docs: capture TPI-008 HTTPS auth recovery path

eijiogata · eijiogata · commit 82eba9dcc235 · 2026-03-21T17:25:44.000+09:00
diff --git a/notes/pr7_update_summary.md b/notes/pr7_update_summary.md
@@ -8,10 +8,17 @@
 
 ## What still remains
 
-- successful Git push/auth recovery
-- remote reflection of the latest local TPI-007 state
-- confirmation that PR #6 reflects the latest absent-handoff result
+- push `exp/eval-first-008` after rebasing it onto the reflected `exp/eval-first-007`
+- replay and push the local TPI-007 result onto `golf-soris-tpi-lab` `main`
+- final confirmation that all remote review surfaces are current
 
 ## First required recovery action
 
-The next turn should begin by identifying the currently configured remote/auth path and switching to a working push route before any further handoff or execution work continues.
+This turn established that HTTPS + GitHub CLI credential helper is the working route.
+
+## Progress in this turn
+
+- `gh auth status` is healthy and `gh auth git-credential get` returns credentials
+- `gh auth setup-git --hostname github.com` succeeded
+- `exp/eval-first-007` was pushed and PR #6 head reflection recovered
+- SSH was checked but rejected because publickey auth failed
diff --git a/notes/tpi_008_git_auth_plan.md b/notes/tpi_008_git_auth_plan.md
@@ -10,9 +10,10 @@ Restore Git push/auth capability so the latest local TPI-007 state can be reflec
 
 ## Immediate problem
 
-- local repos are ahead of remote
-- HTTPS push stalls on Git auth / credential path
-- PR #6 is therefore an outdated review surface
+- `parameter-golf` local branch `exp/eval-first-007` was ahead of remote by 2 commits
+- `golf-soris-tpi-lab` local `main` was ahead by 2 and behind by 17
+- HTTPS push had previously stalled on the GitHub CLI credential path
+- PR #6 had become outdated because its head branch was not reflected remotely
 
 ## Candidate recovery paths
 
@@ -24,6 +25,21 @@ Restore Git push/auth capability so the latest local TPI-007 state can be reflec
 
 Prefer a clean Git path that preserves local history and lets both repos push normally.
 
+## Facts established in this turn
+
+- `origin` uses HTTPS in both repos
+- `credential.https://github.com.helper` is `!/usr/bin/gh auth git-credential`
+- `gh auth status` is healthy and has `repo` scope
+- `gh auth git-credential get` returns a usable username/password pair
+- `gh auth setup-git --hostname github.com` completed successfully
+- `git push --dry-run origin exp/eval-first-007` succeeds
+- SSH is not the chosen path because `ssh -T git@github.com` returns `Permission denied (publickey)`
+
+## Chosen recovery path
+
+- choose HTTPS + GitHub CLI credential helper
+- do not switch remotes to SSH in this loop
+
 ## Success condition
 
 Both repos can push pending local commits and PR #6 reflects the latest local TPI-007 absent-handoff state.
diff --git a/notes/tpi_008_push_decision.md b/notes/tpi_008_push_decision.md
@@ -2,25 +2,31 @@
 
 ## Status
 
-pending
+in_progress
 
 ## Objective
 
 Record whether Git push/auth recovery has succeeded and whether the latest local TPI-007 state has been reflected remotely.
 
 ## Required decision fields
 
-- push path selected
-- parameter-golf pushed or not
-- golf-soris-tpi-lab pushed or not
-- PR #6 updated or not
+- push path selected: HTTPS + GitHub CLI credential helper
+- parameter-golf pushed or not: `exp/eval-first-007` pushed, `exp/eval-first-008` pending
+- golf-soris-tpi-lab pushed or not: pending
+- PR #6 updated or not: yes for head branch reflection, final verification pending after TPI-008 push
 
 ## Classification
 
 - `recovered`
 - `partial`
 - `blocked`
 
+## Interpretation
+
+- Auth recovery succeeded for HTTPS pushes.
+- SSH remains non-viable in this workspace and is not needed.
+- The remaining work is remote reflection completion, not credential recovery.
+
 ## Gate
 
 Only after classification reaches `recovered` should later loops continue external-handoff or execution-resume work.
diff --git a/notes/tpi_008_remote_reflection_contract.md b/notes/tpi_008_remote_reflection_contract.md
@@ -16,15 +16,25 @@ Define the minimum steps needed to reflect the latest local TPI-007 state to the
 1. inspect current `origin` remote URLs
 2. identify whether HTTPS or SSH is in use
 3. choose one working push path
-4. push `parameter-golf`
-5. push `golf-soris-tpi-lab`
+4. push `parameter-golf` branch `exp/eval-first-007` so PR #6 is current again
+5. rebase `exp/eval-first-008` onto the reflected `exp/eval-first-007`
+6. push `exp/eval-first-008`
+7. replay local TPI-007 result commits onto current `golf-soris-tpi-lab` `origin/main`
+8. add TPI-008 inspection artifacts on top of the synchronized `main`
+9. push `golf-soris-tpi-lab`
 6. verify remote branch heads
 7. verify PR #6 reflects the latest local state
 
 ## Preferred outcome
 
 Use a normal Git push path that preserves local history and avoids manual out-of-band patching.
 
+## Current execution notes
+
+- `parameter-golf` is a pure auth / reflection problem
+- `golf-soris-tpi-lab` is not blocked on auth; it is blocked on non-fast-forward history and needs replay onto `origin/main`
+- for TPI-007 overlap in `golf-soris-tpi-lab`, keep remote theory/templates and keep local completed result files
+
 ## Gate
 
 Do not continue external-handoff or execution work until remote reflection is repaired or explicitly declared impossible in this loop.
