From 47e8d717a662278757f92d693ef5d2336ae9201b Mon Sep 17 00:00:00 2001 From: Brodino Date: Mon, 27 Apr 2026 14:21:15 +0200 Subject: [PATCH] feat: add artifact caching to build process and improve error logging --- scripts/build.sh | 14 ++++++++++++++ scripts/check-update.sh | 2 +- scripts/entrypoint.sh | 22 ++++++++++++++++------ scripts/publish.sh | 33 ++++++++++++++++----------------- 4 files changed, 47 insertions(+), 24 deletions(-) diff --git a/scripts/build.sh b/scripts/build.sh index 8b57c8b..5f96727 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -22,6 +22,20 @@ fi mkdir -p "${ARTIFACTS_DIR}" +# Skip rebuild if artifacts for this version already exist +pkgver=$(bash -c "source ${SRC_DIR}/PKGBUILD; echo \${pkgver}") +pkgrel=$(bash -c "source ${SRC_DIR}/PKGBUILD; echo \${pkgrel}") +existing=$(find "${ARTIFACTS_DIR}" -maxdepth 1 \ + -name "webkit2gtk-${pkgver}-${pkgrel}-*.pkg.tar.zst" \ + ! -name 'webkit2gtk-docs-*' \ + -print | head -n1) + +if [[ -n "${existing}" ]]; then + log "Artifacts for ${pkgver}-${pkgrel} already exist, skipping build" + log "Using cached: $(basename "${existing}")" + exit 0 +fi + # Clean any leftover build artifacts from a previous run log "Cleaning previous build artifacts in ${SRC_DIR}" # makepkg leaves behind src/, pkg/ and the .pkg.tar.zst files diff --git a/scripts/check-update.sh b/scripts/check-update.sh index 0667a5c..a16a48d 100755 --- a/scripts/check-update.sh +++ b/scripts/check-update.sh @@ -73,7 +73,7 @@ log "Running publish" if "${SCRIPT_DIR}/publish.sh"; then log "Publish succeeded" else - log "ERROR: Publish failed" + log "ERROR: Publish failed, exit code: $?" exit 1 fi diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh index 1317d77..f27bba5 100755 --- a/scripts/entrypoint.sh +++ b/scripts/entrypoint.sh @@ -8,6 +8,16 @@ set -euo pipefail +# Load .env so all variables are available both here (root) and in child +# processes running as builduser. Docker's env_file only sets variables for +# the initial process; sudo drops them by default. +if [[ -f /workspace/.env ]]; then + set -a + # shellcheck source=/dev/null + source /workspace/.env + set +a +fi + POLL_INTERVAL_SECONDS="${POLL_INTERVAL_SECONDS:-3600}" # Set up AUR SSH key @@ -25,21 +35,21 @@ else fi # Set git identity for builduser -sudo -u builduser git config --global user.name "${AUR_MAINTAINER_NAME:-webkit2gtk-automator}" -sudo -u builduser git config --global user.email "${AUR_MAINTAINER_EMAIL:-noreply@localhost}" +sudo -u builduser HOME=/home/builduser git config --global user.name "${AUR_MAINTAINER_NAME:-webkit2gtk-automator}" +sudo -u builduser HOME=/home/builduser git config --global user.email "${AUR_MAINTAINER_EMAIL:-noreply@localhost}" # Import WebKitGTK PGP signing keys into builduser's keyring # makepkg verifies the source tarball signature against these keys. # Try the bundled local keys first (no network needed), then fall back to keyservers. echo "[entrypoint] Importing WebKitGTK PGP signing keys" if ls /workspace/webkit2gtk/keys/pgp/*.asc &>/dev/null; then - sudo -u builduser gpg --import /workspace/webkit2gtk/keys/pgp/*.asc + sudo -u builduser HOME=/home/builduser gpg --import /workspace/webkit2gtk/keys/pgp/*.asc echo "[entrypoint] PGP keys imported from local bundle" else - sudo -u builduser gpg --keyserver keyserver.ubuntu.com --recv-keys \ + sudo -u builduser HOME=/home/builduser gpg --keyserver keyserver.ubuntu.com --recv-keys \ 5AA3BC334FD7E3369E7C77B291C559DBE4C9123B \ 013A0127AC9C65B34FFA62526C1009B693975393 || \ - sudo -u builduser gpg --keyserver hkps://keys.openpgp.org --recv-keys \ + sudo -u builduser HOME=/home/builduser gpg --keyserver hkps://keys.openpgp.org --recv-keys \ 5AA3BC334FD7E3369E7C77B291C559DBE4C9123B \ 013A0127AC9C65B34FFA62526C1009B693975393 echo "[entrypoint] PGP keys imported from keyserver" @@ -47,7 +57,7 @@ fi # Drop to builduser and start the polling loop echo "[entrypoint] Starting polling loop, interval: ${POLL_INTERVAL_SECONDS}s" -exec sudo -u builduser bash -c ' +exec sudo -u builduser --preserve-env HOME=/home/builduser bash -c ' set -euo pipefail POLL_INTERVAL_SECONDS="'"${POLL_INTERVAL_SECONDS}"'" while true; do diff --git a/scripts/publish.sh b/scripts/publish.sh index 340d17d..2e4ea28 100755 --- a/scripts/publish.sh +++ b/scripts/publish.sh @@ -33,23 +33,18 @@ die() { : "${AUR_MAINTAINER_EMAIL:?AUR_MAINTAINER_EMAIL is not set}" # Authenticate gh CLI -echo "${GITHUB_TOKEN}" | gh auth login --with-token +# GITHUB_TOKEN is already in the environment and picked up by gh automatically -# Find the main webkit2gtk package (not -docs) +# Find the main webkit2gtk package only (exclude -docs and -debug variants) log "Looking for built package in ${ARTIFACTS_DIR}" -# We want webkit2gtk---x86_64.pkg.tar.zst, NOT webkit2gtk-docs-* -pkg_file=$(find "${ARTIFACTS_DIR}" -maxdepth 1 \ - -name 'webkit2gtk-*.pkg.tar.zst' \ - ! -name 'webkit2gtk-docs-*' \ - -print | sort -V | tail -n1) - -[[ -n "${pkg_file}" ]] || die "No webkit2gtk .pkg.tar.zst found in ${ARTIFACTS_DIR}" -log "Found package: ${pkg_file}" -# Derive version from the built PKGBUILD pkgver=$(bash -c "source ${SRC_PKGBUILD}; echo \${pkgver}") pkgrel=$(bash -c "source ${SRC_PKGBUILD}; echo \${pkgrel}") full_version="${pkgver}-${pkgrel}" log "Package version: ${full_version}" + +pkg_file="${ARTIFACTS_DIR}/webkit2gtk-${pkgver}-${pkgrel}-x86_64.pkg.tar.zst" +[[ -f "${pkg_file}" ]] || die "Expected artifact not found: ${pkg_file}" +log "Found package: ${pkg_file}" # Compute sha256sum of the artifact sha256=$(sha256sum "${pkg_file}" | awk '{print $1}') log "sha256sum: ${sha256}" @@ -61,12 +56,16 @@ release_title="webkit2gtk ${full_version}" log "Creating/updating GitHub release ${release_tag}" -# Create the release if it doesn't exist; ignore error if it already does -gh release create "${release_tag}" \ - --repo "${GITHUB_REPO}" \ - --title "${release_title}" \ - --notes "Automated build of webkit2gtk ${full_version}" \ - 2>/dev/null || log "Release ${release_tag} already exists, proceeding to upload asset" +# Create the release if it doesn't exist +if gh release view "${release_tag}" --repo "${GITHUB_REPO}" &>/dev/null; then + log "Release ${release_tag} already exists, proceeding to upload asset" +else + log "Creating GitHub release ${release_tag}" + gh release create "${release_tag}" \ + --repo "${GITHUB_REPO}" \ + --title "${release_title}" \ + --notes "Automated build of webkit2gtk ${full_version}" +fi # Upload the package (--clobber overwrites an existing asset with the same name) log "Uploading ${pkg_filename} to release ${release_tag}"