Jonathan Miller
c55da9d67d
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Generic: Repo Health / Release configuration (push) Successful in 4s
Generic: Repo Health / Scripts governance (push) Successful in 4s
Generic: Repo Health / Repository health (push) Successful in 11s
Platform: moko-platform CI / Gate 1: Code Quality (push) Successful in 44s
Platform: moko-platform CI / Gate 4: Governance (push) Failing after 0s
Platform: moko-platform CI / Gate 5: Template Integrity (push) Failing after 0s
Platform: moko-platform CI / Gate 2: Unit Tests (8.1) (push) Failing after 29s
Platform: moko-platform CI / Gate 3: Self-Health Check (push) Failing after 31s
Platform: moko-platform CI / Gate 2: Unit Tests (8.2) (push) Failing after 32s
Platform: moko-platform CI / Gate 2: Unit Tests (8.3) (push) Failing after 34s
Platform: moko-platform CI / Gate 2: Unit Tests (8.1) (pull_request) Blocked by required conditions
Platform: moko-platform CI / Gate 2: Unit Tests (8.2) (pull_request) Blocked by required conditions
Platform: moko-platform CI / Gate 2: Unit Tests (8.3) (pull_request) Blocked by required conditions
Platform: moko-platform CI / Gate 3: Self-Health Check (pull_request) Blocked by required conditions
Platform: moko-platform CI / Gate 4: Governance (pull_request) Blocked by required conditions
Platform: moko-platform CI / Gate 1: Code Quality (pull_request) Failing after 1s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Failing after 1s
Universal: PR Check / Branch Policy (pull_request) Failing after 0s
Universal: PR Check / Validate PR (pull_request) Failing after 0s
Universal: PR Check / Build RC Package (pull_request) Has been skipped
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Failing after 1s
Generic: Repo Health / Release configuration (pull_request) Has been skipped
Generic: Repo Health / Scripts governance (pull_request) Has been skipped
Generic: Repo Health / Repository health (pull_request) Has been skipped
Platform: moko-platform CI / Gate 5: Template Integrity (pull_request) Has been skipped
Platform: moko-platform CI / CI Summary (push) Has been cancelled
Platform: moko-platform CI / CI Summary (pull_request) Has been cancelled
Push a workflow file from moko-platform to all non-archived repos in an org via the Gitea Contents API. Compares content before pushing — skips repos where the file is identical, creates where missing, updates where changed. Supports --dry-run for safe preview. Closes #52 Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
388 lines
11 KiB
PHP
388 lines
11 KiB
PHP
#!/usr/bin/env php
|
|
<?php
|
|
|
|
/* Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
|
|
*
|
|
* This file is part of a Moko Consulting project.
|
|
*
|
|
* SPDX-License-Identifier: GPL-3.0-or-later
|
|
*
|
|
* FILE INFORMATION
|
|
* DEFGROUP: moko-platform.CLI
|
|
* INGROUP: moko-platform
|
|
* REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
|
|
* PATH: /cli/bulk_workflow_push.php
|
|
* VERSION: 01.00.00
|
|
* BRIEF: Push a workflow file to all governed repos via the Gitea Contents API
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
final class BulkWorkflowPush
|
|
{
|
|
private string $giteaUrl = 'https://git.mokoconsulting.tech';
|
|
private string $token = '';
|
|
private string $org = '';
|
|
private string $workflowFile = '';
|
|
private string $destPath = '';
|
|
private string $branch = 'main';
|
|
private bool $dryRun = false;
|
|
|
|
private int $updated = 0;
|
|
private int $created = 0;
|
|
private int $skipped = 0;
|
|
private int $errors = 0;
|
|
|
|
public function run(): int
|
|
{
|
|
$this->parseArgs();
|
|
|
|
if ($this->token === '') {
|
|
$this->log('ERROR: --token is required.');
|
|
$this->printUsage();
|
|
return 1;
|
|
}
|
|
|
|
if ($this->workflowFile === '') {
|
|
$this->log('ERROR: --file is required.');
|
|
$this->printUsage();
|
|
return 1;
|
|
}
|
|
|
|
if (!file_exists($this->workflowFile)) {
|
|
$this->log("ERROR: File not found: {$this->workflowFile}");
|
|
return 1;
|
|
}
|
|
|
|
if ($this->org === '') {
|
|
$this->log('ERROR: --org is required.');
|
|
$this->printUsage();
|
|
return 1;
|
|
}
|
|
|
|
if ($this->destPath === '') {
|
|
$this->destPath = '.mokogitea/workflows/' . basename($this->workflowFile);
|
|
}
|
|
|
|
$localContent = file_get_contents($this->workflowFile);
|
|
|
|
if ($localContent === false) {
|
|
$this->log("ERROR: Could not read file: {$this->workflowFile}");
|
|
return 1;
|
|
}
|
|
|
|
$this->log("Pushing: {$this->workflowFile}");
|
|
$this->log(" -> {$this->destPath} (branch: {$this->branch})");
|
|
$this->log(" -> Org: {$this->org} @ {$this->giteaUrl}");
|
|
|
|
if ($this->dryRun) {
|
|
$this->log('[DRY RUN] No changes will be made.');
|
|
}
|
|
|
|
$this->log('');
|
|
|
|
$repos = $this->fetchOrgRepos();
|
|
|
|
if ($repos === null) {
|
|
return 1;
|
|
}
|
|
|
|
$this->log("Found " . count($repos) . " repo(s) in \"{$this->org}\".");
|
|
$this->log('');
|
|
$this->log(sprintf('%-45s | %s', 'Repo', 'Status'));
|
|
$this->log(str_repeat('-', 70));
|
|
|
|
$encodedContent = base64_encode($localContent);
|
|
|
|
foreach ($repos as $repo) {
|
|
$this->pushToRepo($repo, $encodedContent, $localContent);
|
|
}
|
|
|
|
$this->log('');
|
|
$this->log("Done: {$this->created} created, {$this->updated} updated, "
|
|
. "{$this->skipped} skipped, {$this->errors} error(s).");
|
|
|
|
return $this->errors > 0 ? 1 : 0;
|
|
}
|
|
|
|
private function pushToRepo(
|
|
string $repoFullName,
|
|
string $encodedContent,
|
|
string $localContent
|
|
): void {
|
|
[$owner, $repoName] = explode('/', $repoFullName, 2);
|
|
|
|
$existing = $this->apiRequest(
|
|
'GET',
|
|
"/api/v1/repos/{$owner}/{$repoName}/contents/"
|
|
. "{$this->destPath}?ref={$this->branch}"
|
|
);
|
|
|
|
if ($existing['code'] === 200) {
|
|
$data = json_decode($existing['body'], true);
|
|
$remoteSha = $data['sha'] ?? '';
|
|
$remoteContent = base64_decode($data['content'] ?? '');
|
|
|
|
if ($remoteContent === $localContent) {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
'IDENTICAL (skipped)'
|
|
));
|
|
$this->skipped++;
|
|
return;
|
|
}
|
|
|
|
if ($this->dryRun) {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
'WOULD UPDATE'
|
|
));
|
|
$this->updated++;
|
|
return;
|
|
}
|
|
|
|
$payload = json_encode([
|
|
'content' => $encodedContent,
|
|
'sha' => $remoteSha,
|
|
'message' => "chore: sync {$this->destPath} "
|
|
. "from moko-platform [skip ci]",
|
|
'branch' => $this->branch,
|
|
]);
|
|
|
|
$response = $this->apiRequest(
|
|
'PUT',
|
|
"/api/v1/repos/{$owner}/{$repoName}/contents/"
|
|
. $this->destPath,
|
|
$payload
|
|
);
|
|
|
|
if ($response['code'] === 200) {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
'UPDATED'
|
|
));
|
|
$this->updated++;
|
|
} else {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
"ERROR (HTTP {$response['code']})"
|
|
));
|
|
$this->errors++;
|
|
}
|
|
} elseif ($existing['code'] === 404) {
|
|
if ($this->dryRun) {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
'WOULD CREATE'
|
|
));
|
|
$this->created++;
|
|
return;
|
|
}
|
|
|
|
$payload = json_encode([
|
|
'content' => $encodedContent,
|
|
'message' => "chore: add {$this->destPath} "
|
|
. "from moko-platform [skip ci]",
|
|
'branch' => $this->branch,
|
|
]);
|
|
|
|
$response = $this->apiRequest(
|
|
'POST',
|
|
"/api/v1/repos/{$owner}/{$repoName}/contents/"
|
|
. $this->destPath,
|
|
$payload
|
|
);
|
|
|
|
if ($response['code'] === 201) {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
'CREATED'
|
|
));
|
|
$this->created++;
|
|
} else {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
"ERROR (HTTP {$response['code']})"
|
|
));
|
|
$this->errors++;
|
|
}
|
|
} else {
|
|
$this->log(sprintf(
|
|
'%-45s | %s',
|
|
$repoFullName,
|
|
"ERROR (HTTP {$existing['code']})"
|
|
));
|
|
$this->errors++;
|
|
}
|
|
}
|
|
|
|
private function fetchOrgRepos(): ?array
|
|
{
|
|
$this->log("Fetching repos from org: {$this->org}");
|
|
|
|
$page = 1;
|
|
$repos = [];
|
|
|
|
while (true) {
|
|
$response = $this->apiRequest(
|
|
'GET',
|
|
"/api/v1/orgs/{$this->org}/repos?"
|
|
. "limit=50&page={$page}"
|
|
);
|
|
|
|
if ($response['code'] < 200 || $response['code'] >= 300) {
|
|
if ($page === 1) {
|
|
$this->log("ERROR: Could not fetch repos "
|
|
. "(HTTP {$response['code']}).");
|
|
return null;
|
|
}
|
|
|
|
break;
|
|
}
|
|
|
|
$data = json_decode($response['body'], true);
|
|
|
|
if (!is_array($data) || count($data) === 0) {
|
|
break;
|
|
}
|
|
|
|
foreach ($data as $repo) {
|
|
if (!empty($repo['archived'])) {
|
|
continue;
|
|
}
|
|
|
|
$fullName = $repo['full_name'] ?? '';
|
|
|
|
if ($fullName !== '') {
|
|
$repos[] = $fullName;
|
|
}
|
|
}
|
|
|
|
$page++;
|
|
}
|
|
|
|
return $repos;
|
|
}
|
|
|
|
private function parseArgs(): void
|
|
{
|
|
$args = $_SERVER['argv'] ?? [];
|
|
$count = count($args);
|
|
|
|
for ($i = 1; $i < $count; $i++) {
|
|
switch ($args[$i]) {
|
|
case '--gitea-url':
|
|
$this->giteaUrl = rtrim($args[++$i] ?? '', '/');
|
|
break;
|
|
case '--token':
|
|
$this->token = $args[++$i] ?? '';
|
|
break;
|
|
case '--org':
|
|
$this->org = $args[++$i] ?? '';
|
|
break;
|
|
case '--file':
|
|
$this->workflowFile = $args[++$i] ?? '';
|
|
break;
|
|
case '--dest':
|
|
$this->destPath = $args[++$i] ?? '';
|
|
break;
|
|
case '--branch':
|
|
$this->branch = $args[++$i] ?? 'main';
|
|
break;
|
|
case '--dry-run':
|
|
$this->dryRun = true;
|
|
break;
|
|
case '--help':
|
|
case '-h':
|
|
$this->printUsage();
|
|
exit(0);
|
|
default:
|
|
$this->log("WARNING: Unknown argument: {$args[$i]}");
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
private function printUsage(): void
|
|
{
|
|
$this->log(
|
|
'Usage: bulk_workflow_push.php '
|
|
. '--token <token> --file <path> --org <org> [options]'
|
|
);
|
|
$this->log('');
|
|
$this->log(
|
|
'Push a workflow file from moko-platform '
|
|
. 'to all governed repos.'
|
|
);
|
|
$this->log('');
|
|
$this->log('Options:');
|
|
$this->log(' --gitea-url <url> Gitea URL '
|
|
. '(default: https://git.mokoconsulting.tech)');
|
|
$this->log(' --token <token> Gitea API token');
|
|
$this->log(' --org <org> Target organization');
|
|
$this->log(' --file <path> Local workflow file to push');
|
|
$this->log(' --dest <path> Destination path in repos '
|
|
. '(default: .mokogitea/workflows/<filename>)');
|
|
$this->log(' --branch <branch> Target branch (default: main)');
|
|
$this->log(' --dry-run Show what would be done');
|
|
$this->log(' --help, -h Show this help');
|
|
}
|
|
|
|
private function apiRequest(
|
|
string $method,
|
|
string $endpoint,
|
|
?string $body = null
|
|
): array {
|
|
$url = $this->giteaUrl . $endpoint;
|
|
|
|
$ch = curl_init();
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, [
|
|
'Content-Type: application/json',
|
|
'Accept: application/json',
|
|
"Authorization: token {$this->token}",
|
|
]);
|
|
|
|
if ($body !== null) {
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
|
|
}
|
|
|
|
$responseBody = curl_exec($ch);
|
|
$httpCode = (int) curl_getinfo(
|
|
$ch,
|
|
CURLINFO_HTTP_CODE
|
|
);
|
|
|
|
if (curl_errno($ch)) {
|
|
$error = curl_error($ch);
|
|
curl_close($ch);
|
|
|
|
return [
|
|
'code' => 0,
|
|
'body' => "cURL error: {$error}",
|
|
];
|
|
}
|
|
|
|
curl_close($ch);
|
|
|
|
return ['code' => $httpCode, 'body' => $responseBody];
|
|
}
|
|
|
|
private function log(string $message): void
|
|
{
|
|
fwrite(STDERR, $message . PHP_EOL);
|
|
}
|
|
}
|
|
|
|
$app = new BulkWorkflowPush();
|
|
exit($app->run());
|