wdevs/unitdore
5
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases 7 Wiki Activity

chore(release): enhance AUR SSH setup for key handling

Browse Source 
* Improve SSH key setup by auto-detecting key format
* Add diagnostics for key validation and size
This commit is contained in:
Hein
2026-04-08 15:41:35 +02:00
parent 243da39fe3
commit 815bdfed80
1 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.gitea/workflows/release.yml
View File

@@ -105,14 +105,27 @@ jobs:
VERSION="${{ github.event.inputs.tag || github.ref_name }}"
PKGVER="${VERSION#v}"
# Setup SSH for AUR (key is stored base64-encoded to avoid newline mangling in secrets)
# Setup SSH for AUR
mkdir -p ~/.ssh
echo "$AUR_SSH_KEY" | base64 -d > ~/.ssh/aur
chmod 700 ~/.ssh
# Auto-detect: raw PEM key or base64-encoded key
if printf '%s' "$AUR_SSH_KEY" | grep -q "BEGIN"; then
printf '%b' "$AUR_SSH_KEY" > ~/.ssh/aur
else
printf '%s' "$AUR_SSH_KEY" | tr -d '[:space:]' | base64 -d > ~/.ssh/aur
fi
chmod 600 ~/.ssh/aur
# Diagnostics (no key content exposed)
echo "Key file size: $(wc -c < ~/.ssh/aur) bytes"
echo "Key file first line: $(head -1 ~/.ssh/aur)"
echo "Key file last line: $(tail -1 ~/.ssh/aur)"
ssh-keygen -l -f ~/.ssh/aur && echo "Key is valid" || echo "Key is INVALID"
ssh-keyscan aur.archlinux.org >> ~/.ssh/known_hosts
# Clone AUR repo
GIT_SSH_COMMAND="ssh -i ~/.ssh/aur" git clone ssh://aur@aur.archlinux.org/unitdore.git aur-repo
GIT_SSH_COMMAND="ssh -vvv -i ~/.ssh/aur" git clone ssh://aur@aur.archlinux.org/unitdore.git aur-repo
# Compute SHA256 of the release tarball (same URL the PKGBUILD will download)
SHA=$(curl -fsSL "https://git.warky.dev/wdevs/unitdore/archive/v${PKGVER}.zip" | sha256sum | cut -d' ' -f1)
@@ -141,7 +154,7 @@ jobs:
git config user.name "Hein"
git add PKGBUILD .SRCINFO
git commit -m "Update to v${PKGVER}"
GIT_SSH_COMMAND="ssh -i ~/.ssh/aur" git push origin HEAD:master
GIT_SSH_COMMAND="ssh -vvv -i ~/.ssh/aur" git push origin HEAD:master
pkg-deb:
needs: release