Skip to content

Commit a0a7b85

Browse files
jbouterjbouter
committed
Initial release
Signed-off-by: Jeffrey Bouter <jb@warpnet.nl>
1 parent 9376dc1 commit a0a7b85

File tree

6 files changed

+233
-0
lines changed

6 files changed

+233
-0
lines changed

Dockerfile

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
FROM alpine:latest
2+
3+
RUN apk update --no-cache \
4+
&& apk add --no-cache openssh-client openssh-keygen shadow pacman \
5+
&& rm -rf /var/cache/apk/*
6+
7+
COPY entrypoint.sh /entrypoint.sh
8+
COPY build.sh /build.sh
9+
COPY ssh_config /ssh_config
10+
11+
ENTRYPOINT ["/entrypoint.sh"]

README.md

Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,78 @@
11
# aur-releaser
22
Allow releasing packages to the AUR
3+
4+
## Notes
5+
6+
This workflow is heavily based on [KSXGitHub/github-actions-deploy-aur](https://github.com/KSXGitHub/github-actions-deploy-aur)
7+
8+
## Inputs
9+
10+
### `pkgname`
11+
12+
**Required** AUR package name.
13+
14+
### `pkgbuild`
15+
16+
**Required** Path to PKGBUILD file. This file is often generated by prior steps.
17+
18+
### `commit_username`
19+
20+
**Required** The username to use when creating the new commit.
21+
22+
### `commit_email`
23+
24+
**Required** The email to use when creating the new commit.
25+
26+
### `ssh_private_key`
27+
28+
**Required** Your private key with access to AUR package.
29+
30+
### `commit_message`
31+
32+
**Optional** Commit message to use when creating the new commit.
33+
34+
### `allow_empty_commits`
35+
36+
**Optional** Allow empty commits, i.e. commits with no change. The default value is `true`.
37+
38+
### `force_push`
39+
40+
**Optional** Use `--force` when push to the AUR. The default value is `false`.
41+
42+
### `ssh_keyscan_types`
43+
44+
**Optional** Comma-separated list of types to use when adding aur.archlinux.org to known hosts.
45+
46+
## Example usage
47+
48+
```yaml
49+
name: aur-publish
50+
51+
on:
52+
push:
53+
tags:
54+
- '*'
55+
56+
jobs:
57+
aur-publish:
58+
runs-on: ubuntu-latest
59+
steps:
60+
- uses: actions/checkout@v2
61+
62+
- name: Publish AUR package
63+
uses: KSXGitHub/github-actions-deploy-aur@<TAG>
64+
with:
65+
pkgname: my-awesome-package
66+
pkgbuild: ./PKGBUILD
67+
commit_username: ${{ secrets.AUR_USERNAME }}
68+
commit_email: ${{ secrets.AUR_EMAIL }}
69+
ssh_private_key: ${{ secrets.AUR_SSH_PRIVATE_KEY }}
70+
commit_message: Update AUR package
71+
ssh_keyscan_types: rsa,dsa,ecdsa,ed25519
72+
```
73+
74+
**Note:** Replace `<TAG>` in the above code snippet with a tag of this repo.
75+
76+
**Tip:** To create secrets (such as `secrets.AUR_USERNAME`, `secrets.AUR_EMAIL`, and `secrets.AUR_SSH_PRIVATE_KEY` above), go to `$YOUR_GITHUB_REPO_URL/settings/secrets`. [Read this for more information](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets).
77+
78+
**Tip:** This action does not generate PKGBUILD for you, you must generate it yourself (e.g. by using actions before this action).

action.yml

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
name: 'Release AUR package'
2+
description: 'Release an AUR package'
3+
author: jbouter
4+
branding:
5+
color: blue
6+
icon: package
7+
inputs:
8+
pkgname:
9+
description: 'AUR package name'
10+
required: true
11+
pkgbuild:
12+
description: 'Path to PKGBUILD file'
13+
required: true
14+
commit_username:
15+
description: 'The username to use when creating the new commit'
16+
required: true
17+
commit_email:
18+
description: 'The email to use when creating the new commit'
19+
required: true
20+
ssh_private_key:
21+
description: 'Your private key with access to AUR package.'
22+
required: true
23+
commit_message:
24+
description: 'Commit message to use when creating the new commit'
25+
required: false
26+
default: 'Update PKGBUILD and .SRCINFO with GitHub Actions'
27+
allow_empty_commits:
28+
description: 'Allow empty commits, i.e. commits with no change.'
29+
required: false
30+
default: 'true'
31+
force_push:
32+
description: 'Use --force when push to the AUR.'
33+
required: false
34+
default: 'false'
35+
ssh_keyscan_types:
36+
description: 'Comma-separated list of types to use when adding aur.archlinux.org to known hosts'
37+
required: false
38+
default: 'rsa,dsa,ecdsa,ed25519'
39+
runs:
40+
using: 'docker'
41+
image: 'Dockerfile'

build.sh

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
#!/bin/bash
2+
# shellcheck disable=SC2024
3+
4+
set -euo pipefail
5+
6+
pkgname=$INPUT_PKGNAME
7+
commit_username=$INPUT_COMMIT_USERNAME
8+
commit_email=$INPUT_COMMIT_EMAIL
9+
ssh_private_key=$INPUT_SSH_PRIVATE_KEY
10+
commit_message=$INPUT_COMMIT_MESSAGE
11+
allow_empty_commits=$INPUT_ALLOW_EMPTY_COMMITS
12+
force_push=$INPUT_FORCE_PUSH
13+
ssh_keyscan_types=$INPUT_SSH_KEYSCAN_TYPES
14+
15+
export HOME=/home/builder
16+
17+
echo '::group::Adding aur.archlinux.org to known hosts'
18+
ssh-keyscan -v -t "$ssh_keyscan_types" aur.archlinux.org >>~/.ssh/known_hosts
19+
echo '::endgroup::'
20+
21+
echo '::group::Importing private key'
22+
echo "$ssh_private_key" >~/.ssh/aur
23+
chmod -vR 600 ~/.ssh/aur*
24+
ssh-keygen -vy -f ~/.ssh/aur >~/.ssh/aur.pub
25+
echo '::endgroup::'
26+
27+
echo '::group::Checksums of SSH keys'
28+
sha512sum ~/.ssh/aur ~/.ssh/aur.pub
29+
echo '::endgroup::'
30+
31+
echo '::group::Configuring git'
32+
git config --global user.name "$commit_username"
33+
git config --global user.email "$commit_email"
34+
echo '::endgroup::'
35+
36+
echo '::group::Cloning AUR package into /tmp/local-repo'
37+
git clone -v "https://aur.archlinux.org/${pkgname}.git" /tmp/local-repo
38+
echo '::endgroup::'
39+
40+
echo '::group::Generating PKGBUILD and .SRCINFO'
41+
cd /tmp/local-repo
42+
43+
echo 'Copying PKGBUILD...'
44+
cp -v /PKGBUILD ./
45+
46+
echo "Updating .SRCINFO"
47+
makepkg --printsrcinfo >.SRCINFO
48+
49+
echo '::endgroup::'
50+
51+
echo '::group::Publishing'
52+
git remote add aur "ssh://aur@aur.archlinux.org/${pkgname}.git"
53+
git add -fv PKGBUILD .SRCINFO
54+
case "$allow_empty_commits" in
55+
true)
56+
git commit --allow-empty -m "$commit_message"
57+
;;
58+
false)
59+
git diff-index --quiet HEAD || git commit -m "$commit_message" # use `git diff-index --quiet HEAD ||` to avoid error
60+
;;
61+
*)
62+
echo "::error::Invalid Value: inputs.allow_empty_commits is neither 'true' nor 'false': '$allow_empty_commits'"
63+
exit 2
64+
;;
65+
esac
66+
case "$force_push" in
67+
true)
68+
git push -v --force aur master
69+
;;
70+
false)
71+
git push -v aur master
72+
;;
73+
*)
74+
echo "::error::Invalid Value: inputs.force_push is neither 'true' nor 'false': '$force_push'"
75+
exit 3
76+
;;
77+
esac
78+
echo '::endgroup::'

entrypoint.sh

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
#!/bin/bash
2+
3+
set -euo pipefail
4+
5+
pkgbuild=$INPUT_PKGBUILD
6+
7+
echo '::group::Creating builder user'
8+
useradd --create-home --shell /bin/bash builder
9+
passwd --delete builder
10+
echo '::endgroup::'
11+
12+
echo '::group::Initializing ssh directory'
13+
mkdir -pv /home/builder/.ssh
14+
touch /home/builder/.ssh/known_hosts
15+
cp -v /ssh_config /home/builder/.ssh/config
16+
chown -vR builder:builder /home/builder
17+
chmod -vR 600 /home/builder/.ssh/*
18+
echo '::endgroup::'
19+
20+
echo '::group::Copying PKGBUILD'
21+
cp -r "$pkgbuild" /PKGBUILD
22+
echo '::endgroup::'
23+
24+
exec runuser builder --command 'bash -l -c /build.sh'

ssh_config

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
Host aur.archlinux.org
2+
IdentityFile ~/.ssh/aur
3+
User aur

0 commit comments

Comments
 (0)