From 7dde3896714cbc01e461ad38ab9142995e009866 Mon Sep 17 00:00:00 2001 From: Armin Schrenk Date: Tue, 7 Apr 2026 17:04:56 +0200 Subject: [PATCH] move aur-bin PR creation into own workflow --- .github/workflows/appimage.yml | 77 ---------------------------- .github/workflows/aur-bin.yml | 93 ++++++++++++++++++++++++++++++++++ 2 files changed, 93 insertions(+), 77 deletions(-) create mode 100644 .github/workflows/aur-bin.yml diff --git a/.github/workflows/appimage.yml b/.github/workflows/appimage.yml index 4b5fb0efa..091d8722f 100644 --- a/.github/workflows/appimage.yml +++ b/.github/workflows/appimage.yml @@ -242,80 +242,3 @@ jobs: read -ra AARCH64_SUM < <(sha256sum appimage-artifacts/appimage-aarch64/cryptomator-*-aarch64.AppImage) echo "x64-sha256sum=${X64_SUM[0]}" >> "$GITHUB_OUTPUT" echo "aarch64-sha256sum=${AARCH64_SUM[0]}" >> "$GITHUB_OUTPUT" - - create-aur-bin-pr: - name: Create PR for aur-bin repo - if: github.event_name == 'workflow_dispatch' && inputs.create-pr || github.event_name == 'release' && needs.get-version.outputs.versionType == 'stable' - runs-on: ubuntu-latest - needs: [build, get-version] - container: - image: archlinux:base-devel - env: - SEMVER_STR: ${{ needs.get-version.outputs.semVerStr }} - PKGDEST: ${{ github.workspace }}/pkgdest - SRCDEST: ${{ github.workspace }}/srcdest - steps: - - name: Prepare pacman - run: | - pacman-key --init - pacman-key --populate archlinux - pacman -Syu --noconfirm --needed git base-devel sudo gnupg maven unzip github-cli curl pacman-contrib - - name: Checkout cryptomator/aur-bin - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - repository: 'cryptomator/aur-bin' - token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - - name: Create build user - run: | - useradd -m builder - echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/builder - chown -R builder:builder "$GITHUB_WORKSPACE" - install -d -m 0755 -o builder -g builder "$PKGDEST" "$SRCDEST" - - name: Import Cryptomator release signing key - # try first ubuntu. on failure try openpgp keyservers - run: > - sudo -u builder gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys 58117AFA1F85B3EEC154677D615D449FE6E6A235 - || sudo -u builder gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 58117AFA1F85B3EEC154677D615D449FE6E6A235 - - name: Checkout release branch - run: | - git config --global safe.directory '*' - git checkout -b "release/${SEMVER_STR}" - - name: Update build file - run: | - sed -i -e "s|^pkgver=.*$|pkgver=${SEMVER_STR}|" PKGBUILD - sed -i -e 's|^pkgrel=.*$|pkgrel=1|' PKGBUILD - sudo -u builder updpkgsums - sudo -u builder makepkg --printsrcinfo > .SRCINFO - - name: Build package with makepkg - run: > - sudo -u builder - env PKGDEST="$PKGDEST" SRCDEST="$SRCDEST" - makepkg --syncdeps --cleanbuild --noconfirm --log - - name: Commit and push - run: | - git config user.name "cryptobot" - git config user.email "cryptobot@users.noreply.github.com" - git config push.autoSetupRemote true - git stage PKGBUILD .SRCINFO - git commit -m "Prepare release ${SEMVER_STR}" - git push - - name: Create pull request - id: create-pr - run: | - printf "Created by $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" > pr_body.md - PR_URL=$(gh pr create --title "Release ${SEMVER_STR}" --body-file pr_body.md) - echo "url=$PR_URL" >> "$GITHUB_OUTPUT" - env: - GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} - - name: Slack Notification - uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 - env: - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_CRYPTOMATOR_DESKTOP }} - SLACK_USERNAME: 'Cryptobot' - SLACK_ICON: false - SLACK_ICON_EMOJI: ':bot:' - SLACK_CHANNEL: 'cryptomator-desktop' - SLACK_TITLE: "AUR-bin release PR for ${{ github.event.repository.name }} ${{ needs.get-version.outputs.semVerStr }} created." - SLACK_MESSAGE: "See <${{ steps.create-pr.outputs.url }}|PR> on how to proceed." - SLACK_FOOTER: false - MSG_MINIMAL: true diff --git a/.github/workflows/aur-bin.yml b/.github/workflows/aur-bin.yml new file mode 100644 index 000000000..ea892fe0d --- /dev/null +++ b/.github/workflows/aur-bin.yml @@ -0,0 +1,93 @@ +name: PR for aur-bin repo + +on: + release: + types: [published] + workflow_dispatch: + inputs: + src-tag: + description: 'Source or Release tag' + required: false + +jobs: + get-version: + uses: ./.github/workflows/get-version.yml + with: + version: ${{ inputs.src-tag }} + + create-aur-bin-pr: + name: Create PR for aur-bin repo + if: (github.event_name == 'workflow_dispatch') || (github.event_name == 'release' && needs.get-version.outputs.versionType == 'stable') + runs-on: ubuntu-latest + needs: [get-version] + container: + image: archlinux:base-devel + env: + SEMVER_STR: ${{ needs.get-version.outputs.semVerStr }} + PKGDEST: ${{ github.workspace }}/pkgdest + SRCDEST: ${{ github.workspace }}/srcdest + steps: + - name: Prepare pacman + run: | + pacman-key --init + pacman-key --populate archlinux + pacman -Syu --noconfirm --needed git base-devel sudo gnupg maven unzip github-cli curl pacman-contrib + - name: Checkout cryptomator/aur-bin + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + repository: 'cryptomator/aur-bin' + token: ${{ secrets.CRYPTOBOT_PR_TOKEN }} + - name: Create build user + run: | + useradd -m builder + echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers.d/builder + chown -R builder:builder "$GITHUB_WORKSPACE" + install -d -m 0755 -o builder -g builder "$PKGDEST" "$SRCDEST" + - name: Import Cryptomator release signing key + # try first ubuntu. on failure try openpgp keyservers + run: > + sudo -u builder gpg --batch --keyserver hkps://keyserver.ubuntu.com --recv-keys 58117AFA1F85B3EEC154677D615D449FE6E6A235 + || sudo -u builder gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys 58117AFA1F85B3EEC154677D615D449FE6E6A235 + - name: Checkout release branch + run: | + git config --global safe.directory '*' + git checkout -b "release/${SEMVER_STR}" + - name: Update build file + run: | + sed -i -e "s|^pkgver=.*$|pkgver=${SEMVER_STR}|" PKGBUILD + sed -i -e 's|^pkgrel=.*$|pkgrel=1|' PKGBUILD + sudo -u builder updpkgsums + sudo -u builder makepkg --printsrcinfo > .SRCINFO + - name: Build package with makepkg + run: > + sudo -u builder + env PKGDEST="$PKGDEST" SRCDEST="$SRCDEST" + makepkg --syncdeps --cleanbuild --noconfirm --log + - name: Commit and push + run: | + git config user.name "cryptobot" + git config user.email "cryptobot@users.noreply.github.com" + git config push.autoSetupRemote true + git stage PKGBUILD .SRCINFO + git commit -m "Prepare release ${SEMVER_STR}" + git push + - name: Create pull request + id: create-pr + run: | + printf "Created by $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" > pr_body.md + PR_URL=$(gh pr create --title "Release ${SEMVER_STR}" --body-file pr_body.md) + echo "url=$PR_URL" >> "$GITHUB_OUTPUT" + env: + GH_TOKEN: ${{ secrets.CRYPTOBOT_PR_TOKEN }} + - name: Slack Notification + uses: rtCamp/action-slack-notify@e31e87e03dd19038e411e38ae27cbad084a90661 # v2.3.3 + env: + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_CRYPTOMATOR_DESKTOP }} + SLACK_USERNAME: 'Cryptobot' + SLACK_ICON: false + SLACK_ICON_EMOJI: ':bot:' + SLACK_CHANNEL: 'cryptomator-desktop' + SLACK_TITLE: "AUR-bin release PR for ${{ github.event.repository.name }} ${{ needs.get-version.outputs.semVerStr }} created." + SLACK_MESSAGE: "See <${{ steps.create-pr.outputs.url }}|PR> on how to proceed." + SLACK_FOOTER: false + MSG_MINIMAL: true \ No newline at end of file