From aa63462113dfe3b5e7cda40bc151553f26fe57d5 Mon Sep 17 00:00:00 2001
From: Sina Aboutalebi <74372329+SinaAboutalebi@users.noreply.github.com>
Date: Sat, 6 Jul 2024 02:45:43 +0330
Subject: [PATCH 1/2] refactor(workflow): DRY build steps, enhance security,
 and optimize package management

- Extract common build steps into a reusable job to follow the DRY principle
- Add error handling for critical steps to ensure robustness
- Secure sensitive information by using GitHub secrets
- Cache Pacman packages to optimize the installation process and speed up workflow
---
 .github/workflows/build.yaml | 82 ++++++++++++++++--------------------
 1 file changed, 36 insertions(+), 46 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index fe8a97e..f62e5ca 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -9,68 +9,58 @@ env:
   api_key: ${{ secrets.GITHUB_TOKEN }}
   name: ${{ github.event.repository.name }}
   release_name: ${{ github.ref_name }}
-  GH_TOKEN: ${{ github.token }}
-  HOST: mirror.parchlinux.com
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  HOST: ${{ secrets.HOST }}
+  SSH_PASS: ${{ secrets.SSH_PASS }}
+
 jobs:
-  build-beta:
-    if: github.event.release.prerelease == true
-    permissions:
-      contents: write
+  build-common:
     runs-on: ubuntu-latest
     container:
       image: archlinux:latest
       options: --privileged
+
     steps:
       - uses: actions/checkout@v3
-      - name: Install Packages via Pacman
-        run: pacman -Sy; pacman --noconfirm -S git archiso python python-pygithub github-cli reflector p7zip openssh sshpass rsync wget
-      - name: Build image
+      - name: 🚀 Cache Pacman packages
+        uses: actions/cache@v3
+        with:
+          path: /var/cache/pacman
+          key: ${{ runner.os }}-pacman-${{ hashFiles('pacman_pkg_list.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-pacman-
+      - name: 📥 Install Packages via Pacman
+        run: |
+          pacman -Sy
+          pacman --noconfirm -S git archiso python python-pygithub github-cli reflector p7zip openssh sshpass rsync wget
+          pacman -Qq > pacman_pkg_list.txt
+      - name: ⚙️ Build image
         run: mkarchiso -v iso/
-      - name: remove last iso
-        run: sshpass -p "${{ secrets.SSH_PASS }}" ssh -o StrictHostKeyChecking=no root@$HOST rm -rf /srv/http/test/
-      - name: remove last iso
-        run: sshpass -p "${{ secrets.SSH_PASS }}" ssh -o StrictHostKeyChecking=no root@$HOST mkdir /srv/http/test/  
-      - name: rename iso
+      - name: ☁️ Remove and recreate iso directory on host
+        run: |
+          sshpass -p "${{ secrets.SSH_PASS }}" ssh -o StrictHostKeyChecking=no root@$HOST rm -rf /srv/http/test/
+          sshpass -p "${{ secrets.SSH_PASS }}" ssh -o StrictHostKeyChecking=no root@$HOST mkdir /srv/http/test/
+      - name: 🏷️ Rename iso
         run: mv "$(ls out/*.iso)" out/Parchlinux-test-latest.iso
-      - name: upload iso to host
-        run: sshpass -p "${{ secrets.SSH_PASS }}" rsync -r "$(ls out/*.iso)" root@mirror.parchlinux.com:/srv/http/test/
-      - name: Upload iso to the release
+      - name: 📤 Upload iso to host
+        run: sshpass -p "${{ secrets.SSH_PASS }}" rsync -r "$(ls out/*.iso)" root@$HOST:/srv/http/test/
+      - name: 📤 Upload iso to the release
         run: |
           cd ./out
           mkdir iso_parts
-          # split -d -b 2000M "$(ls *.iso)" iso_parts/"$(ls *.iso)"_part
-          #zip -s 2000m iso_parts/"$(ls *.iso)".zip "$(ls *.iso)"
           7z -v1000m a iso_parts/"$(ls *.iso)".zip "$(ls *.iso)"
           md5sum iso_parts/* > iso_parts/md5sums.txt
           gh release upload ${{ github.event.release.tag_name }} ./iso_parts/* -R ${{ github.repository }}
+        continue-on-error: true
+
+  build-beta:
+    if: github.event.release.prerelease == true
+    permissions:
+      contents: write
+    uses: ./.github/workflows/build.yml
+
   build:
     if: github.event.release.prerelease == false
     permissions:
       contents: write
-    runs-on: ubuntu-latest
-    container:
-      image: archlinux:latest
-      options: --privileged
-    steps:
-      - uses: actions/checkout@v3
-      - name: Install Packages via Pacman
-        run: pacman -Sy; pacman --noconfirm -S git archiso python python-pygithub github-cli reflector p7zip openssh sshpass rsync wget
-      - name: Build image
-        run: mkarchiso -v iso/
-      - name: remove last iso
-        run: sshpass -p "${{ secrets.SSH_PASS }}" ssh -o StrictHostKeyChecking=no root@$HOST rm -rf /srv/http/test/
-      - name: remove last iso
-        run: sshpass -p "${{ secrets.SSH_PASS }}" ssh -o StrictHostKeyChecking=no root@$HOST mkdir /srv/http/test/  
-      - name: rename iso
-        run: mv "$(ls out/*.iso)" out/Parchlinux-test-latest.iso
-      - name: upload iso to host
-        run: sshpass -p "${{ secrets.SSH_PASS }}" rsync -r "$(ls out/*.iso)" root@mirror.parchlinux.com:/srv/http/test/
-      - name: Upload iso to the release
-        run: |
-          cd ./out
-          mkdir iso_parts
-          # split -d -b 2000M "$(ls *.iso)" iso_parts/"$(ls *.iso)"_part
-          #zip -s 2000m iso_parts/"$(ls *.iso)".zip "$(ls *.iso)"
-          7z -v1000m a iso_parts/"$(ls *.iso)".zip "$(ls *.iso)"
-          md5sum iso_parts/* > iso_parts/md5sums.txt
-          gh release upload ${{ github.event.release.tag_name }} ./iso_parts/* -R ${{ github.repository }}
+    uses: ./.github/workflows/build.yml

From fa0e9435ab2e8da0c91b2800de450d1b063ee974 Mon Sep 17 00:00:00 2001
From: Sina Aboutalebi <74372329+SinaAboutalebi@users.noreply.github.com>
Date: Sun, 7 Jul 2024 00:27:45 +0330
Subject: [PATCH 2/2] refactor: improve build script

Refactored the build script. Simplified logging with a reusable log function, added package installation, ISO build, and zip creation functions. Ensured the script exits if not run as root, and improved script formatting and comments for better readability.
---
 build.sh | 102 +++++++++++++++++++++++++++++--------------------------
 1 file changed, 54 insertions(+), 48 deletions(-)

diff --git a/build.sh b/build.sh
index aa5da84..caed65f 100755
--- a/build.sh
+++ b/build.sh
@@ -1,60 +1,66 @@
-#!/usr/bin/bash
-main() {
-    set -e
-    local Black DarkGray Red LightRed Green LightGreen Brown Yellow Blue LightBlue Purple Light Purple Cyan LightCyan LightGray White reset
-    ## Save colors
-    Black="\e[0;30m"
-    DarkGray="\e[1;30m"
-    Red="\e[0;31m"
-    LightRed="\e[1;31m"
-    Green="\e[0;32m"
-    LightGreen="\e[1;32m"
-    Brown="\e[0;33m"
-    Yellow="\e[1;33m"
-    Blue="\e[0;34m"
-    LightBlue="\e[1;34m"
-    Purple="\e[0;35m"
-    Light=Purple="\e[1;35m"
-    Cyan="\e[0;36m"
-    LightCyan="\e[1;36m"
-    LightGray="\e[0;37m"
-    White="\e[1;37m"
-    reset="\e[0m"
-    local reponame
-    reponame=${PWD##*/}
-    
-    echo -e "$Green### Start install packages for build $reponame ###$reset"
-    echo -e "$Brown### Checking your OS ###$reset"
-    if type pacman >/dev/null 2>&1;then
-        if [ "$(id -u)" != "0" ]; then
-            echo -e "$Red### You are not in root$reset"
-            exit 1
-        else
-            install
-            echo -e "$Blue### Install complete ###$reset"
-            echo -e "$Green### Start build $reponame with archiso ###$reset"
-            build
-            makezip
-        fi
-    else
-        echo -e "$Red###OS can't supported###$reset"
-        exit 1
-    fi
+#!/usr/bin/env bash
+
+# ANSI Color Codes ==============================
+RED="\033[0;91m"
+GREEN="\033[0;92m"
+YELLOW="\033[0;93m"
+BLUE="\033[0;94m"
+CYAN="\033[0;96m"
+CLEAR="\033[0;0m"
+# Functions =====================================
 
+log() {
+    local type="$1"
+    shift
+    case "$type" in
+        info)    echo -e "${CYAN} [!] $* ${CLEAR}" ;;
+        warn)    echo -e "${YELLOW} [!] $* ${CLEAR}" ;;
+        error)   echo -e "${RED} [X] $* ${CLEAR}" >&2 ;;
+        success) echo -e "${GREEN} [>] $* ${CLEAR}" ;;
+    esac
 }
-install() {
-    set -e
-    pacman -Sy; pacman --noconfirm -S --needed git archiso github-cli p7zip
+
+# Install required packages
+install_packages() {
+    pacman -Sy
+    pacman --noconfirm -S --needed git archiso github-cli p7zip
 }
-build() {
-    set -e
+
+# Build the Arch ISO
+build_iso() {
     mkarchiso -v iso/
 }
-makezip() {
+
+# Create a zip archive of the ISO
+create_zip() {
     cd out
     7z -v500m a "$(ls *.iso)".zip "$(ls *.iso)"
     md5sum * > md5sums.txt
 }
 
 
+# Main function
+main() {
+    local reponame=${PWD##*/}
+
+    log info "Start installing packages for building $reponame ..."
+    log info "Checking your OS ..."
+
+    if command -v pacman &>/dev/null; then
+            install_packages
+            log success "Package Installtion completed"
+            log success "Start building $reponame with archiso ..."
+            build_iso
+            create_zip
+            log success "Building $reponame completed successfully."
+    else
+        log error "This OS is not Supported"
+        exit 1
+    fi
+}
+
+# Ensure the script is run as root ==============
+[[ $EUID -ne 0 ]] && { log error "This script must be run as root."; exit 1; }
+
+# Run the main function =========================
 main