Merge remote-tracking branch 'origin/main' into dev

# Conflicts: # .mokogitea/workflows/issue-branch.yml # CHANGELOG.md # README.md # source/packages/com_mokoog/mokoog.xml # source/packages/plg_content_mokoog/mokoog.xml # source/packages/plg_system_mokoog/mokoog.xml # source/packages/plg_webservices_mokoog/mokoog.xml # source/pkg_mokoog.xml
2026-06-21 17:24:32 -05:00
parent b033cfe4e2 fa12fa5937
commit 68eab6fdb2
6 changed files with 59 additions and 39 deletions
@@ -10,9 +10,9 @@
 # VERSION: 05.00.00
 # BRIEF: Universal build & release � detects platform from manifest.xml
 #
-# +========================================================================+
+# +=======================================================================+
 # |              UNIVERSAL BUILD & RELEASE PIPELINE                        |
-# +========================================================================+
+# +=======================================================================+
 # |                                                                        |
 # |  Reads manifest.xml (joomla|dolibarr|generic) to branch logic.       |
 # |                                                                        |
@@ -21,7 +21,7 @@
 # |    dolibarr: mod*.class.php, update.txt, dev version reset             |
 # |    generic:  README-only, no update stream                             |
 # |                                                                        |
-# +========================================================================+
+# +=======================================================================+

 name: "Universal: Build & Release"

@@ -51,7 +51,7 @@ permissions:
  contents: write

 jobs:
-  # ── PR Opened → Rename branch to RC and build RC release ─────────────────────
+  # ── PR Opened → Rename branch to RC and build RC release ─────────────────────────
  promote-rc:
    name: Promote to RC
    runs-on: release
@@ -149,7 +149,7 @@ jobs:
          echo "## Promoted to Release Candidate" >> $GITHUB_STEP_SUMMARY
          echo "Branch renamed to rc, minor bump, RC release built" >> $GITHUB_STEP_SUMMARY

-  # ── Merged PR → Build & Release (or promote RC to stable) ────────────────────
+  # ── Merged PR → Build & Release (or promote RC to stable) ─────────────────────────
  release:
    name: Build & Release Pipeline
    runs-on: release
@@ -241,11 +241,47 @@ jobs:
          VERSION=$(echo "$VERSION" | sed 's/-\(dev\|alpha\|beta\|rc\)$//')
          [ -z "$VERSION" ] && VERSION="00.00.00" && echo "skip=true" >> "$GITHUB_OUTPUT"
          echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
-          echo "tag=stable" >> "$GITHUB_OUTPUT"
-          echo "release_tag=stable" >> "$GITHUB_OUTPUT"
+          PLATFORM="${{ steps.platform.outputs.platform }}"
+          if [[ "$PLATFORM" == joomla* ]]; then
+            echo "tag=stable" >> "$GITHUB_OUTPUT"
+            echo "release_tag=stable" >> "$GITHUB_OUTPUT"
+          else
+            echo "tag=v${VERSION}" >> "$GITHUB_OUTPUT"
+            echo "release_tag=v${VERSION}" >> "$GITHUB_OUTPUT"
+          fi
          echo "branch=main" >> "$GITHUB_OUTPUT"
          echo "Published version: ${VERSION}"

+      - name: "Create semver tag for non-Joomla repos"
+        id: semver
+        if: |
+          steps.version.outputs.skip != 'true' &&
+          !startsWith(steps.platform.outputs.platform, 'joomla')
+        run: |
+          VERSION="${{ steps.version.outputs.version }}"
+          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
+          TOKEN="${{ secrets.MOKOGITEA_TOKEN }}"
+          SEMVER_TAG="v${VERSION}"
+
+          echo "Creating semver tag: ${SEMVER_TAG}"
+
+          # Create the git tag via API
+          HTTP_CODE=$(curl -sf -o /dev/null -w "%{http_code}" \
+            -X POST -H "Authorization: token ${TOKEN}" \
+            -H "Content-Type: application/json" \
+            "${API_BASE}/tags" \
+            -d "{\"tag_name\":\"${SEMVER_TAG}\",\"target\":\"main\",\"message\":\"Release ${VERSION}\"}" 2>/dev/null || echo "000")
+
+          if [ "$HTTP_CODE" = "201" ] || [ "$HTTP_CODE" = "200" ]; then
+            echo "Created semver tag: ${SEMVER_TAG}"
+          elif [ "$HTTP_CODE" = "409" ]; then
+            echo "Semver tag ${SEMVER_TAG} already exists (skipped)"
+          else
+            echo "::warning::Failed to create semver tag ${SEMVER_TAG} (HTTP ${HTTP_CODE})"
+          fi
+
+          echo "semver_tag=${SEMVER_TAG}" >> "$GITHUB_OUTPUT"
+
      - name: Update release notes and promote changelog
        run: |
          API_BASE="${GITEA_URL}/api/v1/repos/${GITEA_ORG}/${GITEA_REPO}"
@@ -4,8 +4,8 @@
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
-# INGROUP: moko-platform.Maintenance
-# REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
+# INGROUP: MokoStandards.Maintenance
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards
 # PATH: /.gitea/workflows/cleanup.yml
 # VERSION: 01.00.00
 # BRIEF: Scheduled cleanup — delete merged branches and old workflow runs
@@ -33,17 +33,17 @@ jobs:
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
-          token: ${{ secrets.MOKOGITEA_TOKEN }}
+          token: ${{ secrets.GA_TOKEN }}

      - name: Delete merged branches
        env:
-          GA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+          GA_TOKEN: ${{ secrets.GA_TOKEN }}
        run: |
          echo "=== Merged Branch Cleanup ==="
          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"

          # List branches via API
-          BRANCHES=$(curl -sS -H "Authorization: token ${GITEA_TOKEN}" \
+          BRANCHES=$(curl -sS -H "Authorization: token ${GA_TOKEN}" \
            "${API}/branches?limit=50" | jq -r '.[].name')

          DELETED=0
@@ -56,7 +56,7 @@ jobs:
            # Check if branch is merged into main
            if git merge-base --is-ancestor "origin/${BRANCH}" origin/main 2>/dev/null; then
              echo "  Deleting merged branch: ${BRANCH}"
-              curl -sS -X DELETE -H "Authorization: token ${GITEA_TOKEN}" \
+              curl -sS -X DELETE -H "Authorization: token ${GA_TOKEN}" \
                "${API}/branches/${BRANCH}" 2>/dev/null || true
              DELETED=$((DELETED + 1))
            fi
@@ -66,20 +66,20 @@ jobs:

      - name: Clean old workflow runs
        env:
-          GA_TOKEN: ${{ secrets.MOKOGITEA_TOKEN }}
+          GA_TOKEN: ${{ secrets.GA_TOKEN }}
        run: |
          echo "=== Workflow Run Cleanup ==="
          API="${GITEA_URL}/api/v1/repos/${{ github.repository }}"
          CUTOFF=$(date -d "30 days ago" +%Y-%m-%dT%H:%M:%SZ 2>/dev/null || date -v-30d +%Y-%m-%dT%H:%M:%SZ)

          # Get old completed runs
-          RUNS=$(curl -sS -H "Authorization: token ${GITEA_TOKEN}" \
+          RUNS=$(curl -sS -H "Authorization: token ${GA_TOKEN}" \
            "${API}/actions/runs?status=completed&limit=50" | \
            jq -r ".workflow_runs[] | select(.created_at < \"${CUTOFF}\") | .id" 2>/dev/null)

          DELETED=0
          for RUN_ID in $RUNS; do
-            curl -sS -X DELETE -H "Authorization: token ${GITEA_TOKEN}" \
+            curl -sS -X DELETE -H "Authorization: token ${GA_TOKEN}" \
              "${API}/actions/runs/${RUN_ID}" 2>/dev/null || true
            DELETED=$((DELETED + 1))
          done
@@ -4,8 +4,8 @@
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
-# INGROUP: moko-platform.Security
-# REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/moko-platform
+# INGROUP: MokoStandards.Security
+# REPO: https://git.mokoconsulting.tech/mokoconsulting-tech/MokoStandards-API
 # PATH: /templates/workflows/gitleaks.yml.template
 # VERSION: 01.00.00
 # BRIEF: Secret scanning — detect leaked credentials, API keys, and tokens
@@ -5,7 +5,7 @@
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
 # INGROUP: mokocli.Automation
-# VERSION: 01.02.01
+# VERSION: 01.00.00
 # BRIEF: Auto-create feature branch when an issue is opened

 name: "Universal: Issue Branch"
@@ -4,8 +4,8 @@
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
-# INGROUP: moko-platform.Notifications
-# REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
+# INGROUP: MokoStandards.Notifications
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards
 # PATH: /.gitea/workflows/notify.yml
 # VERSION: 01.00.00
 # BRIEF: Push notifications via ntfy on release success or workflow failure
@@ -4,8 +4,8 @@
 #
 # FILE INFORMATION
 # DEFGROUP: Gitea.Workflow
-# INGROUP: moko-platform.Security
-# REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
+# INGROUP: MokoStandards.Security
+# REPO: https://git.mokoconsulting.tech/MokoConsulting/MokoStandards
 # PATH: /.gitea/workflows/security-audit.yml
 # VERSION: 01.00.00
 # BRIEF: Dependency vulnerability scanning for composer and npm packages
@@ -80,19 +80,3 @@ jobs:
            -H "Priority: high" \
            -d "Security audit found vulnerabilities. Review dependency updates." \
            "${NTFY_URL}/${NTFY_TOPIC}" || true
-
-
-      - name: Joomla version audit
-        if: always()
-        run: |
-          if [ -f "monitoring/joomla-version-audit.php" ] && [ -n "$JOOMLA_SITES" ]; then
-            echo "$JOOMLA_SITES" > /tmp/sites.json
-            php monitoring/joomla-version-audit.php --sites /tmp/sites.json || true
-            echo "### Joomla Version Audit" >> $GITHUB_STEP_SUMMARY
-            rm -f /tmp/sites.json
-          else
-            echo "Joomla audit skipped (no script or JOOMLA_SITES_JSON not configured)"
-          fi
-        env:
-          JOOMLA_SITES: ${{ vars.JOOMLA_SITES_JSON }}
-