From e5660f4b1f623e89d89db017c1d47f4d40e2208e Mon Sep 17 00:00:00 2001
From: Jonas Dellinger <jonas@dellinger.dev>
Date: Tue, 3 Nov 2020 19:07:02 +0100
Subject: [PATCH] [Enhancement] CI/CD: AUR Deploy Script (#391, thanks
 @JohnnyCrazy)

* Added script for automatic AUR release & added steps in .drone.yml

* Don't run AUR release before actual release

* Switch to GitHub Actions

* Try the 'container' setting and checkout repo first

* Readable deploy-aur.sh script, final draft

* Revert changes in .drone.yml

* GITHUB_REF needs to be stripped for the pre-release script

* Introduce COMMIT_REF on top of script, so it can be modified for both type of releases

* Adjust names to new k3d AUR account
---
 .github/workflows/aur-prerelease.yml | 24 +++++++++++++
 .github/workflows/aur-release.yml    | 23 ++++++++++++
 deploy-aur.sh                        | 54 ++++++++++++++++++++++++++++
 3 files changed, 101 insertions(+)
 create mode 100644 .github/workflows/aur-prerelease.yml
 create mode 100644 .github/workflows/aur-release.yml
 create mode 100755 deploy-aur.sh

diff --git a/.github/workflows/aur-prerelease.yml b/.github/workflows/aur-prerelease.yml
new file mode 100644
index 00000000..8e971754
--- /dev/null
+++ b/.github/workflows/aur-prerelease.yml
@@ -0,0 +1,24 @@
+name: AUR Prerelease
+
+on:
+  release:
+    types: [prereleased]
+
+jobs:
+  aur-pre-release:
+    runs-on: ubuntu-latest
+    container: archlinux:20200705
+    steps:
+      - name: Checkout Project
+        uses: actions/checkout@v1
+      - name: Publish Pre-Release to AUR
+        run: |
+          # AUR Packages are not allowed to use - in the package version. its used to combine pkgver and pkgrel
+          export COMMIT_REF=${GITHUB_REF/-/_}
+          ./deploy-aur.sh
+        env:
+          PACKAGE_NAME: rancher-k3d-beta-bin
+          COMMIT_USERNAME: Travis CI
+          COMMIT_EMAIL: iwilltry42+k3d@gmail.com
+          COMMIT_MESSAGE: "[CI] Updated to $NEW_RELEASE"
+          SSH_PRIVATE_KEY: ${{ secrets.AUR_PRIVATE_KEY }}
diff --git a/.github/workflows/aur-release.yml b/.github/workflows/aur-release.yml
new file mode 100644
index 00000000..1d85674d
--- /dev/null
+++ b/.github/workflows/aur-release.yml
@@ -0,0 +1,23 @@
+name: AUR Release
+
+on:
+  release:
+    types: [released]
+
+jobs:
+  aur-release:
+    runs-on: ubuntu-latest
+    container: archlinux:20200705
+    steps:
+      - name: Checkout Project
+        uses: actions/checkout@v1
+      - name: Publish Release to AUR
+        run: |
+          export COMMIT_REF=$GITHUB_REF
+          ./deploy-aur.sh
+        env:
+          PACKAGE_NAME: rancher-k3d-bin
+          COMMIT_USERNAME: Travis CI
+          COMMIT_EMAIL: iwilltry42+k3d@gmail.com
+          COMMIT_MESSAGE: "[CI] Updated to $NEW_RELEASE"
+          SSH_PRIVATE_KEY: ${{ secrets.AUR_PRIVATE_KEY }}
diff --git a/deploy-aur.sh b/deploy-aur.sh
new file mode 100755
index 00000000..91a7cd00
--- /dev/null
+++ b/deploy-aur.sh
@@ -0,0 +1,54 @@
+#!/bin/bash
+
+set -e
+
+# Setup base system
+pacman -Syu --noconfirm openssh git gettext binutils
+sed -i "s/INTEGRITY_CHECK=.*$/INTEGRITY_CHECK=(sha256)/" /etc/makepkg.conf
+useradd -ms /bin/bash aur
+su -m aur <<'EOSU'
+
+set -e
+
+# Configuration
+export HOME=/home/aur
+export REPO_URL="ssh://aur@aur.archlinux.org/$PACKAGE_NAME.git"
+export NEW_RELEASE="${COMMIT_REF##*/v}"
+export COMMIT_MESSAGE="$(echo $COMMIT_MESSAGE | envsubst)"
+echo "---------------- AUR Package version $PACKAGE_NAME/$NEW_RELEASE ----------------"
+
+# SSH & GIT Setup
+mkdir "$HOME/.ssh" && chmod 700 "$HOME/.ssh"
+ssh-keyscan -t ed25519 aur.archlinux.org >> "$HOME/.ssh/known_hosts"
+echo -e "$SSH_PRIVATE_KEY" | base64 -d > "$HOME/.ssh/id_rsa"
+chmod 600 "$HOME/.ssh/id_rsa"
+git config --global user.name "$COMMIT_USERNAME"
+git config --global user.email "$COMMIT_EMAIL"
+
+# Clone AUR Package
+cd /tmp
+echo "$REPO_URL"
+git clone "$REPO_URL"
+cd "$PACKAGE_NAME"
+
+# Generate a dummy PKGBUILD so we can grab the latest releases SHA256SUMS
+cat PKGBUILD.template | envsubst '$NEW_RELEASE' > PKGBUILD
+
+export SHA256_SUMS_x86_64="$(CARCH=x86_64 makepkg -g 2> /dev/null)"
+echo "SHA256_SUMS_x86_64: $SHA256_SUMS_x86_64"
+
+export SHA256_SUMS_aarch64="$(CARCH=aarch64 makepkg -g 2> /dev/null)"
+echo "SHA256_SUMS_aarch64: $SHA256_SUMS_aarch64"
+
+export SHA256_SUMS_arm="$(CARCH=arm makepkg -g 2> /dev/null)"
+echo "SHA256_SUMS_arm: $SHA256_SUMS_arm"
+
+cat PKGBUILD.template | envsubst '$NEW_RELEASE$SHA256_SUMS_x86_64$SHA256_SUMS_aarch64$SHA256_SUMS_arm' > PKGBUILD
+makepkg --printsrcinfo > .SRCINFO
+
+echo "------------- BUILD DONE ----------------"
+git add PKGBUILD .SRCINFO
+git commit -m "$COMMIT_MESSAGE"
+git push
+echo "------------- PUBLISH DONE ----------------"
+EOSU