Previously dev branches were excluded from auto-bump. Now all
stability branches (dev, alpha, beta, rc) bump patch automatically.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add Multi-Channel updates.xml Architecture section to README.md
- Document auto-release.yml.template and update-server.yml.template
- Update joomla/index.md with current template inventory
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
pull-from-dev.yml.template:
- Downloads files from dev server via rsync/SSH into repo src/
- Configurable via DEV_SSH_HOST, DEV_SSH_USERNAME, DEV_PULL_PATH vars
- Auth via DEV_SSH_KEY secret
- Dry-run mode, branch selection, diff preview
export-mysql.yml.template:
- Exports MySQL database from dev or demo server
- Supports both Joomla and Dolibarr environments
- Sanitizes PII: passwords (bcrypt), emails, sessions, API keys, tokens
- Preserves admin/moko emails, strips everything else
- Dolibarr-specific: clears api_key, pass_crypted, ldap_pass, oauth secrets
- Saves as artifact (30d retention) or commits to sql/exports/
- Configurable per environment (dev/demo) via org or repo variables
Required variables (org or repo):
- DEV_SSH_HOST, DEV_SSH_PORT, DEV_SSH_USERNAME
- DEV_MYSQL_DATABASE, DEV_MYSQL_USER
- Secrets: DEV_SSH_KEY, DEV_MYSQL_PASSWORD
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Protected files (like updates.xml) were being overwritten because
the stale-token check ran AFTER the canOverwrite gate. Now protected
files continue (skip) immediately, even with --force.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Set protected=true, remove template reference. updates.xml is managed
by the release workflow, not bulk sync — sync was replacing it with
a stub template containing {{EXTENSION_NAME}} placeholders.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Added platform distribution table (stable=dual, pre-release=Gitea only)
- Updated all example URLs from GitHub to Gitea
- Stable gets dual <downloadurl> (Gitea + GitHub)
- RC/Beta/Alpha/Dev get single <downloadurl> (Gitea only)
- Updated targetplatform to [56].*
- Updated Dolibarr update.txt URL to Gitea
- Removed sha256/client fields from examples (not used)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
branch-freeze, repository-cleanup, manage-repo-templates converted
from gh CLI flags to curl/jq equivalents.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Standardizes the Joomla update server filename to `updates.xml` (plural)
across all .tf definitions, workflow templates, and automation scripts.
The singular `update.xml` was inconsistent with the Joomla convention
and the updates.xml.template already in use.
Files fixed: 16 (definitions, templates, automation scripts)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Replace git push to main with Gitea contents API (bypasses branch protection)
- Add authenticated push URL step after checkout
- Matches MokoCassiopeia release.yml pattern
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When releasing from a non-main branch, updates.xml is cherry-picked
to main so the Joomla update server always serves current data.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Ensures all repos have standard release channel tags pointing to
the default branch. Tags are created if missing, skipped if they exist.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Added resolveLabelIds() helper: looks up label IDs from Gitea API
- All issue creation/update calls now pass integer label IDs (Gitea requirement)
- Replaced hardcoded 'jmiller-moko' (GitHub) with 'jmiller' (Gitea) in
bulk_sync.php, push_files.php, archive_repo.php
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Quoted heredoc (<< 'PYEOF') prevents shell expansion of ${VAR}.
Pass values via exported env vars and read with os.environ in Python.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- .github description updated: Gitea primary, GitHub backup
- Added requiredFiles list for standard shared workflows
- workflows directory now requirementStatus: required
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
PHP is pre-installed in custom runner image (moko/runner-image:latest).
shivammathur/setup-php is incompatible with Gitea act_runner DinD.
25 workflow templates updated.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- All remaining github-actions[bot] → gitea-actions[bot]
- All remaining gh api calls in non-mirror steps → Gitea API curl
- COMPOSER_AUTH uses GA_TOKEN for Gitea composer registry
- 7 docs updated with correct bot identity and token refs
- gh release create/edit only remains in GitHub mirror sections
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- gh release view/create/edit/upload → Gitea API curl
- gh api → Gitea API curl with GA_TOKEN
- Download URLs point to Gitea as primary
- GitHub mirror steps preserved with continue-on-error for stable/rc
Affects: 11 workflow templates
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- All Gitea API calls use secrets.GA_TOKEN (org-level Gitea PAT)
- secrets.GITHUB_TOKEN → secrets.GA_TOKEN across all templates
- secrets.GH_TOKEN reserved for GitHub mirror operations only
- Bot identity: gitea-actions[bot]@mokoconsulting.tech
- gh CLI commands kept only in GitHub mirror steps (continue-on-error)
- gh api calls in auto-assign/auto-dev-issue converted to curl
Affects: 20 workflow templates + 2 standalone yml files
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- mokoconsulting-tech → MokoConsulting across all docs
- github.com → git.mokoconsulting.tech
- CLI examples updated with new org name
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Definitions load from MokoStandards-API (repoRoot = API repo)
- Template files load from MokoStandards (standardsRoot = sibling dir)
- Set MOKOSTANDARDS_ROOT env var to override template source location
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- All PHP files in cli/, deploy/, maintenance/ had __DIR__ . '/../../vendor/autoload.php'
(from when they lived at /api/cli/ inside MokoStandards). Fixed to /../vendor/autoload.php
- Workflow templates updated to clone MokoStandards-API.git and reference /cli/, /deploy/,
/maintenance/ paths instead of /api/cli/, /api/deploy/, /api/maintenance/
Affects: 11 PHP files + 11 workflow templates
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- RepositorySynchronizer now syncs files to ALL branches (main + dev + any others)
- Extract syncFilesToBranch() method for per-branch file operations
- Add GiteaAdapter::listBranches() method
- Add ext-zip to composer.json require
- Fix Guzzle base_uri resolution (trailing slash + strip leading slash)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Strip leading slash from endpoints and ensure base_uri has trailing slash
so Guzzle preserves the /api/v1 path prefix per RFC 3986.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- RepositorySynchronizer defaults to GiteaAdapter
- PlatformAdapterFactory points to git.mokoconsulting.tech
- All plugins reference .gitea/workflows instead of .github/workflows
- push_files.php uses Gitea API
- Common.php REPO URLs updated to Gitea
- sync_dolibarr_readmes.php updated to Gitea URLs
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add GA_TOKEN to token fallback chain across all 25 workflow templates
(secrets.GA_TOKEN || secrets.GH_TOKEN || github.token)
- Replace hardcoded MokoStandards clone URLs with platform-detecting
MOKO_CLONE_TOKEN/MOKO_CLONE_HOST env vars in 11 templates
- Replace actions/github-script@v7 with shell-based API calls in
repo_health (Joomla + Dolibarr) and validate-joomla-project
- Replace hardcoded ApiClient('api.github.com') with PlatformAdapterFactory
in health-check.yml and integration-tests.yml
- Add TODO markers for terraform github-script blocks (complex logic)
- Update publish-to-mokodolimods token references
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- cli/create_project.php: use PlatformAdapterFactory, guard GraphQL for GitHub-only
- cli/joomla_release.php: use adapter for API init, platform-aware clone/upload URLs
- release/generate_joomla_update_xml.php: use PlatformAdapterFactory for API init
- release/generate_dolibarr_version_txt.php: same
- validate/scan_drift.php: use PlatformAdapterFactory for API init
- validate/check_repo_health.php: use platform-aware API base URL
- validate/check_composer_deps.php: route through adapter ApiClient
- maintenance/repo_inventory.php: route through adapter ApiClient, guard GraphQL
- maintenance/rotate_secrets.php: route through adapter ApiClient
- maintenance/update_version_from_readme.php: use PlatformAdapterFactory, rename method
- lib/Common.php: set primary REPO_URL to Gitea
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add web URL helpers to GitPlatformAdapter interface (getRepoWebUrl,
getPullRequestWebUrl, getIssueWebUrl, getBranchWebUrl, getMetadataDir,
getStepSummaryEnvVar) with implementations in both adapters
- Refactor bulk_sync, push_files, repo_cleanup to use PlatformAdapterFactory
instead of hardcoded GitHub API URLs and raw curl calls
- Fix RepositorySynchronizer override file and .mokostandards migration to
use platform-aware metadata directories
- Add joomla-template platform type with full definition and detection
- Add bulk_joomla_template.php CLI tool (scaffold, sync, list, sync-updates)
- Dual update servers in templateDetails.xml (Gitea priority 1, GitHub priority 2)
- Dual download URLs in updates.xml (Gitea primary, GitHub fallback)
- Target Joomla 5.x and 6.x, PHP 8.1 minimum
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Jonathan Miller
jmiller