governance: normalize ECP 0063-0078 and add ECP-0079
This commit is contained in:
every.channel
parent
5a28a24294
commit
fe03ec8f1a
17 changed files with 185 additions and 8 deletions
|
|
@ -0,0 +1,45 @@
|
|||
# ECP-0079: Governance Hygiene, CI Quality Gates, and Main-Branch Protection
|
||||
|
||||
Status: Implemented
|
||||
|
||||
## Context
|
||||
|
||||
Recent delivery velocity improved product behavior, but governance and quality signals drifted:
|
||||
|
||||
- active ECPs were not consistently marked with explicit status and alternatives;
|
||||
- pull requests lacked a single, explicit CI gate for core tests plus web build;
|
||||
- deploy could proceed without an explicit prerequisite check job;
|
||||
- branch protection settings were not codified as an operator runbook artifact.
|
||||
|
||||
This conflicts with the constitutional requirement that non-trivial changes remain reviewable and merge through pull requests.
|
||||
|
||||
## Decision
|
||||
|
||||
1. Normalize governance records for the active proposal window (`ECP-0063` through `ECP-0078`):
|
||||
- mark implemented decisions as `Status: Implemented`,
|
||||
- add explicit `Alternatives considered` sections,
|
||||
- ensure rollout/teardown intent is present.
|
||||
2. Add `scripts/ecp-lint.sh` and run it in CI to enforce required ECP sections for active proposals.
|
||||
3. Add a `ci-gates` workflow for pull requests that runs:
|
||||
- ECP lint,
|
||||
- core Rust test subset,
|
||||
- `apps/web` production build.
|
||||
4. Update deploy workflow to include a dedicated `checks` job and make deploy depend on that job.
|
||||
5. Correct Cloudflare deploy docs so manual commands and secret prerequisites match current implementation.
|
||||
6. Add a branch-protection enforcement script and runbook so `main` can be locked to PR merges with required checks.
|
||||
|
||||
## Alternatives considered
|
||||
|
||||
- Keep governance cleanup manual and ad hoc. Rejected because drift reappears quickly under fast iteration.
|
||||
- Gate only deploy, not pull requests. Rejected because review-time feedback is required before merge.
|
||||
- Rely on UI-only branch protection configuration with no repo script/runbook. Rejected because settings become opaque and harder to audit.
|
||||
|
||||
## Rollout / teardown plan
|
||||
|
||||
- Rollout:
|
||||
- land ECP updates + lint script + CI workflows + docs + branch-protection tooling together;
|
||||
- apply branch protection using the new script;
|
||||
- set required check context to `ci-gates / checks`.
|
||||
- Teardown:
|
||||
- remove `ci-gates` workflow and lint script if governance process is superseded;
|
||||
- relax branch protection via API/script and adjust constitutional process in a superseding ECP.
|
||||
Loading…
Add table
Add a link
Reference in a new issue