Hongming Wang e373fa1a96 docs(ci): document auto-promote-staging GITHUB_TOKEN PR-create prereq ... Add a comment block at the top of auto-promote-staging.yml naming the load-bearing one-time repo setting that the workflow depends on: Settings → Actions → General → Workflow permissions → ✅ Allow GitHub Actions to create and approve pull requests Without this toggle, every workflow_run fails with "GitHub Actions is not permitted to create or approve pull requests (createPullRequest)". Observed 2026-04-29 01:43 UTC blocking the fcd87b9 promotion (PRs #2248 + #2249); manually bridged via PR #2252. The setting is invisible to anyone reading the workflow file, but the workflow cannot do its job without it. Documenting here so the next time it gets toggled off (org admin change, repo migration, audit cleanup) the failure mode points at the cause rather than another round of "why is auto-promote broken." Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>		2026-04-28 18:49:07 -07:00
..
scripts	feat(ci): SECRET_PATTERNS drift lint across known consumers	2026-04-28 15:29:09 -07:00
workflows	docs(ci): document auto-promote-staging GITHUB_TOKEN PR-create prereq	2026-04-28 18:49:07 -07:00
CODEOWNERS	chore: add CODEOWNERS to auto-route agent PRs to personal review account	2026-04-26 13:40:13 -07:00