MokoConsulting/moko-platform
1
0
Fork 0
Code Issues 9 Pull Requests Actions 4 Packages Releases 4 Wiki Activity

Fix: jmiller-moko→jmiller, --jq→pipe jq, github-actions→gitea-actions

Browse Source 
Remaining cleanup across 12 workflow templates:
- repo_health, auto-assign, auto-dev-issue, branch-freeze,
  deploy-*, repository-cleanup, terraform templates

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jonathan Miller
2026-04-18 11:39:44 -05:00
parent c3fe454eb6
commit bbadbfd2ad
12 changed files with 32 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
templates/workflows/dolibarr/repo_health.yml.template
+1 -1
View File
@@ -99,7 +99,7 @@ jobs:
# Hardcoded authorized users — always allowed
case "$ACTOR" in
jmiller-moko|github-actions\[bot\])
jmiller|gitea-actions[bot])
ALLOWED=true
PERMISSION=admin
METHOD="hardcoded allowlist"
templates/workflows/health-check.yml
+1 -1
View File
@@ -293,7 +293,7 @@ jobs:
# Search for an existing health-check issue (any state)
EXISTING=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues?labels=${LABEL}&state=all&per_page=1&sort=updated&direction=desc" 2>/dev/null \
--jq '.[0].number' 2>/dev/null)
2>/dev/null | jq -r '.[0].number')
if [ -n "$EXISTING" ] && [ "$EXISTING" != "null" ]; then
# Check if it's closed — reopen if so
templates/workflows/joomla/repo_health.yml.template
+1 -1
View File
@@ -99,7 +99,7 @@ jobs:
# Hardcoded authorized users — always allowed
case "$ACTOR" in
jmiller-moko|github-actions\[bot\])
jmiller|gitea-actions[bot])
ALLOWED=true
PERMISSION=admin
METHOD="hardcoded allowlist"
templates/workflows/shared/auto-assign.yml.template
+5 -5
View File
@@ -7,7 +7,7 @@
# REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/MokoStandards-API
# PATH: /.github/workflows/auto-assign.yml
# VERSION: 04.06.00
# BRIEF: Auto-assign jmiller-moko to unassigned issues and PRs every 15 minutes
# BRIEF: Auto-assign jmiller to unassigned issues and PRs every 15 minutes
name: Auto-Assign Issues & PRs
@@ -35,7 +35,7 @@ jobs:
GA_TOKEN: ${{ secrets.GA_TOKEN || secrets.GA_TOKEN || github.token }}
run: |
REPO="${{ github.repository }}"
ASSIGNEE="jmiller-moko"
ASSIGNEE="jmiller"
echo "## 🏷️ Auto-Assign Report" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
@@ -44,10 +44,10 @@ jobs:
ASSIGNED_PRS=0
# Assign unassigned open issues
ISSUES=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues?state=open&per_page=100&assignee=none" --jq '.[].number' 2>/dev/null || true)
ISSUES=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues?state=open&per_page=100&assignee=none" 2>/dev/null | jq -r '.[].number' || true)
for NUM in $ISSUES; do
# Skip PRs (the issues endpoint returns PRs too)
IS_PR=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM" --jq '.pull_request // empty' 2>/dev/null || true)
IS_PR=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM" 2>/dev/null | jq -r '.pull_request // empty' || true)
if [ -z "$IS_PR" ]; then
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM/assignees" -X POST -f "assignees[]=$ASSIGNEE" --silent 2>/dev/null && {
ASSIGNED_ISSUES=$((ASSIGNED_ISSUES + 1))
@@ -57,7 +57,7 @@ jobs:
done
# Assign unassigned open PRs
PRS=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/pulls?state=open&per_page=100" --jq '.[] | select(.assignees | length == 0) | .number' 2>/dev/null || true)
PRS=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/pulls?state=open&per_page=100" 2>/dev/null | jq -r '.[] | select(.assignees | length == 0) | .number' || true)
for NUM in $PRS; do
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM/assignees" -X POST -f "assignees[]=$ASSIGNEE" --silent 2>/dev/null && {
ASSIGNED_PRS=$((ASSIGNED_PRS + 1))
templates/workflows/shared/auto-dev-issue.yml.template
+2 -2
View File
@@ -135,7 +135,7 @@ jobs:
--title "$SUB_FULL_TITLE" \
--body "$SUB_BODY" \
--label "${SUB_LABELS}" \
--assignee "jmiller-moko" 2>&1)
--assignee "jmiller" 2>&1)
SUB_NUM=$(echo "$SUB_URL" | grep -oE '[0-9]+$')
if [ -n "$SUB_NUM" ]; then
@@ -154,7 +154,7 @@ jobs:
--title "$TITLE" \
--body "$PARENT_BODY" \
--label "${LABEL_TYPE},version" \
--assignee "jmiller-moko" 2>&1)
--assignee "jmiller" 2>&1)
PARENT_NUM=$(echo "$PARENT_URL" | grep -oE '[0-9]+$')
templates/workflows/shared/branch-freeze.yml.template
+1 -1
View File
@@ -46,7 +46,7 @@ jobs:
ACTOR="${{ github.actor }}"
REPO="${{ github.repository }}"
PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \
--jq '.permission' 2>/dev/null || echo "read")
2>/dev/null | jq -r '.permission' || echo "read")
if [ "$PERMISSION" != "admin" ]; then
echo "Denied: only admins can freeze/unfreeze branches (${ACTOR} has ${PERMISSION})"
exit 1
templates/workflows/shared/deploy-demo.yml.template
+5 -5
View File
@@ -86,7 +86,7 @@ jobs:
AUTHORIZED="false"
# Hardcoded authorized users — always allowed to deploy
AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]"
AUTHORIZED_USERS="jmiller gitea-actions[bot]"
for user in $AUTHORIZED_USERS; do
if [ "$ACTOR" = "$user" ]; then
AUTHORIZED="true"
@@ -99,12 +99,12 @@ jobs:
# For other actors, check repo/org permissions via API
if [ "$AUTHORIZED" != "true" ]; then
PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \
--jq '.permission' 2>/dev/null)
2>/dev/null | jq -r '.permission')
METHOD="repo collaborator API"
if [ -z "$PERMISSION" ]; then
ORG_ROLE=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/orgs/${ORG}/memberships/${ACTOR}" \
--jq '.role' 2>/dev/null)
2>/dev/null | jq -r '.role')
METHOD="org membership API"
if [ "$ORG_ROLE" = "owner" ]; then
PERMISSION="admin"
@@ -673,7 +673,7 @@ jobs:
# Look for an existing open deploy-failure issue
EXISTING=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues?labels=${LABEL}&state=all&per_page=1&sort=created&direction=desc" 2>/dev/null \
--jq '.[0].number' 2>/dev/null)
2>/dev/null | jq -r '.[0].number')
if [ -n "$EXISTING" ] && [ "$EXISTING" != "null" ]; then
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues/${EXISTING}" 2>/dev/null \
@@ -689,7 +689,7 @@ jobs:
--title "$TITLE" \
--body "$BODY" \
--label "$LABEL" \
--assignee "jmiller-moko" \
--assignee "jmiller" \
| tee -a "$GITHUB_STEP_SUMMARY"
fi
templates/workflows/shared/deploy-dev.yml.template
+3 -3
View File
@@ -90,7 +90,7 @@ jobs:
AUTHORIZED="false"
# Hardcoded authorized users — always allowed to deploy
AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]"
AUTHORIZED_USERS="jmiller gitea-actions[bot]"
for user in $AUTHORIZED_USERS; do
if [ "$ACTOR" = "$user" ]; then
AUTHORIZED="true"
@@ -103,12 +103,12 @@ jobs:
# For other actors, check repo/org permissions via API
if [ "$AUTHORIZED" != "true" ]; then
PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \
--jq '.permission' 2>/dev/null)
2>/dev/null | jq -r '.permission')
METHOD="repo collaborator API"
if [ -z "$PERMISSION" ]; then
ORG_ROLE=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/orgs/${ORG}/memberships/${ACTOR}" \
--jq '.role' 2>/dev/null)
2>/dev/null | jq -r '.role')
METHOD="org membership API"
if [ "$ORG_ROLE" = "owner" ]; then
PERMISSION="admin"
templates/workflows/shared/deploy-rs.yml.template
+5 -5
View File
@@ -94,7 +94,7 @@ jobs:
AUTHORIZED="false"
# Hardcoded authorized users — always allowed to deploy
AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]"
AUTHORIZED_USERS="jmiller gitea-actions[bot]"
for user in $AUTHORIZED_USERS; do
if [ "$ACTOR" = "$user" ]; then
AUTHORIZED="true"
@@ -107,12 +107,12 @@ jobs:
# For other actors, check repo/org permissions via API
if [ "$AUTHORIZED" != "true" ]; then
PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \
--jq '.permission' 2>/dev/null)
2>/dev/null | jq -r '.permission')
METHOD="repo collaborator API"
if [ -z "$PERMISSION" ]; then
ORG_ROLE=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/orgs/${ORG}/memberships/${ACTOR}" \
--jq '.role' 2>/dev/null)
2>/dev/null | jq -r '.role')
METHOD="org membership API"
if [ "$ORG_ROLE" = "owner" ]; then
PERMISSION="admin"
@@ -615,7 +615,7 @@ jobs:
# Look for an existing deploy-failure issue (any state — reopen if closed)
EXISTING=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues?labels=${LABEL}&state=all&per_page=1&sort=created&direction=desc" 2>/dev/null \
--jq '.[0].number' 2>/dev/null)
2>/dev/null | jq -r '.[0].number')
if [ -n "$EXISTING" ] && [ "$EXISTING" != "null" ]; then
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues/${EXISTING}" 2>/dev/null \
@@ -631,7 +631,7 @@ jobs:
--title "$TITLE" \
--body "$BODY" \
--label "$LABEL" \
--assignee "jmiller-moko" \
--assignee "jmiller" \
| tee -a "$GITHUB_STEP_SUMMARY"
fi
templates/workflows/shared/repository-cleanup.yml.template
+5 -5
View File
@@ -80,7 +80,7 @@ jobs:
echo "✅ Scheduled run — authorized"
exit 0
fi
AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]"
AUTHORIZED_USERS="jmiller gitea-actions[bot]"
for user in $AUTHORIZED_USERS; do
if [ "$ACTOR" = "$user" ]; then
echo "✅ ${ACTOR} authorized"
@@ -88,7 +88,7 @@ jobs:
fi
done
PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \
--jq '.permission' 2>/dev/null)
2>/dev/null | jq -r '.permission')
case "$PERMISSION" in
admin|maintain) echo "✅ ${ACTOR} has ${PERMISSION}" ;;
*) echo "❌ Admin or maintain required"; exit 1 ;;
@@ -278,7 +278,7 @@ jobs:
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/branches?per_page=100" | jq -r '.[].name' 2>/dev/null | \
grep "^chore/sync-mokostandards" | \
grep -v "^${CURRENT}$" | while read -r branch; do
gh pr list --repo "$REPO" --head "$branch" --state open --json number --jq '.[].number' 2>/dev/null | while read -r pr; do
gh pr list --repo "$REPO" --head "$branch" --state open --json number 2>/dev/null | jq -r '.[].number' | while read -r pr; do
gh pr close "$pr" --repo "$REPO" --comment "Superseded by \`${CURRENT}\`" 2>/dev/null || true
echo " Closed PR #${pr}" >> $GITHUB_STEP_SUMMARY
done
@@ -305,7 +305,7 @@ jobs:
# Delete cancelled and stale workflow runs
for status in cancelled stale; do
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs?status=${status}&per_page=100" 2>/dev/null \
--jq '.workflow_runs[].id' 2>/dev/null | while read -r run_id; do
2>/dev/null | jq -r '.workflow_runs[].id' | while read -r run_id; do
curl -sf -X DELETE -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs/${run_id}" 2>/dev/null || true
DELETED=$((DELETED+1))
done
@@ -327,7 +327,7 @@ jobs:
DELETED=0
curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs?created=<${CUTOFF}&per_page=100" 2>/dev/null \
--jq '.workflow_runs[].id' 2>/dev/null | while read -r run_id; do
2>/dev/null | jq -r '.workflow_runs[].id' | while read -r run_id; do
curl -sf -X DELETE -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs/${run_id}/logs" 2>/dev/null || true
DELETED=$((DELETED+1))
done
templates/workflows/terraform/drift-detection.yml.template
+1 -1
View File
@@ -171,7 +171,7 @@ jobs:
title: `[Terraform Drift] ${env} environment has drifted`,
body: body,
labels: ['terraform-drift', `environment:${env}`, 'infrastructure'],
assignees: ['copilot', 'jmiller-moko']
assignees: ['copilot', 'jmiller']
});
} else {
// Update existing issue
templates/workflows/terraform/manage-repo-templates.yml.template
+2 -2
View File
@@ -288,7 +288,7 @@ jobs:
title: 'Terraform Repository Template Update Plan',
body: output,
labels: ['terraform', 'repository-management', 'automation'],
assignees: ['copilot', 'jmiller-moko']
assignees: ['copilot', 'jmiller']
});
- name: Terraform Apply
@@ -342,7 +342,7 @@ jobs:
title: `Repository Templates Updated - ${new Date().toISOString().split('T')[0]}`,
body: body,
labels: ['terraform', 'repository-management', 'completed'],
assignees: ['copilot', 'jmiller-moko']
assignees: ['copilot', 'jmiller']
});
- name: Summary