aurch

The emphasis of aurch is using a chroot for AUR 'build isolation' rather than 'clean chroot building'.
Aurch isolates the build environment to mitigate build script errors or malicious intent causing issues on the host.

Aurch sets up aurutils, sets up a local AUR repo, sets up a builduser, within a chroot.
Can be used for various AUR package related tasks including -B, for easy one command builds.
Upon completing AUR build/s, aurch places copy/s of the package/s in the host AURREPO file.
Keeps a copy of all AUR packages and dependencies built in the chroot AUR repo for future use.
Automatically builds and installs required AUR dependencies in the chroot.
Automatically installs required pgp keys in the chroot.
Automatically maintains a 144 package count in the chroot via automated cleanup.
The chroot is intended to be reused.


Note:
This script isolates the build process from the host, not to be confused with building packages in a clean chroot.
Scripts such as devtools were not written to and do not isolate the build process from the host.
devtools info
References:
https://www.reddit.com/r/archlinux/comments/q2qwbr/aur_build_in_chroot_to_mitigate_risks/hfn7x0p/
https://www.reddit.com/r/archlinux/comments/qk3rk7/wrote_script_to_setup_an_nspawn_chroot_and_build/hixia0b/

USAGE
		aurch [operation[options]] [package | pgp key]


OPERATIONS 
		    --setup		Sets up a chroot.
		-B*  --build		Builds an AUR package in one step.
		-G  --git		Git clones an AUR package.
		-C  --compile		Builds an AUR package on git clone after modifications.
		-Rc  [--long NA]	Remove AUR pkg from chroot /build/<package>, $HOME/<build dir>, and database entry.
		-Rh  [--long NA]	Remove AUR pkg from host /AURREPO/<package>, <package> if installed, and database entry.
		-Lu*  --listupdates	List updates available for AUR packages in chroot AUR repo.
		-Lc*  --listchroot	List contents of AUR db on chroot.
		-Lh*  --listhost	List contents of AUR db on host.
		    --clean		Manually remove unneeded packages from chroot.
		    --pgp		Manually import pgp key in chroot.
		-h, --help		Prints help.

OPTIONS *
	-L, List:
		Append 'q' to list operations -L[u,c,h] for quiet mode.
		Example: aurch -Luq
		Do not mix order or attempt to use 'q' other than described.

	-B, Build:
		Append 'i' to build operation -B to install package in host.
		Example: aurch -Bi
		Do not mix order or attempt to use 'i' other than described.

OVERVIEW
		Run 'aurch --setup' before using aurch.
		Run aurch from directory containing chroot created during 'aurch --setup'.

EXAMPLES
		Create a directory to setup chroot in:		mkdir ~/aurbuilds
		Move into directory:				cd ~/aurbuilds
		Set up chroot:					aurch --setup		 
		Build an AUR package in the chroot:		aurch -B <aur-package>
		Git clone package				aurch -G <aur-package>
		Build (Compile) AUR pkg on existing PKGBUILD	aurch -C <aur-package>
		List chroot AUR repo updates available:		aurch -Lu
		List chroot AUR sync database contents:		aurch -Lc
		List host AUR sync database contents:		aurch -Lh
		Manually import a pgp key in chroot:		aurch --pgp <short or long key id>
		Manually remove unneeded packages in chroot:	aurch --clean

VARIABLES
		AURREPO </path/to/host/directory>
		AURREPO Default: /tmp/aurch

		To copy built AUR packages to host, set:
		AURREPO="/path/to/host/local-pacman-repo"

Screenshot: aurch --setup https://cody-learner.github.io/aurch-setup.html
Screenshot: aurch -B bauerbill https://cody-learner.github.io/aurch-building-bauerbill.html


NEWS/UPDATE INFO:


UPDATE For Feb 11, 2022
Change curl commands to reflect AUR RPC interface update/changes.
Add removal of /var/tmp/aurch/orig-pkgs.log ("${tmph}"/orig-pkgs.log) in chroot so 'orig package list' reflects edits/changes made to .#orig-pkgs.log in base dir.
Add if statement to check build dir/s for .git dir. This allows adding misc dir's (ie: 'testing' toolchain pkgs) under buildusers home.

UPDATE For Jan 21, 2022
Disable 'set -e'.
Testing in virtual hw system revealed failure to build pkg that was not present on test system.

UPDATE For Jan 06, 2022
Implemented 'set -e' in script.
Added code line 162 to enable proper 'set -e'.
Added '-a' opt to systemd-nspawn commands.
Replaced cat with sort in subshell for comm command.
Added 'else' to if statement in upd_aur_db function.

UPDATE For Dec 14, 2021
Added operations:

aurch -Syu     System update in chroot
aurch -Luh     List updates available in host for installed AUR packages
aurch --login  Login to chroot system to perform maintenance

Added check to avoid multiple re-downloading pgp keys.
Added AUR file inspection before building using PAGER with interactive y/n option in script.
Replaced some for loops with while loops when working with files.
Added code to remove operation in chroot to assure all possible conditions are handled.
Began implementation of 'aur build --results' file to replace grepped output for conditional processing.
Added missing aur database entry for rebuilt, overwritten, same version packages.
Removed install workaround in host for missing database entry using pacman -u.

UPDATE For Dec 10, 2021
The predominant focus this time around was implementing some additional flexibility to allow aurch to be usable for more than my personal setup and preferences. Implemented virtual hardware testing as a start towards this objective.
Split the system setup and building packages into separate scripts. To many additional smaller changes to go over here. Future road map includes implementing a built in inspection step of downloaded AUR data and running a check for existing PGP keys to eliminate needless re-downloading.

UPDATE For Nov 29, 2021
Added pacutils as a dependency.
Added ability when overwriting existing packages in host to handle multiple entries from split packages.
Rewrote check_updates function to reduce and simplify code.
Added/changed the following operations/options:

Remove operation:

aurch -Rc	Performs the following on chroot:
			Removes package from local AUR repo, /build.
			Removes build dir /home/builduser/<package>.
			Removes <package> entry in AUR database.

aurch -Rh	Performs the following on host:
			Removes package from local AUR repo, AURREPO.
			Removes <package> (pacman -Rns) if installed.
			Removes <package> entry in AUR database.

Build operation option:

aurch -Bi	[i][install] package in host after build.

List operation options:

aurch -Luq	[q][quiet] lists available aur updates for chroot [packages only].
aurch -Lcq	[q][quiet] lists chroot aur sync database [packages only].
aurch -Lhq	[q][quiet] lists host aur sync database [packages only].

UPDATE For Nov 27, 2021
Rewrote 'here document' usage to extend systemd-nspawn functionality, rather than inserting multiple small scripts into chroot.
Added code and printed comments relating to rebuilding and reinstalling same version of packages.
Reworked 'setup_chroot' function to eliminated the evil 'eval' command.
Integrated /var/tmp directory usage in chroot and added file extensions to ease it's cleanup.

UPDATE For Nov 24, 2021
Added '-L --listup' operation, to lists updates.
The new function runs on the packages in the chroot AUR repo.
It compares local vs remote git HEAD and lists mismatching packages.

UPDATE For Nov 21, 2021
Added function to add packages to hosts AUR repo database.

UPDATE For Nov 20, 2021
Fixed for proper split package handling.

UPDATE For Nov 14, 2021
Rewrote aurch to no longer require AUR dependencies. No AUR helper required on host.
Creates a chroot with aurutils set up, including a local pacman AUR repo, inside the chroot.
Added ability to git clone and build package independently to ease customization.
AUR packages are retained in the chroot for dependency usage.

NEWS FOR Oct 31, 2021
Initial release of the aurch script.
The script is in the testing phase.