name: Publish to AUR

   on:
     push:
       tags:
         - 'v*'
     workflow_dispatch:
       inputs:
         tag:
           description: 'Tag (v开头)'
           required: false
           type: string

   jobs:
     aur:
       runs-on: ubuntu-latest
       container:
         image: archlinux:latest
       steps:
         - name: Install dependencies
           run: |
             # 只需要 git, openssh, base-devel, sudo，不再需要 aurpublish
             pacman -Sy --noconfirm git openssh base-devel sudo
             useradd -m builder
             echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

         - name: Set up SSH for AUR
           run: |
             mkdir -p /home/builder/.ssh
             echo "${{ secrets.AUR_SSH_PRIVATE_KEY }}" > /home/builder/.ssh/id_ed25519
             chmod 600 /home/builder/.ssh/id_ed25519
             chmod 700 /home/builder/.ssh
             ssh-keyscan -t ed25519 aur.archlinux.org >> /home/builder/.ssh/known_hosts || true
             chmod 644 /home/builder/.ssh/known_hosts
             chown -R builder:builder /home/builder/.ssh

         - name: Clone AUR repo
           run: |
             sudo -u builder bash <<EOF
               export GIT_SSH_COMMAND="ssh -i /home/builder/.ssh/id_ed25519 -o UserKnownHostsFile=/home/builder/.ssh/known_hosts -o StrictHostKeyChecking=no"
               git clone ssh://aur@aur.archlinux.org/soon.git /home/builder/aur-push
             EOF

         - name: Set git user
           run: |
             sudo -u builder git config --global user.name "github-actions[bot]"
             sudo -u builder git config --global user.email "github-actions[bot]@users.noreply.github.com"
             sudo -u builder git config --global --add safe.directory /home/builder/aur-push

         - name: Update PKGBUILD and Push
           run: |
             if [ "${{ github.event_name }}" = "workflow_dispatch" ] && [ -n "${{ github.event.inputs.tag }}" ]; then
               TAG="${{ github.event.inputs.tag }}"
             else
               TAG="${GITHUB_REF##*/}"
             fi
             VERSION="${TAG#v}"
             echo "Updating to version: $VERSION"

             sudo -u builder bash <<EOF
               cd /home/builder/aur-push
               export GIT_SSH_COMMAND="ssh -i /home/builder/.ssh/id_ed25519 -o UserKnownHostsFile=/home/builder/.ssh/known_hosts -o StrictHostKeyChecking=no"

               # 修改版本号
               sed -i "s/^pkgver=.*/pkgver=${VERSION}/" PKGBUILD

               # 生成 .SRCINFO
               makepkg --printsrcinfo > .SRCINFO

               git add PKGBUILD .SRCINFO

               if ! git diff --cached --quiet; then
                 git commit -m "release: $VERSION"
                 # 直接 git push，简单粗暴有效
                 git push origin master
               else
                 echo "No changes to commit"
               fi
             EOF