Auto test the PKGBUILD before push when there's no AUR dependencies

[petronny]

https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/FFNIQ4CQ64OSRCYZRDEJJW2QBOGXEO4X/

For those do have AUR dependencies, the maintainers can set a custom url to perform the tests themselves and use the callback api to push the changes.

[petronny]

TODO: Create a api as the callback function for build test to call the push workflow.

Details:

Write a script for a cloudflare worker.

It accepts the following parameters: pkgbase, pkgver, nonce and signature.

Then it downloads a yaml file via https://raw.githubusercontent.com/arch4edu/aur-auto-update/main/config/{pkgbase}.yaml.
Then get the value of a key in it which is a base64 and RSA encoded api key.

Then the api key is used to validate the signature.
The pkgbase, pkgver and nonce are first convert to a sorted json string then concatenated with the api key.
Then the signature is calculated from the concatenation with md5.

If the calculated signature matches the one signature,
it makes a new post request to create a workflow on github actions and passes through all parameters.

[petronny]

TODO: Create a workflow to perform a basic build test

Details:

It accepts the following parameters: pkgbase, pkgver.
It clones the git repo on AUR. Then it sets the pkgver and update the hashsum.
Then it runs extra-x86_64-build to build the package.
If the build is passed, call a script to push the changes to AUR.

Hint:
It's like a simplified version of cactus builder.

[petronny]

TODO: Create a script and a workflow to push a version of a package to AUR.

Details:

For the script, it has 3 parameters: pkgbase, pkgver, and force.
For the workflow, it further has 2 parameters for authentication: nonce and signature.

For the script, it clones the git repo on AUR.
Then it will first check if the new version is greater than the old one when the force parameter is empty.
Then it sets the pkgver and update the hashsum and push the changes to AUR.

For the workflow, it verifies the signature using the way described in the callback api.
Then it just calls the script.

[petronny]

TODO: Test configuration

Details:

• To enable the test, add this parameter:

test:
  enable: true

This one uses the default build test workflow.

• To use custom test, and push the changes to AUR yourself.

test:
  enable: true
  url: https://your.test.url.com

• To use custom test, but let our bot to push the changes.

test:
  enable: true
  url: https://your.test.url.com
  key: example-api-key

You need to call the callback api and create the signature with example-api-key.

• You can also use encrypt.sh to encryt the configuration:

test:
  enable: true
  url: |
    jWyfbrKLab8ni0lyQnjGvwwfPzsJ51vJ+FMlu7p9r+PUipgu1ZJ7Qorx0F4RuHcGFXS6W3QYFUL7
    ...
    tr94uhoFXQMGIo3I1yI4EwPTxtR4mC43/h1eoIGv3OyD5ZH3kHZ0RADt+XynESZ9mOMgqGD3Y+4=
  key: |
    jWyfbrKLab8ni0lyQnjGvwwfPzsJ51vJ+FMlu7p9r+PUipgu1ZJ7Qorx0F4RuHcGFXS6W3QYFUL7
    ...
    tr94uhoFXQMGIo3I1yI4EwPTxtR4mC43/h1eoIGv3OyD5ZH3kHZ0RADt+XynESZ9mOMgqGD3Y+4=

[petronny]

Closed since the build test is already implemented.