-
Notifications
You must be signed in to change notification settings - Fork 5
133 lines (108 loc) · 5.74 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
---
name: CI
'on':
pull_request:
push:
jobs:
changed_pkgs:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.changed-pkgs.outputs.matrix }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: retrieve changed pkgs
id: changed-pkgs
run: |
CHANGED_DIRS=$(git diff --name-only ${{ github.event.before }}..${{ github.event.after }} | grep PKGBUILD | cut -d / -f 1)
if [ -z "$CHANGED_DIRS" ]; then CHANGED_DIRS=$(git diff --name-only origin/master..HEAD | grep PKGBUILD | cut -d / -f 1); fi
CHANGED_PKGS=$(for pkg in ${CHANGED_DIRS}; do echo -n '{"pkg":'; echo -n "\"$pkg"\"; echo -n "},"; done | sed 's/,\([^,]*\)$/\1/';)
echo "matrix={\"include\":[${CHANGED_PKGS}]}" >> $GITHUB_OUTPUT
makepkg:
needs: changed_pkgs
name: makepkg
runs-on: ubuntu-latest
strategy:
matrix: ${{fromJson(needs.changed_pkgs.outputs.matrix)}}
steps:
- name: Check out the codebase.
uses: actions/checkout@v4
- name: Exit if pkg doesn't exist.
run: if [ ! -d "${{ matrix.pkg }}" ]; then exit 1; fi
- name: Pull devel image.
run: docker pull quay.io/aminvakil/archlinux:devel
- name: Run a container of devel image and mount package on it.
run: |
container_id=$(mktemp)
docker run --detach --privileged --cgroup-parent=docker.slice --cgroupns private --tmpfs /run --tmpfs /run/lock -v "${PWD}/${{ matrix.pkg }}":/pkg quay.io/aminvakil/archlinux:devel > "${container_id}"
echo "container_id=$container_id" >> $GITHUB_ENV
- name: Execute stuff before makepkg if there is any.
run: |
if [ -f ci/"${{ matrix.pkg }}"/before_makepkg.sh ]; then
shellcheck ci/"${{ matrix.pkg }}"/before_makepkg.sh
docker exec -i "$(cat ${container_id})" sh < ci/"${{ matrix.pkg }}"/before_makepkg.sh
fi
- name: Upgrade all packages.
run: docker exec "$(cat ${container_id})" pacman -Syu --noconfirm
- name: Change ownership of package folder
run: "docker exec $(cat ${container_id}) chown -R devel: /pkg"
- name: Install namcap
run: docker exec "$(cat ${container_id})" pacman -Syu namcap --noconfirm
- name: Namcap!
run: if [ ! -f ci/"${{ matrix.pkg }}"/namcap_skip ]; then docker exec "$(cat ${container_id})" su devel sh -c "cd /pkg && namcap PKGBUILD"; fi
- name: Makepkg!
run: docker exec "$(cat ${container_id})" su devel sh -c "cd /pkg && makepkg -sri --check --noconfirm"
- name: Execute stuff after makepkg if there is any.
run: |
if [ -f ci/"${{ matrix.pkg }}"/after_makepkg.sh ]; then
shellcheck ci/"${{ matrix.pkg }}"/after_makepkg.sh
docker exec -i "$(cat ${container_id})" sh < ci/"${{ matrix.pkg }}"/after_makepkg.sh
fi
- name: Stop and remove container forcefully.
run: docker rm -f "$(cat ${container_id})"
aurpublish:
if: github.ref == 'refs/heads/master' && github.event_name == 'push'
needs: [changed_pkgs,makepkg]
name: Push to AUR
runs-on: ubuntu-latest
strategy:
matrix: ${{fromJson(needs.changed_pkgs.outputs.matrix)}}
steps:
- name: Check out the codebase.
uses: actions/checkout@v4
- name: Pull base image.
run: docker pull quay.io/aminvakil/archlinux:latest
- name: Run a container of base image and mount repository on it.
run: |
container_id=$(mktemp)
docker run --detach --privileged --cgroup-parent=docker.slice --cgroupns private --tmpfs /tmp --tmpfs /run --tmpfs /run/lock quay.io/aminvakil/archlinux:latest > "${container_id}"
echo "container_id=$container_id" >> $GITHUB_ENV
- name: Install aurpublish
run: docker exec "$(cat ${container_id})" pacman -Syu aurpublish --noconfirm
- name: Configure ssh config
run: |
docker exec "$(cat ${container_id})" bash -c "mkdir -p /root/.ssh/keys"
docker exec "$(cat ${container_id})" bash -c "echo 'Host aur aur.archlinux.org' > /root/.ssh/config"
docker exec "$(cat ${container_id})" bash -c "echo ' User aur' >> /root/.ssh/config"
docker exec "$(cat ${container_id})" bash -c "echo ' Hostname aur.archlinux.org' >> /root/.ssh/config"
docker exec "$(cat ${container_id})" bash -c "echo ' IdentityFile ~/.ssh/keys/aur' >> /root/.ssh/config"
- name: Add aur.archlinux host key
run: docker exec "$(cat ${container_id})" bash -c "echo 'aur.archlinux.org,95.216.144.15 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLMiLrP8pVi5BFX2i3vepSUnpedeiewE5XptnUnau+ZoeUOPkpoCgZZuYfpaIQfhhJJI5qgnjJmr4hyJbe/zxow=' > /root/.ssh/known_hosts"
- name: Configure git user.email and user.name
run: |
docker exec "$(cat ${container_id})" bash -c "git config --global user.email '[email protected]'"
docker exec "$(cat ${container_id})" bash -c "git config --global user.name 'Amin Vakil'"
- name: Configure ssh key
run: |
docker exec "$(cat ${container_id})" bash -c "echo '${{ secrets.AUR_KEY }}' > /root/.ssh/keys/aur"
docker exec "$(cat ${container_id})" bash -c "chmod 400 /root/.ssh/keys/aur"
- name: Aurpublish!
run: |
docker exec "$(cat ${container_id})" bash -c "mkdir /repo && cd /repo && git clone https://github.com/aminvakil/aur"
docker exec "$(cat ${container_id})" bash -c "cd /repo/aur && aurpublish ${{ matrix.pkg }}"
- name: Remove ssh key
run: docker exec "$(cat ${container_id})" bash -c "rm /root/.ssh/keys/aur"
- name: Stop and remove container forcefully.
run: docker rm -f "$(cat ${container_id})"