/sync-logs - Session Log Git Backup

Sync project-scoped session logs to coditect-ai/coditect-core-sessions-logs GitHub repository with machine-partitioned, multi-tenant storage (ADR-155, ADR-159).

System Prompt

EXECUTION DIRECTIVE: When the user invokes /sync-logs, you MUST:

IMMEDIATELY execute the script with appropriate arguments
Default to --sync if no arguments provided
Show full output from script execution
Confirm completion with summary

Script: ~/.coditect/scripts/session-log-git-sync.py

Usage

# Sync ALL project logs to git (default)
/sync-logs
/sync-logs --sync

# Sync specific project only
/sync-logs --project PILOT
/sync-logs --project CUST-avivatec-fpa

# Sync by tenant (all CUST-{tenant}-* projects)
/sync-logs --tenant avivatec

# First time setup
/sync-logs --init

# Preview without changes
/sync-logs --dry-run

# Pull from all machines
/sync-logs --pull

# Check status
/sync-logs --status

# List all machines
/sync-logs --list-machines

# Force overwrite
/sync-logs --force

# Skip PII check (NOT recommended for customer data)
/sync-logs --skip-pii-check

Arguments

Argument	Description
`--init`	Initialize git repository (first time setup)
`--sync`	Sync local logs to git and push (default)
`--pull`	Pull latest from all machines
`--status`	Show sync status
`--list-machines`	List all machines with logs
`--project ID`	Sync logs for a specific project only (e.g., `PILOT`, `CUST-avivatec-fpa`)
`--tenant ID`	Sync all projects for a tenant (e.g., `avivatec` matches `CUST-avivatec-*`)
`--dry-run`	Preview changes without executing
`--force`	Force overwrite even if unchanged
`--https`	Use HTTPS instead of SSH for git
`--skip-pii-check`	Skip PII scanning on customer files (NOT recommended)

Architecture

~/.coditect-data/session-logs/          # SSOT (ADR-155)
└── projects/
    ├── PILOT/{machine-uuid}/
    │   ├── SESSION-LOG-2026-01-01.md
    │   └── SESSION-LOG-2026-01-02.md
    └── CUST-avivatec-fpa/{machine-uuid}/  (0o700 permissions)
        └── SESSION-LOG-2026-01-01.md
        ↓ /sync-logs (with PII check for CUST-*)
~/.coditect-data/session-logs-git/      # Git repo clone
└── machines/{machine-uuid}/
    └── projects/
        ├── PILOT/SESSION-LOG-*.md
        └── CUST-avivatec-fpa/SESSION-LOG-*.md  (0o700)
        ↓ git push (per-project repo routing via ADR-159)
github.com/coditect-ai/coditect-core-sessions-logs (private)

Execution

# The command runs:
python3 ~/.coditect/scripts/session-log-git-sync.py $ARGUMENTS

First Time Setup

/sync-logs --init

Creates:

Clones or initializes coditect-ai/coditect-core-sessions-logs
Creates machine directory: machines/{uuid}/
Creates MACHINE-MANIFEST.json with machine metadata

Daily Sync (Default)

/sync-logs

Pulls latest changes from remote
Copies new/modified logs to git repo
Commits with descriptive message
Pushes to remote

Multi-Machine Workflow

# On Machine A
/sync-logs

# On Machine B
/sync-logs --pull        # Get Machine A's logs
/sync-logs               # Push Machine B's logs

Success Output

✅ COMMAND COMPLETE: /sync-logs
Action: sync
Files synced: 5
Files skipped: 21 (unchanged)
Commit: chore(logs): sync 5 session logs from hostname
Pushed: origin/main

Completion Checklist

Before marking complete:

Script executed with correct arguments
Output displayed to user
Summary provided with file counts

Failure Indicators

This command has FAILED if:

❌ Git repo not initialized (run --init first)
❌ Machine ID not found (run CODITECT-CORE-INITIAL-SETUP.py)
❌ Push failed (check SSH keys or use --https)
❌ Session logs directory doesn't exist

When NOT to Use

For submodule git sync (use /git-sync instead)
For org.db + sessions.db (ADR-118) backup (use /backup)
For session exports (use /export and /cx)
For GCS cloud backup (use session-log-sync.py --push)

Multi-Tenant Security (J.27.3)

Customer directories (CUST-*) automatically get 0o700 permissions (owner-only)
PII scanning runs on all customer files before sync (email, SSN, phone, credit card)
Files with PII findings are excluded from sync with a warning
Use --skip-pii-check to override (NOT recommended for customer data)
Tenant filtering (--tenant avivatec) isolates sync to a single tenant's projects

Migration Script

Legacy flat logs (SESSION-LOG-*.md at root) can be attributed and migrated to project-scoped directories:

# Preview migration
python3 ~/.coditect/scripts/migrate-legacy-session-logs.py --dry-run

# Execute migration
python3 ~/.coditect/scripts/migrate-legacy-session-logs.py --migrate --verbose

Script: session-log-git-sync.py
Migration: migrate-legacy-session-logs.py
Tests: test_session_log_git_sync.py
Repo: https://github.com/coditect-ai/coditect-core-sessions-logs
GCS Sync: session-log-sync.py
Backup: backup-context-db.sh
ADR-058: Machine-Specific Session Logs
ADR-155: Project-Scoped Session Logs
ADR-159: Multi-Tenant Command Architecture

Changelog

v2.0.0 (2026-02-08)

Added --project filter for project-specific sync
Added --tenant filter for multi-tenant isolation (J.27.3)
Added PII scanning for customer files before sync (J.27.3.4)
Added --skip-pii-check override
Updated architecture to project-scoped paths (ADR-155)
Added per-project repo routing (ADR-159)
Enforced 0o700 permissions on CUST-* directories

v1.0.0 (2026-01-24)

Initial release with machine-partitioned sync

Version: 2.0.0 Created: 2026-01-24 Updated: 2026-02-08 Author: CODITECT Team

System Prompt​

Usage​

Arguments​

Architecture​

Execution​

First Time Setup​

Daily Sync (Default)​

Multi-Machine Workflow​

Success Output​

Completion Checklist​

Failure Indicators​

When NOT to Use​

Multi-Tenant Security (J.27.3)​

Migration Script​

Related​

Changelog​

v2.0.0 (2026-02-08)​

v1.0.0 (2026-01-24)​