1
0
Fork 0
mirror of https://github.com/Luzifer/archrepo.git synced 2024-11-09 01:50:01 +00:00

Initial version

This commit is contained in:
Knut Ahlers 2019-09-30 01:20:25 +02:00
commit ef12f2f7a1
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
9 changed files with 272 additions and 0 deletions

6
.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
*.db
*.db.sig
*.files
*.files.sig
*.tar.xz
*.tar.xz.sig

62
Makefile Normal file
View file

@ -0,0 +1,62 @@
export DATABASE:=$(shell find . -maxdepth 1 -mindepth 1 -name '*.db.tar.xz')
export REPOKEY:=D0391BF9
maintanance: aur_update
#maintanance: repo_update
maintanance: cleanup_repo
maintanance: cleanup_orphan_signatures
maintanance: sign_database
maintanance: upload
download:
vault2env --key=secret/aws/private -- aws s3 sync \
--delete \
--exclude '*.old*' \
--exclude '.git/*' \
--acl=public-read \
s3://arch-luzifer-io/repo/x86_64/ $(CURDIR)/
upload: cleanup_files
vault2env --key=secret/aws/private -- aws s3 sync \
--delete \
--exclude '*.old*' \
--exclude '.git/*' \
--acl=public-read \
$(CURDIR)/ s3://arch-luzifer-io/repo/x86_64/
# Maintenance targets
aur_update: check_tools check_database
bash -euo pipefail -c 'for pkg in $$(script_level=1 ./scripts/check_aur_updates.sh); do script_level=1 ./scripts/update-aur.sh $${pkg}; done'
check_database:
test -n '$(DATABASE)'
check_tools:
@which aws
@which curl
@which docker
@which jq
@which repo-add
@which repoctl
@which vault
@which vault2env
cleanup_files:
rm -f *.old* scripts/repoctl.toml
cleanup_orphan_signatures: check_database
bash -euo pipefail -c 'for i in *.sig; do [[ -f $${i//.sig} ]] || rm $${i}; done'
cleanup_repo: check_tools check_database scripts/repoctl.toml
repoctl update
repo_update: check_tools check_database
bash -euo pipefail -c 'for repo in $$(grep -v "^#" repo-urls); do script_level=1 ./scripts/update-repo.sh $${repo}; done'
scripts/repoctl.toml:
./scripts/repoctl.sh
sign_database:
repo-add -s --key $(REPOKEY) $(DATABASE)

18
luzifer.asc Normal file
View file

@ -0,0 +1,18 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFvwZQ0BCADb4fU1yk9YwMVBVaybxtiFLQSoRxHU8SqJtM8INY+fo/RPTqFM
gQ34m4cu3BHRzmg2KkDZ4IH3UyO3pe1WaYnK2DnYJryxvLwTETmf5wtiuDdJhoH6
6PUr5G7hhtzyvjNgaQ4b0eQQlmF0ArdBgBfeHcOLFPvzCTxZQpq/qr6RK2pfhQNM
8MHRfZ+tXIc/SP/FzmQhlxXwOJ0VJNYdl4R6rczx1b/cvjTWldy/fdJa4dn/DqiI
h/5x8kJid0FcR0hRipxVbUYWm0dHY1T4m/tDkDuhEBqBp4By7qfaNgIyU9nJSfJY
9ehIiNYG89lTlSOP4OqEvpDGZPl9PzHFHlBlABEBAAG0LUtudXQgQWhsZXJzIChQ
YWNrYWdlIFNpZ25pbmcpIDxwa2dAYWhsZXJzLm1lPokBTgQTAQgAOBYhBG9zpPOc
32UuP5RBQghaoiPQORv5BQJb8GUNAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
AAoJEAhaoiPQORv5QpUH/iaSo1T6uArs1j4Sf1OTAxKd46Yfyf3h72gWqJGU+EqZ
YdRwDrmVMN7UgPJ832RuWudUDYa5egXsHulBYyNaV+4bbLM3/8lsuXvJpaBUkhad
mPTbcy1pKlIx9fSaUrkitxTu8BAHuNpF4RwH9Wtj2Etx1bnjj8nZmPp4ebEfUnMd
yrqBTxD+AUIKB1Ix15TJzjG4uhf2lU60t6XQjK9XvRqYWdySfXje91DOT7D7+iJf
MOawzYnKuGLQiecE3BJvgsgE4fPckt5bMItfAOyacQDMW3r0dnxpG/pYl97Nve8M
1mn4n2lLtWidC6UmvYc+kNwMKY9q0iR+uArX0tXeWVA=
=Tc6u
-----END PGP PUBLIC KEY BLOCK-----

5
repo-urls Normal file
View file

@ -0,0 +1,5 @@
# vim-go-tools
https://github.com/luzifer-aur/vim-go-tools.git
# Arch base setup
https://github.com/luzifer-aur/luzifer.git

66
scripts/check_aur_updates.sh Executable file
View file

@ -0,0 +1,66 @@
#!/bin/bash
set -euo pipefail
source scripts/script_framework.sh
join_by() {
local d=$1
shift
echo -n "$1"
shift
printf "%s" "${@/#/$d}"
}
declare -A local_versions
declare -A aur_versions
database=$(find . -maxdepth 1 -mindepth 1 -name '*.db.tar.xz')
aur_query=("https://aur.archlinux.org/rpc/?v=5&type=info")
step "Collecting local package versions..."
known_packages=$(tar -tf luzifer.db.tar.xz | grep -v /desc | sed -E 's@^(.*)-([^-]+-[0-9]+)/$@\1 \2@')
IFS=$'\n'
for package in ${known_packages}; do
name=$(echo "${package}" | cut -d ' ' -f 1)
version=$(echo "${package}" | cut -d ' ' -f 2)
local_versions[${name}]=${version}
aur_query+=("arg[]=${name}")
done
step "Fetching AUR package versions..."
aur_packages=$(curl -sSfL "$(join_by "&" "${aur_query[@]}")" | jq -r '.results | .[] | .Name + " " + .Version')
step "Collecting AUR package versions..."
for package in ${aur_packages}; do
name=$(echo "${package}" | cut -d ' ' -f 1)
version=$(echo "${package}" | cut -d ' ' -f 2)
aur_versions[${name}]=${version}
done
updates=()
step "Checking for updates..."
for package in "${!local_versions[@]}"; do
local_version="${local_versions[${package}]}"
aur_version="${aur_versions[${package}]:-}"
[[ -n ${aur_version} ]] || {
error "Package ${package} did not yield a version from AUR (local=${local_version})"
continue
}
[[ ${local_version} == ${aur_version} ]] || {
warn "Package ${package} needs update (${local_version} => ${aur_version})"
updates+=("${package}")
continue
}
success "Package ${package} is up-to-date (${local_version})"
done
echo "${updates[@]}"

11
scripts/repoctl.sh Executable file
View file

@ -0,0 +1,11 @@
#!/bin/bash
set -euo pipefail
cat -s <<EOF >scripts/repoctl.toml
repo = "$(find $(pwd) -mindepth 1 -maxdepth 1 -name '*.db.tar.xz')"
backup = false
interactive = false
columnate = false
color = "auto"
quiet = false
EOF

View file

@ -0,0 +1,38 @@
COLOR_RED="\033[0;31m"
COLOR_GREEN="\033[0;32m"
COLOR_CYAN="\033[0;36m"
COLOR_YELLOW="\033[0;33m"
COLOR_PLAIN="\033[0m"
function check_util() {
which ${1} >/dev/null 2>&1 || fail "Missing ${1} util"
}
function error() {
echo -e "${COLOR_RED}$@${COLOR_PLAIN}" >&2
}
function fail() {
error "$@"
exit 1
}
function fatal() {
fail "$@"
}
function info() {
echo -e "${COLOR_CYAN}$@${COLOR_PLAIN}" >&2
}
function step() {
info "[$(date +%H:%M:%S)] $(printf "%${script_level:-0}s" '' | tr ' ' '+')$@"
}
function success() {
echo -e "${COLOR_GREEN}$@${COLOR_PLAIN}" >&2
}
function warn() {
echo -e "${COLOR_YELLOW}$@${COLOR_PLAIN}" >&2
}

33
scripts/update-aur.sh Executable file
View file

@ -0,0 +1,33 @@
#!/bin/bash
set -euo pipefail
source ./scripts/script_framework.sh
REPO_DIR=${REPO_DIR:-$(pwd)}
PACKAGE=${1:-}
[ -z "${PACKAGE}" ] && fail "No package given as CLI argument"
# Create working dir
TMPDIR="/tmp/aur2repo_${PACKAGE}"
mkdir -p "${TMPDIR}/cfg"
# Ensure cleanup on script exit
function cleanup() {
rm -rf "${TMPDIR}"
}
trap cleanup EXIT
step "Fetching signing key"
vault read --field=key secret/jenkins/arch-signing >"${TMPDIR}/cfg/signing.asc"
step "Re-fetching Docker image"
docker pull luzifer/arch-repo-builder
step "Building AUR package ${PACKAGE}"
docker run --rm -ti \
-v "${TMPDIR}/src:/src" \
-v "${TMPDIR}/cfg:/config" \
-v "${REPO_DIR}:/repo" \
luzifer/arch-repo-builder \
"https://aur.archlinux.org/${PACKAGE}.git"

33
scripts/update-repo.sh Executable file
View file

@ -0,0 +1,33 @@
#!/bin/bash
set -euo pipefail
source ./scripts/script_framework.sh
REPO_DIR=${REPO_DIR:-$(pwd)}
REPO=${1:-}
[ -z "${REPO}" ] && fail "No repo given as CLI argument"
# Create working dir
TMPDIR="/tmp/aur2repo_$(basename ${REPO})"
mkdir -p "${TMPDIR}/cfg"
# Ensure cleanup on script exit
function cleanup() {
rm -rf "${TMPDIR}"
}
trap cleanup EXIT
step "Fetching signing key"
vault read --field=key secret/jenkins/arch-signing >"${TMPDIR}/cfg/signing.asc"
step "Re-fetching Docker image"
docker pull luzifer/arch-repo-builder
step "Building package $(basename ${REPO})"
docker run --rm -ti \
-v "${TMPDIR}/src:/src" \
-v "${TMPDIR}/cfg:/config" \
-v "${REPO_DIR}:/repo" \
luzifer/arch-repo-builder \
"${REPO}"