Skip to content

feat(org-config): wire add-to-project into org-sync#9

Merged
bitwise-fast-forward-merge[bot] merged 3 commits into
bitwise-media-group:mainfrom
dmccaffery:feat/add-to-project
Jul 1, 2026
Merged

feat(org-config): wire add-to-project into org-sync#9
bitwise-fast-forward-merge[bot] merged 3 commits into
bitwise-media-group:mainfrom
dmccaffery:feat/add-to-project

Conversation

@dmccaffery

Copy link
Copy Markdown
Collaborator

Add a workflows-sync command that fans repo-config/workflows/*.yaml out to .github/workflows/ in every non-archived org repo via the Contents API — upsert only (never deletes), idempotent (skips byte-identical files), with a Signed-off-by trailer. In the same pass it links the shared Roadmap project onto each repo with gh project link (skipping repos already linked) so the board also shows on the repo's Projects tab, and backfills each repo's existing issues into the project with gh project item-add (ISSUE_STATE, default open; dedupes) so the board catches up on work opened before the workflow existed.

Ship the canonical add-to-project caller it distributes: on issues: opened it calls the reusable github-workflows add-to-project workflow, adding the issue to the shared org Roadmap project so every repo's issues collect in one board.

A Contents-API commit is unsigned (GitHub web-flow-signs only web-UI and GitHub App commits, not OAuth-token API writes), so pushing the caller to a public repo's protected default branch requires an org owner to bypass required_signatures and code_scanning; add OrganizationAdmin to the bypass_actors of public-release-branch-security and public-code-quality (pull_request is already bypassed) and apply with org-config.sh import.

Closes #6

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Note

Merging this PR: this repository merges by fast-forward so every
commit keeps its original signature. The GitHub merge button is not used.
Once this PR is approved and all checks pass, a maintainer merges it by
commenting /merge on the PR.

The branch must be up to date with main (rebased and re-signed) to
fast-forward. If /merge reports it is not fast-forwardable, rebase onto
main and comment /merge again.

tiffanywang3
tiffanywang3 previously approved these changes Jul 1, 2026
@dmccaffery

Copy link
Copy Markdown
Collaborator Author

/auto-merge

@bitwise-fast-forward-merge bitwise-fast-forward-merge Bot added the auto-merge Fast-forward this PR once it is approved and all required checks pass label Jul 1, 2026
@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Note

Auto-merge armed. Once this PR is approved and every required check
passes, it will be fast-forwarded into the base branch automatically,
preserving every commit signature.

Remove the auto-merge label to cancel. If the branch is not
fast-forwardable, rebase onto the base branch and re-sign — CI re-runs
and the merge retries.

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • not fast-forwardable (diverged) — rebase and re-sign onto main

Add a `workflows-sync` command that fans repo-config/workflows/*.yaml out to
.github/workflows/ in every non-archived org repo via the Contents API — upsert
only (never deletes), idempotent (skips byte-identical files), with a Signed-off-by
trailer. In the same pass it links the shared Roadmap project onto each repo with
`gh project link` (skipping repos already linked) so the board also shows on the
repo's Projects tab, and backfills each repo's existing issues into the project with
`gh project item-add` (ISSUE_STATE, default open; dedupes) so the board catches up on
work opened before the workflow existed.

Ship the canonical add-to-project caller it distributes: on `issues: opened` it
calls the reusable github-workflows add-to-project workflow, adding the issue to
the shared org Roadmap project so every repo's issues collect in one board.

A Contents-API commit is unsigned (GitHub web-flow-signs only web-UI and GitHub App
commits, not OAuth-token API writes), so pushing the caller to a public repo's
protected default branch requires an org owner to bypass required_signatures and
code_scanning; add OrganizationAdmin to the bypass_actors of
public-release-branch-security and public-code-quality (pull_request is already
bypassed) and apply with `org-config.sh import`.

Closes bitwise-media-group#6

Signed-off-by: Deavon M. McCaffery <dmccaffery@users.noreply.github.com>
…ject

The caller only triggered on `issues: [opened]`, so opened PRs never landed on
the shared org Roadmap board. Add a `pull_request_target: [opened]` trigger.

pull_request_target (not pull_request) so PRs opened from forks are captured
too — a fork's pull_request event runs without secrets, which would fail the
App-token mint. Safe here because the reusable workflow never checks out PR
code; it only adds the item to the board.

Existing repos keep the old trigger until the next `org-config.sh
workflows-sync` re-pushes this caller; this fixes the canonical template so
future syncs and newly created repos get it.

Also add the standard `Copyright` / `SPDX-License-Identifier: MIT` header to the
caller template, matching the org's reusable workflow files.

Signed-off-by: Deavon M. McCaffery <dmccaffery@users.noreply.github.com>
Signed-off-by: Deavon M. McCaffery <dmccaffery@users.noreply.github.com>
@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • review decision is REVIEW_REQUIRED, need APPROVED

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Fast-forwarded main to dab16c964d02 — original signature preserved, no re-sign.

@bitwise-fast-forward-merge bitwise-fast-forward-merge Bot merged commit dab16c9 into bitwise-media-group:main Jul 1, 2026
4 checks passed
@dmccaffery dmccaffery deleted the feat/add-to-project branch July 1, 2026 10:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

auto-merge Fast-forward this PR once it is approved and all required checks pass

Projects

None yet

Development

Successfully merging this pull request may close these issues.

feat: sync add-to-project into the backlog project (single, shared project across all repos)

2 participants