Mitsuba100/hyprarch-repo
Archived
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

>:| still not working

Browse Source
This commit is contained in:
Mitsuba100
2026-03-23 16:02:57 +01:00
parent a7b6795a46
commit c30c74d9af
1 changed files with 20 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
.github/workflows/update-repo.yml vendored
View File

@@ -21,30 +21,36 @@ jobs:
- name: Import GPG Key
run: |
# Ensure you have added GPG_PRIVATE_KEY to your GitHub Secrets!
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --import --batch
if [ -z "${{ secrets.GPG_PRIVATE_KEY }}" ]; then
echo "ERROR: GPG_PRIVATE_KEY secret is empty!"
exit 1
fi
# Import and set trust to avoid prompt errors
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --import --batch --yes
echo "236328A7F2C2001E:6:" | gpg --import-ownertrust --batch
- name: Update Repository Database
run: |
cd x86_64
# Remove all old DB and sig files to ensure a 100% clean rebuild
rm -f hyprarch-repo.db* hyprarch-repo.files*
mkdir -p db_temp
for pkg in *.pkg.tar.zst; do
# 1. Sign the package file
gpg --detach-sign --batch --no-armor --local-user 236328A7F2C2001E "$pkg"
# GPG Arguments to prevent 'Inappropriate ioctl'
# We force loopback pinentry so it doesn't look for a real keyboard/screen
GPG_OPTS="--batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E"
# 2. Extract specific metadata (Strict Cleaning)
# This logic avoids grabbing comments like "# Generated by..."
for pkg in *.pkg.tar.zst; do
# 1. Sign the package
gpg $GPG_OPTS --detach-sign --no-armor "$pkg"
# 2. Extract Metadata
pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3)
pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3)
pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g")
mkdir -p "db_temp/$pkgname-$pkgver"
# Manually construct a clean 'desc' file for Pacman
{
echo "%NAME%"
echo "$pkgname"
@@ -65,20 +71,18 @@ jobs:
echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)"
echo ""
echo "%PGPSIG%"
gpg --detach-sign --stdout --no-armor --local-user 236328A7F2C2001E "$pkg" | base64 | tr -d '\n'
gpg $GPG_OPTS --detach-sign --stdout --no-armor "$pkg" | base64 | tr -d '\n'
echo ""
} > "db_temp/$pkgname-$pkgver/desc"
done
# 3. Pack the database metadata
# 3. Pack and Sign DB
cd db_temp
tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz
cd ..
gpg $GPG_OPTS --detach-sign --no-armor hyprarch-repo.db.tar.gz
# 4. Sign the database itself
gpg --detach-sign --batch --no-armor --local-user 236328A7F2C2001E hyprarch-repo.db.tar.gz
# 5. Finalize files (Ensure both .db and .files are clean)
# 4. Finalize
cp hyprarch-repo.db.tar.gz hyprarch-repo.db
cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig
cp hyprarch-repo.db.tar.gz hyprarch-repo.files
@@ -133,13 +137,13 @@ jobs:
</body>
</html>' > index.html
- name: Commit and Push changes
- name: Commit and Push
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git add .
if ! git diff-index --quiet HEAD; then
git commit -m "Final Infrastructure Fix: Clean DB/Files and GPG Signing"
git commit -m "Fix GPG ioctl error and rebuild signed DB"
git push
else
echo "Nothing to change."