Mitsuba100/hyprarch-repo
Archived
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

>:| still not working

Browse Source
This commit is contained in:
Mitsuba100
2026-03-23 16:02:57 +01:00
parent a7b6795a46
commit c30c74d9af
1 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
.github/workflows/update-repo.yml vendored
View File

@@ -21,30 +21,36 @@ jobs:
- name: Import GPG Key - name: Import GPG Key
run: | run: |
# Ensure you have added GPG_PRIVATE_KEY to your GitHub Secrets! if [ -z "${{ secrets.GPG_PRIVATE_KEY }}" ]; then
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --import --batch echo "ERROR: GPG_PRIVATE_KEY secret is empty!"
exit 1
fi
# Import and set trust to avoid prompt errors
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --import --batch --yes
echo "236328A7F2C2001E:6:" | gpg --import-ownertrust --batch
- name: Update Repository Database - name: Update Repository Database
run: | run: |
cd x86_64 cd x86_64
# Remove all old DB and sig files to ensure a 100% clean rebuild
rm -f hyprarch-repo.db* hyprarch-repo.files* rm -f hyprarch-repo.db* hyprarch-repo.files*
mkdir -p db_temp mkdir -p db_temp
# GPG Arguments to prevent 'Inappropriate ioctl'
# We force loopback pinentry so it doesn't look for a real keyboard/screen
GPG_OPTS="--batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E"
for pkg in *.pkg.tar.zst; do for pkg in *.pkg.tar.zst; do
# 1. Sign the package file # 1. Sign the package
gpg --detach-sign --batch --no-armor --local-user 236328A7F2C2001E "$pkg" gpg $GPG_OPTS --detach-sign --no-armor "$pkg"
# 2. Extract specific metadata (Strict Cleaning) # 2. Extract Metadata
# This logic avoids grabbing comments like "# Generated by..."
pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3) pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3)
pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3) pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3)
pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g") pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g")
mkdir -p "db_temp/$pkgname-$pkgver" mkdir -p "db_temp/$pkgname-$pkgver"
# Manually construct a clean 'desc' file for Pacman
{ {
echo "%NAME%" echo "%NAME%"
echo "$pkgname" echo "$pkgname"
@@ -65,20 +71,18 @@ jobs:
echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)" echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)"
echo "" echo ""
echo "%PGPSIG%" echo "%PGPSIG%"
gpg --detach-sign --stdout --no-armor --local-user 236328A7F2C2001E "$pkg" | base64 | tr -d '\n' gpg $GPG_OPTS --detach-sign --stdout --no-armor "$pkg" | base64 | tr -d '\n'
echo "" echo ""
} > "db_temp/$pkgname-$pkgver/desc" } > "db_temp/$pkgname-$pkgver/desc"
done done
# 3. Pack the database metadata # 3. Pack and Sign DB
cd db_temp cd db_temp
tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz
cd .. cd ..
gpg $GPG_OPTS --detach-sign --no-armor hyprarch-repo.db.tar.gz
# 4. Sign the database itself # 4. Finalize
gpg --detach-sign --batch --no-armor --local-user 236328A7F2C2001E hyprarch-repo.db.tar.gz
# 5. Finalize files (Ensure both .db and .files are clean)
cp hyprarch-repo.db.tar.gz hyprarch-repo.db cp hyprarch-repo.db.tar.gz hyprarch-repo.db
cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig
cp hyprarch-repo.db.tar.gz hyprarch-repo.files cp hyprarch-repo.db.tar.gz hyprarch-repo.files
@@ -133,13 +137,13 @@ jobs:
</body> </body>
</html>' > index.html </html>' > index.html
- name: Commit and Push changes - name: Commit and Push
run: | run: |
git config --global user.name "github-actions[bot]" git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com" git config --global user.email "github-actions[bot]@users.noreply.github.com"
git add . git add .
if ! git diff-index --quiet HEAD; then if ! git diff-index --quiet HEAD; then
git commit -m "Final Infrastructure Fix: Clean DB/Files and GPG Signing" git commit -m "Fix GPG ioctl error and rebuild signed DB"
git push git push
else else
echo "Nothing to change." echo "Nothing to change."