Skip to content

Update AUR CI to build against PR instead of main #1962

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Sep 2, 2025
+9 −4
Merged

Update AUR CI to build against PR instead of main #1962

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f4d1f07
build against PR and push instead of master
njfox Aug 25, 2025
5332667
combine dependency updates/installation and fix indentation
njfox Aug 26, 2025
bdaa1fe
remove duplicate git dependency
njfox Aug 26, 2025
98c5385
Merge branch 'main' into aur-ci
nicolasnoble Aug 28, 2025
c70d85e
Merge branch 'main' into aur-ci
nicolasnoble Sep 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 9 additions & 4 deletions .github/workflows/linux-aur.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,20 @@ jobs:
image: archlinux:latest
steps:
- name: Install dependencies
run: |
run: |
pacman -Syu --noconfirm --needed capstone curl ffmpeg freetype2 glfw libuv sdl2 zlib git make pkg-config sudo base-devel pacman-contrib
- uses: actions/checkout@v3
with:
set-safe-directory: true
Comment on lines +18 to +20
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

⚠️ Potential issue

Upgrade checkout to v4 and pin the ref to the triggering commit (avoids Node16 deprecation and merge-commit surprises).

actionlint warns v3 won’t run anymore. Also, for PRs you probably want the head commit rather than the merge commit. Add ref and fetch-depth: 0 to guarantee the commit exists locally for your file:// source.

Apply:

-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           set-safe-directory: true
+          fetch-depth: 0
+          # Use PR head commit when available; otherwise fall back to the event SHA
+          ref: ${{ github.event.pull_request.head.sha || github.sha }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- uses: actions/checkout@v3
with:
set-safe-directory: true
- uses: actions/checkout@v4
with:
set-safe-directory: true
fetch-depth: 0
# Use PR head commit when available; otherwise fall back to the event SHA
ref: ${{ github.event.pull_request.head.sha || github.sha }}
🧰 Tools
🪛 actionlint (1.7.7)

18-18: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents 
In .github/workflows/linux-aur.yml around lines 18 to 20, update the checkout
step to actions/checkout@v4, and pin the checked-out ref to the triggering
commit instead of relying on the merge commit; set the checkout inputs to
include a ref pointing to the head commit (use the PR head SHA when present,
otherwise github.sha) and add fetch-depth: 0 so the exact commit exists locally,
while retaining set-safe-directory: true.

- name: Create builduser
run: |
useradd builduser -m
passwd -d builduser
- name: Build AUR Package
run: |
git clone https://aur.archlinux.org/pcsx-redux-git.git
chown -R builduser:builduser pcsx-redux-git
cd pcsx-redux-git
mkdir /build
git clone https://aur.archlinux.org/pcsx-redux-git.git /build/pcsx-redux-git
chown -R builduser:builduser /build
cd /build/pcsx-redux-git
sed -i s,git+https://github.com/grumpycoders/pcsx-redux.git,git+file://$GITHUB_WORKSPACE#commit=$GITHUB_SHA,g PKGBUILD
sudo -u builduser makepkg
Comment on lines +27 to 32
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Harden AUR build: fix sed to replace entire URL+fragment; allow makepkg to install deps; ensure idempotent mkdir
The current sed only replaces the base URL. If PKGBUILD appends a fragment (e.g., #branch=main), the result becomes git+file://…#commit=…#branch=main, which is invalid. Also, without sudoers for builduser and makepkg -s, missing makedepends will fail. Make mkdir idempotent.

Apply:

-          mkdir /build
+          mkdir -p /build
           git clone https://aur.archlinux.org/pcsx-redux-git.git /build/pcsx-redux-git
           chown -R builduser:builduser /build
           cd /build/pcsx-redux-git
-          sed -i s,git+https://github.com/grumpycoders/pcsx-redux.git,git+file://$GITHUB_WORKSPACE#commit=$GITHUB_SHA,g PKGBUILD
-          sudo -u builduser makepkg
+          # Allow makepkg to install missing (make)depends via pacman without prompting
+          printf 'builduser ALL=(ALL) NOPASSWD: /usr/bin/pacman\n' >/etc/sudoers.d/99-builduser-pacman
+          chmod 0440 /etc/sudoers.d/99-builduser-pacman
+          # Replace entire upstream source (including any fragment) with local file:// commit
+          sed -E -i "s|git\+https://github.com/grumpycoders/pcsx-redux\.git(#.*)?|git+file://$GITHUB_WORKSPACE#commit=$GITHUB_SHA|g" PKGBUILD
+          # Build as unprivileged user and ensure deps are installed
+          sudo -u builduser makepkg -s --noconfirm --syncdeps --needed
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
mkdir /build
git clone https://aur.archlinux.org/pcsx-redux-git.git /build/pcsx-redux-git
chown -R builduser:builduser /build
cd /build/pcsx-redux-git
sed -i s,git+https://github.com/grumpycoders/pcsx-redux.git,git+file://$GITHUB_WORKSPACE#commit=$GITHUB_SHA,g PKGBUILD
sudo -u builduser makepkg
mkdir -p /build
git clone https://aur.archlinux.org/pcsx-redux-git.git /build/pcsx-redux-git
chown -R builduser:builduser /build
cd /build/pcsx-redux-git
# Allow makepkg to install missing (make)depends via pacman without prompting
printf 'builduser ALL=(ALL) NOPASSWD: /usr/bin/pacman\n' >/etc/sudoers.d/99-builduser-pacman
chmod 0440 /etc/sudoers.d/99-builduser-pacman
# Replace entire upstream source (including any fragment) with local file:// commit
sed -E -i "s|git\+https://github.com/grumpycoders/pcsx-redux\.git(#.*)?|git+file://$GITHUB_WORKSPACE#commit=$GITHUB_SHA|g" PKGBUILD
# Build as unprivileged user and ensure deps are installed
sudo -u builduser makepkg -s --noconfirm --syncdeps --needed
🤖 Prompt for AI Agents 
.github/workflows/linux-aur.yml lines 27-32: mkdir should be idempotent, the sed
must replace the entire upstream URL plus any optional fragment, and makepkg
needs to be run as builduser while allowing it to install makedepends. Change
mkdir to use -p; change the sed to match and replace the full pattern
git+https://github.com/grumpycoders/pcsx-redux.git with any optional fragment
(e.g., use a regex that captures optional "#.*") and replace it with
git+file://$GITHUB_WORKSPACE#commit=$GITHUB_SHA; and invoke makepkg as the
builduser with the -s flag so makedepends are installed (sudo -u builduser
makepkg -s).

Loading