Skip to content

connectedagents-ai/github-governance

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 

Repository files navigation

🏛️ GitHub Chairman — Governance System

Stale Detector Secret Scan License: MIT

Automated governance, security scanning, and hygiene enforcement for the connectedagents-ai GitHub organization.


📋 Overview

The GitHub Chairman Governance System is the central enforcement layer for all repositories under the connectedagents-ai organization. It provides:

  • 🔍 Automated stale repository detection — monthly audits to identify repos that have gone dormant
  • 🔐 Secret scanning — continuous TruffleHog scans on every push and PR to prevent credential leaks
  • 📐 Repo standards enforcement — standardized templates, issue forms, and PR workflows via repo-template
  • 📊 Audit trails — all governance actions are logged via GitHub Actions run history

This repo is part of the GitHub Chairman project — a fully automated multi-agent system for GitHub organization governance.


⚙️ Automated Workflows

Workflow File Trigger Purpose
Stale Repo Detector stale-detector.yml Monthly (1st @ 09:00 UTC) + manual Lists all repos not pushed to in 180+ days. Outputs a formatted report for review.
Secret Scan secret-scan.yml Every push & PR (all branches) Runs TruffleHog to detect verified leaked secrets. Blocks merges if secrets are found.

Workflow Details

🗂️ Stale Repo Detector

  • Schedule: 0 9 1 * * (1st of every month, 09:00 UTC)
  • Manual Trigger: Yes — configurable days_threshold input (default: 180 days)
  • Output: Markdown table of stale repos with last push date, days since push, and visibility
  • Action on stale repos: Report only — no automatic archiving (human review required)

🔐 Secret Scan (TruffleHog)

  • Trigger: push to any branch + pull_request targeting any branch
  • Tool: TruffleHog — scans git history for verified secrets
  • Mode: --only-verified — reduces false positives by only flagging live, active credentials
  • On detection: Workflow fails with remediation instructions; PR merge is blocked

🖐️ Manual Audit

To run a governance audit manually:

Run Stale Detector On-Demand

# Trigger via GitHub CLI
GITHUB_TOKEN="<your-token>" gh workflow run stale-detector.yml \
  --repo connectedagents-ai/github-governance \
  --field days_threshold=180

Check Workflow Run Status

GITHUB_TOKEN="<your-token>" gh run list \
  --repo connectedagents-ai/github-governance \
  --workflow stale-detector.yml \
  --limit 5

View Last Run Logs

GITHUB_TOKEN="<your-token>" gh run view \
  --repo connectedagents-ai/github-governance \
  --log

📐 Repo Template

All new repositories in the connectedagents-ai organization should be created from the repo-template, which includes:

Asset Description
README.md Professional template with badges, sections, and configuration table
.gitignore Comprehensive ignore rules for Python + Node.js + macOS + AI tools
.github/workflows/validate.yml PR validation — README check + Python/Node lint
.github/ISSUE_TEMPLATE/bug_report.md Structured bug report form
.github/ISSUE_TEMPLATE/feature_request.md Structured feature request form
.github/pull_request_template.md PR checklist template

To create a new repo from the template:

GITHUB_TOKEN="<your-token>" gh repo create connectedagents-ai/new-repo-name \
  --template connectedagents-ai/repo-template \
  --private

👤 Maintainer

Field Value
Owner Robert Bailey
Organization Connected Agents AI
Contact rbailey@powerconnection.com
Last Updated 2026-07-04

📄 License

MIT License — see LICENSE for details.


🤖 Automated by GitHub Chairman — Connected Agents AI Governance Platform

About

Chairman governance workflows — stale detection, branch cleanup, secret scanning

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages