dearsky/numa
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 25 Wiki Activity

[Feature] Add GitHub Action Workflow for Arch Linux AUR Package publishing #33

Merged
CaseyLabs merged 11 commits from feat/add-arch-linux-support into main 2026-04-09 22:22:39 +08:00
Conversation 7 Commits 11 Files Changed 5 +11 -9
2 changed files with 11 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit c0f1f86f01 - Show all commits

4
.github/workflows/publish-aur-test.yml vendored
View File

@@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Build and Test Package - name: Build and Test Package
timeout-minutes: 60 timeout-minutes: 60
@@ -41,7 +41,7 @@ jobs:
needs: validate needs: validate
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Generate .SRCINFO Without Pushing - name: Generate .SRCINFO Without Pushing
timeout-minutes: 30 timeout-minutes: 30

16
.github/workflows/publish-aur.yml vendored
View File

@@ -4,13 +4,15 @@
# Arch User Repository (AUR). The AUR is a community-driven repository for Arch Linux users. # Arch User Repository (AUR). The AUR is a community-driven repository for Arch Linux users.
# #
# Workflow Overview: # Workflow Overview:
# 1. Validate: Builds and tests the package on both x86_64 and aarch64 (ARM64) # 1. Validate: Builds and tests the package for Arch Linux x86_64 using a clean
# architectures using clean Arch Linux containers. # Arch Linux container.
# 2. Audit: Checks Rust dependencies for known security vulnerabilities using 'cargo-audit'. # 2. Audit: Checks Rust dependencies for known security vulnerabilities using
# 3. Publish: If on the 'main' branch, it pushes the updated PKGBUILD and .SRCINFO to the AUR. # 'cargo-audit'.
# 3. Publish: If on the 'main' branch, it pushes the updated PKGBUILD and
# .SRCINFO to the AUR.
# #
# Security Best Practices: # Security Best Practices:
# - SHA Pinning: All GitHub Actions are pinned to a full-length commit SHA (e.g., v4.1.7 @ SHA) # - SHA Pinning: All GitHub Actions are pinned to a full-length commit SHA (e.g., v6.0.2 @ SHA)
# to ensure the code is immutable and protects against supply-chain attacks where a tag # to ensure the code is immutable and protects against supply-chain attacks where a tag
# might be maliciously moved to a compromised commit. # might be maliciously moved to a compromised commit.
# - SSH Hygiene: Uses ssh-agent to keep the private key in memory rather than on disk. # - SSH Hygiene: Uses ssh-agent to keep the private key in memory rather than on disk.
@@ -38,7 +40,7 @@ jobs:
arch: [x86_64] arch: [x86_64]
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Build and Test Package - name: Build and Test Package
timeout-minutes: 60 timeout-minutes: 60
@@ -90,7 +92,7 @@ jobs:
if: github.event_name == 'push' && github.ref == 'refs/heads/main' if: github.event_name == 'push' && github.ref == 'refs/heads/main'
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
# Securely configure SSH for AUR access. # Securely configure SSH for AUR access.
- name: Configure SSH - name: Configure SSH