# Ticket Summary — ADO #727547 ## Description Migrate the `tftsr-devops_investigation` repository from `gogs.tftsr.com/sarman/tftsr-devops_investigation` to `github.com/msicie/apollo_nxt-trcaa`. All CI/CD pipelines, container registries, and PR review tooling must be rebuilt from scratch targeting GitHub. The self-hosted qwen3-coder-next LLM reviewer is replaced by native GitHub Copilot code review. Branch protection on `main` must require passing CI checks and allow owner/CODEOWNERS to bypass. ## Acceptance Criteria - [x] Repository exists at `github.com/msicie/apollo_nxt-trcaa` with `main` as the default branch - [x] `.github/workflows/test.yml` runs Rust and frontend tests on every push/PR targeting `main` - [x] `.github/workflows/release.yml` auto-tags, builds for Linux amd64+arm64, Windows amd64, macOS ARM64+Intel, and uploads artifacts to GitHub Releases - [x] `.github/workflows/build-images.yml` builds and pushes pre-baked CI images to `ghcr.io/msicie/` - [x] All Gogs/Gitea pipeline references (`.gitea/workflows/`, `172.0.0.29:3000`, `RELEASE_TOKEN`) removed - [x] PR review uses native GitHub Copilot (no external LLM service required) - [x] `.github/CODEOWNERS` requires `@Shaun-Arman-VFK387_moto` and `@github-copilot` on all PRs - [x] `main` branch protection: requires `rust-test`, `frontend-test`, CODEOWNER review; admins can bypass - [x] Wiki sync targets `github.com/msicie/apollo_nxt-trcaa/wiki` - [ ] One-time: trigger `build-images.yml` to bootstrap `ghcr.io/msicie/` images - [ ] One-time: enable Copilot Code Review in `msicie` org settings ## Work Implemented | File | Change | |---|---| | `.github/workflows/test.yml` | Full rewrite — port from `.gitea/workflows/test.yml` (Gitea); jobs renamed to `rust-test` + `frontend-test` to match branch protection check names; uses `ghcr.io/msicie/trcaa-linux-amd64:rust1.88-node22` | | `.github/workflows/release.yml` | Full rewrite — port from `.gitea/workflows/auto-tag.yml`; GITHUB_TOKEN replaces RELEASE_TOKEN; all Gogs API calls replaced with `gh` CLI; adds `build-macos-intel` job (`macos-13`); `master` refs → `main` | | `.github/workflows/build-images.yml` | Rewrite — login to `ghcr.io` with GITHUB_TOKEN; push images to `ghcr.io/msicie/trcaa-*` | | `.github/workflows/pr-review.yml` | **Deleted** — replaced by native GitHub Copilot | | `.gitea/workflows/` | **Deleted** entire directory | | `.github/CODEOWNERS` | **Created** — `@Shaun-Arman-VFK387_moto @github-copilot` on all paths | | `Makefile` | Replace `GOGS_API`/`GOGS_REPO`/`GOGS_TOKEN` with `GH_REPO`/`GH_TOKEN` and `gh release upload` | | `CLAUDE.md` | Update wiki URL, CI/CD section, branch references (`master` → `main`) | **Branch protection on `main`:** - Require PRs before merging - Require 1 approving review - Require CODEOWNER review (`require_code_owner_reviews: true`) - Required status checks: `rust-test`, `frontend-test` - `enforce_admins: false` — owner and admins can bypass **PR:** https://github.com/msicie/apollo_nxt-trcaa/pull/1 ## Testing Needed 1. **Bootstrap Docker images** (one-time): Go to Actions → Build CI Docker Images → Run workflow. Verify all three images appear at `ghcr.io/msicie/`. 2. **Enable Copilot Code Review** (one-time manual): `msicie` org Settings → Copilot → Code Review → Enable. 3. **Test pipeline**: Verify `rust-test` and `frontend-test` checks appear and pass on PR #1. 4. **Copilot review**: After enabling, open a new PR and confirm `@github-copilot` is auto-requested. 5. **Branch protection enforcement**: Attempt to merge a PR with a failing check — confirm it is blocked. 6. **Owner bypass**: Confirm `@Shaun-Arman-VFK387_moto` can override protection and merge. 7. **Release pipeline**: Push a `v*` tag (e.g. `v0.3.10`) and confirm all 5 platform jobs complete and artifacts appear in GitHub Releases. 8. **Wiki sync**: Confirm release workflow wiki-sync job pushes content to `github.com/msicie/apollo_nxt-trcaa/wiki`.