From 1cf5f6965bd47dc129badb2a87eeb5dda57f4f04 Mon Sep 17 00:00:00 2001 From: Jeremy Drake Date: Tue, 18 Feb 2025 17:06:05 -0800 Subject: [PATCH] Add a GitHub workflow to remove packages from the Pacman repository Git for Windows relies on MSYS2 for a lot of packages, but also provides some packages of its own. Sometimes, Git for Windows even overrides (or "shadows") MSYS2's packages. And sometimes Git for Windows needs to stop overriding such packages. This new GitHub workflow allows for stopping to override MSYS2 packages by calling the shiny new `pacman-helper.sh quick_remove` functionality added in https://github.com/git-for-windows/build-extra/pull/597. This will be used to clean up Git for Windows' Pacman repository after the most recent batch of MSYS2 updates to its i686 repository, see https://github.com/git-for-windows/git-sdk-32/issues/39#issuecomment-2664159567 for full details. Co-authored-by: Johannes Schindelin Signed-off-by: Jeremy Drake Signed-off-by: Johannes Schindelin --- ...remove-packages-from-pacman-repository.yml | 92 +++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 .github/workflows/remove-packages-from-pacman-repository.yml diff --git a/.github/workflows/remove-packages-from-pacman-repository.yml b/.github/workflows/remove-packages-from-pacman-repository.yml new file mode 100644 index 00000000..508f67a5 --- /dev/null +++ b/.github/workflows/remove-packages-from-pacman-repository.yml @@ -0,0 +1,92 @@ +name: remove-packages-from-pacman-repository +run-name: Remove ${{ inputs.packages }} from the Pacman repository + +on: + workflow_dispatch: + inputs: + packages: + description: 'The package name(s) to remove' + required: true + dry_run: + description: 'Skip deployment (if non-empty)' + required: false + +env: + PACKAGES_TO_REMOVE: "${{ github.event.inputs.packages }}" + PACMANDRYRUN: "${{ github.event.inputs.dry_run }}" + GPG_OPTIONS: "--batch --yes --no-tty --list-options no-show-photos --verify-options no-show-photos --pinentry-mode loopback" + +jobs: + build: + if: github.event.repository.fork != true + runs-on: 'windows-latest' + steps: + - uses: actions/checkout@v4 + + - name: Configure build + shell: bash + run: | + HOME="${{ runner.temp }}\\home" && + echo "HOME=$HOME" >>$GITHUB_ENV && + mkdir -p "$HOME" + + - name: Download Git for Windows SDK + uses: git-for-windows/setup-git-for-windows-sdk@v1 + with: + flavor: makepkg-git + architecture: x86_64 + msys: true + + - name: Clone build-extra + shell: bash + run: git clone --depth 1 --single-branch -b main https://github.com/git-for-windows/build-extra /usr/src/build-extra + + - name: Get GPG key(s) + timeout-minutes: 5 + shell: bash + run: | + for key in 57759F748D223F034D8BE870BB3AA74136C569BB + do + gpg $GPG_OPTIONS --recv-keys --batch --yes --keyserver hkp://keyserver.ubuntu.com "$key" && + echo "$key:6:" | gpg $GPG_OPTIONS --import-ownertrust || + exit 1 + done + + - name: Prepare home directory for GPG signing + if: env.GPGKEY != '' + shell: bash + run: | + echo '${{secrets.PRIVGPGKEY}}' | tr % '\n' | gpg $GPG_OPTIONS --import && + mkdir -p "$HOME" && + git config --global gpg.program "/usr/src/build-extra/gnupg-with-gpgkey.sh" && + info="$(gpg --list-keys --with-colons "${GPGKEY%% *}" | cut -d : -f 1,10 | sed -n '/^uid/{s|uid:||p;q}')" && + git config --global user.name "${info% <*}" && + git config --global user.email "<${info#*<}" + echo "PACKAGER=$info" >>$GITHUB_ENV + env: + GPGKEY: ${{secrets.GPGKEY}} + + - uses: actions/create-github-app-token@v1 + id: pacman-repo-token + with: + app-id: ${{ secrets.GH_APP_ID }} + private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} + owner: ${{ github.repository_owner }} + repositories: pacman-repo + + - name: Remove Pacman packages + if: env.PACMANDRYRUN == 'true' || env.azure_blobs_token != '' + shell: bash + env: + GPGKEY: ${{secrets.GPGKEY}} + azure_blobs_token: ${{secrets.AZURE_BLOBS_TOKEN}} + GITHUB_TOKEN: ${{ steps.pacman-repo-token.outputs.token }} + run: /usr/src/build-extra/pacman-helper.sh quick_remove ${PACKAGES_TO_REMOVE} + + - name: Clean up temporary files + if: always() + shell: bash + run: | + gpgconf --kill dirmngr && + gpgconf --kill gpg-agent && + { rm -rf "$HOME" || echo "Gracefully leaving files undeleted" >&2; }