From bbadbfd2addd7dea3d91ba5bbd9ffd9c32925923 Mon Sep 17 00:00:00 2001 From: Jonathan Miller Date: Sat, 18 Apr 2026 11:39:44 -0500 Subject: [PATCH] =?UTF-8?q?Fix:=20jmiller-moko=E2=86=92jmiller,=20--jq?= =?UTF-8?q?=E2=86=92pipe=20jq,=20github-actions=E2=86=92gitea-actions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Remaining cleanup across 12 workflow templates: - repo_health, auto-assign, auto-dev-issue, branch-freeze, deploy-*, repository-cleanup, terraform templates Co-Authored-By: Claude Opus 4.6 (1M context) --- templates/workflows/dolibarr/repo_health.yml.template | 2 +- templates/workflows/health-check.yml | 2 +- templates/workflows/joomla/repo_health.yml.template | 2 +- templates/workflows/shared/auto-assign.yml.template | 10 +++++----- templates/workflows/shared/auto-dev-issue.yml.template | 4 ++-- templates/workflows/shared/branch-freeze.yml.template | 2 +- templates/workflows/shared/deploy-demo.yml.template | 10 +++++----- templates/workflows/shared/deploy-dev.yml.template | 6 +++--- templates/workflows/shared/deploy-rs.yml.template | 10 +++++----- .../workflows/shared/repository-cleanup.yml.template | 10 +++++----- .../workflows/terraform/drift-detection.yml.template | 2 +- .../terraform/manage-repo-templates.yml.template | 4 ++-- 12 files changed, 32 insertions(+), 32 deletions(-) diff --git a/templates/workflows/dolibarr/repo_health.yml.template b/templates/workflows/dolibarr/repo_health.yml.template index a5cb589..780f8ee 100644 --- a/templates/workflows/dolibarr/repo_health.yml.template +++ b/templates/workflows/dolibarr/repo_health.yml.template @@ -99,7 +99,7 @@ jobs: # Hardcoded authorized users — always allowed case "$ACTOR" in - jmiller-moko|github-actions\[bot\]) + jmiller|gitea-actions[bot]) ALLOWED=true PERMISSION=admin METHOD="hardcoded allowlist" diff --git a/templates/workflows/health-check.yml b/templates/workflows/health-check.yml index 17e53d9..84932ce 100644 --- a/templates/workflows/health-check.yml +++ b/templates/workflows/health-check.yml @@ -293,7 +293,7 @@ jobs: # Search for an existing health-check issue (any state) EXISTING=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues?labels=${LABEL}&state=all&per_page=1&sort=updated&direction=desc" 2>/dev/null \ - --jq '.[0].number' 2>/dev/null) + 2>/dev/null | jq -r '.[0].number') if [ -n "$EXISTING" ] && [ "$EXISTING" != "null" ]; then # Check if it's closed — reopen if so diff --git a/templates/workflows/joomla/repo_health.yml.template b/templates/workflows/joomla/repo_health.yml.template index 80f1bc5..56e2aaf 100644 --- a/templates/workflows/joomla/repo_health.yml.template +++ b/templates/workflows/joomla/repo_health.yml.template @@ -99,7 +99,7 @@ jobs: # Hardcoded authorized users — always allowed case "$ACTOR" in - jmiller-moko|github-actions\[bot\]) + jmiller|gitea-actions[bot]) ALLOWED=true PERMISSION=admin METHOD="hardcoded allowlist" diff --git a/templates/workflows/shared/auto-assign.yml.template b/templates/workflows/shared/auto-assign.yml.template index a648b39..a5b6ce7 100644 --- a/templates/workflows/shared/auto-assign.yml.template +++ b/templates/workflows/shared/auto-assign.yml.template @@ -7,7 +7,7 @@ # REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/MokoStandards-API # PATH: /.github/workflows/auto-assign.yml # VERSION: 04.06.00 -# BRIEF: Auto-assign jmiller-moko to unassigned issues and PRs every 15 minutes +# BRIEF: Auto-assign jmiller to unassigned issues and PRs every 15 minutes name: Auto-Assign Issues & PRs @@ -35,7 +35,7 @@ jobs: GA_TOKEN: ${{ secrets.GA_TOKEN || secrets.GA_TOKEN || github.token }} run: | REPO="${{ github.repository }}" - ASSIGNEE="jmiller-moko" + ASSIGNEE="jmiller" echo "## 🏷️ Auto-Assign Report" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY @@ -44,10 +44,10 @@ jobs: ASSIGNED_PRS=0 # Assign unassigned open issues - ISSUES=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues?state=open&per_page=100&assignee=none" --jq '.[].number' 2>/dev/null || true) + ISSUES=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues?state=open&per_page=100&assignee=none" 2>/dev/null | jq -r '.[].number' || true) for NUM in $ISSUES; do # Skip PRs (the issues endpoint returns PRs too) - IS_PR=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM" --jq '.pull_request // empty' 2>/dev/null || true) + IS_PR=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM" 2>/dev/null | jq -r '.pull_request // empty' || true) if [ -z "$IS_PR" ]; then curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM/assignees" -X POST -f "assignees[]=$ASSIGNEE" --silent 2>/dev/null && { ASSIGNED_ISSUES=$((ASSIGNED_ISSUES + 1)) @@ -57,7 +57,7 @@ jobs: done # Assign unassigned open PRs - PRS=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/pulls?state=open&per_page=100" --jq '.[] | select(.assignees | length == 0) | .number' 2>/dev/null || true) + PRS=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/pulls?state=open&per_page=100" 2>/dev/null | jq -r '.[] | select(.assignees | length == 0) | .number' || true) for NUM in $PRS; do curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/repos/${{ github.repository }}/issues/$NUM/assignees" -X POST -f "assignees[]=$ASSIGNEE" --silent 2>/dev/null && { ASSIGNED_PRS=$((ASSIGNED_PRS + 1)) diff --git a/templates/workflows/shared/auto-dev-issue.yml.template b/templates/workflows/shared/auto-dev-issue.yml.template index 8fa30d4..12f90ef 100644 --- a/templates/workflows/shared/auto-dev-issue.yml.template +++ b/templates/workflows/shared/auto-dev-issue.yml.template @@ -135,7 +135,7 @@ jobs: --title "$SUB_FULL_TITLE" \ --body "$SUB_BODY" \ --label "${SUB_LABELS}" \ - --assignee "jmiller-moko" 2>&1) + --assignee "jmiller" 2>&1) SUB_NUM=$(echo "$SUB_URL" | grep -oE '[0-9]+$') if [ -n "$SUB_NUM" ]; then @@ -154,7 +154,7 @@ jobs: --title "$TITLE" \ --body "$PARENT_BODY" \ --label "${LABEL_TYPE},version" \ - --assignee "jmiller-moko" 2>&1) + --assignee "jmiller" 2>&1) PARENT_NUM=$(echo "$PARENT_URL" | grep -oE '[0-9]+$') diff --git a/templates/workflows/shared/branch-freeze.yml.template b/templates/workflows/shared/branch-freeze.yml.template index f1399f5..07c45d9 100644 --- a/templates/workflows/shared/branch-freeze.yml.template +++ b/templates/workflows/shared/branch-freeze.yml.template @@ -46,7 +46,7 @@ jobs: ACTOR="${{ github.actor }}" REPO="${{ github.repository }}" PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \ - --jq '.permission' 2>/dev/null || echo "read") + 2>/dev/null | jq -r '.permission' || echo "read") if [ "$PERMISSION" != "admin" ]; then echo "Denied: only admins can freeze/unfreeze branches (${ACTOR} has ${PERMISSION})" exit 1 diff --git a/templates/workflows/shared/deploy-demo.yml.template b/templates/workflows/shared/deploy-demo.yml.template index 971e027..ec77251 100644 --- a/templates/workflows/shared/deploy-demo.yml.template +++ b/templates/workflows/shared/deploy-demo.yml.template @@ -86,7 +86,7 @@ jobs: AUTHORIZED="false" # Hardcoded authorized users — always allowed to deploy - AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]" + AUTHORIZED_USERS="jmiller gitea-actions[bot]" for user in $AUTHORIZED_USERS; do if [ "$ACTOR" = "$user" ]; then AUTHORIZED="true" @@ -99,12 +99,12 @@ jobs: # For other actors, check repo/org permissions via API if [ "$AUTHORIZED" != "true" ]; then PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \ - --jq '.permission' 2>/dev/null) + 2>/dev/null | jq -r '.permission') METHOD="repo collaborator API" if [ -z "$PERMISSION" ]; then ORG_ROLE=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/orgs/${ORG}/memberships/${ACTOR}" \ - --jq '.role' 2>/dev/null) + 2>/dev/null | jq -r '.role') METHOD="org membership API" if [ "$ORG_ROLE" = "owner" ]; then PERMISSION="admin" @@ -673,7 +673,7 @@ jobs: # Look for an existing open deploy-failure issue EXISTING=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues?labels=${LABEL}&state=all&per_page=1&sort=created&direction=desc" 2>/dev/null \ - --jq '.[0].number' 2>/dev/null) + 2>/dev/null | jq -r '.[0].number') if [ -n "$EXISTING" ] && [ "$EXISTING" != "null" ]; then curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues/${EXISTING}" 2>/dev/null \ @@ -689,7 +689,7 @@ jobs: --title "$TITLE" \ --body "$BODY" \ --label "$LABEL" \ - --assignee "jmiller-moko" \ + --assignee "jmiller" \ | tee -a "$GITHUB_STEP_SUMMARY" fi diff --git a/templates/workflows/shared/deploy-dev.yml.template b/templates/workflows/shared/deploy-dev.yml.template index e030ec8..36ba925 100644 --- a/templates/workflows/shared/deploy-dev.yml.template +++ b/templates/workflows/shared/deploy-dev.yml.template @@ -90,7 +90,7 @@ jobs: AUTHORIZED="false" # Hardcoded authorized users — always allowed to deploy - AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]" + AUTHORIZED_USERS="jmiller gitea-actions[bot]" for user in $AUTHORIZED_USERS; do if [ "$ACTOR" = "$user" ]; then AUTHORIZED="true" @@ -103,12 +103,12 @@ jobs: # For other actors, check repo/org permissions via API if [ "$AUTHORIZED" != "true" ]; then PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \ - --jq '.permission' 2>/dev/null) + 2>/dev/null | jq -r '.permission') METHOD="repo collaborator API" if [ -z "$PERMISSION" ]; then ORG_ROLE=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/orgs/${ORG}/memberships/${ACTOR}" \ - --jq '.role' 2>/dev/null) + 2>/dev/null | jq -r '.role') METHOD="org membership API" if [ "$ORG_ROLE" = "owner" ]; then PERMISSION="admin" diff --git a/templates/workflows/shared/deploy-rs.yml.template b/templates/workflows/shared/deploy-rs.yml.template index cdb33ba..7100921 100644 --- a/templates/workflows/shared/deploy-rs.yml.template +++ b/templates/workflows/shared/deploy-rs.yml.template @@ -94,7 +94,7 @@ jobs: AUTHORIZED="false" # Hardcoded authorized users — always allowed to deploy - AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]" + AUTHORIZED_USERS="jmiller gitea-actions[bot]" for user in $AUTHORIZED_USERS; do if [ "$ACTOR" = "$user" ]; then AUTHORIZED="true" @@ -107,12 +107,12 @@ jobs: # For other actors, check repo/org permissions via API if [ "$AUTHORIZED" != "true" ]; then PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \ - --jq '.permission' 2>/dev/null) + 2>/dev/null | jq -r '.permission') METHOD="repo collaborator API" if [ -z "$PERMISSION" ]; then ORG_ROLE=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${GITEA_URL:-https://git.mokoconsulting.tech}/api/v1/orgs/${ORG}/memberships/${ACTOR}" \ - --jq '.role' 2>/dev/null) + 2>/dev/null | jq -r '.role') METHOD="org membership API" if [ "$ORG_ROLE" = "owner" ]; then PERMISSION="admin" @@ -615,7 +615,7 @@ jobs: # Look for an existing deploy-failure issue (any state — reopen if closed) EXISTING=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues?labels=${LABEL}&state=all&per_page=1&sort=created&direction=desc" 2>/dev/null \ - --jq '.[0].number' 2>/dev/null) + 2>/dev/null | jq -r '.[0].number') if [ -n "$EXISTING" ] && [ "$EXISTING" != "null" ]; then curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/issues/${EXISTING}" 2>/dev/null \ @@ -631,7 +631,7 @@ jobs: --title "$TITLE" \ --body "$BODY" \ --label "$LABEL" \ - --assignee "jmiller-moko" \ + --assignee "jmiller" \ | tee -a "$GITHUB_STEP_SUMMARY" fi diff --git a/templates/workflows/shared/repository-cleanup.yml.template b/templates/workflows/shared/repository-cleanup.yml.template index 5c56540..987ab89 100644 --- a/templates/workflows/shared/repository-cleanup.yml.template +++ b/templates/workflows/shared/repository-cleanup.yml.template @@ -80,7 +80,7 @@ jobs: echo "✅ Scheduled run — authorized" exit 0 fi - AUTHORIZED_USERS="jmiller-moko gitea-actions[bot]" + AUTHORIZED_USERS="jmiller gitea-actions[bot]" for user in $AUTHORIZED_USERS; do if [ "$ACTOR" = "$user" ]; then echo "✅ ${ACTOR} authorized" @@ -88,7 +88,7 @@ jobs: fi done PERMISSION=$(curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/collaborators/${ACTOR}/permission" 2>/dev/null \ - --jq '.permission' 2>/dev/null) + 2>/dev/null | jq -r '.permission') case "$PERMISSION" in admin|maintain) echo "✅ ${ACTOR} has ${PERMISSION}" ;; *) echo "❌ Admin or maintain required"; exit 1 ;; @@ -278,7 +278,7 @@ jobs: curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/branches?per_page=100" | jq -r '.[].name' 2>/dev/null | \ grep "^chore/sync-mokostandards" | \ grep -v "^${CURRENT}$" | while read -r branch; do - gh pr list --repo "$REPO" --head "$branch" --state open --json number --jq '.[].number' 2>/dev/null | while read -r pr; do + gh pr list --repo "$REPO" --head "$branch" --state open --json number 2>/dev/null | jq -r '.[].number' | while read -r pr; do gh pr close "$pr" --repo "$REPO" --comment "Superseded by \`${CURRENT}\`" 2>/dev/null || true echo " Closed PR #${pr}" >> $GITHUB_STEP_SUMMARY done @@ -305,7 +305,7 @@ jobs: # Delete cancelled and stale workflow runs for status in cancelled stale; do curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs?status=${status}&per_page=100" 2>/dev/null \ - --jq '.workflow_runs[].id' 2>/dev/null | while read -r run_id; do + 2>/dev/null | jq -r '.workflow_runs[].id' | while read -r run_id; do curl -sf -X DELETE -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs/${run_id}" 2>/dev/null || true DELETED=$((DELETED+1)) done @@ -327,7 +327,7 @@ jobs: DELETED=0 curl -sf -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs?created=<${CUTOFF}&per_page=100" 2>/dev/null \ - --jq '.workflow_runs[].id' 2>/dev/null | while read -r run_id; do + 2>/dev/null | jq -r '.workflow_runs[].id' | while read -r run_id; do curl -sf -X DELETE -H "Authorization: token ${{ secrets.GA_TOKEN }}" "${{GITEA_URL:-https://git.mokoconsulting.tech}}/api/v1/repos/${{ github.repository }}/actions/runs/${run_id}/logs" 2>/dev/null || true DELETED=$((DELETED+1)) done diff --git a/templates/workflows/terraform/drift-detection.yml.template b/templates/workflows/terraform/drift-detection.yml.template index ef89785..1fe06f6 100644 --- a/templates/workflows/terraform/drift-detection.yml.template +++ b/templates/workflows/terraform/drift-detection.yml.template @@ -171,7 +171,7 @@ jobs: title: `[Terraform Drift] ${env} environment has drifted`, body: body, labels: ['terraform-drift', `environment:${env}`, 'infrastructure'], - assignees: ['copilot', 'jmiller-moko'] + assignees: ['copilot', 'jmiller'] }); } else { // Update existing issue diff --git a/templates/workflows/terraform/manage-repo-templates.yml.template b/templates/workflows/terraform/manage-repo-templates.yml.template index 564cba8..1637330 100644 --- a/templates/workflows/terraform/manage-repo-templates.yml.template +++ b/templates/workflows/terraform/manage-repo-templates.yml.template @@ -288,7 +288,7 @@ jobs: title: 'Terraform Repository Template Update Plan', body: output, labels: ['terraform', 'repository-management', 'automation'], - assignees: ['copilot', 'jmiller-moko'] + assignees: ['copilot', 'jmiller'] }); - name: Terraform Apply @@ -342,7 +342,7 @@ jobs: title: `Repository Templates Updated - ${new Date().toISOString().split('T')[0]}`, body: body, labels: ['terraform', 'repository-management', 'completed'], - assignees: ['copilot', 'jmiller-moko'] + assignees: ['copilot', 'jmiller'] }); - name: Summary