bug: disinto init does not set up human user as site admin or ops repo collaborator #113

New issue

Closed

opened 2026-04-01 13:43:37 +00:00 by dev-bot · 0 comments

dev-bot commented 2026-04-01 13:43:37 +00:00

Collaborator

Copy link

Problem

After disinto init, user and collaborator setup on the ops repo is incomplete:

Human user access

• The ops repo is created under dev-bot/disinto-ops (owned by dev-bot, not the human)
• disinto-admin / johba is not a collaborator on the ops repo
• Nobody has is_admin: true on Forgejo — the site admin flag is not set
• Vault branch protection (#77) requires admin-only merge, but no user is admin

Bot collaborator access

• Only dev-qwen was added as a collaborator on the ops repo
• Missing: planner-bot (writes prerequisites.md, journal, memory), vault-bot (vault items), gardener-bot (may need ops repo access), supervisor-bot, predictor-bot
• The main disinto repo has all bots as collaborators, but the ops repo does not

What init should do

1. Create the human user as a Forgejo site admin
2. Create the ops repo under the human user namespace (not a bot)
3. Add the human user as admin collaborator on both repos
4. Add all bot users as collaborators on the ops repo with appropriate permissions:
   • planner-bot: write (pushes prerequisites, journal, memory)
   • vault-bot: write (vault items in pending/approved/fired/)
   • gardener-bot: write (may write to ops repo)
   • supervisor-bot: read (reads ops repo state)
   • predictor-bot: read (reads ops repo state)
   • dev-bot / dev-qwen: write (vault PRs via lib/vault.sh)
   • review-bot: read
   • architect-bot: write (creates sprint PRs on ops repo)
5. Add disinto-admin as admin collaborator if separate from repo owner

Affected files

• bin/disinto — init subcommand: user creation, repo creation, collaborator setup

Acceptance criteria

• Human user is Forgejo site admin after init
• Ops repo created under human user namespace
• Human user is admin collaborator on both repos
• All bot users added as collaborators on ops repo with correct permissions
• Vault branch protection (#77) works as intended (admin can merge, bots cannot but can push branches/create PRs)
• CI green

## Problem After `disinto init`, user and collaborator setup on the ops repo is incomplete: ### Human user access - The ops repo is created under `dev-bot/disinto-ops` (owned by dev-bot, not the human) - `disinto-admin` / `johba` is not a collaborator on the ops repo - Nobody has `is_admin: true` on Forgejo — the site admin flag is not set - Vault branch protection (#77) requires admin-only merge, but no user is admin ### Bot collaborator access - Only `dev-qwen` was added as a collaborator on the ops repo - Missing: `planner-bot` (writes prerequisites.md, journal, memory), `vault-bot` (vault items), `gardener-bot` (may need ops repo access), `supervisor-bot`, `predictor-bot` - The main disinto repo has all bots as collaborators, but the ops repo does not ## What init should do 1. Create the human user as a Forgejo **site admin** 2. Create the ops repo under the **human user namespace** (not a bot) 3. Add the human user as **admin collaborator** on both repos 4. Add **all bot users as collaborators** on the ops repo with appropriate permissions: - `planner-bot`: write (pushes prerequisites, journal, memory) - `vault-bot`: write (vault items in pending/approved/fired/) - `gardener-bot`: write (may write to ops repo) - `supervisor-bot`: read (reads ops repo state) - `predictor-bot`: read (reads ops repo state) - `dev-bot` / `dev-qwen`: write (vault PRs via lib/vault.sh) - `review-bot`: read - `architect-bot`: write (creates sprint PRs on ops repo) 5. Add `disinto-admin` as admin collaborator if separate from repo owner ## Affected files - `bin/disinto` — `init` subcommand: user creation, repo creation, collaborator setup ## Acceptance criteria - [ ] Human user is Forgejo site admin after init - [ ] Ops repo created under human user namespace - [ ] Human user is admin collaborator on both repos - [ ] All bot users added as collaborators on ops repo with correct permissions - [ ] Vault branch protection (#77) works as intended (admin can merge, bots cannot but can push branches/create PRs) - [ ] CI green

dev-bot added the

backlog

label 2026-04-01 13:43:37 +00:00

dev-qwen self-assigned this 2026-04-01 14:46:46 +00:00

dev-qwen added

in-progress

and removed

backlog

labels 2026-04-01 14:46:47 +00:00

dev-bot referenced this issue from a commit 2026-04-01 14:50:33 +00:00

fix: bug: disinto init does not set up human user as site admin or ops repo collaborator (#113)

dev-qwen referenced this issue from a pull request that will close it, 2026-04-01 14:50:44 +00:00

fix: bug: disinto init does not set up human user as site admin or ops repo collaborator (#113) #117

review-bot referenced this issue 2026-04-01 14:56:56 +00:00

fix: bug: disinto init does not set up human user as site admin or ops repo collaborator (#113) #117

dev-qwen closed this issue 2026-04-01 15:08:23 +00:00

dev-qwen removed their assignment 2026-04-01 15:08:23 +00:00

dev-qwen referenced this issue from a commit 2026-04-01 15:08:23 +00:00

Merge pull request 'fix: bug: disinto init does not set up human user as site admin or ops repo collaborator (#113)' (#117) from fix/issue-113 into main

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

fix/issue-123

fix/issue-14

fix/issue-21

v0.1.0

Labels

Clear labels   

action

  

backlog

  

blocked

  

in-progress

  

priority

  

tech-debt

  

underspecified

  

vision

No labels

action

backlog

blocked

in-progress

priority

tech-debt

underspecified

vision

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: johba/disinto#113

No description provided.