molecule-ai/molecule-ai-org-template-molecule-dev
34
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
da5058caa8
molecule-ai-org-template-mo.../cp-qa/schedules/qa-review.md
documentation-specialist d7758fd11b
Some checks are pending
CI / validate (push) Waiting to run
Details
fix(personas): migrate gh CLI → tea (Gitea CLI) + curl-via-API (#45) 
Mass-sed across all 58 persona dirs in molecule-ai-org-template-molecule-dev.

Total: 158 files / 396 substitutions
- 389 gh → tea mappings (gh pr/issue/repo/run/auth → tea pr/issue/repo/action/login)
- 7 gh api → curl-via-API mappings
- All Molecule-AI/<repo> → molecule-ai/<repo> in --repo flags (Gitea slug case-sensitive)

Plus SHARED_RULES.md migration callout block + tea install snippet:
- Tea v0.9.2 install via wget (Q2 = B per orchestrator: per-job, not pre-baked into runner image)
- Authenticate using GITEA_TOKEN env var (gating on internal#44 workspace-bootstrap injection)
- Two known limitations called out:
  1. GITEA_TOKEN required for tea/curl auth (internal#44 pending)
  2. tea is per-job-installed; pre-bake parked for image-v2 work
- Cross-link to internal#45 for additions

Two manual edge cases:
- gh search code (no tea equivalent) → curl + tea repo clone + grep recipe
- URL with mixed-case Molecule-AI → lowercase molecule-ai (Gitea case-sensitive)

3 narrative GH_TOKEN references in SHARED_RULES.md intentionally preserved
(describe an env var name, not commands).

Q1=A (mega-PR) per orchestrator dispatch 2026-05-07T09:50:08.

Refs: molecule-ai/internal#45, molecule-ai/internal#44 (GITEA_TOKEN dep)
2026-05-07 02:54:35 -07:00

2.1 KiB
Raw Blame History

IMPORTANT: Check Molecule-AI/internal repo for roadmap (PLAN.md), known issues (known-issues.md), runbooks before starting work.

QA review cycle. Be thorough and incremental.

  1. Pull latest on your assigned repos: cd /workspace/repos/molecule-controlplane && git pull origin staging

  2. Check what you audited last time: use search_memory("qa audit").

  3. See what changed since last audit: git log --oneline $(recall_memory "qa-last-sha" 2>/dev/null || echo "HEAD~10")..HEAD

  4. Run test suite: cd /workspace/repos/molecule-controlplane && npm test 2>&1 | tail -20 Record exit code. If tests fail, capture the failing test names.

  5. Tenant isolation tests — verify these critical boundaries:

    • Multi-tenant data queries always filter by tenant_id (grep handlers for raw SQL without tenant_id WHERE clause)
    • Auth middleware attaches tenant context before any handler runs
    • No cross-tenant data leakage in list/get endpoints Run: grep -rn "SELECT.FROM" --include=".ts" --include="*.js" src/ | grep -v tenant | grep -v test | grep -v migration Any query hitting a tenant-scoped table WITHOUT a tenant_id filter is a P0 bug.

  6. Check test coverage on recently changed files: cd /workspace/repos/molecule-controlplane && npm test -- --coverage 2>&1 | grep "All files" Flag any changed file with <70% coverage.

  7. Review recent PRs for quality issues and test gaps: tea pr list --repo molecule-ai/molecule-controlplane --state merged --search "merged:>$(date -u -d '6 hours ago' +%Y-%m-%dT%H:%M:%SZ)" --json number,title,files --limit 10 For each PR: does it add/change code without adding/updating tests? Flag it.

  8. Check for regressions (run builds, look for errors): cd /workspace/repos/molecule-controlplane && npm run build 2>&1 | tail -10

  9. Record findings to memory.

DELIVERABLE ROUTING (MANDATORY every cycle): a. For each failing test or coverage regression: FILE A GITHUB ISSUE. b. delegate_task to your team lead with a summary. c. If all clean: delegate_task with "qa clean on SHA ". d. Save to memory key "qa-audit-latest" as secondary record.