Update .forgejo/workflows/build.yml

.forgejo/workflows/build.yml

@@ -11,9 +11,12 @@ jobs:
     runs-on: dind
 
     env:
+      PACKAGE: alpine-edge
       DOCKER_REGISTRY: git.shork.ch
       REGISTRY_USER: docker-images
-      PACKAGE_NAME: alpine-edge
+      COMMIT_AUTHOR_NAME: "forgejo-runner"
+      COMMIT_AUTHOR_EMAIL: "forgejo-runner@shork.ch"
+      COMMIT_MESSAGE: "Update build metadata"
       REPO_URL: "https://dl-cdn.alpinelinux.org/alpine/edge/releases/x86_64"
       YAML_FILE: "latest-releases.yaml"
       IMAGE_NAME: "alpine-edge-minirootfs"
@@ -24,11 +27,36 @@ jobs:
         shell: sh
         run: |
           echo "Run because of ${{ github.event_name }}"
-          apk add --no-cache git nodejs npm bash sed curl jq yq
+          apk add --no-cache git nodejs npm bash sed curl jq yq #$PACKAGE
 
       - uses: actions/checkout@v3
+  
+      - name: Get latest package version
+        run: |
+          FILENAME=$(curl -s "$REPO_URL/$YAML_FILE" | yq -r ".[] | select(.flavor == \"alpine-minirootfs\") | .file")
+          NEWEST_VERSION=$(echo "$FILENAME" | sed 's/^alpine-minirootfs-//; s/-x86_64\.tar\.gz$//')
+          echo "NEWEST_VERSION=$NEWEST_VERSION" >> $GITHUB_ENV
+          echo "FILENAME=$FILENAME" >> $GITHUB_ENV
+
+      - name: Determine if update is needed
+        run: |
+          last_version_file=".last_version"
+          last_dockerfile_hash_file=".dockerfile_hash"
+
+          last_version=$(cat $last_version_file 2>/dev/null || echo "none")
+          last_dockerfile_hash=$(cat $last_dockerfile_hash_file 2>/dev/null || echo "none")
+          dockerfile_hash=$(sha256sum Dockerfile | awk '{print $1}' || echo "nuh")
+
+          update="false"
+          if [ ${{ github.event_name }} == "workflow_dispatch" ] || [ "$last_version" != "$NEWEST_VERSION" ] || [ "$last_dockerfile_hash" != "$dockerfile_hash" ]; then
+            update="true"
+          fi
+
+          echo "UPDATE=$update" >> $GITHUB_ENV
+          echo "DOCKERFILE_HASH=$dockerfile_hash" >> $GITHUB_ENV
 
       - name: Start Docker daemon
+        if: env.UPDATE == 'true'
         run: |
           dockerd-entrypoint.sh &
           for i in {1..10}; do
@@ -38,13 +66,9 @@ jobs:
           done
           docker info || { echo "Docker daemon failed to start."; exit 1; }
 
-      - name: Get Buildfiles
+      - name: Get and verify Buildfiles
+        if: env.UPDATE == 'true'
         run: |
-          YAML=$(curl -s "$REPO_URL/$YAML_FILE")
-          FILENAME=$(echo "$YAML" | yq -r ".[] | select(.flavor == \"alpine-minirootfs\") | .file")
-          VERSION=$(echo "$FILENAME" | sed 's/^alpine-minirootfs-//; s/-x86_64\.tar\.gz$//')
-          echo "VERSION=$VERSION" >> $GITHUB_ENV
-
           curl -LOs "$REPO_URL/$FILENAME"
           curl -LOs "$REPO_URL/$FILENAME.sha512"
           sha512sum -c $FILENAME.sha512
@@ -53,8 +77,17 @@ jobs:
 
 
       - name: Build and push Docker image
+        if: env.UPDATE == 'true'
         run: |
-          docker build --build-arg NPROC=1 -t $DOCKER_REGISTRY/$REGISTRY_USER/$PACKAGE_NAME:latest -t $DOCKER_REGISTRY/$REGISTRY_USER/$PACKAGE_NAME:$VERSION .
+          docker build --build-arg NPROC=1 -t $DOCKER_REGISTRY/$REGISTRY_USER/$PACKAGE:latest -t $DOCKER_REGISTRY/$REGISTRY_USER/$PACKAGE:$VERSION .
           echo "${{ secrets.DOCKER_PASSWORD }}" | docker login $DOCKER_REGISTRY -u $REGISTRY_USER --password-stdin
-          docker push --all-tags $DOCKER_REGISTRY/$REGISTRY_USER/$PACKAGE_NAME
+          docker push --all-tags $DOCKER_REGISTRY/$REGISTRY_USER/$PACKAGE
-
+    
+      - name: Commit updated metadata
+        if: env.UPDATE == 'true'
+        run: |
+          git config user.name "$COMMIT_AUTHOR_NAME"
+          git config user.email "$COMMIT_AUTHOR_EMAIL"
+          git add .last_version .dockerfile_hash
+          git commit -m "$COMMIT_MESSAGE" || echo "No commit"
+          git push