Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
c6198ea6b7 | ||
|
|
9ef31866f1 | ||
|
|
77b86dc3fc | ||
|
|
0999303cd3 | ||
|
|
384c4592d1 | ||
|
|
815bdfed80 | ||
|
|
243da39fe3 | ||
|
|
0a1e768dfe |
@@ -92,62 +92,6 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
pkg-arch:
|
|
||||||
needs: release
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
|
|
||||||
- name: Build Arch package
|
|
||||||
run: |
|
|
||||||
VERSION="${{ github.event.inputs.tag || github.ref_name }}"
|
|
||||||
PKGVER="${VERSION#v}"
|
|
||||||
|
|
||||||
# Source archive — prefix=unitdore-vVERSION/ matches `cd "$pkgname-v$pkgver"` in PKGBUILD
|
|
||||||
git archive --format=zip --prefix=unitdore-v${PKGVER}/ HEAD \
|
|
||||||
> pkg/arch/unitdore-${PKGVER}.zip
|
|
||||||
SHA=$(sha256sum pkg/arch/unitdore-${PKGVER}.zip | cut -d' ' -f1)
|
|
||||||
|
|
||||||
# Patch PKGBUILD for local build
|
|
||||||
sed -i \
|
|
||||||
-e "s/^pkgver=.*/pkgver=${PKGVER}/" \
|
|
||||||
-e "s/^sha256sums=.*/sha256sums=('${SHA}')/" \
|
|
||||||
-e "s|source=.*|source=(\"unitdore-\${pkgver}.zip\")|" \
|
|
||||||
pkg/arch/PKGBUILD
|
|
||||||
|
|
||||||
mkdir -p pkg/arch/out
|
|
||||||
docker run --rm \
|
|
||||||
-v "$PWD/pkg/arch:/build" \
|
|
||||||
-v "$PWD/pkg/arch/out:/out" \
|
|
||||||
-w /build \
|
|
||||||
archlinux:latest \
|
|
||||||
bash -c "
|
|
||||||
pacman -Syu --noconfirm base-devel go &&
|
|
||||||
useradd -m builder &&
|
|
||||||
chown -R builder:builder /build &&
|
|
||||||
runuser -u builder -- bash -c 'cd /build && makepkg --noconfirm --noprogressbar' &&
|
|
||||||
cp /build/*.pkg.tar.zst /out/
|
|
||||||
"
|
|
||||||
|
|
||||||
- name: Upload to release
|
|
||||||
run: |
|
|
||||||
TAG="${{ github.event.inputs.tag || github.ref_name }}"
|
|
||||||
RELEASE=$(curl -s "${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/releases/tags/${TAG}" \
|
|
||||||
-H "Authorization: token ${GITHUB_TOKEN}")
|
|
||||||
UPLOAD_URL=$(echo "$RELEASE" | grep -o '"upload_url":"[^"]*"' | cut -d'"' -f4)
|
|
||||||
for f in pkg/arch/out/*.pkg.tar.zst; do
|
|
||||||
FNAME=$(basename "$f")
|
|
||||||
echo "Uploading $FNAME..."
|
|
||||||
curl -s -X POST "${UPLOAD_URL}?name=${FNAME}" \
|
|
||||||
-H "Authorization: token ${GITHUB_TOKEN}" \
|
|
||||||
-H "Content-Type: application/octet-stream" \
|
|
||||||
--data-binary "@${f}" > /dev/null
|
|
||||||
done
|
|
||||||
env:
|
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
|
|
||||||
pkg-aur:
|
pkg-aur:
|
||||||
needs: release
|
needs: release
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
@@ -158,46 +102,98 @@ jobs:
|
|||||||
env:
|
env:
|
||||||
AUR_SSH_KEY: ${{ secrets.AUR_SSH_KEY }}
|
AUR_SSH_KEY: ${{ secrets.AUR_SSH_KEY }}
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
VERSION="${{ github.event.inputs.tag || github.ref_name }}"
|
VERSION="${{ github.event.inputs.tag || github.ref_name }}"
|
||||||
PKGVER="${VERSION#v}"
|
PKGVER="${VERSION#v}"
|
||||||
|
AUR_KEY_PATH="$HOME/.ssh/aur"
|
||||||
|
AUR_KNOWN_HOSTS="$HOME/.ssh/known_hosts"
|
||||||
|
|
||||||
# Setup SSH for AUR
|
# Setup SSH for AUR
|
||||||
mkdir -p ~/.ssh
|
mkdir -p ~/.ssh
|
||||||
echo "$AUR_SSH_KEY" > ~/.ssh/aur
|
chmod 700 ~/.ssh
|
||||||
chmod 600 ~/.ssh/aur
|
|
||||||
ssh-keyscan aur.archlinux.org >> ~/.ssh/known_hosts
|
if [ -z "${AUR_SSH_KEY:-}" ]; then
|
||||||
|
echo "AUR_SSH_KEY is empty"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Support raw multiline keys, escaped \\n secrets, or base64-encoded keys.
|
||||||
|
CLEAN_AUR_SSH_KEY="$(printf '%s' "$AUR_SSH_KEY" | tr -d '\r')"
|
||||||
|
if printf '%s' "$CLEAN_AUR_SSH_KEY" | grep -q "^-----BEGIN .*PRIVATE KEY-----$"; then
|
||||||
|
printf '%s\n' "$CLEAN_AUR_SSH_KEY" > "$AUR_KEY_PATH"
|
||||||
|
elif printf '%s' "$CLEAN_AUR_SSH_KEY" | grep -q '\\n'; then
|
||||||
|
printf '%b\n' "$CLEAN_AUR_SSH_KEY" > "$AUR_KEY_PATH"
|
||||||
|
else
|
||||||
|
if printf '%s' "$CLEAN_AUR_SSH_KEY" | tr -d '[:space:]' | base64 --decode > "$AUR_KEY_PATH" 2>/dev/null; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
printf '%s\n' "$CLEAN_AUR_SSH_KEY" > "$AUR_KEY_PATH"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
chmod 600 "$AUR_KEY_PATH"
|
||||||
|
|
||||||
|
if ! ssh-keygen -y -f "$AUR_KEY_PATH" >/dev/null 2>&1; then
|
||||||
|
echo "AUR_SSH_KEY is not a valid private key."
|
||||||
|
echo "Store it as a raw private key, an escaped private key with \\n, or a base64-encoded private key."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ssh-keyscan -t rsa,ed25519 aur.archlinux.org >> "$AUR_KNOWN_HOSTS"
|
||||||
|
chmod 644 "$AUR_KNOWN_HOSTS"
|
||||||
|
|
||||||
# Clone AUR repo
|
# Clone AUR repo
|
||||||
GIT_SSH_COMMAND="ssh -i ~/.ssh/aur" git clone ssh://aur@aur.archlinux.org/unitdore.git aur-repo
|
GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes -o UserKnownHostsFile=$AUR_KNOWN_HOSTS -i $AUR_KEY_PATH" \
|
||||||
|
git clone ssh://aur@aur.archlinux.org/unitdore.git aur-repo
|
||||||
|
|
||||||
# Compute SHA256 of the release tarball (same URL the PKGBUILD will download)
|
CURRENT_PKGVER=$(awk -F= '/^pkgver=/ {print $2; exit}' aur-repo/PKGBUILD | tr -d "[:space:]")
|
||||||
|
CURRENT_PKGREL=$(awk -F= '/^pkgrel=/ {print $2; exit}' aur-repo/PKGBUILD | tr -d "[:space:]")
|
||||||
|
|
||||||
|
if [ "$CURRENT_PKGVER" = "$PKGVER" ]; then
|
||||||
|
case "$CURRENT_PKGREL" in
|
||||||
|
''|*[!0-9]*)
|
||||||
|
echo "Unsupported pkgrel in AUR repo: ${CURRENT_PKGREL}"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
PKGREL=$((CURRENT_PKGREL + 1))
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
else
|
||||||
|
PKGREL=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Publishing AUR package version ${PKGVER}-${PKGREL}"
|
||||||
|
|
||||||
|
# Compute SHA256 of the source archive from the same URL the PKGBUILD will download.
|
||||||
SHA=$(curl -fsSL "https://git.warky.dev/wdevs/unitdore/archive/v${PKGVER}.zip" | sha256sum | cut -d' ' -f1)
|
SHA=$(curl -fsSL "https://git.warky.dev/wdevs/unitdore/archive/v${PKGVER}.zip" | sha256sum | cut -d' ' -f1)
|
||||||
|
|
||||||
# Update PKGBUILD — keep remote source URL, only bump version and checksum
|
# Update PKGBUILD — keep remote source URL, bump version/checksum, and increment pkgrel for same-version rebuilds.
|
||||||
sed -e "s/^pkgver=.*/pkgver=${PKGVER}/" \
|
sed -e "s/^pkgver=.*/pkgver=${PKGVER}/" \
|
||||||
-e "s/^pkgrel=.*/pkgrel=1/" \
|
-e "s/^pkgrel=.*/pkgrel=${PKGREL}/" \
|
||||||
-e "s/^sha256sums=.*/sha256sums=('${SHA}')/" \
|
-e "s/^sha256sums=.*/sha256sums=('${SHA}')/" \
|
||||||
pkg/arch/PKGBUILD > aur-repo/PKGBUILD
|
pkg/arch/PKGBUILD > aur-repo/PKGBUILD
|
||||||
|
|
||||||
# Generate .SRCINFO inside an Arch container
|
# Generate .SRCINFO inside an Arch container (docker cp avoids DinD volume mount issues)
|
||||||
docker run --rm \
|
CID=$(docker run -d archlinux:latest sleep infinity)
|
||||||
-v "$PWD/aur-repo:/build" \
|
docker cp aur-repo/PKGBUILD $CID:/build/PKGBUILD || (docker exec $CID mkdir -p /build && docker cp aur-repo/PKGBUILD $CID:/build/PKGBUILD)
|
||||||
-w /build \
|
docker exec $CID bash -c "
|
||||||
archlinux:latest \
|
|
||||||
bash -c "
|
|
||||||
pacman -Sy --noconfirm base-devel &&
|
pacman -Sy --noconfirm base-devel &&
|
||||||
useradd -m builder &&
|
useradd -m builder &&
|
||||||
chown -R builder:builder /build &&
|
chown -R builder:builder /build &&
|
||||||
runuser -u builder -- bash -c 'cd /build && makepkg --printsrcinfo > .SRCINFO'
|
runuser -u builder -- bash -c 'cd /build && makepkg --printsrcinfo > .SRCINFO'
|
||||||
"
|
"
|
||||||
|
docker cp $CID:/build/.SRCINFO aur-repo/.SRCINFO
|
||||||
|
docker rm -f $CID
|
||||||
|
|
||||||
# Commit and push to AUR master
|
# Commit and push to AUR master
|
||||||
cd aur-repo
|
cd aur-repo
|
||||||
git config user.email "hein@warky.dev"
|
git config user.email "hein@warky.dev"
|
||||||
git config user.name "Hein"
|
git config user.name "Hein"
|
||||||
git add PKGBUILD .SRCINFO
|
git add PKGBUILD .SRCINFO
|
||||||
git commit -m "Update to v${PKGVER}"
|
git commit -m "Update to v${PKGVER}-${PKGREL}"
|
||||||
GIT_SSH_COMMAND="ssh -i ~/.ssh/aur" git push origin HEAD:master
|
GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=yes -o UserKnownHostsFile=$AUR_KNOWN_HOSTS -i $AUR_KEY_PATH" \
|
||||||
|
git push origin HEAD:master
|
||||||
|
|
||||||
pkg-deb:
|
pkg-deb:
|
||||||
needs: release
|
needs: release
|
||||||
@@ -266,8 +262,16 @@ jobs:
|
|||||||
|
|
||||||
- name: Build RPM
|
- name: Build RPM
|
||||||
run: |
|
run: |
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
VERSION="${{ github.event.inputs.tag || github.ref_name }}"
|
VERSION="${{ github.event.inputs.tag || github.ref_name }}"
|
||||||
PKGVER="${VERSION#v}"
|
PKGVER="${VERSION#v}"
|
||||||
|
GO_VER="$(awk '/^go / { print $2; exit }' go.mod)"
|
||||||
|
|
||||||
|
if [ -z "${GO_VER}" ]; then
|
||||||
|
echo "Failed to determine Go version from go.mod"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# Source tarball — prefix=unitdore-VERSION/ matches RPM %autosetup convention
|
# Source tarball — prefix=unitdore-VERSION/ matches RPM %autosetup convention
|
||||||
git archive --format=tar.gz --prefix=unitdore-${PKGVER}/ HEAD \
|
git archive --format=tar.gz --prefix=unitdore-${PKGVER}/ HEAD \
|
||||||
@@ -277,22 +281,37 @@ jobs:
|
|||||||
sed -i "s/^Version:.*/Version: ${PKGVER}/" pkg/centos/unitdore.spec
|
sed -i "s/^Version:.*/Version: ${PKGVER}/" pkg/centos/unitdore.spec
|
||||||
|
|
||||||
mkdir -p pkg/centos/out
|
mkdir -p pkg/centos/out
|
||||||
docker run --rm \
|
CID=$(docker create \
|
||||||
-v "$PWD:/workspace" \
|
-e GO_VER="${GO_VER}" \
|
||||||
-v "$PWD/pkg/centos/out:/out" \
|
-e PKGVER="${PKGVER}" \
|
||||||
-w /workspace \
|
-w /build \
|
||||||
rockylinux:9 \
|
rockylinux:9 \
|
||||||
bash -c "
|
bash -lc "
|
||||||
dnf install -y rpm-build git curl &&
|
set -euo pipefail
|
||||||
GO_VER=\$(grep '^go ' /workspace/go.mod | awk '{print \$2}') &&
|
# Rocky 9 images already ship curl-minimal, which is enough for the Go tarball download.
|
||||||
|
dnf install -y rpm-build git &&
|
||||||
curl -fsSL https://go.dev/dl/go\${GO_VER}.linux-amd64.tar.gz | tar -C /usr/local -xz &&
|
curl -fsSL https://go.dev/dl/go\${GO_VER}.linux-amd64.tar.gz | tar -C /usr/local -xz &&
|
||||||
export PATH=\$PATH:/usr/local/go/bin &&
|
export PATH=\$PATH:/usr/local/go/bin &&
|
||||||
mkdir -p ~/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} &&
|
mkdir -p ~/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} &&
|
||||||
cp unitdore-${PKGVER}.tar.gz ~/rpmbuild/SOURCES/ &&
|
cp unitdore-${PKGVER}.tar.gz ~/rpmbuild/SOURCES/ &&
|
||||||
cp pkg/centos/unitdore.spec ~/rpmbuild/SPECS/ &&
|
cp pkg/centos/unitdore.spec ~/rpmbuild/SPECS/ &&
|
||||||
rpmbuild --nodeps -ba ~/rpmbuild/SPECS/unitdore.spec &&
|
rpmbuild --nodeps -ba ~/rpmbuild/SPECS/unitdore.spec
|
||||||
find ~/rpmbuild/RPMS -name '*.rpm' -exec cp {} /out/ \;
|
")
|
||||||
"
|
|
||||||
|
cleanup() {
|
||||||
|
docker rm -f "$CID" >/dev/null 2>&1 || true
|
||||||
|
}
|
||||||
|
trap cleanup EXIT
|
||||||
|
|
||||||
|
# Avoid bind mounts here because DinD runners may not expose the checkout path to the Docker daemon.
|
||||||
|
docker cp unitdore-${PKGVER}.tar.gz "$CID:/build/unitdore-${PKGVER}.tar.gz"
|
||||||
|
docker cp pkg "$CID:/build/pkg"
|
||||||
|
|
||||||
|
docker start -a "$CID"
|
||||||
|
docker cp "$CID:/root/rpmbuild/RPMS/." pkg/centos/out/
|
||||||
|
|
||||||
|
trap - EXIT
|
||||||
|
cleanup
|
||||||
|
|
||||||
- name: Upload to release
|
- name: Upload to release
|
||||||
run: |
|
run: |
|
||||||
|
|||||||
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1,2 +1,3 @@
|
|||||||
unitdore
|
unitdore
|
||||||
*.exe
|
*.exe
|
||||||
|
.codex
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# Maintainer: Hein (Warky Devs) <hein@warky.dev>
|
# Maintainer: Hein (Warky Devs) <hein@warky.dev>
|
||||||
pkgname=unitdore
|
pkgname=unitdore
|
||||||
pkgver=0.1.0
|
pkgver=0.0.4
|
||||||
pkgrel=1
|
pkgrel=1
|
||||||
pkgdesc="A door you open and close for container units — manage containers via systemd"
|
pkgdesc="A door you open and close for container units — manage containers via systemd"
|
||||||
arch=('x86_64' 'aarch64')
|
arch=('x86_64' 'aarch64')
|
||||||
@@ -12,12 +12,11 @@ optdepends=(
|
|||||||
'docker: Docker container runtime support'
|
'docker: Docker container runtime support'
|
||||||
)
|
)
|
||||||
makedepends=('go')
|
makedepends=('go')
|
||||||
backup=('etc/unitdore/units.yaml')
|
|
||||||
source=("$pkgname-$pkgver.zip::$url/archive/v$pkgver.zip")
|
source=("$pkgname-$pkgver.zip::$url/archive/v$pkgver.zip")
|
||||||
sha256sums=('SKIP')
|
sha256sums=('SKIP')
|
||||||
|
|
||||||
build() {
|
build() {
|
||||||
cd "$pkgname-v$pkgver"
|
cd "$pkgname"
|
||||||
export CGO_ENABLED=0
|
export CGO_ENABLED=0
|
||||||
go build \
|
go build \
|
||||||
-trimpath \
|
-trimpath \
|
||||||
@@ -26,12 +25,12 @@ build() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
check() {
|
check() {
|
||||||
cd "$pkgname-v$pkgver"
|
cd "$pkgname"
|
||||||
go test ./...
|
go test ./...
|
||||||
}
|
}
|
||||||
|
|
||||||
package() {
|
package() {
|
||||||
cd "$pkgname-v$pkgver"
|
cd "$pkgname"
|
||||||
|
|
||||||
# Binary
|
# Binary
|
||||||
install -Dm755 "$pkgname" "$pkgdir/usr/bin/$pkgname"
|
install -Dm755 "$pkgname" "$pkgdir/usr/bin/$pkgname"
|
||||||
|
|||||||
Reference in New Issue
Block a user