name: yandex-cloud-cli-bin

on:
  workflow_call:
  workflow_dispatch:

# For good reasons, GitHub Actions people made the decision to add the
# container: functionality. For some other reason, when running inside a
# container:, they made an insane, completely batshit crazy decision to set
# $HOME to something other than /root. This breaks a bunch of things, which is
# why all the insanity is there below.
#
# makepkg people are similarly insane, which is why they hard-forbid running
# makepkg as root, because they're crazy. This is cause for the other stupid
# workarounds below.

jobs:
  maintenance:
    runs-on: ubuntu-latest
    container:
      image: archlinux:base-devel
    steps:
      - name: Install dependencies
        run: |
          pacman -Sy --noconfirm git openssh
      - name: Add SSH key
        run: |
          mkdir -p /root/.ssh/
          cat > /root/.ssh/config <<'EOF'
          StrictHostKeyChecking no
          EOF
          cat > /root/.ssh/id_ed25519 <<'EOF'
          ${{ secrets.SSH_KEY }}
          EOF
          chmod 0600 /root/.ssh/id_ed25519
      - name: Checkout
        run: |
          git clone -q ssh://aur@aur.archlinux.org/yandex-cloud-cli-bin.git
          chmod -R o+w yandex-cloud-cli-bin
      - name: Configure git
        run: |
          git -C yandex-cloud-cli-bin config --local user.name 'Egor Tensin'
          git -C yandex-cloud-cli-bin config --local user.email 'egor@tensin.name'
      - name: Run maintenance
        run: |
          git config --system --add safe.directory "$( pwd )/yandex-cloud-cli-bin"
          runuser -u nobody -- make -C yandex-cloud-cli-bin maintenance