Githubguy132010
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 75 additions & 2 deletions b/‎.github/workflows/build.yml‎
Lines changed: 75 additions & 2 deletions
diff --git a/‎.github/workflows/release-notes.yml‎
Lines changed: 0 additions & 115 deletions b/‎.github/workflows/release-notes.yml‎
Lines changed: 0 additions & 115 deletions
diff --git a/‎.github/workflows/validate-build.yaml‎
Lines changed: 126 additions & 0 deletions b/‎.github/workflows/validate-build.yaml‎
Lines changed: 126 additions & 0 deletions
@@ -23,6 +23,8 @@ jobs:
     steps:
       - name: Checkout Repository
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Fetch all history for all branches and tags
 
       - name: Setup Environment
         run: |
@@ -35,9 +37,10 @@ jobs:
         uses: actions/cache@v4
         with:
           path: ${{ env.PACMAN_CACHE }}
-          key: archlinux-pacman-${{ github.run_id }}
+          key: archlinux-pacman-v2-${{ runner.os }}-${{ hashFiles('packages.x86_64', 'bootstrap_packages.x86_64', 'pacman.conf') }}
           restore-keys: |
-            archlinux-pacman-
+            archlinux-pacman-v2-${{ runner.os }}-
+            archlinux-pacman-v2-
 
       - name: Set up Docker Container
         run: |
@@ -134,6 +137,76 @@ jobs:
           # Ensure DETAILED_RELEASE_NOTES.md is created
           cp release_notes.md DETAILED_RELEASE_NOTES.md
 
+      - name: Generate Detailed Changelog
+        id: generate_detailed_changelog
+        run: |
+          echo "Starting detailed changelog generation..."
+          CURRENT_TAG="${{ env.RELEASE_TAG }}"
+          echo "Current tag for release: $CURRENT_TAG"
+
+          # Fetch all tags from remote to ensure we have the latest state
+          git fetch --tags
+          
+          # Determine PREVIOUS_TAG
+          # Exclude the current tag from the list of potential previous tags
+          # Sort tags in descending order (v:refname for version sort)
+          PREVIOUS_TAG=$(git tag --sort=-v:refname | grep -v "^$CURRENT_TAG$" | head -n1 || echo "")
+
+          if [ -z "$PREVIOUS_TAG" ]; then
+            echo "No previous tag found or it's the first release. Changelog will be from the beginning of history."
+            # Use --reverse to list oldest first for better readability in release notes
+            COMMITS=$(git log --pretty=format:"- %s (%h) by @%an" --reverse HEAD)
+          else
+            echo "Generating changelog from $PREVIOUS_TAG to $CURRENT_TAG (effectively HEAD)"
+            # Use --reverse to list oldest first
+            COMMITS=$(git log --pretty=format:"- %s (%h) by @%an" --reverse $PREVIOUS_TAG..HEAD)
+          fi
+
+          if [ -z "$COMMITS" ]; then
+            echo "No commits found for the range. Setting a default message."
+            COMMITS="No specific code changes identified in this release."
+          fi
+
+          CHANGELOG_DETAILS_FILE="changelog_details.md"
+          echo "Generating changelog details into $CHANGELOG_DETAILS_FILE..."
+          {
+            echo ""
+            echo "---"
+            echo ""
+            echo "## 📋 Detailed Changes from Git Log"
+            echo ""
+            echo "### 🚀 Features & Enhancements"
+            echo "$COMMITS" | grep -i -E 'feat|feature|add|enhance|implement' || echo "_No specific features/enhancements in this update based on commit messages._"
+            echo ""
+            echo "### 🐛 Bug Fixes"
+            echo "$COMMITS" | grep -i -E 'fix|bug|issue|problem|resolve' || echo "_No specific bug fixes in this update based on commit messages._"
+            echo ""
+            echo "### 🔧 Maintenance & Refactoring"
+            echo "$COMMITS" | grep -i -E 'refactor|chore|docs|test|ci|build|perf|style' || echo "_No specific maintenance/refactoring in this update based on commit messages._"
+            echo ""
+            echo "### 📝 Other Changes"
+            # The OR condition ensures that if grep finds nothing, it still prints the fallback message.
+            # This grep looks for lines NOT matching the previous categories.
+            echo "$COMMITS" | grep -v -i -E 'feat|feature|add|enhance|implement|fix|bug|issue|problem|resolve|refactor|chore|docs|test|ci|build|perf|style' || echo "_No other specific changes in this update based on commit messages._"
+            # If COMMITS was the default "No specific code changes..." message, the above grep -v would still output it.
+            # We add a specific check here to ensure if COMMITS was "No specific code changes...", it's handled gracefully by "Other Changes"
+            if [ "$COMMITS" = "No specific code changes identified in this release." ]; then
+              echo "$COMMITS"
+            fi
+            echo ""
+            echo "---"
+            if [ -n "$PREVIOUS_TAG" ]; then
+              echo "📦 Full commit history: [$PREVIOUS_TAG...${CURRENT_TAG} (HEAD)](https://github.com/${{ github.repository }}/compare/$PREVIOUS_TAG...${{ github.sha }})"
+            else
+              echo "📦 Full commit history up to this release: [${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }})"
+            fi
+          } > "$CHANGELOG_DETAILS_FILE"
+
+          echo "Appending $CHANGELOG_DETAILS_FILE to DETAILED_RELEASE_NOTES.md"
+          cat "$CHANGELOG_DETAILS_FILE" >> DETAILED_RELEASE_NOTES.md
+          rm -f "$CHANGELOG_DETAILS_FILE" # Clean up temp file
+          echo "Detailed changelog generation complete."
+
       - name: Create GitHub Release
         uses: softprops/action-gh-release@v2
         with:
 
@@ -9,6 +9,9 @@ on:
   schedule:
     - cron: '0 0 * * *'  # Run daily checks
 
+permissions:
+  contents: write # Needed to push tags
+
 env:
   DOCKER_BUILDKIT: 1
   PACMAN_CACHE: /tmp/pacman-cache
@@ -17,7 +20,47 @@ env:
   OUTPUT_DIR: /workdir/out
 
 jobs:
+  check_changes:
+    if: github.event_name == 'schedule' # Only run this check for scheduled triggers
+    runs-on: ubuntu-latest
+    outputs:
+      should_run: ${{ steps.compare_sha.outputs.should_run }}
+    steps:
+      - name: Checkout main branch code
+        uses: actions/checkout@v4
+        with:
+          ref: main # Explicitly checkout main
+          fetch-depth: 0 # Needed for tags and full history
+
+      - name: Define Tag Name
+        id: tag_info
+        run: echo "tag_name=last-validated-main-sha" >> $GITHUB_OUTPUT
+
+      - name: Get last validated SHA and current main SHA
+        id: compare_sha
+        run: |
+          TAG_NAME="${{ steps.tag_info.outputs.tag_name }}"
+          # Fetch tags from remote to ensure we have the latest
+          git fetch --tags origin
+
+          LAST_VALIDATED_SHA=$(git rev-parse --verify "$TAG_NAME" 2>/dev/null || echo "")
+          # Get SHA of the local main branch HEAD (already checked out)
+          CURRENT_MAIN_SHA=$(git rev-parse HEAD) 
+
+          echo "Last validated SHA ($TAG_NAME): $LAST_VALIDATED_SHA"
+          echo "Current main SHA (HEAD of main): $CURRENT_MAIN_SHA"
+
+          if [ -n "$LAST_VALIDATED_SHA" ] && [ "$LAST_VALIDATED_SHA" == "$CURRENT_MAIN_SHA" ]; then
+            echo "No new commits on main since last validation."
+            echo "should_run=false" >> $GITHUB_OUTPUT
+          else
+            echo "New commits found or first run. Proceeding with validation."
+            echo "should_run=true" >> $GITHUB_OUTPUT
+          fi
+
   test:
+    needs: [check_changes]
+    if: ${{ github.event_name != 'schedule' || needs.check_changes.outputs.should_run == 'true' }}
     runs-on: ubuntu-latest
     timeout-minutes: 120  # Set timeout to prevent hung builds
 
@@ -49,6 +92,16 @@ jobs:
             -v ${{ env.PACMAN_CACHE }}:/var/cache/pacman/pkg \
             archlinux:latest sleep infinity
 
+      - name: Cache Pacman packages (Direct Build)
+        if: matrix.test-type == 'direct-build'
+        uses: actions/cache@v4
+        with:
+          path: ${{ env.PACMAN_CACHE }}
+          key: archlinux-pacman-v2-${{ runner.os }}-${{ hashFiles('packages.x86_64', 'bootstrap_packages.x86_64', 'pacman.conf') }}
+          restore-keys: |
+            archlinux-pacman-v2-${{ runner.os }}-
+            archlinux-pacman-v2-
+
       - name: Install Dependencies (Direct Build)
         if: matrix.test-type == 'direct-build'
         run: |
@@ -160,6 +213,79 @@ jobs:
             ls -la out
           fi
 
+      - name: Verify ISO (Dockerfile Build)
+        if: matrix.test-type == 'dockerfile-build'
+        run: |
+          set -euo pipefail
+          cd out  # The ISO is built into the 'out' directory in the workspace
+
+          echo "Listing contents of 'out' directory:"
+          ls -la
+
+          # Check if ISO exists
+          iso_count=$(ls -1 *.iso 2>/dev/null | wc -l)
+          if [ "$iso_count" -eq 0 ]; then
+            echo "::error::No ISO file found in output directory"
+            exit 1
+          elif [ "$iso_count" -gt 1 ]; then
+            echo "::error::Multiple ISO files found in output directory. Expected one."
+            ls -1 *.iso # List the files to help debug
+            exit 1
+          fi
+
+  update_last_validated_tag:
+    if: github.event_name == 'schedule' && needs.check_changes.outputs.should_run == 'true' && needs.test.result == 'success'
+    needs: [check_changes, test] # Depends on both
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout main branch code
+        uses: actions/checkout@v4
+        with:
+          ref: main # Ensure we are on main to get its SHA
+      
+      - name: Define Tag Name
+        id: tag_info
+        run: echo "tag_name=last-validated-main-sha" >> $GITHUB_OUTPUT
+
+      - name: Update and Push Tag
+        run: |
+          TAG_NAME="${{ steps.tag_info.outputs.tag_name }}"
+          CURRENT_MAIN_SHA=$(git rev-parse HEAD) # SHA of local main HEAD
+          
+          echo "Updating tag $TAG_NAME to $CURRENT_MAIN_SHA"
+          git tag -f "$TAG_NAME" "$CURRENT_MAIN_SHA"
+          echo "Pushing tag $TAG_NAME to origin"
+          git push origin --force "refs/tags/$TAG_NAME"
+          
+          iso_file=$(ls *.iso | head -n1)
+          echo "Verifying ISO: $iso_file"
+          
+          # Check ISO size (minimum 500MB) - adjust if necessary
+          size=$(stat -c%s "$iso_file")
+          # Minimum size in bytes (500 * 1024 * 1024)
+          MIN_SIZE=524288000 
+          if [ "$size" -lt "$MIN_SIZE" ]; then
+            echo "::error::ISO file too small: $(($size / 1024 / 1024))MB. Minimum expected: $(($MIN_SIZE / 1024 / 1024))MB"
+            exit 1
+          fi
+          echo "ISO size: $(($size / 1024 / 1024))MB - OK"
+          
+          # Verify ISO checksum (SHA256)
+          echo "Generating and verifying SHA256 checksum..."
+          sha256sum "$iso_file" > "${iso_file}.sha256"
+          sha256sum -c "${iso_file}.sha256" || {
+            echo "::error::ISO SHA256 checksum verification failed"
+            exit 1
+          }
+          echo "SHA256 checksum verified."
+
+          # Optionally, generate other checksums (can be useful for users)
+          echo "Generating MD5 checksum..."
+          md5sum "$iso_file" > "${iso_file}.md5"
+          echo "Generating SHA1 checksum..."
+          sha1sum "$iso_file" > "${iso_file}.sha1"
+          echo "Additional checksums (MD5, SHA1) generated."
+
       # Cleanup for Dockerfile build
       - name: Clean Up Dockerfile Build
         if: matrix.test-type == 'dockerfile-build' && always()