diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index 8193215..0000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,12 +0,0 @@ -# These are supported funding model platforms - -github: KSXGitHub # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] -patreon: khai96_ -open_collective: # Collective unavailable -ko_fi: # Replace with a single Ko-fi username -tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel -community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry -liberapay: # Replace with a single Liberapay username -issuehunt: # disabled -otechie: # Replace with a single Otechie username -custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index f4d253d..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: 2 -updates: -- package-ecosystem: github-actions - directory: "/" - schedule: - interval: weekly - open-pull-requests-limit: 10 - labels: - - dependabot - - github-actions diff --git a/.github/workflows/test-aur.yaml b/.github/workflows/test-aur.yaml new file mode 100644 index 0000000..976f88f --- /dev/null +++ b/.github/workflows/test-aur.yaml @@ -0,0 +1,19 @@ +name: Test publishing AUR package + +on: + - push + +jobs: + publish_aur_package: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Publish AUR package + uses: ./ + with: + pkgname: test-publishing-aur-package-using-github-action-a + pkgbuild: ./PKGBUILD + commit_username: ${{ secrets.TEST_AUR_USERNAME }} + commit_email: ${{ secrets.TEST_AUR_EMAIL }} + ssh_private_key: ${{ secrets.TEST_AUR_SSH_PRIVATE_KEY }} diff --git a/Dockerfile b/Dockerfile index f1416de..9917ee9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,10 @@ -FROM archlinux:base +FROM archlinux/base -RUN pacman -Syu --noconfirm -RUN pacman -S --noconfirm --needed --overwrite '*' \ - openssh sudo base-devel \ +RUN pacman -Sy && \ + pacman -Sy --noconfirm --needed openssh sudo \ git fakeroot binutils gcc awk binutils xz \ libarchive bzip2 coreutils file findutils \ - gettext grep gzip sed ncurses util-linux \ - pacman-contrib debugedit + gettext grep gzip sed ncurses util-linux COPY entrypoint.sh /entrypoint.sh COPY build.sh /build.sh diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 0000000..5b85a8f --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,20 @@ +# Maintainer: Hoàng Văn Khải + +pkgname=test-publishing-aur-package-using-github-action-a +pkgver=0.0.0 +pkgrel=2 +pkgdesc='This is a test package. It serves no other purposes.' +url='https://github.com/KSXGitHub/github-actions-deploy-aur.git' +arch=(any) +license=(WTFPL-2.0) +source=() +sha512sums=() + +package() { + msg 'Generating executable...' + ( + echo '#!/bin/sh' + echo 'echo Success' + ) > /usr/bin/test-publishing-aur-package-using-github-action-0 + chmod a+x /usr/bin/test-publishing-aur-package-using-github-action-0 +} diff --git a/README.md b/README.md index e3acfb0..587f655 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Publish AUR package +# Publish AUR packages GitHub Actions to publish AUR package. @@ -10,28 +10,7 @@ GitHub Actions to publish AUR package. ### `pkgbuild` -**Required** Path to PKGBUILD file. This file is often generated by prior steps. - -### `assets` - -**Optional** Newline-separated glob patterns for additional files to be added to the AUR repository. -Glob patterns will be expanded by bash when copying the files to the repository. - -### `updpkgsums` - -**Optional** Update checksums using `updpkgsums`. - -### `test` - -**Optional** Check that PKGBUILD could be built. - -### `test_flags` - -**Optional** Command line flags for makepkg to build the package (if `test` is enabled). The default flags are `--clean --cleanbuild --nodeps`. - -### `post_process` - -**Optional** A line of commands to execute after processing the package. +**Required** Path to PKGBUILD file. ### `commit_username` @@ -49,14 +28,6 @@ Glob patterns will be expanded by bash when copying the files to the repository. **Optional** Commit message to use when creating the new commit. -### `allow_empty_commits` - -**Optional** Allow empty commits, i.e. commits with no change. The default value is `false`. - -### `force_push` - -**Optional** Use `--force` when push to the AUR. The default value is `false`. - ### `ssh_keyscan_types` **Optional** Comma-separated list of types to use when adding aur.archlinux.org to known hosts. @@ -77,11 +48,8 @@ jobs: steps: - uses: actions/checkout@v2 - - name: Generate PKGBUILD - run: bash ./generate-pkgbuild.bash - - name: Publish AUR package - uses: KSXGitHub/github-actions-deploy-aur@ + uses: KSXGitHub/github-actions-deploy-aur@master with: pkgname: my-awesome-package pkgbuild: ./PKGBUILD @@ -89,31 +57,7 @@ jobs: commit_email: ${{ secrets.AUR_EMAIL }} ssh_private_key: ${{ secrets.AUR_SSH_PRIVATE_KEY }} commit_message: Update AUR package - ssh_keyscan_types: rsa,ecdsa,ed25519 + ssh_keyscan_types: rsa,dsa,ecdsa,ed25519 ``` -**Note:** Replace `` in the above code snippet with a tag of this repo. - **Tip:** To create secrets (such as `secrets.AUR_USERNAME`, `secrets.AUR_EMAIL`, and `secrets.AUR_SSH_PRIVATE_KEY` above), go to `$YOUR_GITHUB_REPO_URL/settings/secrets`. [Read this for more information](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets). - -**Tip:** This action does not generate PKGBUILD for you, you must generate it yourself (e.g. by using actions before this action). - -## Real-world applications - -[sane-fmt](https://github.com/KSXGitHub/sane-fmt) has a [workflow](https://github.com/KSXGitHub/sane-fmt/blob/c07ce4f09c0b8dfa902d28753ebb3800268183f5/.github/workflows/deploy.yaml) that builds and uploads executables to GitHub Release then generates PKGBUILD files for and use this very action to update [aur/sane-fmt](https://aur.archlinux.org/packages/sane-fmt) and [aur/sane-fmt-bin](https://aur.archlinux.org/packages/sane-fmt-bin). - -[pretty-exec](https://github.com/KSXGitHub/pretty-exec) has a [workflow](https://github.com/KSXGitHub/pretty-exec/blob/67473cd85f6aa278367e30fce9e41b4e54e4cb82/.github/workflows/deploy.yaml) that builds and uploads executables to GitHub Release then generates PKGBUILD files for and use this very action to update [aur/pretty-exec](https://aur.archlinux.org/packages/pretty-exec/) and [aur/pretty-exec-bin](https://aur.archlinux.org/packages/pretty-exec-bin/). - -[build-fs-tree](https://github.com/KSXGitHub/build-fs-tree) has a [workflow](https://github.com/KSXGitHub/build-fs-tree/blob/24924d99ae5cd82f00ea62fe8abc1a187bea7a0b/.github/workflows/deploy.yaml) that builds and uploads executables to GitHub Release then generates PKGBUILD files for and use this very action to update [aur/build-fs-tree](https://aur.archlinux.org/packages/build-fs-tree/) and [aur/build-fs-tree-bin](https://aur.archlinux.org/packages/build-fs-tree-bin/). - -[strip-ansi-cli](https://github.com/KSXGitHub/strip-ansi-cli) has a [workflow](https://github.com/KSXGitHub/strip-ansi-cli/blob/f3de1cf4997bbc2efbf137f77325f12640c2e145/.github/workflows/deploy.yaml) that builds and uploads executables to GitHub Release then generates PKGBUILD files for and use this very action to update [aur/strip-ansi](https://aur.archlinux.org/packages/strip-ansi/) and [aur/strip-ansi-bin](https://aur.archlinux.org/packages/strip-ansi-bin/). - -[parallel-disk-usage](https://github.com/KSXGitHub/parallel-disk-usage) has a [workflow](https://github.com/KSXGitHub/parallel-disk-usage/blob/a7fc0937a64d23ae848e44f7ecbf02aec64831e4/.github/workflows/deploy.yaml) that builds and uploads executables to GitHub Release then generates PKGBUILD files for and use this very action to update [aur/parallel-disk-usage](https://aur.archlinux.org/packages/parallel-disk-usage/) and [aur/parallel-disk-usage-bin](https://aur.archlinux.org/packages/parallel-disk-usage-bin/). - -## Become a Patron - -[My Patreon Page](https://patreon.com/khai96_). - -## License - -[MIT](https://git.io/JfWEM) © [Hoàng Văn Khải](https://github.com/KSXGitHub/) diff --git a/action.yml b/action.yml index 5f5a0bd..4cf67a6 100644 --- a/action.yml +++ b/action.yml @@ -1,3 +1,4 @@ +# action.yml name: 'Publish AUR package' description: 'Publish an AUR package' author: KSXGitHub @@ -11,26 +12,6 @@ inputs: pkgbuild: description: 'Path to PKGBUILD file' required: true - assets: - description: 'Newline-separated glob patterns for additional files to be added to the AUR repository' - required: false - default: '' - updpkgsums: - description: 'Update checksums using `updpkgsums`' - required: false - default: 'false' - test: - description: 'Check that PKGBUILD could be built' - required: false - default: 'false' - test_flags: - description: 'Command line flags for makepkg to build the package (if `test` is enabled)' - required: false - default: '--clean --cleanbuild --nodeps' - post_process: - description: 'A line of commands to execute after processing the package' - required: false - default: '' commit_username: description: 'The username to use when creating the new commit' required: true @@ -44,18 +25,10 @@ inputs: description: 'Commit message to use when creating the new commit' required: false default: 'Update PKGBUILD and .SRCINFO with GitHub Actions' - allow_empty_commits: - description: 'Allow empty commits, i.e. commits with no change.' - required: false - default: 'false' - force_push: - description: 'Use --force when push to the AUR.' - required: false - default: 'false' ssh_keyscan_types: description: 'Comma-separated list of types to use when adding aur.archlinux.org to known hosts' required: false - default: 'rsa,ecdsa,ed25519' + default: 'rsa,dsa,ecdsa,ed25519' runs: using: 'docker' image: 'Dockerfile' diff --git a/build.sh b/build.sh index 34063f6..5197654 100755 --- a/build.sh +++ b/build.sh @@ -4,139 +4,41 @@ set -o errexit -o pipefail -o nounset pkgname=$INPUT_PKGNAME -pkgbuild=$INPUT_PKGBUILD -assets=$INPUT_ASSETS -updpkgsums=$INPUT_UPDPKGSUMS -test=$INPUT_TEST -read -r -a test_flags <<< "$INPUT_TEST_FLAGS" -post_process=$INPUT_POST_PROCESS commit_username=$INPUT_COMMIT_USERNAME commit_email=$INPUT_COMMIT_EMAIL ssh_private_key=$INPUT_SSH_PRIVATE_KEY commit_message=$INPUT_COMMIT_MESSAGE -allow_empty_commits=$INPUT_ALLOW_EMPTY_COMMITS -force_push=$INPUT_FORCE_PUSH ssh_keyscan_types=$INPUT_SSH_KEYSCAN_TYPES -assert_non_empty() { - name=$1 - value=$2 - if [[ -z "$value" ]]; then - echo "::error::Invalid Value: $name is empty." >&2 - exit 1 - fi -} - -assert_non_empty inputs.pkgname "$pkgname" -assert_non_empty inputs.pkgbuild "$pkgbuild" -assert_non_empty inputs.commit_username "$commit_username" -assert_non_empty inputs.commit_email "$commit_email" -assert_non_empty inputs.ssh_private_key "$ssh_private_key" - export HOME=/home/builder -# Ignore "." and ".." to prevent errors when glob pattern for assets matches hidden files -GLOBIGNORE=".:.." +echo 'Adding aur.archlinux.org to known hosts...' +ssh-keyscan -v -t "$ssh_keyscan_types" aur.archlinux.org >> ~/.ssh/known_hosts -echo '::group::Adding aur.archlinux.org to known hosts' -ssh-keyscan -v -t "$ssh_keyscan_types" aur.archlinux.org >>~/.ssh/known_hosts -echo '::endgroup::' - -echo '::group::Importing private key' -echo "$ssh_private_key" >~/.ssh/aur +echo 'Importing private key...' +echo "$ssh_private_key" > ~/.ssh/aur chmod -vR 600 ~/.ssh/aur* -ssh-keygen -vy -f ~/.ssh/aur >~/.ssh/aur.pub -echo '::endgroup::' +ssh-keygen -vy -f ~/.ssh/aur > ~/.ssh/aur.pub -echo '::group::Checksums of SSH keys' +echo 'Checksums of SSH keys...' sha512sum ~/.ssh/aur ~/.ssh/aur.pub -echo '::endgroup::' -echo '::group::Configuring Git' +echo 'Configuring git...' git config --global user.name "$commit_username" git config --global user.email "$commit_email" -echo '::endgroup::' -echo '::group::Cloning AUR package into /tmp/local-repo' +echo 'Cloning AUR package into /tmp/local-repo...' git clone -v "https://aur.archlinux.org/${pkgname}.git" /tmp/local-repo -echo '::endgroup::' - -echo '::group::Copying files into /tmp/local-repo' -{ - echo "Copying $pkgbuild" - cp -v "$pkgbuild" /tmp/local-repo/PKGBUILD -} -# shellcheck disable=SC2086 -# Ignore quote rule because we need to expand glob patterns to copy $assets -if [[ -n "$assets" ]]; then - echo 'Copying' $assets - cp -rvt /tmp/local-repo/ $assets -fi -echo '::endgroup::' - -if [ "$updpkgsums" == "true" ]; then - echo '::group::Updating checksums' - cd /tmp/local-repo/ - updpkgsums - echo '::endgroup::' -fi - -if [ "$test" == "true" ]; then - echo '::group::Building package with makepkg' - cd /tmp/local-repo/ - makepkg "${test_flags[@]}" - echo '::endgroup::' -fi - -echo '::group::Generating .SRCINFO' cd /tmp/local-repo -makepkg --printsrcinfo >.SRCINFO -echo '::endgroup::' - -if [ -n "$post_process" ]; then - echo '::group::Executing post process commands' - cd /tmp/local-repo/ - eval "$post_process" - echo '::endgroup::' -fi -echo '::group::Committing files to the repository' -if [[ -z "$assets" ]]; then - # When $assets are not set, we can add just PKGBUILD and .SRCINFO - # This is to prevent unintended behaviour and maintain backwards compatibility - git add -fv PKGBUILD .SRCINFO -else - # We cannot just re-use $assets because it contains absolute paths outside repository - # But we can just add all files in the repository which should also include all $assets - git add --all -fi +echo 'Copying PKGBUILD...' +cp -v /PKGBUILD ./ -case "$allow_empty_commits" in -true) - git commit --allow-empty -m "$commit_message" - ;; -false) - git diff-index --quiet HEAD || git commit -m "$commit_message" # use `git diff-index --quiet HEAD ||` to avoid error - ;; -*) - echo "::error::Invalid Value: inputs.allow_empty_commits is neither 'true' nor 'false': '$allow_empty_commits'" - exit 2 - ;; -esac -echo '::endgroup::' +echo "Updating .SRCINFO" +makepkg --printsrcinfo > .SRCINFO -echo '::group::Publishing the repository' +echo "Publishing..." git remote add aur "ssh://aur@aur.archlinux.org/${pkgname}.git" -case "$force_push" in -true) - git push -v --force aur master - ;; -false) - git push -v aur master - ;; -*) - echo "::error::Invalid Value: inputs.force_push is neither 'true' nor 'false': '$force_push'" - exit 3 - ;; -esac -echo '::endgroup::' +git add -fv PKGBUILD .SRCINFO +git commit --allow-empty -m "$commit_message" +git push -fv aur master diff --git a/entrypoint.sh b/entrypoint.sh index a2d9894..1e88822 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,19 +2,21 @@ set -o errexit -o pipefail -o nounset -echo '::group::Creating builder user' +pkgbuild=$INPUT_PKGBUILD + +echo 'Creating builder user...' useradd --create-home --shell /bin/bash builder passwd --delete builder -mkdir -p /etc/sudoers.d/ -echo "builder ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/builder -echo '::endgroup::' -echo '::group::Initializing SSH directory' +echo 'Initializing ssh directory...' mkdir -pv /home/builder/.ssh touch /home/builder/.ssh/known_hosts cp -v /ssh_config /home/builder/.ssh/config chown -vR builder:builder /home/builder chmod -vR 600 /home/builder/.ssh/* -echo '::endgroup::' +echo 'Copying PKGBUILD...' +cp -r "$pkgbuild" /PKGBUILD + +echo 'Running build.sh...' exec runuser builder --command 'bash -l -c /build.sh' diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..f45d8f1 --- /dev/null +++ b/renovate.json @@ -0,0 +1,5 @@ +{ + "extends": [ + "config:base" + ] +} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy