mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-14 10:34:06 +02:00
503a81be50
Bumps [KSXGitHub/github-actions-deploy-aur](https://github.com/ksxgithub/github-actions-deploy-aur) from 4.1.2 to 4.1.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ksxgithub/github-actions-deploy-aur/releases">KSXGitHub/github-actions-deploy-aur's releases</a>.</em></p> <blockquote> <h2>v4.1.3</h2> <p>There is a bug in <code>runuser</code> that converts all <code>-c</code> (even after <code>--</code>) into <code>--command</code> which <code>bash</code> doesn't recognize. This release removes the <code>-c</code> flag entirely, bash would execute <code>/build.sh</code> as if it's a file. Hopefully, the behavior preserves. If not, maybe just switch to <code>su</code> or <code>sudo</code>.</p> <p>Relevant PR: <a href="https://redirect.github.com/KSXGitHub/github-actions-deploy-aur/pull/51">KSXGitHub/github-actions-deploy-aur#51</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/KSXGitHub/github-actions-deploy-aur/commit/da03e160361ce01bf087e790b6ffd196d7dccff7"><code>da03e16</code></a> fix: <code>bash: --command: invalid option</code> (<a href="https://redirect.github.com/ksxgithub/github-actions-deploy-aur/issues/51">#51</a>)</li> <li><a href="https://github.com/KSXGitHub/github-actions-deploy-aur/commit/3b403c740ae5e446b747b45451ec68665428dab1"><code>3b403c7</code></a> docs(readme): use the GitHub's note syntax</li> <li><a href="https://github.com/KSXGitHub/github-actions-deploy-aur/commit/e17cd797381bddd766236d808302398b090398d2"><code>e17cd79</code></a> docs(readme): remove patreon</li> <li>See full diff in <a href="https://github.com/ksxgithub/github-actions-deploy-aur/compare/v4.1.2...v4.1.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
129 lines
4.8 KiB
YAML
129 lines
4.8 KiB
YAML
name: Publish to AUR
|
|
|
|
on:
|
|
release:
|
|
types: [released]
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: "Version to publish (e.g. 2.9.2 — no v prefix)"
|
|
required: true
|
|
type: string
|
|
dry_run:
|
|
description: "Skip the AUR push (safe test)"
|
|
type: boolean
|
|
default: true
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
get-release-info:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
version: ${{ steps.info.outputs.version }}
|
|
deb_sha256: ${{ steps.hashes.outputs.deb_sha256 }}
|
|
jar_sha256: ${{ steps.hashes.outputs.jar_sha256 }}
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Extract version from tag or manual input
|
|
id: info
|
|
env:
|
|
DISPATCH_VERSION: ${{ inputs.version }}
|
|
RELEASE_TAG: ${{ github.event.release.tag_name }}
|
|
run: |
|
|
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
|
|
VERSION="$DISPATCH_VERSION"
|
|
else
|
|
VERSION="$RELEASE_TAG"
|
|
fi
|
|
VERSION="${VERSION#v}"
|
|
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Download release assets and compute SHA256
|
|
id: hashes
|
|
env:
|
|
VERSION: ${{ steps.info.outputs.version }}
|
|
run: |
|
|
BASE="https://github.com/Stirling-Tools/Stirling-PDF/releases/download/v${VERSION}"
|
|
|
|
download_sha256() {
|
|
local url="$1"
|
|
local file
|
|
file=$(basename "$url")
|
|
curl -fsSL --retry 3 -o "$file" "$url"
|
|
sha256sum "$file" | awk '{print $1}'
|
|
}
|
|
|
|
DEB_SHA=$(download_sha256 "${BASE}/Stirling-PDF-linux-x86_64.deb")
|
|
JAR_SHA=$(download_sha256 "${BASE}/Stirling-PDF-with-login.jar")
|
|
|
|
echo "deb_sha256=$DEB_SHA" >> "$GITHUB_OUTPUT"
|
|
echo "jar_sha256=$JAR_SHA" >> "$GITHUB_OUTPUT"
|
|
|
|
publish-aur:
|
|
needs: get-release-info
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Checkout repository (for PKGBUILD templates)
|
|
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
|
|
|
|
- name: Update stirling-pdf-desktop PKGBUILD
|
|
env:
|
|
VERSION: ${{ needs.get-release-info.outputs.version }}
|
|
DEB_SHA: ${{ needs.get-release-info.outputs.deb_sha256 }}
|
|
run: |
|
|
PKGBUILD=".github/aur/stirling-pdf-desktop/PKGBUILD"
|
|
sed -i "s/^pkgver=.*/pkgver=${VERSION}/" "$PKGBUILD"
|
|
sed -i "s/^pkgrel=.*/pkgrel=1/" "$PKGBUILD"
|
|
sed -i "s/'PLACEHOLDER_DEB_SHA256'/'${DEB_SHA}'/" "$PKGBUILD"
|
|
|
|
# Disabled until we sort out the server packaging story.
|
|
# The third-party stirling-pdf-bin on AUR currently covers a similar use case.
|
|
# - name: Update stirling-pdf-server-bin PKGBUILD
|
|
# env:
|
|
# VERSION: ${{ needs.get-release-info.outputs.version }}
|
|
# JAR_SHA: ${{ needs.get-release-info.outputs.jar_sha256 }}
|
|
# run: |
|
|
# PKGBUILD=".github/aur/stirling-pdf-server-bin/PKGBUILD"
|
|
# sed -i "s/^pkgver=.*/pkgver=${VERSION}/" "$PKGBUILD"
|
|
# sed -i "s/^pkgrel=.*/pkgrel=1/" "$PKGBUILD"
|
|
# sed -i "s/'PLACEHOLDER_JAR_SHA256'/'${JAR_SHA}'/" "$PKGBUILD"
|
|
|
|
- name: Show updated PKGBUILD (for dry-run visibility)
|
|
run: |
|
|
echo "--- stirling-pdf-desktop PKGBUILD ---"
|
|
cat .github/aur/stirling-pdf-desktop/PKGBUILD
|
|
|
|
- name: Publish stirling-pdf-desktop to AUR
|
|
if: ${{ github.event_name == 'release' || inputs.dry_run == false }}
|
|
uses: KSXGitHub/[email protected]
|
|
with:
|
|
pkgname: stirling-pdf-desktop
|
|
pkgbuild: .github/aur/stirling-pdf-desktop/PKGBUILD
|
|
commit_username: Stirling PDF Inc
|
|
commit_email: [email protected]
|
|
ssh_private_key: ${{ secrets.AUR_SSH_PRIVATE_KEY }}
|
|
commit_message: "Update to v${{ needs.get-release-info.outputs.version }}"
|
|
|
|
# Disabled until we sort out the server packaging story.
|
|
# - name: Publish stirling-pdf-server-bin to AUR
|
|
# if: ${{ github.event_name == 'release' || inputs.dry_run == false }}
|
|
# uses: KSXGitHub/github-actions-deploy-aur@2ac5a4c1d7035885d46b10e3193393be8460b6f1 # v4.1.1
|
|
# with:
|
|
# pkgname: stirling-pdf-server-bin
|
|
# pkgbuild: .github/aur/stirling-pdf-server-bin/PKGBUILD
|
|
# commit_username: Stirling PDF Inc
|
|
# commit_email: [email protected]
|
|
# ssh_private_key: ${{ secrets.AUR_SSH_PRIVATE_KEY }}
|
|
# commit_message: "Update to v${{ needs.get-release-info.outputs.version }}"
|