From 15dff1571a363073a4c214382181c4eb318bec7c Mon Sep 17 00:00:00 2001
From: Tunui Franken <tfranken@protonmail.com>
Date: Fri, 21 Mar 2025 09:32:36 +0100
Subject: [PATCH] Fix getting latest forgejo binary when new version is a
 stable release

Sometimes forgejo releases stable that is version lower than a current
stable release (LTS)
---
 roles/forgejo/handlers/main.yml | 17 ++++++++++++++---
 roles/forgejo/tasks/binary.yml  | 32 +++++++++++---------------------
 2 files changed, 25 insertions(+), 24 deletions(-)

diff --git a/roles/forgejo/handlers/main.yml b/roles/forgejo/handlers/main.yml
index dea163b..f1a6177 100644
--- a/roles/forgejo/handlers/main.yml
+++ b/roles/forgejo/handlers/main.yml
@@ -9,19 +9,30 @@
 - name: Download forgejo asc file
   become: true
   ansible.builtin.get_url:
-    url: "https://codeberg.org/forgejo/forgejo/releases/download/{{ forgejo_latest_version }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}.asc"
-    dest: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}.asc"
+    url: "https://codeberg.org/forgejo/forgejo/releases/download/v{{ forgejo_latest_version }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}.asc"
+    dest: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}.asc"
     owner: git
     group: git
     mode: 0644
 
 - name: Verify forgejo binary with gpg
   become: true
-  ansible.builtin.command: "gpg --verify {{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}.asc {{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}"
+  ansible.builtin.command: "gpg --verify {{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}.asc {{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}"
   register: result
   changed_when: false
   failed_when: '"Good signature from" not in result.stderr'
 
+- name: Copy binary to global location
+  become: true
+  ansible.builtin.copy:
+    src: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}"
+    dest: /usr/local/bin/forgejo
+    remote_src: true
+    owner: root
+    group: root
+    mode: 0755
+  notify: Restart forgejo service
+
 - name: Start forgejo service
   become: true
   ansible.builtin.systemd:
diff --git a/roles/forgejo/tasks/binary.yml b/roles/forgejo/tasks/binary.yml
index 3692c4b..24ad28c 100644
--- a/roles/forgejo/tasks/binary.yml
+++ b/roles/forgejo/tasks/binary.yml
@@ -7,42 +7,32 @@
 
 - name: Set latest available version
   ansible.builtin.set_fact:
-    forgejo_latest_version: "{{ latest_http_content.url | split('/') | last }}"
+    forgejo_latest_version: "{{ latest_http_content.url | split('/') | last | replace('v', '') }}"
 
 - name: Define forgejo architecture
   ansible.builtin.set_fact:
     forgejo_architecture: "{{ (ansible_architecture == 'x86_64') | ternary('amd64', 'arm-6') }}"
 
-- name: Find if latest available version is installed
-  become: true
-  ansible.builtin.stat:
-    path: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}"
-  register: latest_installed_binary
+- name: Find currently installed version
+  ansible.builtin.shell:
+    cmd: "(forgejo --version 2>/dev/null || echo 'forgejo version 0.0.0') | awk '{print $3}'"
+  register: forgejo_installed_version
+  changed_when: false
 
 - name: Get latest forgejo binary
   become: true
   ansible.builtin.get_url:
-    url: "https://codeberg.org/forgejo/forgejo/releases/download/{{ forgejo_latest_version }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}"
-    dest: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}"
+    url: "https://codeberg.org/forgejo/forgejo/releases/download/v{{ forgejo_latest_version }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}"
+    dest: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version }}-linux-{{ forgejo_architecture }}"
     owner: git
     group: git
     mode: 0644
-  when: not latest_installed_binary.stat.exists
+  when: forgejo_installed_version.stdout is version(forgejo_latest_version, '<')
   notify:
     - Receive forgejo pgp key
     - Download forgejo asc file
     - Verify forgejo binary with gpg
+    - Copy binary to global location
 
-- name: Make sure downloaded binary has been verified
+- name: Make sure downloaded binary has been verified and copied to global location
   ansible.builtin.meta: flush_handlers
-
-- name: Copy binary to global location
-  become: true
-  ansible.builtin.copy:
-    src: "{{ forgejo_run_dir }}/forgejo-{{ forgejo_latest_version | replace('v', '') }}-linux-{{ forgejo_architecture }}"
-    dest: /usr/local/bin/forgejo
-    remote_src: true
-    owner: root
-    group: root
-    mode: 0755
-  notify: Restart forgejo service