Sweep companion to PR#372 + PR#378 (Cat A). These six .github/workflows
files depend on GitHub-specific surface that Gitea does not provide:
- auto-tag-runtime.yml — superseded by .gitea/publish-runtime-autobump.yml
for patch bumps. Release:minor/major label-driven bumps are lost;
follow-up issue suggested if anyone uses them.
- branch-protection-drift.yml — drift_check.sh + apply.sh target
Molecule-AI/molecule-core via `gh api` against GitHub's
branch-protection schema. Gitea's schema differs; rebuilding is
out of scope. Follow-up issue needed.
- check-merge-group-trigger.yml — file's own header documents this is
a structural no-op on Gitea (no merge queue, no `merge_group:`
event type, no gh-readonly-queue refs).
- codeql.yml — file's own header documents CodeQL Action incompatibility
(github/codeql-action hits api.github.com bundle endpoints not
implemented by Gitea). Per Hongming decision 2026-05-07 task #156
CodeQL is non-blocking until Gitea-compatible SAST lands.
- pr-guards.yml — file's own header documents that Gitea has no
`gh pr merge --auto` primitive; guard is a no-op. Branch protection
on main doesn't require the pr-guards check name.
- promote-latest.yml — uses imjasonh/setup-crane against ghcr.io,
which was retired during the 2026-05-06 migration in favor of ECR
(per canary-verify.yml header notes). Workflow has nothing left to
retag.
Also adds runbooks/gitea-actions-migration-checklist.md documenting:
- Four-surface audit pattern (feedback_gitea_actions_migration_audit_pattern)
- Category A/B/C/D file lists with rationale
- Verification steps after all sweep PRs land
- Cross-link to follow-up issues (label-driven bumps,
Gitea-compatible drift detection, ECR-based promote)
Branch protection check: required status checks on main are only
`Secret scan / Scan diff for credential-shaped strings (pull_request)`
and `sop-tier-check / tier-check (pull_request)`. No deleted file's
job name appears in required_status_checks.
DO NOT MERGE without orchestrator-dispatched Five-Axis review +
@hongmingwang chat-go.
Cross-links:
- RFC: molecule-ai/internal#219
- Companion: PR#372 (ci.yml port), PR#378 (Cat A mirrored deletions)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
f0745619d2