From c06d1c4d1726e447b825b8d1047d503f7cd6854a Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 29 Sep 2025 09:16:02 +0200 Subject: [PATCH] Refactor yay update handling: - Move AUR update task into dev-yay role - Centralize defaults (AUR_HELPER, AUR_BUILDER_USER, etc.) - Remove separate update-yay role (redundant) See conversation with ChatGPT https://chatgpt.com/share/68da3219-6d78-800f-92ad-0a5061bac8be and related work item: https://open.project.infinito.nexus/projects/cymais/work_packages/341/activity --- roles/dev-yay/defaults/main.yml | 4 ++++ roles/dev-yay/tasks/01_core.yml | 33 +++++++++++++++++--------- roles/dev-yay/tasks/main.yml | 2 -- roles/update-compose/tasks/01_core.yml | 19 --------------- roles/update-yay/README.md | 22 ----------------- roles/update-yay/meta/main.yml | 24 ------------------- roles/update-yay/tasks/main.yml | 14 ----------- roles/update-yay/vars/main.yml | 1 - 8 files changed, 26 insertions(+), 93 deletions(-) create mode 100644 roles/dev-yay/defaults/main.yml delete mode 100644 roles/update-yay/README.md delete mode 100644 roles/update-yay/meta/main.yml delete mode 100644 roles/update-yay/tasks/main.yml delete mode 100644 roles/update-yay/vars/main.yml diff --git a/roles/dev-yay/defaults/main.yml b/roles/dev-yay/defaults/main.yml new file mode 100644 index 00000000..f8c282ad --- /dev/null +++ b/roles/dev-yay/defaults/main.yml @@ -0,0 +1,4 @@ +AUR_HELPER: yay +AUR_BUILDER_USER: aur_builder +AUR_BUILDER_GROUP: wheel +AUR_BUILDER_SUDOERS_PATH: /etc/sudoers.d/11-install-aur_builder diff --git a/roles/dev-yay/tasks/01_core.yml b/roles/dev-yay/tasks/01_core.yml index 74475ab3..7e8de6d0 100644 --- a/roles/dev-yay/tasks/01_core.yml +++ b/roles/dev-yay/tasks/01_core.yml @@ -6,42 +6,53 @@ - dev-git - dev-base-devel -- name: install yay +- name: Install yay build prerequisites community.general.pacman: name: - base-devel - patch state: present -- name: Create the `aur_builder` user +- name: Create the AUR builder user become: true ansible.builtin.user: - name: aur_builder + name: "{{ AUR_BUILDER_USER }}" create_home: yes - group: wheel + group: "{{ AUR_BUILDER_GROUP }}" -- name: Allow the `aur_builder` user to run `sudo pacman` without a password +- name: Allow AUR builder to run pacman without password become: true ansible.builtin.lineinfile: - path: /etc/sudoers.d/11-install-aur_builder - line: 'aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman' + path: "{{ AUR_BUILDER_SUDOERS_PATH }}" + line: '{{ AUR_BUILDER_USER }} ALL=(ALL) NOPASSWD: /usr/bin/pacman' create: yes validate: 'visudo -cf %s' - name: Clone yay from AUR become: true - become_user: aur_builder + become_user: "{{ AUR_BUILDER_USER }}" git: repo: https://aur.archlinux.org/yay.git - dest: /home/aur_builder/yay + dest: "/home/{{ AUR_BUILDER_USER }}/yay" clone: yes update: yes - name: Build and install yay become: true - become_user: aur_builder + become_user: "{{ AUR_BUILDER_USER }}" shell: | - cd /home/aur_builder/yay + cd /home/{{ AUR_BUILDER_USER }}/yay makepkg -si --noconfirm args: creates: /usr/bin/yay + +- name: upgrade the system using yay, only act on AUR packages. + become: true + become_user: "{{ AUR_BUILDER_USER }}" + kewlfft.aur.aur: + upgrade: yes + use: "{{ AUR_HELPER }}" + aur_only: yes + when: MODE_UPDATE | bool + +- include_tasks: utils/run_once.yml diff --git a/roles/dev-yay/tasks/main.yml b/roles/dev-yay/tasks/main.yml index e8cf8c7e..98b2ddfc 100644 --- a/roles/dev-yay/tasks/main.yml +++ b/roles/dev-yay/tasks/main.yml @@ -1,5 +1,3 @@ - block: - include_tasks: 01_core.yml - - set_fact: - run_once_dev_yay: true when: run_once_dev_yay is not defined diff --git a/roles/update-compose/tasks/01_core.yml b/roles/update-compose/tasks/01_core.yml index 38de89f8..74983cdc 100644 --- a/roles/update-compose/tasks/01_core.yml +++ b/roles/update-compose/tasks/01_core.yml @@ -13,22 +13,3 @@ include_role: name: update-apt when: ansible_distribution == "Debian" - -- name: "Check if yay is installed" - command: which yay - register: yay_installed - changed_when: false - failed_when: false - -- name: "Update with yay" - include_role: - name: update-yay - when: - - yay_installed.rc == 0 - - run_once_update_yay is not defined - -- name: "Check if pkgmgr command is available" - command: "which pkgmgr" - register: pkgmgr_available - failed_when: false - diff --git a/roles/update-yay/README.md b/roles/update-yay/README.md deleted file mode 100644 index e3bfb9f6..00000000 --- a/roles/update-yay/README.md +++ /dev/null @@ -1,22 +0,0 @@ -# Update yay - -## Description - -This role updates AUR packages on Arch Linux systems using [yay](https://wiki.archlinux.org/title/Yay). It automates the process of upgrading AUR packages, ensuring that your system stays current with the latest software available in the Arch User Repository. - -## Overview - -The role performs the following: -- Checks if the [yay](https://wiki.archlinux.org/title/Yay) AUR helper is installed. -- Upgrades AUR packages using the `kewlfft.aur.aur` module with yay. -- Works exclusively on Arch Linux systems. - -## Purpose - -The primary purpose of this role is to ensure that AUR packages on Arch Linux are updated automatically. This helps maintain system stability and ensures that the latest features and fixes from the AUR are applied. - -## Features - -- **AUR Package Upgrades:** Uses yay to upgrade AUR packages. -- **Conditional Execution:** Only runs if yay is installed on the system. -- **Arch Linux Focused:** Specifically designed for Arch Linux systems. \ No newline at end of file diff --git a/roles/update-yay/meta/main.yml b/roles/update-yay/meta/main.yml deleted file mode 100644 index 0d61a9b8..00000000 --- a/roles/update-yay/meta/main.yml +++ /dev/null @@ -1,24 +0,0 @@ -galaxy_info: - author: "Kevin Veen-Birkenbach" - description: "Updates AUR packages on Arch Linux systems using yay. This role automates the upgrade process for AUR packages, ensuring that the system remains up-to-date with the latest versions available in the Arch User Repository." - license: "Infinito.Nexus NonCommercial License" - license_url: "https://s.infinito.nexus/license" - company: | - Kevin Veen-Birkenbach - Consulting & Coaching Solutions - https://www.veen.world - min_ansible_version: "2.9" - platforms: - - name: Archlinux - versions: - - rolling - galaxy_tags: - - aur - - update - - archlinux - - yay - - system - - maintenance - repository: "https://s.infinito.nexus/code" - issue_tracker_url: "https://s.infinito.nexus/issues" - documentation: "https://docs.infinito.nexus" diff --git a/roles/update-yay/tasks/main.yml b/roles/update-yay/tasks/main.yml deleted file mode 100644 index b7c7f100..00000000 --- a/roles/update-yay/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ -- block: - - name: Include dependency 'dev-yay' - include_role: - name: dev-yay - when: run_once_dev_yay is not defined - - - name: upgrade the system using yay, only act on AUR packages. - become: false - kewlfft.aur.aur: - upgrade: yes - use: yay - aur_only: yes - - include_tasks: utils/run_once.yml - when: run_once_update_yay is not defined diff --git a/roles/update-yay/vars/main.yml b/roles/update-yay/vars/main.yml deleted file mode 100644 index e2d9b3ca..00000000 --- a/roles/update-yay/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -application_id: update-yay