feat: PII protection guidance, Workshop Operations org pattern, and CI/mirror improvements#4
Open
devin-ai-integration[bot] wants to merge 4 commits into
Open
Conversation
…e CI check - Expand pr-pii-check.yml to trigger on PR edited events and issue_comment events (covers regular PR thread comments, not just review comments) - Add scripts/create-pii-scrub-schedule.sh for setting up a recurring Devin session to run sanitize-pr-pii.sh weekly via the Devin v3 API - Document commit authorship configuration via Knowledge notes (§1.6) - Document scheduled PII scrubbing setup (§1.7) - Add PII Protection Summary section tying all layers together
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
- Frame pr-pii-check.yml as a reference implementation, optionally deployed during mirroring via --deploy-pii-check flag on mirror-github-org.sh - Remove create-pii-scrub-schedule.sh wrapper; document using the v3 Schedules API and MCP directly instead - Add Workshop Operations Devin Org section documenting the long-lived ops org pattern with enterprise service user secret, recurring schedules, and one-time event lifecycle automation (ACU zeroing via MCP) - Update architecture diagram to include Workshop Operations org - Rework PII Protection Summary to reference the new approach
devin-ai-integration
Bot
changed the title
Adds Step 4 to provision-workshop.sh that dispatches a single Devin session in the newly created org to auto-create environment YAML config blueprints for all repos. This indexes the repos so Devin sessions boot faster. - New --skip-env-setup flag to skip this step if repos are already indexed - Session prompt instructs Devin to read setup docs and create blueprints with initialize/maintenance/knowledge sections for each repo - Updated README to document the new step and flag
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Enhances the operator repo with comprehensive PII/author scrubbing guidance, Workshop Operations org documentation, and automated environment blueprint creation during provisioning.
Key changes:
Commit authorship Knowledge note guidance (§1.6) — Documents how to configure Devin to always commit as
devin-ai-integration[bot]so requesting user identity never leaks into git history.CI PII check as reference implementation —
pr-pii-check.ymlis opt-in via--deploy-pii-checkflag onmirror-github-org.sh. Triggers onopened,synchronize,edited, andissue_commentevents.Workshop Operations Devin Org pattern (§2) — Documents the long-lived ops org with enterprise service user key, recurring PII scrub schedules via v3 API, and one-time ACU zeroing via MCP.
Environment blueprint auto-creation (Step 4 in provisioning) —
provision-workshop.shnow dispatches a single Devin session in the newly created org to auto-create environment YAML config blueprints for all repos. This indexes repos so subsequent sessions boot faster. Skippable via--skip-env-setup.Updated architecture — Diagram and docs reflect the Workshop Operations org as the central control plane alongside Source/Mirror/Workshop orgs.
Review & Testing Checklist for Human
bash -n scripts/provision-workshop.shto verify syntax (already passes)--skip-env-setupflag correctly skips Step 4 when running against a real orgNotes
The env blueprint session prompt instructs Devin to read each repo's README/setup docs and create blueprints with initialize, maintenance, and knowledge sections. It follows the same
create_sessionpattern used by the existing per-repo setup sessions in Step 5.Link to Devin session: https://partner-workshops.devinenterprise.com/sessions/9aa814bde24049e3b8550d6842c31100
Requested by: @bsmitches