@@ -133,7 +133,7 @@ jobs:
133133 echo "| **mapchete-hub** | \`${{ steps.resolve.outputs.hub }}\` |" >> $GITHUB_STEP_SUMMARY
134134 echo "| **mapchete-hub-cli** | \`${{ steps.resolve.outputs.cli }}\` |" >> $GITHUB_STEP_SUMMARY
135135
136- build :
136+ build :
137137 needs : prepare
138138 if : needs.prepare.outputs.run-build == 'true'
139139 runs-on : ubuntu-latest
@@ -159,6 +159,67 @@ jobs:
159159 MAPCHETE_HUB_REF=${{ needs.prepare.outputs.mapchete-hub-ref }}
160160 MAPCHETE_HUB_CLI_REF=${{ needs.prepare.outputs.mapchete-hub-cli-ref }}
161161
162+ name : Image Fingerprint Check
163+ id : image-fingerprint-check
164+ run : |
165+ LOCAL_FINGERPRINT=$(docker run --rm --entrypoint /bin/sh local-test-image:latest -c "cat /app/uv_fingerprint" | tr -d '\r\n ')
166+ echo "fingerprint=$LOCAL_FINGERPRINT" >> $GITHUB_OUTPUT
167+
168+ # Force build on version dispatches to ensure release tag creation
169+ if [[ "${{ github.event_name }}" == "repository_dispatch" && "${{ github.event.client_payload.type }}" == "version" ]]; then
170+ echo "changed=true" >> $GITHUB_OUTPUT
171+ else
172+ REMOTE_TAG="latest"
173+ [[ "${{ github.ref_name }}" != "main" ]] && REMOTE_TAG="dev"
174+ INSPECT_JSON=$(skopeo inspect docker://ghcr.io/mapchete/${{ inputs.image-name }}:$REMOTE_TAG 2>/dev/null || echo '{"Labels":{}}')
175+ REMOTE_FINGERPRINT=$(echo "$INSPECT_JSON" | jq -r '.Labels["org.mapchete.image_fingerprint"] // "none"' | tr -d '\r\n ')
176+
177+ if [[ "$LOCAL_FINGERPRINT" == "$REMOTE_FINGERPRINT" && "$REMOTE_FINGERPRINT" != "none" ]]; then
178+ echo "changed=false" >> $GITHUB_OUTPUT
179+ else
180+ echo "changed=true" >> $GITHUB_OUTPUT
181+ fi
182+ fi
183+
184+ uses : docker/login-action@v3
185+ if : steps.image-fingerprint-check.outputs.changed == 'true'
186+ with :
187+ registry : ghcr.io
188+ username : ${{ github.actor }}
189+ password : ${{ secrets.GITHUB_TOKEN }}
190+
191+ - id : meta
192+ if : steps.image-fingerprint-check.outputs.changed == 'true'
193+ uses : docker/metadata-action@v5
194+ with :
195+ images : ghcr.io/mapchete/${{ inputs.image-name }}
196+ flavor : latest=false
197+ tags : |
198+ # 1. Manual Input (Hard override)
199+ type=raw,value=${{ inputs.image-tag }},enable=${{ inputs.image-tag != '' }}
200+
201+ # 2. RC Mode: Only push rc- tag for version dispatches
202+ type=raw,value=rc-${{ needs.prepare.outputs.calculated-tag }},enable=${{ needs.prepare.outputs.mode == 'rc' }}
203+
204+ # 3. Final Production Tag: Only on Main branch after PR merge
205+ type=raw,value=${{ needs.prepare.outputs.calculated-tag }},enable=${{ needs.prepare.outputs.mode == 'release' || (github.ref == 'refs/heads/main' && needs.prepare.outputs.calculated-tag != '' && needs.prepare.outputs.mode != 'rc') }}
206+
207+ # 4. Rolling Tags
208+ type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' || needs.prepare.outputs.tag == 'latest' }}
209+ type=raw,value=dev,enable=${{ (github.ref != 'refs/heads/main' && needs.prepare.outputs.mode != 'release') || needs.prepare.outputs.tag == 'dev' }}
210+ type=ref,event=pr
211+
212+ id : push
213+ if : steps.image-fingerprint-check.outputs.changed == 'true'
214+ uses : docker/build-push-action@v5
215+ with :
216+ context : ${{ inputs.image-name }}/
217+ push : true
218+ tags : ${{ steps.meta.outputs.tags }}
219+ labels : ${{ steps.meta.outputs.labels }}
220+ build-args : |
221+ IMAGE_FINGERPRINT=${{ steps.image-fingerprint-check.outputs.fingerprint }}
222+
162223name : Update Version Tracking Files
163224 if : |
164225 steps.image-fingerprint-check.outputs.changed == 'true' &&
@@ -167,25 +228,12 @@ jobs:
167228 SOURCE="${{ github.event.client_payload.source_repo }}"
168229 SOURCE_VER="${{ github.event.client_payload.image_tag }}"
169230 FINAL_VER="${{ needs.prepare.outputs.calculated-tag }}"
170-
171- # 1. Update versions.yml
172- sed -i "s/^${SOURCE^^}_REF:.*/${SOURCE^^}_REF: $SOURCE_VER/" versions.yml
173-
174- # 2. Update CHANGELOG.rst
175- # Calculate the length of the version string for the RST underline
176231 LEN=${#FINAL_VER}
177232 UNDERLINE=$(printf '%0.s-' $(seq 1 $LEN))
178-
179- # Prepare the entry
180233 ENTRY="${FINAL_VER}\n${UNDERLINE}\n\n* Aligned with **${SOURCE}** @ \`${SOURCE_VER}\`.\n* Build Fingerprint: \`${{ steps.image-fingerprint-check.outputs.fingerprint }}\` \n"
181234
182- if [[ ! -f CHANGELOG.rst ]]; then
183- echo -e "Changelog\n=========\n\n$ENTRY" > CHANGELOG.rst
184- else
185- # Prepend after the main title (assuming title is on line 1 and underline on line 2)
186- # We insert at line 4 to leave a gap after the title
187- sed -i "4i $ENTRY" CHANGELOG.rst
188- fi
235+ sed -i "s/^${SOURCE^^}_REF:.*/${SOURCE^^}_REF: $SOURCE_VER/" versions.yml
236+ [[ ! -f CHANGELOG.rst ]] && echo -e "Changelog\n=========\n\n$ENTRY" > CHANGELOG.rst || sed -i "4i $ENTRY" CHANGELOG.rst
189237
190238name : Automated Version PR
191239 if : |
@@ -199,15 +247,10 @@ jobs:
199247 title : " 🧪 RC: ${{ inputs.image-name }} ${{ needs.prepare.outputs.calculated-tag }}"
200248 body : |
201249 ### 🧪 Release Candidate Review
202- This PR proposes a new version alignment for `${{ inputs.image-name }}`.
203-
204250 **Proposed Version:** `${{ needs.prepare.outputs.calculated-tag }}`
205251 **Test Image:** `ghcr.io/mapchete/${{ inputs.image-name }}:rc-${{ needs.prepare.outputs.calculated-tag }}`
206252
207- **Changes:**
208- - Updates `versions.yml` to pull `${{ github.event.client_payload.source_repo }}` @ `${{ github.event.client_payload.image_tag || github.event.client_payload.sha }}`.
209-
210- **To Release:** Review the changes and merge this PR to `main`. The official tag will be applied upon merge.
253+ **To Release:** Merge this PR to `main`. The official tag will be applied upon merge.
211254base : main
212255 delete-branch : true
213256 assignees : " scartography"
0 commit comments