Scope 1: Harden autonomous guardrails token preflight and auth mapping by svelderrainruiz · Pull Request #50 · LabVIEW-Community-CI-CD/labview-cdev-surface-fork

svelderrainruiz · 2026-02-27T08:44:36Z

Summary

require WORKFLOW_BOT_TOKEN preflight for branch-protection and release-guardrails workflows
remove github.token fallback on those workflows for deterministic auth behavior
classify branch-protection query failures into authentication vs authorization reason codes
add remediation_hints to guardrails self-healing report for deterministic operator actions
update docs and workflow contract tests

Invoke-Pester -Path ./tests -CI (233 passed, 0 failed)
Invoke-Pester -Path ./tests/BranchProtectionDriftWorkflowContract.Tests.ps1,./tests/ReleaseGuardrailsAutoRemediationWorkflowContract.Tests.ps1,./tests/ScopeAOpsRunbookContract.Tests.ps1 -CI

svelderrainruiz added 3 commits February 27, 2026 00:44

Harden autonomous guardrails token and auth reason mapping

bf13b5f

Align governance contract checks with branch-protection baseline

7bfbfc7

Make governance PR-review enforcement opt-in

4973cfa

svelderrainruiz merged commit 87fe73c into main Feb 27, 2026
7 checks passed

svelderrainruiz deleted the feature/scope1-autonomous-guardrails-hardening branch February 27, 2026 08:49