From 68edc82bf4ac950f4c51cfff3dd00508a582ba45 Mon Sep 17 00:00:00 2001
From: "Simon L." <szaimen@e.mail.de>
Date: Wed, 29 Oct 2025 13:30:43 +0100
Subject: [PATCH] watchtower: revert to building watchtower manually

Signed-off-by: Simon L. <szaimen@e.mail.de>
---
 .github/workflows/watchtower-update.yml | 36 +++++++++++++++++++++++++
 Containers/watchtower/Dockerfile        | 12 +++++++--
 2 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/watchtower-update.yml

diff --git a/.github/workflows/watchtower-update.yml b/.github/workflows/watchtower-update.yml
new file mode 100644
index 00000000..329cd284
--- /dev/null
+++ b/.github/workflows/watchtower-update.yml
@@ -0,0 +1,36 @@
+name: watchtower-update
+
+on:
+  workflow_dispatch:
+  schedule:
+  - cron:  '00 12 * * *'
+
+jobs:
+  watchtower-update:
+    name: update watchtower
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v5
+    - name: Run watchtower-container-update
+      run: |
+        # Watchtower
+        watchtower_version="$(
+          git ls-remote https://github.com/nicholas-fedor/watchtower v* \
+            | cut -d/ -f3 \
+            | sort -V \
+            | grep -E "^v[0-9\.]+$" \
+            | tail -1
+        )"
+        watchtower_commit_hash="$(git ls-remote https://github.com/nicholas-fedor/watchtower $watchtower_version | sed 's/refs.*//')"
+        sed -i "s|^ENV WATCHTOWER_COMMIT_HASH.*$|ENV WATCHTOWER_COMMIT_HASH=$watchtower_commit_hash # $watchtower_version|" ./Containers/watchtower/Dockerfile
+        
+    - name: Create Pull Request
+      uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7
+      with:
+        commit-message: watchtower-update automated change
+        signoff: true
+        title: watchtower container update
+        body: Automated watchtower container update
+        labels: dependencies, 3. to review
+        milestone: next
+        branch: watchtower-container-update
diff --git a/Containers/watchtower/Dockerfile b/Containers/watchtower/Dockerfile
index c2b38b18..e3858248 100644
--- a/Containers/watchtower/Dockerfile
+++ b/Containers/watchtower/Dockerfile
@@ -1,5 +1,13 @@
 # syntax=docker/dockerfile:latest
-FROM ghcr.io/nicholas-fedor/watchtower:1.12.1 AS watchtower
+FROM golang:1.25.3-alpine3.22 AS go
+
+ENV WATCHTOWER_COMMIT_HASH=v1.12.1
+
+RUN set -ex; \
+    apk upgrade --no-cache -a; \
+    apk add --no-cache \
+        build-base; \
+    go install github.com/nicholas-fedor/watchtower@$WATCHTOWER_COMMIT_HASH;
 
 FROM alpine:3.22.2
 
@@ -7,7 +15,7 @@ RUN set -ex; \
     apk upgrade --no-cache -a; \
     apk add --no-cache bash ca-certificates tzdata
 
-COPY --from=watchtower /watchtower /watchtower
+COPY --from=go /go/bin/watchtower /watchtower
 
 COPY --chmod=775 start.sh /start.sh