nevaforget/moonarch-pkgbuilds
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix CI: run makepkg in Arch container with non-root user

Browse Source 
The act_runner now uses docker mode with archlinux:base-devel.
Install git/curl and create a builder user since makepkg refuses
to run as root.
This commit is contained in:
nevaforget 2026-04-01 15:44:02 +02:00
parent 17ae1733a3
commit 96a2574c7e
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.gitea/workflows/build-and-publish.yaml
View File

@ -11,12 +11,21 @@ on:
- '*/PKGBUILD' - '*/PKGBUILD'
jobs: jobs:
detect-changes: build-and-publish:
runs-on: moonarch runs-on: moonarch
steps: steps:
- name: Detect changed PKGBUILDs - name: Setup build environment
run: |
pacman -Sy --noconfirm git curl
# makepkg refuses to run as root — create a build user
useradd -m builder
echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
- name: Build and publish changed packages
run: | run: |
git clone http://gitea:3000/nevaforget/moonarch-pkgbuilds.git repo git clone http://gitea:3000/nevaforget/moonarch-pkgbuilds.git repo
chown -R builder:builder repo
cd repo cd repo
CHANGED=$(git diff --name-only HEAD~1 HEAD | grep '/PKGBUILD$' | sed 's|/PKGBUILD||' || true) CHANGED=$(git diff --name-only HEAD~1 HEAD | grep '/PKGBUILD$' | sed 's|/PKGBUILD||' || true)
@ -32,8 +41,8 @@ jobs:
echo "==> Building $pkg" echo "==> Building $pkg"
cd "$pkg" cd "$pkg"
# Build package (skip dep checks — deps are already installed or in optdepends) # Build package as non-root user
makepkg -sfd --noconfirm su builder -c "makepkg -sfd --noconfirm"
# Find the built package file # Find the built package file
PKG_FILE=$(ls -t *.pkg.tar.zst 2>/dev/null | head -1) PKG_FILE=$(ls -t *.pkg.tar.zst 2>/dev/null | head -1)