MokoConsulting/moko-platform
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Releases Wiki Activity
Page: api-maintenance-index.-
Pages
ARCHITECTURE AUTO_CREATE_ORG_PROJECTS CLI_AUTOMATION DEPLOY_SCRIPTS DOLIBARR_MODULE_IDS DRY_RUN_PATTERN Documentation-Standards.-.- Documentation-Standards.- File-Header-Standards Home JOOMLA_SYNC LEGAL_DOC_GENERATOR_WEB_README MCP-Servers.-.-. MCP-Servers MINIFICATION MONITORING_SCRIPTS NEW_SCRIPTS QUICKSTART_ORG_PROJECTS SITE_MONITORING WIKI_STANDARDS WORKFLOW_STANDARDS api-automation-index.- api-automation-index api-definitions-default-index.- api-definitions-default-index api-definitions-sync-index.- api-definitions-sync-index api-deploy-index.- api-deploy-index api-fix-index.- api-fix-index api-index.- api-index api-maintenance-index.- api-maintenance-index api-plugin-index.- api-plugin-index api-tests-index.- api-tests-index api-tests-sample-index.- api-tests-sample-index api-validate-index.- api-validate-index automation-README.- automation-README automation-branch-version-automation.- automation-branch-version-automation automation-push-files.- automation-push-files automation-repo-cleanup.- automation-repo-cleanup client-repos.-.- client-repos standards-mokostandards-file-spec.- standards-mokostandards-file-spec templates-client-waas templates-dolibarr templates-generic templates-mcp workflows-README.- workflows-README workflows-auto-release.- workflows-auto-release workflows-branch-protection.- workflows-branch-protection workflows-build-release.- workflows-build-release workflows-cascade-dev.- workflows-cascade-dev workflows-changelog-management.- workflows-changelog-management workflows-demo-deployment.- workflows-demo-deployment workflows-dev-branch-tracking.- workflows-dev-branch-tracking workflows-dev-deployment.- workflows-dev-deployment workflows-index.- workflows-index workflows-release-system.- workflows-release-system workflows-renovate.- workflows-renovate workflows-reusable-workflows.- workflows-reusable-workflows workflows-rs-deployment.- workflows-rs-deployment workflows-secret-scanning.- workflows-secret-scanning workflows-shared-workflows.- workflows-shared-workflows workflows-standards-compliance.- workflows-standards-compliance workflows-static-analysis.- workflows-static-analysis workflows-sub-issue-management.- workflows-sub-issue-management workflows-update-server.- workflows-update-server workflows-workflow-architecture.- workflows-workflow-architecture
Clone
2
api-maintenance-index.-
Jonathan Miller edited this page 2026-05-11 21:56:16 +00:00
Table of Contents

Home

Maintenance Scripts

Scripts in api/maintenance/ perform housekeeping tasks: pinning action SHAs, syncing README files, propagating version numbers, and managing GitHub labels.

pin_action_shas.php

Pins all uses: references in .gitea/workflows/ to immutable SHA digests, replacing floating tags (e.g. v4) to prevent supply-chain attacks.

php api/maintenance/pin_action_shas.php --dry-run
php api/maintenance/pin_action_shas.php --verbose
Option Description
--dry-run Show changes without writing files
--verbose / -v Print each file processed
--help / -h Show help and exit

setup_labels.php

Deploys the full set of GitHub issue and PR labels to all governed repositories. Idempotent — creates missing labels and updates colour/description of existing ones via gh label create --force.

Label groups (67 total):

Group Count Examples
Project Type 3 joomla, dolibarr, generic
Language 6 php, javascript, css
Component 8 documentation, ci-cd, security, tests
Workflow 5 automation, mokostandards, breaking-change
Priority 4 priority: criticalpriority: low
Type 5 type: bug, type: feature, type: chore
Status 5 status: pending, status: in-progress, status: blocked
Size 6 size/xssize/xxl
Health 4 health: excellenthealth: poor
Sync/Automation 11 standards-update, deploy-failure, version-drift
Testing 4 type: test, needs-testing, test-failure, regression
Version/Release 6 type: release, release-candidate, minor-release, patch-release 
php api/maintenance/setup_labels.php
php api/maintenance/setup_labels.php --dry-run
Option Description
--dry-run Preview label changes without applying them
--help / -h Show help and exit

sync_dolibarr_readmes.php

Keeps the root README.md and src/README.md in sync for Dolibarr module repositories. Copies the canonical root README into src/ to satisfy the module store requirement.

php api/maintenance/sync_dolibarr_readmes.php --path /path/to/module
php api/maintenance/sync_dolibarr_readmes.php --path /path/to/module --dry-run
Option Default Description
--path . Repository root
--dry-run off Show what would be synced without writing

update_sha_hashes.php

Regenerates SHA-256 hashes in the script registry (api/definitions/) to reflect current file contents after scripts are modified.

php api/maintenance/update_sha_hashes.php --dry-run
php api/maintenance/update_sha_hashes.php --verbose
Option Description
--dry-run Show hash differences without updating
--verbose / -v Print each file processed
--help / -h Show help and exit

update_version_from_readme.php

Reads the canonical version from the VERSION field in README.md's FILE INFORMATION block and propagates it to all badges, headers, and other VERSION fields throughout the repository. Run this after bumping the version in README.md instead of manually updating every file.

php api/maintenance/update_version_from_readme.php --path .
php api/maintenance/update_version_from_readme.php --path . --dry-run
php api/maintenance/update_version_from_readme.php --path . --create-issue --repo owner/repo
Option Default Description
--path . Repository root
--dry-run off Show changes without writing
--create-issue off Create a GitHub issue listing updated files
--repo <owner/repo> Repository for issue creation

rotate_secrets.php

Audits FTP secrets and variables (DEV/DEMO/RS) across all governed repositories. Reports missing auth keys, incomplete environment configs, and optionally posts results as a GitHub issue in moko-platform.

php api/maintenance/rotate_secrets.php --all
php api/maintenance/rotate_secrets.php --repo MokoCRM
php api/maintenance/rotate_secrets.php --all --create-issue
php api/maintenance/rotate_secrets.php --all --json
Option Description
--all Audit all governed repos
--repo <name> Audit a single repo
--json Machine-readable JSON output
--create-issue Post/update audit results as a GitHub issue
--org <name> GitHub organization (default: MokoConsulting)

repo_inventory.php

Generates a live inventory dashboard of all governed repos and posts it as a GitHub issue in moko-platform. Shows platform, version, rulesets status, project linkage, and open issue count per repo. Auto-updates on each run.

php api/maintenance/repo_inventory.php
php api/maintenance/repo_inventory.php --dry-run
php api/maintenance/repo_inventory.php --json
Option Description
--dry-run Preview without posting issue
--json JSON output to stdout
--org <name> GitHub organization (default: MokoConsulting)

Repo: moko-platform · moko-platform wiki

Field Value
Minimum Version 04.07.00
Platform all
Applies To moko-platform
Revision Date Author Description
1.0 2026-05-08 Moko Consulting Initial version