From f15a7a3ed8821d35874b36bd159a8bd9ec83aef5 Mon Sep 17 00:00:00 2001 From: Benjamin Chausse Date: Tue, 17 Dec 2024 14:01:04 -0500 Subject: Github workflow to publish to the AUR (#25) --- .github/workflows/aur.yml | 35 +++++++++++++++++++++ releases/aur/Dockerfile | 24 ++++++++++++++ releases/aur/update_aur.sh | 78 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 137 insertions(+) create mode 100644 .github/workflows/aur.yml create mode 100644 releases/aur/Dockerfile create mode 100755 releases/aur/update_aur.sh diff --git a/.github/workflows/aur.yml b/.github/workflows/aur.yml new file mode 100644 index 0000000..1f27d0e --- /dev/null +++ b/.github/workflows/aur.yml @@ -0,0 +1,35 @@ +--- +name: Publish to the AUR +on: + workflow_dispatch: # Manual trigger via GitHub UI +jobs: + build-and-run: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Set environment variables + id: set-vars + run: | + echo "PKG_NAME=$(basename ${GITHUB_REPOSITORY})" >> $GITHUB_ENV + echo "PKG_REPO_URI=https://github.com/${GITHUB_REPOSITORY}" >> $GITHUB_ENV + - name: Build the Docker image + run: | + docker build -t aur-publisher ./releases/aur + - name: Run the Docker container + env: + AUR_PRIVATE_KEY: ${{ secrets.AUR_PRIVATE_KEY }} + AUR_PUBLIC_KEY: ${{ secrets.AUR_PUBLIC_KEY }} + PKG_REPO_URI: ${{ env.PKG_REPO_URI }} + PKG_NAME: ${{ env.PKG_NAME }} + GIT_USER: ${{ secrets.GIT_USER }} + run: |- + docker run --rm \ + -e AUR_PRIVATE_KEY=$AUR_PRIVATE_KEY \ + -e AUR_PUBLIC_KEY=$AUR_PUBLIC_KEY \ + -e PKG_REPO_URI=$PKG_REPO_URI \ + -e PKG_NAME=$PKG_NAME \ + -e GIT_USER=$GIT_USER \ + aur-publisher diff --git a/releases/aur/Dockerfile b/releases/aur/Dockerfile new file mode 100644 index 0000000..efa95a4 --- /dev/null +++ b/releases/aur/Dockerfile @@ -0,0 +1,24 @@ +FROM archlinux:latest + +# Install necessary packages for the script +RUN pacman-key init +RUN pacman -Syu --noconfirm \ + && pacman -S --noconfirm \ + git \ + wget \ + openssh \ + && rm -rf /var/cache/pacman/pkg/* + +# Set git user configuration +RUN git config --global user.name "AUR PublisherBot" \ + && git config --global user.email "benjamin+aur_release@chausse.xyz" + +# Set the working directory to /root +WORKDIR /root + +# Copy the update_aur.sh script to /usr/local/bin and set it as the entrypoint +COPY update_aur.sh /usr/local/bin/update_aur.sh +RUN chmod +x /usr/local/bin/update_aur.sh + +# Set the script as the ENTRYPOINT (or CMD if you prefer) +ENTRYPOINT ["/usr/local/bin/update_aur.sh"] diff --git a/releases/aur/update_aur.sh b/releases/aur/update_aur.sh new file mode 100755 index 0000000..dca272c --- /dev/null +++ b/releases/aur/update_aur.sh @@ -0,0 +1,78 @@ +#!/bin/sh + +aur_arch="Linux_x86_64" + +# Initial setup/Sanity check {{{ + +# Confirms necessary env variables are present before running the rest +# of the script. +# $1: Env Variable to check +# $@: Message to send to stderr before quitting +assert_env() { + [ -n "$1" ] || { echo "ERROR: $@" 1>&2; exit 1; } +} + +assert_env "$AUR_PRIVATE_KEY" "Couldn't retrieve a private key to publish to the AUR..." +assert_env "$AUR_PUBLIC_KEY" "Couldn't retrieve a public key to publish to the AUR..." +assert_env "$PKG_REPO_URI" "Cound't retrieve a URI to pull the package from" +assert_env "$PKG_NAME" "Couldn't retrieve the package name" +assert_env "$GIT_USER" "Couldn't retrieve the git username to pull the release from" + +latest_tag="$(git ls-remote --tags "$PKG_REPO_URI" | awk ' + # Process lines without ^{} and matching vX.X.X format + !/\^\{\}$/ && $2 ~ /refs\/tags\/v[0-9]+\.[0-9]+\.[0-9]+$/ { + tag = $2 # Store the tag reference + } + + # Print the latest tag without the prefix + END { + gsub("refs/tags/v", "", tag) + print tag + }')" + +# }}} +# Retrieving the checksums for the latest tag {{{ +checksum_url="https://github.com/${GIT_USER}/${PKG_NAME}/releases/download/v${latest_tag}/${PKG_NAME}_${latest_tag}_checksums.txt" + +checksums="$( wget -q "$checksum_url" -O - )" + +checksum="$(echo "$checksums" | awk -v arch="$aur_arch" -v pkg="$PKG_NAME" '{ + for (i = 1; i <= NF; i++) { + if ($i == pkg "_" arch ".tar.gz") { + print $(i-1) + } + } + }')" +# }}} +# Cloning and updating the PKGBUILD {{{ + +git clone "ssh://aur@aur.archlinux.org/${PKG_NAME}" +cd ${PKG_NAME} || { echo "ERROR: could not clone PKGBUILD repo from the aur" 1>&2; exit 1; } + +awk -v new_hash="\'$checksum\'" -v new_version="$latest_tag" ' +/sha256sums/ { + # Surround the checksum with single quotes + $0 = "sha256sums=("'new_hash'")" +} +/^pkgver/ { + # Only change the pkgver at the beginning of the line + $0 = "pkgver=" new_version +} +/pkgrel/ { + # Increment the value of pkgrel by 1 + sub(/^pkgrel=[0-9]+/, "pkgrel=" int($NF) + 1) +} +{ print }' PKGBUILD > PKGBUILD.new && mv PKGBUILD.new PKGBUILD + +# }}} +# Commit and push the changes {{{ + +echo "$AUR_PRIVATE_KEY" > ~/.ssh/id_ed25519 +echo "$AUR_PUBLIC_KEY" > ~/.ssh/id_ed25519.pub + +git commit -am "Updated package to v${latest_tag}" + +# Uncomment only once script is verified and complete: +git push + +# }}} -- cgit v1.2.3