Stuple-Networks/hyprarch-repo
1
0
Fork 0
Code Pull Requests Actions Activity

Update .github/workflows/update-repo.yml

Browse Source
This commit is contained in:
Mitsuba100
2026-04-13 16:11:04 +02:00
parent 9438aa9366
commit 490d6927ca
1 changed files with 38 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

152
.github/workflows/update-repo.yml vendored
View File

@@ -16,145 +16,63 @@ jobs:
with:
fetch-depth: 0
- name: Setup tools
run: sudo apt-get update && sudo apt-get install -y libarchive-tools gpg
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y gnupg libarchive-tools
- name: Import GPG Key
run: |
if [ -z "${{ secrets.GPG_PRIVATE_KEY }}" ]; then
echo "ERROR: GPG_PRIVATE_KEY secret is empty!"
exit 1
fi
echo "${{ secrets.GPG_PRIVATE_KEY }}" > private_key.gpg
gpg --batch --import private_key.gpg
rm private_key.gpg
echo "${{ secrets.GPG_PRIVATE_KEY }}" > private.key
gpg --batch --import private.key
rm private.key
- name: Update Repository Database
- name: Sign Packages
run: |
cd x86_64
rm -f hyprarch-repo.db* hyprarch-repo.files*
mkdir -p db_temp
export GPG_TTY=$(tty)
# Export public key to the folder so it is accessible via URL
gpg --export --armor 236328A7F2C2001E > pubkey.gpg
for pkg in *.pkg.tar.zst; do
# 1. Sign the package file
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor "$pkg"
echo "Signing $pkg"
# 2. Extract Metadata
pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3)
pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3)
pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g")
mkdir -p "db_temp/$pkgname-$pkgver"
{
echo "%NAME%"
echo "$pkgname"
echo ""
echo "%VERSION%"
echo "$pkgver"
echo ""
echo "%DESC%"
echo "$pkgdesc"
echo ""
echo "%FILENAME%"
echo "$pkg"
echo ""
echo "%CSIZE%"
echo "$(stat -c%s "$pkg")"
echo ""
echo "%ISIZE%"
echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)"
echo ""
echo "%PGPSIG%"
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --stdout --no-armor "$pkg" | base64 | tr -d '\n'
echo ""
} > "db_temp/$pkgname-$pkgver/desc"
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes \
--pinentry-mode loopback \
--local-user 236328A7F2C2001E \
--passphrase-fd 0 \
--detach-sign "$pkg"
done
# 3. Pack and Sign DB
cd db_temp
tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz
cd ..
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor hyprarch-repo.db.tar.gz
# 4. Finalize
cp hyprarch-repo.db.tar.gz hyprarch-repo.db
cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig
cp hyprarch-repo.db.tar.gz hyprarch-repo.files
cp hyprarch-repo.db.tar.gz hyprarch-repo.files.tar.gz
rm -rf db_temp
- name: Generate Subfolder Index
- name: Build Repo Database (correct Arch way)
run: |
cd x86_64
echo "<html><head><title>Index of /x86_64/</title></head><body style='font-family: monospace;'>" > index.html
echo "<h1>Index of /x86_64/</h1><hr><pre>" >> index.html
echo "<a href='../'>../</a>" >> index.html
for file in *; do
if [[ "$file" != "index.html" ]]; then
size=$(du -sh "$file" | cut -f1)
date=$(date -r "$file" '+%d-%b-%Y %H:%M')
printf "<a href='%s'>%s</a>%-$(($(printf '%s' "$file" | wc -c) > 50 ? 1 : 50 - $(printf '%s' "$file" | wc -c)))s %s %8s\n" "$file" "$file" "" "$date" "$size" >> index.html
fi
done
echo "</pre><hr></body></html>" >> index.html
- name: Generate Root Landing Page
rm -f hyprarch-repo.db* hyprarch-repo.files*
repo-add --sign hyprarch-repo.db.tar.gz *.pkg.tar.zst
- name: Export Public Key
run: |
echo '<!DOCTYPE html>
<html>
<head>
<title>HyprArch Repository</title>
<style>
body { font-family: sans-serif; margin: 40px; line-height: 1.6; background: #2e3440; color: #eceff4; }
a { color: #88c0d0; text-decoration: none; }
a:hover { text-decoration: underline; }
.container { max-width: 900px; margin: auto; background: #3b4252; padding: 20px; border-radius: 8px; }
h1 { border-bottom: 2px solid #4c566a; padding-bottom: 10px; color: #81a1c1; }
h2 { color: #a3be8c; margin-top: 30px; }
pre { background: #2e3440; padding: 15px; border-radius: 5px; color: #ebcb8b; overflow-x: auto; border: 1px solid #4c566a; }
code { color: #d08770; }
.step { background: #434c5e; padding: 10px 15px; border-left: 4px solid #81a1c1; margin: 10px 0; }
</style>
</head>
<body>
<div class="container">
<h1>HyprArch Custom Repository</h1>
gpg --export --armor 236328A7F2C2001E > x86_64/pubkey.gpg
<h2>1. Add the GPG Key</h2>
<p>Run this command to trust the repository maintainer (Mitsuba100):</p>
<pre>curl -s https://hyprarch-repo.stuple.net/x86_64/pubkey.gpg | sudo pacman-key -a - && sudo pacman-key --lsign-key 236328A7F2C2001E</pre>
- name: Generate Simple Index Page
run: |
cd x86_64
<h2>2. Configure Pacman</h2>
<p>Add the following to the bottom of <code>/etc/pacman.conf</code>:</p>
<pre>[hyprarch-repo]
SigLevel = Required DatabaseOptional
Server = https://hyprarch-repo.stuple.net/$arch</pre>
<h2>3. Sync</h2>
<div class="step">
<code>sudo pacman -Sy</code>
</div>
<hr style="margin-top:40px; border: 0; border-top: 1px solid #4c566a;">
<p><a href="./x86_64/">📁 Browse File Index</a></p>
<p><small>Automated by GitHub Actions • Last updated: '$(date)'</small></p>
</div>
</body>
</html>' > index.html
echo "<html><body><h1>Repository Index</h1><ul>" > index.html
for file in *; do
echo "<li><a href='$file'>$file</a></li>" >> index.html
done
echo "</ul></body></html>" >> index.html
- name: Commit and Push
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git config --global user.name "repo-bot"
git config --global user.email "repo-bot@users.noreply.github.com"
git add .
if ! git diff-index --quiet HEAD; then
git commit -m "Add GPG trust command to landing page"
git commit -m "Update repository database"
git push
else
echo "Nothing to change."
echo "No changes"
fi