增强现实AR>> aura>> 返回
项目作者: ashutoshgngwr

项目描述 :
An automated build system to build AUR packages for Arch Linux.
高级语言: Shell
项目地址: git://github.com/ashutoshgngwr/aura.git
创建时间: 2020-08-16T06:17:35Z
项目社区:https://github.com/ashutoshgngwr/aura
开源协议:Apache License 2.0
下载


AURa

AURa is an automated build system to build AUR packages for Arch Linux.

Why

Every time you run a system upgrade on Arch Linux using an AUR helper, it takes
plenty of time to build packages that you have installed from the Arch User
Repository. For me, the rest of the system can easily upgrade within 5 minutes
while the AUR packages take another 20-30 minutes to build and install.

What

AURa is a set of scripts that use GitHub actions to periodically build specified
packages and publish them on a custom repository hosted at Heroku.

How

AURa accepts a packagelist file where you can specify what AUR
packages it needs to build. It schedules a GitHub workflow to build the given
packages every day. If a PKGBUILD has changed, the workflow will build it.
Otherwise, it merely copies the built version from its last build. It then
creates a fresh package database and publishes the repository using it.

Demo

You can use my package repository for demonstrating the results.

  • Append the following to your /etc/pacman.conf. Set the SigLevel to
    Never or import my public PGP key to your Pacman keyring.
    See adding unofficial
    keys
    on Arch Wiki.

    1. [aura]
    2. SigLevel = Never
    3. Server = https://arch-aura.herokuapp.com/aura

  • Run pacman -Sy to sync your package databases.

  • Try to install an AUR package from my packagelist.

Usage

  • Fork this repository

  • Add AUR packages to the packagelist.

    • To find out packages that you’ve installed from the AUR, you can run pacman -Qm. It will list all the packages that do not belong to any Pacman
      repositories. Then you can filter this list down to the AUR packages.

    • Once you have the list, you can add one package per line in the
      packagelist, e.g.

      1. google-chrome
      2. spotify

  • Generate a PGP key to sign the built packages. It is mandatory in this setup.

    1. # use all the defaults and add your Name and email when prompted.
    2. gpg --full-gen-key
    4. # export the generated key
    5. gpg --armor --export-secret-keys GENERATED_KEY_ID > private.asc
    6. gpg --armor --export GENERATED_KEY_ID > public.asc
    8. # after exporting public and private keys, you may delete the PGP key
    9. # from your system.
    10. gpg --delete-secret-keys GENERATED_KEY_ID
    11. gpg --delete-keys GENERATED_KEY_ID

  • Add secrets for the GitHub workflow

    • PGP_KEY_ID: Paste the ID of the key generated in the previous step.
    • PGP_PUBLIC_KEY: Paste the contents of public.asc file created in the
      previous step.
    • PGP_SECRET_KEY: Paste the contents of private.asc file created in the
      previous step.
    • PGP_SECRET_KEY_PASSPHRASE: The password for decrypting the private key
      generated in the previous step.
    • HEROKU_EMAIL: Your Heroku email.
    • HEROKU_API_KEY: API key to access Heroku. It can be found in Heroku >
      Account Settings > API Key      .
    • HEROKU_APP_NAME: Name of the Heroku app to deploy the package repository.

  • To test the setup, commit the changes and then trigger the workflow manually.
    See
    workflow_dispatch.

  • To use your new repository with Pacman

    • Edit /etc/pacman.conf and append the following at the bottom of the file

      1. [aura]
      2. SigLevel = Required TrustedOnly
      3. Server = https://<your_heroku_app_name>.herokuapp.com/aura

    • Add your public PGP key to the Pacman keyring.

      1. sudo pacman-key --add public.asc # file from the previous steps
      2. # and then locally sign the imported key to mark it as trusted
      3. sudo pacman-key --lsign-key <imported_key_id>

    • Resync package databases using sudo pacman -Sy.

Updating build frequency

By default, build is scheduled to run every day. To change it, edit the Cron
schedule specified in the GitHub workflow.

Caveats

  • It builds updated packages in a workflow run and overwrites their older
    versions when publishing. At any given time, the package repository will only
    have the latest built version of a package.

  • Pacman requests timeout in 10 seconds so it may error out if the Heroku dyno
    is asleep. To wake it up beforehand, hit the home page of the repository which
    is an HTML redirect to the AURa GitHub
    repository    .

  • Ensure that you only include the packages that you trust. Automatically
    building untrusted packages from AUR will expose your system to severe
    security risks.

  • Sometimes AUR packages might receive faulty PKGBUILD updates. When it happens,
    the GitHub workflow will fail immediately without publishing any new packages.

License

All source files are licensed under Apache License Version 2.0 unless
stated explicitly.