.github/workflows/docker_other_repos.yml

---
name: Docker Other Repos
'on':
  push:
    branches:
      - main
  schedule:
    - cron: '0 2 * * *'

jobs:

  Docker-Other-Repos:
    name: Docker-Other-Repos
    runs-on: ubuntu-latest
    strategy:
      matrix:
        include:
          - repository: docker-archlinux
            image: archlinux
          - repository: docker-os-systemd
            image: debian10
            dockerfile_location: images/
          - repository: docker-os-systemd
            image: debian11
            dockerfile_location: images/
          - repository: docker-os-systemd
            image: debian12
            dockerfile_location: images/
          - repository: docker-os-systemd
            image: ubuntu20
            dockerfile_location: images/
          - repository: docker-os-systemd
            image: ubuntu22
            dockerfile_location: images/
          - repository: docker-os-systemd
            image: ubuntu24
            dockerfile_location: images/
          - repository: docker-alpine-ftp-server-tls
            image: alpine
          - repository: docker-alpine-nfs-server
            image: alpine
          - repository: prometheus_bot
            image: alpine
          - repository: docker-squid
            image: alpine
          - repository: docker-ocserv
            image: alpine
          - repository: docker-flarectl
            image: alpine
          - repository: docker-flarectl
            image: golang

    steps:
      - name: Check out the codebase.
        uses: actions/checkout@v3

      - name: Pull base image.
        run: docker pull quay.io/aminvakil/archlinux:latest

      - name: Run a container of base image and mount package on it.
        run: |
          container_id=$(mktemp)
          docker run --detach --privileged --cgroup-parent=docker.slice --cgroupns private --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v "${PWD}":/nvchecker quay.io/aminvakil/archlinux:latest > "${container_id}"
          echo "container_id=$container_id" >> $GITHUB_ENV

      - name: pacman -Syu
        run: docker exec "$(cat ${container_id})" pacman -Syu --noconfirm

      - name: Install nvchecker and git.
        run: docker exec "$(cat ${container_id})" pacman -S nvchecker git pyalpm --noconfirm

      - name: Nvcheck!
        run: |
          docker exec "$(cat ${container_id})" nvchecker --failures -c /nvchecker/docker.toml
          docker_nvcmp_output=$(docker exec "$(cat ${container_id})" nvcmp -c /nvchecker/docker.toml)
          if [[ $docker_nvcmp_output ]]; then DOCKER_HAS_CHANGED='true' ; fi
          echo "DOCKER_HAS_CHANGED=$DOCKER_HAS_CHANGED" >> $GITHUB_ENV
          echo 'docker_nvcmp_output<<EOF' >> $GITHUB_ENV
          echo $docker_nvcmp_output >> $GITHUB_ENV
          echo 'EOF' >> $GITHUB_ENV
          mv docker_new.txt docker_old.txt

      - name: Check what has been changed
        if: env.DOCKER_HAS_CHANGED == 'true'
        run: |
          if [[ "${{ env.docker_nvcmp_output }}" == *"$image"* ]]; then OS_CHANGED='true'; fi
          echo "OS_CHANGED=$OS_CHANGED" >> $GITHUB_ENV
        env:
          image: ${{ matrix.image }}

      - uses: actions/checkout@v3
        if: env.OS_CHANGED == 'true'
        with:
          repository: "aminvakil/${{ env.repository }}"
          path: "./${{ env.repository }}"
        env:
          repository: ${{ matrix.repository }}

      - name: Bump version
        if: env.OS_CHANGED == 'true'
        run: |
          before=$(echo "${{ env.docker_nvcmp_output }}" | sed "s/.*$image/$image/g" | awk '{print $2}')
          after=$(echo "${{ env.docker_nvcmp_output }}" | sed "s/.*$image/$image/g" | awk '{print $4}')
          commit_message="$before -> $after"
          echo "commit_message=$commit_message" >> $GITHUB_ENV
          sed -i "s/${before/\./\\.}$/$after/g" "${{ env.repository }}/${{ env.dockerfile_location }}"Dockerfile*
        env:
          image: ${{ matrix.image }}
          repository: ${{ matrix.repository }}
          dockerfile_location: ${{ matrix.dockerfile_location }}

      - uses: tibdex/github-app-token@v1
        if: env.OS_CHANGED == 'true'
        id: generate-token
        with:
          app_id: ${{ secrets.APP_ID }}
          private_key: ${{ secrets.APP_PRIVATE_KEY }}
        env:
          image: ${{ matrix.image }}

      - name: Create ${{ env.image }} Pull Request
        if: env.OS_CHANGED == 'true'
        uses: peter-evans/create-pull-request@v6
        with:
          token: ${{ steps.generate-token.outputs.token }}
          path: "./${{ env.repository }}"
          commit-message: ${{ env.commit_message }}
          branch: ${{ env.image }}
          delete-branch: true
          title: Bump ${{ env.image }}
          body: ${{ env.commit_message }}
        env:
          image: ${{ matrix.image }}
          repository: ${{ matrix.repository }}

      - name: Stop and remove container forcefully.
        run: docker rm -f "$(cat ${container_id})"