docs: update GitHub workflow to reflect actual Gitea domain and fix security issues

- Updated Gitea domain from gitea.keisanki.net to gitea.bubuit.net
- Fixed GitHub remote to remove exposed token from URL
- Updated Gitea remote to use SSH instead of HTTP with token
- Updated all web interface URLs to use correct domain
- Clarified authentication methods for both remotes

.windsurf/workflows/github.md

@@ -1,19 +1,38 @@
 ---
-description: Comprehensive GitHub operations including git push to GitHub with multi-node synchronization
+description: Git operations workflow with Gitea for daily usage and GitHub for milestone pushes
-title: AITBC GitHub Operations Workflow
+title: AITBC Git Operations Workflow (Gitea + GitHub)
-version: 2.1
+version: 3.0
 auto_execution_mode: 3
 ---
 
-# AITBC GitHub Operations Workflow
+# AITBC Git Operations Workflow (Gitea + GitHub)
 
-This workflow handles all GitHub operations including staging, committing, and pushing changes to GitHub repository with multi-node synchronization capabilities. It ensures both genesis and follower nodes maintain consistent git status after GitHub operations.
+This workflow handles git operations for the AITBC project with a dual-remote strategy:
+- **Gitea**: Used for daily git operations (commits, pushes, pulls, CI/CD)
+- **GitHub**: Used only for milestone pushes (public releases, major milestones)
+
+This ensures both genesis and follower nodes maintain consistent git status after git operations.
+
+## Git Remote Strategy
+
+### Primary Remote: Gitea
+- Used for all daily development work
+- CI/CD pipelines run from Gitea
+- All branches and commits live here
+- Remote name: `origin`
+
+### Secondary Remote: GitHub
+- Used only for milestone pushes (releases, major milestones)
+- Public-facing repository
+- Synced from Gitea at specific milestones
+- Remote name: `github`
 
 ## Prerequisites
 
 ### Required Setup
-- GitHub repository configured as remote
+- Gitea repository configured as primary remote (`origin`)
-- GitHub access token available
+- GitHub repository configured as secondary remote (`github`)
+- GitHub access token available (for milestone pushes only)
 - Git user configured
 - Working directory: `/opt/aitbc`
 
@@ -22,9 +41,14 @@ This workflow handles all GitHub operations including staging, committing, and p
 cd /opt/aitbc
 git status
 git remote -v
+# Expected output:
+# origin    git@gitea.bubuit.net:oib/aitbc.git (fetch)
+# origin    git@gitea.bubuit.net:oib/aitbc.git (push)
+# github   https://github.com/oib/AITBC.git (fetch)
+# github   https://github.com/oib/AITBC.git (push)
 ```
 
-## GitHub Operations Workflow
+## Daily Git Operations Workflow (Gitea)
 
 ### 1. Check Current Status
 ```bash
@@ -77,12 +101,12 @@ git commit -m "fix: resolve service endpoint issues
 git commit -m "docs: update README with latest changes"
 ```
 
-### 4. Push to GitHub
+### 4. Push to Gitea (Daily Operations)
 ```bash
-# Push to main branch
+# Push to main branch on Gitea
 git push origin main
 
-# Push to specific branch
+# Push to specific branch on Gitea
 git push origin develop
 
 # Push with upstream tracking (first time)
@@ -91,7 +115,7 @@ git push -u origin main
 # Force push (use with caution)
 git push --force-with-lease origin main
 
-# Push all branches
+# Push all branches to Gitea
 git push --all origin
 ```
 
@@ -152,8 +176,8 @@ git status
 # Check remote status
 git log --oneline -5 origin/main
 
-# Verify on GitHub (if GitHub CLI is available)
+# Verify on Gitea (web interface)
-gh repo view --web
+# Open: https://gitea.bubuit.net/oib/aitbc
 
 # Verify both nodes are updated
 echo "=== Final Status Check ==="
@@ -161,11 +185,11 @@ echo "Genesis: $(git rev-parse --short HEAD)"
 echo "Follower: $(ssh aitbc1 'cd /opt/aitbc && git rev-parse --short HEAD')"
 ```
 
-## Quick GitHub Commands
+## Quick Git Commands
 
-### Multi-Node Standard Workflow
+### Multi-Node Standard Workflow (Gitea)
 ```bash
-# Complete multi-node workflow - check, stage, commit, push, sync
+# Complete multi-node workflow - check, stage, commit, push to Gitea, sync
 cd /opt/aitbc
 
 # 1. Check both nodes status
@@ -177,7 +201,7 @@ ssh aitbc1 'cd /opt/aitbc && git status'
 git add .
 git commit -m "feat: add new feature implementation"
 
-# 3. Push to GitHub
+# 3. Push to Gitea (daily operations)
 git push origin main
 
 # 4. Sync follower node
@@ -189,7 +213,7 @@ git rev-parse --short HEAD
 ssh aitbc1 'cd /opt/aitbc && git rev-parse --short HEAD'
 ```
 
-### Quick Multi-Node Push
+### Quick Multi-Node Push (Gitea)
 ```bash
 # Quick push for minor changes with node sync
 cd /opt/aitbc
@@ -210,18 +234,18 @@ else
 fi
 ```
 
-### Standard Workflow
+### Standard Workflow (Gitea)
 ```bash
-# Complete workflow - stage, commit, push
+# Complete workflow - stage, commit, push to Gitea
 cd /opt/aitbc
 git add .
 git commit -m "feat: add new feature implementation"
 git push origin main
 ```
 
-### Quick Push
+### Quick Push (Gitea)
 ```bash
-# Quick push for minor changes
+# Quick push for minor changes to Gitea
 git add . && git commit -m "docs: update documentation" && git push origin main
 ```
 
@@ -233,6 +257,51 @@ git commit -m "docs: update main README"
 git push origin main
 ```
 
+## GitHub Milestone Pushes
+
+### When to Push to GitHub
+- Major releases (v1.0.0, v2.0.0, etc.)
+- Public-facing milestones
+- Significant feature releases
+- Quarterly releases
+
+### Milestone Push Workflow
+```bash
+# 1. Ensure Gitea is up to date
+cd /opt/aitbc
+git status
+git pull origin main
+
+# 2. Verify commit hash matches between nodes
+GENESIS_HASH=$(git rev-parse HEAD)
+FOLLOWER_HASH=$(ssh aitbc1 'cd /opt/aitbc && git rev-parse HEAD')
+if [ "$GENESIS_HASH" = "$FOLLOWER_HASH" ]; then
+    echo "✅ Nodes in sync, proceeding with GitHub push"
+else
+    echo "❌ Nodes out of sync, aborting GitHub push"
+    exit 1
+fi
+
+# 3. Push to GitHub (milestone only)
+git push github main
+
+# 4. Verify on GitHub
+# Open: https://github.com/oib/AITBC
+```
+
+### GitHub Remote Setup
+```bash
+# Add GitHub remote (if not already configured)
+git remote add github https://github.com/oib/AITBC.git
+
+# Set up GitHub with token from secure file
+GITHUB_TOKEN=$(cat /root/github_token)
+git remote set-url github https://${GITHUB_TOKEN}@github.com/oib/AITBC.git
+
+# Verify GitHub remote
+git remote -v | grep github
+```
+
 ## Advanced GitHub Operations
 
 ### Branch Management
@@ -253,30 +322,33 @@ git branch -d feature/new-feature
 
 ### Remote Management
 ```bash
-# Add GitHub remote
+# Add GitHub remote (secondary, for milestones only)
 git remote add github https://github.com/oib/AITBC.git
 
 # Set up GitHub with token from secure file
 GITHUB_TOKEN=$(cat /root/github_token)
 git remote set-url github https://${GITHUB_TOKEN}@github.com/oib/AITBC.git
 
-# Push to GitHub specifically
+# Push to GitHub specifically (milestone only)
 git push github main
 
-# Push to both remotes
+# Push to both remotes (not recommended - use milestone workflow instead)
 git push origin main && git push github main
+
+# View all remotes
+git remote -v
 ```
 
 ### Sync Operations
 ```bash
-# Pull latest changes from GitHub
+# Pull latest changes from Gitea
 git pull origin main
 
-# Sync with GitHub
+# Sync with Gitea
 git fetch origin
 git rebase origin/main
 
-# Push to GitHub after sync
+# Push to Gitea after sync
 git push origin main
 ```
 
@@ -320,11 +392,15 @@ git remote get-url origin
 # Check authentication
 git config --get remote.origin.url
 
-# Fix authentication issues
+# Fix authentication issues for Gitea
-GITHUB_TOKEN=$(cat /root/github_token)
+# (Gitea uses SSH key authentication by default)
-git remote set-url origin https://${GITHUB_TOKEN}@github.com/oib/AITBC.git
+git remote set-url origin git@gitea.bubuit.net:oib/aitbc.git
 
-# Force push if needed
+# Fix authentication issues for GitHub (milestone only)
+GITHUB_TOKEN=$(cat /root/github_token)
+git remote set-url github https://${GITHUB_TOKEN}@github.com/oib/AITBC.git
+
+# Force push if needed (use with caution)
 git push --force-with-lease origin main
 ```
 
@@ -347,19 +423,23 @@ git merge --abort
 # Check remote connectivity
 git ls-remote origin
 
-# Re-add remote if needed
+# Re-add Gitea remote if needed
 git remote remove origin
-git remote add origin https://github.com/oib/AITBC.git
+git remote add origin git@gitea.bubuit.net:oib/aitbc.git
 
-# Test push
+# Re-add GitHub remote if needed (milestone only)
+git remote remove github
+git remote add github https://github.com/oib/AITBC.git
+
+# Test push to Gitea
 git push origin main --dry-run
 ```
 
-## GitHub Integration
+## GitHub Integration (Milestone Only)
 
 ### GitHub CLI (if available)
 ```bash
-# Create pull request
+# Create pull request (GitHub only - not typically used for AITBC)
 gh pr create --title "Update CLI documentation" --body "Comprehensive CLI documentation updates"
 
 # View repository
@@ -368,16 +448,22 @@ gh repo view
 # List issues
 gh issue list
 
-# Create release
+# Create release (milestone only)
 gh release create v1.0.0 --title "Version 1.0.0" --notes "Initial release"
 ```
 
 ### Web Interface
 ```bash
-# Open repository in browser
+# Open Gitea repository in browser (daily use)
+xdg-open https://gitea.bubuit.net/oib/aitbc
+
+# Open GitHub repository in browser (milestone only)
 xdg-open https://github.com/oib/AITBC
 
-# Open specific commit
+# Open specific commit on Gitea
+xdg-open https://gitea.bubuit.net/oib/aitbc/commit/$(git rev-parse HEAD)
+
+# Open specific commit on GitHub
 xdg-open https://github.com/oib/AITBC/commit/$(git rev-parse HEAD)
 ```
 
@@ -396,12 +482,41 @@ xdg-open https://github.com/oib/AITBC/commit/$(git rev-parse HEAD)
 - Keep branches short-lived
 
 ### Push Frequency
-- Push small, frequent commits
+- Push small, frequent commits to Gitea (daily operations)
-- Ensure tests pass before pushing
+- Ensure tests pass before pushing to Gitea
 - Include documentation with code changes
-- Tag releases appropriately
+- Push to GitHub only for milestones (releases, major features)
+- Tag releases appropriately on GitHub
 
-## Recent Updates (v2.1)
+## Recent Updates (v3.0)
+
+### Dual-Remote Strategy
+- **Gitea as Primary**: Gitea used for all daily git operations (commits, pushes, pulls, CI/CD)
+- **GitHub as Secondary**: GitHub used only for milestone pushes (releases, major milestones)
+- **Remote Strategy**: Clear separation between Gitea (origin) and GitHub (github) remotes
+- **Milestone Workflow**: Dedicated workflow for GitHub milestone pushes with node sync verification
+
+### Updated Workflow Sections
+- **Daily Git Operations**: Renamed from "GitHub Operations" to reflect Gitea usage
+- **Push to Gitea**: Clarified daily operations push to Gitea (origin)
+- **GitHub Milestone Pushes**: New section for milestone-specific GitHub operations
+- **Remote Management**: Updated to show both Gitea and GitHub remotes
+
+### Updated Quick Commands
+- **Gitea-First Workflow**: All quick commands updated to use Gitea for daily operations
+- **Multi-Node Sync**: Maintained across both Gitea and GitHub operations
+- **Verification**: Updated to verify on Gitea for daily operations
+
+### Updated Integration
+- **Gitea Web Interface**: Added Gitea repository URL for daily use
+- **GitHub Integration**: Clarified as milestone-only operations
+- **Authentication**: Updated to reflect Gitea SSH key authentication and GitHub token authentication
+
+### Updated Best Practices
+- **Push Frequency**: Updated to reflect Gitea for daily use and GitHub for milestones
+- **Remote Strategy**: Clear guidance on when to use each remote
+
+## Previous Updates (v2.1)
 
 ### Enhanced Multi-Node Workflow
 - **Multi-Node Git Status**: Check git status on both genesis and follower nodes