  display_name: "Jojo Development Flow"
+  short_description: "jojo.build development, Codeberg mirroring, and GitHub publishing flow."
+  default_prompt: "Use the jojo-first development flow for remotes, branch tracking, jojo.build operations, signed commits, Codeberg mirroring, GitHub publishing, and npm trusted publishing."
--- a/.codex/skills/jojo-development-flow/references/development-flow.md
+++ b/.codex/skills/jojo-development-flow/references/development-flow.md
@ -0,0 +1,158 @@
+# Jojo Development Flow Reference
+
+## Remotes
+
+```bash
+git remote -v
+# origin    git@jojo.build:peezy-tech/codex-flows.git
+# codeberg  git@codeberg.org:peezy-tech/codex-flows.git
+# github    https://github.com/peezy-tech/codex-flows.git
+```
+
+`main` should track jojo:
+
+```bash
+git branch --set-upstream-to=origin/main main
+git status --short --branch
+# ## main...origin/main
+```
+
+Use jojo for day-to-day work:
+
+```bash
+git pull
+git push
+```
+
+Confirm Codeberg mirror state:
+
+```bash
+git ls-remote origin refs/heads/main
+git ls-remote codeberg refs/heads/main
+```
+
+Use GitHub only to run npm trusted publishing:
+
+```bash
+git push github main
+gh workflow run publish-codex-flows.yml --repo peezy-tech/codex-flows --ref main -f confirm_package='@peezy.tech/codex-flows'
+```
+
+## Accounts
+
+- `peezy`: human site admin, 2FA enabled.
+- `matamune`: active development worker account for this host, not a site admin.
+- `peezy-tech`: organization containing `codex-flows`.
+- `load-game`: organization containing both `peezy` and `matamune`.
+
+## Keys
+
+Host SSH public key:
+
+```text
+~/.config/forgejo-keys/matamune-jojo-build-ssh.pub
+```
+
+Host GPG public key:
+
+```text
+~/.config/forgejo-keys/matamune-jojo-build-gpg.asc
+```
+
+Codeberg SSH key still exists for direct mirror diagnostics:
+
+```text
+~/.ssh/id_ed25519_codeberg.pub
+```
+
+Git signing is expected:
+
+```bash
+git config --global commit.gpgsign true
+git config --global user.signingkey E3B0D5FB2E5CF11FAFB2EA113BB8E7D3B968A324
+```
+
+## Jojo CLI And API Checks
+
+`fj` can talk to `jojo.build` when authenticated:
+
+```bash
+fj --host jojo.build auth list
+fj --host jojo.build repo view peezy-tech/codex-flows
+```
+
+For admin automation, prefer a scoped `peezy` token. The old bootstrap `matamune` setup token should not be treated as the long-term admin credential.
+
+## Branch Protection
+
+`main` is protected:
+
+- Owners can push and merge.
+- Required status context: `ci / check (push)`.
+- Protection applies to admins.
+- Signed commits are not required yet.
+
+## Jojo Actions
+
+Workflow file:
+
+```text
+.forgejo/workflows/ci.yml
+```
+
+The runner label used by CI is `ubuntu-latest`, backed by `node:22-bookworm`. The workflow installs Bun before running checks because the release dry-run needs `npm`.
+
+Current CI gate:
+
+```bash
+bun install --frozen-lockfile
+bun run check:types
+bun run test
+bun run --filter @peezy.tech/codex-flows release:check
+```
+
+## Jojo CLI
+
+```bash
+fj --host jojo.build auth add-key matamune <token>
+fj --host jojo.build auth use-ssh true
+```
+
+Create the organization repo when missing:
+
+```bash
+fj --host jojo.build org repo create peezy-tech codex-flows \
+  -d "Public monorepo for @peezy.tech/codex-flows" \
+  -S true
+```
+
+Verify the repository:
+
+```bash
+fj --host jojo.build repo view peezy-tech/codex-flows
+git ls-remote origin HEAD refs/heads/main
+```
+
+## Package Release Gate
+
+```bash
+bun run --filter @peezy.tech/codex-flows release:check
+bun run check:types
+bun run test
+git diff --check
+```
+
+Verify npm after GitHub Actions publishing:
+
+```bash
+npm dist-tag ls @peezy.tech/codex-flows
+npm view @peezy.tech/codex-flows version repository --json
+```
+
+## Current State
+
+- Canonical repo: `https://jojo.build/peezy-tech/codex-flows`
+- Codeberg mirror: `https://codeberg.org/peezy-tech/codex-flows`
+- GitHub publishing repo: `https://github.com/peezy-tech/codex-flows`
+- `origin/main` and `codeberg/main` should stay aligned automatically through the jojo push mirror.
+- `github/main` may lag until a release needs npm trusted publishing.
--- a/README.md
+++ b/README.md
@ -63,9 +63,9 @@ bun run test

 ## Development Flow

-Development happens on Forgejo at `jojo.build`. Codeberg is configured as a push mirror, and GitHub is kept for npm trusted publishing only.
+Development happens on jojo at `jojo.build`. Codeberg is configured as a push mirror, and GitHub is kept for npm trusted publishing only.

-See [docs/development-flow.md](docs/development-flow.md) for remotes, key setup, Forgejo CLI setup, mirroring, and the release procedure.
+See [docs/development-flow.md](docs/development-flow.md) for remotes, key setup, jojo CLI setup, mirroring, and the release procedure.

 ## Publishing

--- a/docs/development-flow.md
+++ b/docs/development-flow.md
@ -1,10 +1,10 @@
 # Development Flow

-This monorepo is developed on Forgejo at `jojo.build`. Codeberg is a push mirror, and GitHub is used only when npm trusted publishing needs its workflow.
+This monorepo is developed on jojo at `jojo.build`. Codeberg is a push mirror, and GitHub is used only when npm trusted publishing needs its workflow.

 ## Remotes

-Use Forgejo as the normal development remote:
+Use jojo as the normal development remote:

 ```bash
 git remote -v
@ -13,13 +13,13 @@ git remote -v
 # github    https://github.com/peezy-tech/codex-flows.git
 ```

-Push ordinary development to Forgejo:
+Push ordinary development to jojo:

 ```bash
 git push origin main
 ```

-Forgejo should push-mirror `main` to Codeberg. The local `codeberg` remote is kept for diagnostics and manual recovery.
+`jojo.build` push-mirrors `main` to Codeberg. The local `codeberg` remote is kept for diagnostics and manual recovery.

 Push to GitHub only when a release needs the trusted publishing workflow:

@ -27,40 +27,54 @@ Push to GitHub only when a release needs the trusted publishing workflow:
 git push github main
 ```

+## Accounts
+
+- `peezy` is the human site admin account and has 2FA enabled.
+- `matamune` is an active development worker account for this host and is not a site admin.
+- Both accounts are Owners in `peezy-tech`.
+
 ## Machine Keys

-This machine uses dedicated Forgejo and Codeberg SSH keys:
-
-```text
-~/.ssh/id_ed25519_jojo_build.pub
-~/.ssh/id_ed25519_codeberg.pub
-```
-
-The public GPG key for commit verification is exported here:
+This host uses a dedicated jojo SSH key and GPG key:

 ```text
+~/.config/forgejo-keys/matamune-jojo-build-ssh.pub
 ~/.config/forgejo-keys/matamune-jojo-build-gpg.asc
 ```

-Upload the Forgejo SSH and GPG public keys to the `jojo.build` account before pushing over SSH or expecting verified commits. Keep the Codeberg SSH key available for mirror diagnostics.
+The Codeberg key remains available for mirror diagnostics:

-## Forgejo CLI
+```text
+~/.ssh/id_ed25519_codeberg.pub
+```

-`forgejo-cli` is installed as `fj`.
+## Jojo CLI

-Authenticate with `jojo.build` after creating an application token:
+`fj` can talk to `jojo.build` after creating an application token:

 ```bash
-fj --host jojo.build auth add-key <forgejo-username> <token>
+fj --host jojo.build auth add-key <username> <token>
 fj --host jojo.build auth use-ssh true
 fj --host jojo.build auth list
 ```

-If browser login is available, this may also work:
+## CI And Branch Protection
+
+`main` is protected on `jojo.build`.
+
+- Owners can push and merge.
+- Required status context: `ci / check (push)`.
+- The workflow lives at `.forgejo/workflows/ci.yml`.
+- Protection applies to admins.
+- Signed commits are not required yet.
+
+The CI workflow runs:

 ```bash
-fj auth login
-fj auth use-ssh true
+bun install --frozen-lockfile
+bun run check:types
+bun run test
+bun run --filter @peezy.tech/codex-flows release:check
 ```

 ## Releases
@ -79,7 +93,7 @@ git diff --check
 To publish through GitHub trusted publishing:

 1. Bump `packages/codex-client/package.json`.
-2. Commit and push to Forgejo.
+2. Commit and push to jojo.
 3. Confirm the Codeberg mirror has received the commit.
 4. Push the same commit to GitHub.
 5. Run `.github/workflows/publish-codex-flows.yml` on GitHub with confirmation input `@peezy.tech/codex-flows`.