From dad82301db5b2fddb4fde9a46d30330092dfe75d Mon Sep 17 00:00:00 2001 From: Mitsuba100 Date: Tue, 14 Apr 2026 21:37:24 +0200 Subject: [PATCH] Update .github/workflows/update-repo.yml --- .github/workflows/update-repo.yml | 50 +++++++------------------------ 1 file changed, 11 insertions(+), 39 deletions(-) diff --git a/.github/workflows/update-repo.yml b/.github/workflows/update-repo.yml index b884721..9f9b76e 100644 --- a/.github/workflows/update-repo.yml +++ b/.github/workflows/update-repo.yml @@ -1,4 +1,4 @@ -name: Update Arch Repository (Host stui) +name: Update Arch Repository on: push: @@ -8,7 +8,7 @@ on: jobs: build-and-deploy: - runs-on: local # Ensure your runner has the 'local:host' label + runs-on: local steps: - name: Checkout code @@ -23,49 +23,22 @@ jobs: - name: Build and Sign Repository run: | cd x86_64 - # Remove old database files + # Clean old metadata rm -f hyprarch-repo.db* hyprarch-repo.files* - mkdir -p db_temp - # Export public key for landing page + # 1. Export public key for landing page gpg --export --armor 236328A7F2C2001E > pubkey.gpg + # 2. Generate Binary Signatures for pkg in *.pkg.tar.zst; do - # 1. Create BINARY detached signature - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --output "$pkg.sig" "$pkg" - - # 2. Extract Metadata safely - pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3 | tr -d '\r') - pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3 | tr -d '\r') - pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g" | tr -d '\r') - pkgsize=$(stat -c%s "$pkg") - instsize=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3 | tr -d '\r') - - mkdir -p "db_temp/$pkgname-$pkgver" - { - echo "%NAME%"; echo "$pkgname"; echo "" - echo "%VERSION%"; echo "$pkgver"; echo "" - echo "%DESC%"; echo "$pkgdesc"; echo "" - echo "%FILENAME%"; echo "$pkg"; echo "" - echo "%CSIZE%"; echo "$pkgsize"; echo "" - echo "%ISIZE%"; echo "$instsize"; echo "" - echo "%PGPSIG%" - base64 -w 0 "$pkg.sig" - echo "" - echo "" - } > "db_temp/$pkgname-$pkgver/desc" + echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign "$pkg" done - # 3. Pack the Database - cd db_temp - tar --owner=0 --group=0 -c * | gzip -n -9 > ../hyprarch-repo.db.tar.gz - cd .. + # 3. Build DB using Python helper + python3 ~/build_db.py - # 4. Sign and Finalize Database - cp hyprarch-repo.db.tar.gz hyprarch-repo.db - cp hyprarch-repo.db.tar.gz hyprarch-repo.files - echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --output hyprarch-repo.db.sig hyprarch-repo.db - rm -rf db_temp + # 4. Sign the database file + echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign hyprarch-repo.db - name: Generate Subfolder Index run: | @@ -117,7 +90,7 @@ jobs:

3. Sync

- sudo pacman -Sy + sudo pacman -Syy
@@ -130,6 +103,5 @@ jobs: - name: Deploy to Local Web Folder run: | - # Use your correct repo path and ensure stui has write access to it mkdir -p /var/www/hyprarch-repo/x86_64 cp -rf . /var/www/hyprarch-repo/ \ No newline at end of file