Partner integration cli update

.github/BRANCH_PROTECTION_CHECKLIST.md

@@ -0,0 +1,67 @@
+# Branch Protection Quick Setup Checklist
+
+Use this checklist when configuring branch protection for the first time.
+
+## ✅ Pre-Setup (Already Complete)
+
+- [x] CODEOWNERS file created (`.github/CODEOWNERS`)
+- [x] CI/CD workflows configured (`ci.yml`, `security.yml`)
+- [x] Documentation available (`doc/BRANCH_PROTECTION.md`)
+
+## 🔧 GitHub Settings Configuration
+
+Navigate to: **Repository Settings → Branches → Add rule**
+
+### Branch Pattern
+- [ ] Branch name pattern: `main`
+
+### Pull Request Requirements
+- [ ] ✅ Require a pull request before merging
+  - [ ] Required approvals: **1** (minimum)
+  - [ ] ✅ Dismiss stale pull request approvals when new commits are pushed
+  - [ ] ✅ Require review from Code Owners (recommended)
+
+### Status Check Requirements
+- [ ] ✅ Require status checks to pass before merging
+  - [ ] Search and add: `build-and-test`
+  - [ ] Search and add: `nodejs-tools`
+  - [ ] Search and add: `security-scan`
+  - [ ] Search and add: `codeql-analysis`
+  - [ ] ✅ Require branches to be up to date before merging
+
+### Additional Protections
+- [ ] ✅ Require conversation resolution before merging
+- [ ] ⬜ Do not allow bypassing the above settings (optional - prevents admin bypass)
+
+### Save
+- [ ] Click **Create** to save the branch protection rule
+
+## 🧪 Testing
+
+After setup, test that it works:
+
+1. [ ] Create a test branch
+2. [ ] Make a small change
+3. [ ] Push and create a PR
+4. [ ] Verify you're automatically assigned as reviewer
+5. [ ] Try to merge without approval (should be blocked)
+6. [ ] Approve the PR
+7. [ ] Merge successfully
+
+## 📚 Reference
+
+For detailed instructions, see: [doc/BRANCH_PROTECTION.md](../doc/BRANCH_PROTECTION.md)
+
+## 🆘 Need Help?
+
+- **Can't find the settings?** Make sure you have admin access to the repository
+- **Status checks not appearing?** Run the workflows at least once first
+- **Need to bypass temporarily?** Uncheck "Do not allow bypassing" in the rule settings
+
+## What Happens After Setup?
+
+✅ All changes to `main` require a pull request
+✅ Pull requests require your approval before merging
+✅ CI/CD checks must pass before merging
+✅ You're automatically assigned as reviewer on all PRs
+✅ Direct pushes to `main` are blocked

.github/CODEOWNERS

@@ -0,0 +1,17 @@
+# CODEOWNERS file for dragon-copilot-extension-samples-test
+# This file defines who should be automatically requested for review on pull requests.
+# 
+# Each line is a file pattern followed by one or more owners.
+# These owners will be automatically requested for review when someone opens a pull request
+# that modifies files matching the pattern.
+#
+# Documentation: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
+
+# Default owner for all files in the repository
+# This ensures that @mfrongillo35 is automatically requested to review all pull requests
+* @mfrongillo35
+
+# You can add more specific rules below as needed, for example:
+# /docs/ @mfrongillo35 @documentation-team
+# *.js @mfrongillo35 @frontend-team
+# /samples/ @mfrongillo35 @sample-reviewers

.github/dependabot.yml

@@ -34,7 +34,7 @@ updates:
 
   # Enable version updates for npm dependencies
   - package-ecosystem: "npm"
-    directory: "/tools/dragon-extension-cli"
+    directory: "/tools/dragon-copilot-cli"
     schedule:
       interval: "weekly"
       day: "monday"

.github/workflows/ci.yml

@@ -55,16 +55,16 @@ jobs:
       with:
         node-version: '20'
         cache: 'npm'
-        cache-dependency-path: tools/dragon-extension-cli/package.json
+        cache-dependency-path: tools/dragon-copilot-cli/package-lock.json
 
     - name: Install dependencies
-      working-directory: tools/dragon-extension-cli
+      working-directory: tools/dragon-copilot-cli
       run: npm ci
 
     - name: Run tests
-      working-directory: tools/dragon-extension-cli
+      working-directory: tools/dragon-copilot-cli
       run: npm test
 
     - name: Build
-      working-directory: tools/dragon-extension-cli
+      working-directory: tools/dragon-copilot-cli
       run: npm run build --if-present

QUICKSTART.md

@@ -1,3 +1,4 @@
+#
 # Quick Start Guide for Dragon Extension Developer
 
 ## 🚀 Getting Started (Choose One)
@@ -7,6 +8,28 @@
 * Node 22.20.0
 * npm 10.9.3
 
+### Generate Manifests with the CLI
+Use the unified `dragon-copilot` CLI to create and validate manifest version 3 definitions that now support automation scripts, event triggers, and dependency metadata.
+
+```powershell
+cd tools/dragon-copilot-cli
+npm install
+npm run build
+npm link
+
+# Interactive extension wizard (prompts for scripts/triggers/dependencies)
+dragon-copilot extension init
+
+# Validate both extension and publisher configuration together
+dragon-copilot extension validate ./extension.yaml
+
+# Partner manifest workflow
+dragon-copilot partner init
+dragon-copilot partner validate ./integration.yaml
+```
+
+> Tip: The wizard ensures `manifestVersion: 3` is set and collects automation metadata so the generated YAML aligns with the new schema shipped in this repository.
+
 ### Local Development Environment
 1. Clone the repository
 1. Open a terminal and navigate to `samples/DragonCopilot/Workflow/SampleExtension.Web`

README.md

@@ -10,14 +10,15 @@ Welcome! This repository contains sample code illustrating the Dragon Copilot ex
 - [Samples](#-samples)
 - [Tools](#️-tools)
 - [Contributing](#-contributing)
+- [Repository Security](#-repository-security)
 - [License](#-license)
 
 ## 📝 Overview
 
 This repo includes:
 
 - Sample extension with best practices
-- CLI tools to initialize & package extension
+- Unified `dragon-copilot-cli` tooling (extension + partner flows)
 - [Additional Documentation](doc/)
 
 ## 🚀 Quick Start
@@ -37,21 +38,22 @@ cd dragon-copilot-extension-samples
 
 ## 🛠️ Tools
 
-### Dragon Extension CLI
+### Dragon Copilot CLI
 
-CLI to easily generate manifest & package the extension, getting ready to publish or upload the extension.
+The `dragon-copilot-cli` consolidates both the legacy extension and partner CLIs. It now generates **manifest version 3** files with support for automation scripts, event triggers, and dependency metadata.
 
 Quick usage:
 
 ```bash
-cd tools/dragon-extension-cli
+cd tools/dragon-copilot-cli
+npm install
 npm run build
 npm link
-dragon-extension init
-dragon-extension package
+dragon-copilot extension init
+dragon-copilot partner validate ./path/to/integration.yaml
 ```
 
-See [CLI README](tools/dragon-extension-cli/README.md) for details.
+See [tools/dragon-copilot-cli/README.md](tools/dragon-copilot-cli/README.md) for more details, including an automation script scaffolding HOWTO.
 
 ## 🤝 Contributing
 
@@ -62,6 +64,18 @@ See [CLI README](tools/dragon-extension-cli/README.md) for details.
 5. Ensure all tests pass
 6. Submit a pull request
 
+All pull requests require review before merging to main. See the [Branch Protection Guide](doc/BRANCH_PROTECTION.md) for details on repository security settings.
+
+## 🔒 Repository Security
+
+This repository uses branch protection rules and code owners to maintain code quality:
+
+- **Pull Request Reviews Required**: All changes to `main` must go through a reviewed pull request
+- **Code Owners**: The `.github/CODEOWNERS` file automatically assigns reviewers
+- **CI/CD Checks**: All tests and security scans must pass before merging
+
+For setup instructions, see [Branch Protection Setup Guide](doc/BRANCH_PROTECTION.md).
+
 ## 📄 License
 
 MIT License. See [LICENSE](LICENSE) for details.