From de35e6b66ccde28d1b7e1aa910e3bc432d778f9b Mon Sep 17 00:00:00 2001
From: Antoine van Gelder <antoine@greatscottgadgets.com>
Date: Tue, 30 Jul 2024 16:48:31 +0200
Subject: [PATCH] Fix Docker build errors when opening a PR from a fork.

---
 .github/workflows/appimage.yml | 30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/appimage.yml b/.github/workflows/appimage.yml
index 68f594b1..cde161a3 100644
--- a/.github/workflows/appimage.yml
+++ b/.github/workflows/appimage.yml
@@ -34,6 +34,13 @@ jobs:
           echo "IMAGE_NAME: ${{ env.IMAGE_NAME }}"
           echo "IMAGE_TAG:  ${{ env.IMAGE_TAG  }}"
 
+      - name: Use 'main' Docker image tag if this is a PR from a fork
+        id: origin
+        shell: bash
+        if: github.event.pull_request.head.repo.fork
+        run: |
+          echo 'IMAGE_TAG=main' >> $GITHUB_ENV
+
       - name: Check if Dockerfile has changed
         uses: dorny/paths-filter@v3
         id: changed
@@ -56,11 +63,17 @@ jobs:
           echo 'dockerimage<<EOF' >> $GITHUB_OUTPUT
           echo ${RESULT} | jq 'has("manifests")' >> $GITHUB_OUTPUT
           echo 'EOF' >> $GITHUB_OUTPUT
-          echo
-          echo exists:        ${{ steps.changed.outputs.dockerfile }}
+
+      - name: Check if we need to build the Docker image
+        id: dockerimage
+        if: |
+          ! github.event.pull_request.head.repo.fork &&
+          (steps.changed.outputs.dockerfile == 'true' || steps.exists.outputs.dockerimage == 'false')
+        run: |
+          echo 'build=true' >> $GITHUB_OUTPUT
 
       - name: Log in to the Container registry
-        if: ${{ steps.changed.outputs.dockerfile == 'true' || steps.exists.outputs.dockerimage == 'false' }}
+        if: steps.dockerimage.outputs.build
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
@@ -68,11 +81,11 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Set up Docker Buildx
-        if: ${{ steps.changed.outputs.dockerfile == 'true' || steps.exists.outputs.dockerimage == 'false' }}
+        if: steps.dockerimage.outputs.build
         uses: docker/setup-buildx-action@v3
 
       - name: Build and push Docker image
-        if: ${{ steps.changed.outputs.dockerfile == 'true' || steps.exists.outputs.dockerimage == 'false' }}
+        if: steps.dockerimage.outputs.build
         id: push
         uses: docker/build-push-action@v6
         with:
@@ -83,7 +96,7 @@ jobs:
           cache-to:   type=gha, scope=${{ env.IMAGE_TAG }}, mode=max
 
       - name: Generate artifact attestation
-        if: ${{ steps.changed.outputs.dockerfile == 'true' || steps.exists.outputs.dockerimage == 'false' }}
+        if: steps.dockerimage.outputs.build
         uses: actions/attest-build-provenance@v1
         with:
           subject-name: ghcr.io/${{ env.IMAGE_NAME }}
@@ -108,6 +121,11 @@ jobs:
         password: ${{ secrets.GITHUB_TOKEN }}
 
     steps:
+      - name: Check image name & tag
+        run: |
+          echo "NAME:       ${{ needs.create-docker-image.outputs.NAME }}"
+          echo "TAG:        ${{ needs.create-docker-image.outputs.TAG }}"
+
       - name: Checkout repository
         uses: actions/checkout@v4