update aur packages workflow

.github/workflows/release.yaml

@@ -27,6 +27,8 @@ jobs:
   build-linux:
     needs:
       - create-release
+    outputs:
+      deb_sha256_amd64: ${{ steps.calculate-sha256.outputs.deb_sha256_amd64 }}
     runs-on:
       - self-hosted
       - Linux
@@ -82,6 +84,15 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           args: "--bundles deb,rpm"
+      - name: Calculate DEB SHA256
+        id: calculate-sha256
+        if: matrix.deb_arch == 'amd64'
+        run: |
+          DEB_FILE="src-tauri/target/release/bundle/deb/defguard-client_${{ env.VERSION }}_${{ matrix.deb_arch }}.deb"
+          DEB_SHA256=$(sha256sum "$DEB_FILE" | cut -d ' ' -f1)
+          echo "DEB SHA256: $DEB_SHA256"
+          echo "DEB_SHA256=$DEB_SHA256" >> ${GITHUB_ENV}
+          echo "deb_sha256_${{ matrix.deb_arch }}=$DEB_SHA256" >> ${GITHUB_OUTPUT}
       - name: Upload RPM
         uses: actions/upload-release-asset@v1
         env:
@@ -184,6 +195,72 @@ jobs:
           asset_name: dg-linux-${{ matrix.binary_arch }}-${{ github.ref_name }}.rpm
           asset_content_type: application/octet-stream
 
+  update-aur:
+    needs:
+      - create-release
+      - build-linux
+    runs-on:
+      - self-hosted
+      - Linux
+      - ${{ matrix.architecture }}
+    container: archlinux:latest
+    strategy:
+      fail-fast: false
+      matrix:
+        architecture: [X64]
+        include:
+          - architecture: X64
+            deb_arch: amd64
+            binary_arch: x86_64
+    steps:
+      - name: Install dependencies
+        run: |
+          pacman -Syu --noconfirm
+          pacman -S --noconfirm git openssh base-devel
+      - name: Create non-root user
+        run: |
+          useradd -m -G wheel -s /bin/bash builduser
+          echo 'builduser ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+      - name: Setup SSH
+        uses: webfactory/[email protected]
+        with:
+          ssh-private-key: ${{ secrets.AUR_SSH_KEY }}
+      - name: Checkout AUR repository
+        run: |
+          mkdir -p ~/.ssh
+          ssh-keyscan -H aur.archlinux.org >> ~/.ssh/known_hosts
+          chmod 644 ~/.ssh/known_hosts
+          export GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new"
+          rm -rf aur-repo
+          git clone ssh://[email protected]/defguard-client.git aur-repo
+          chown -R builduser:builduser aur-repo
+      - name: Update PKGBUILD version
+        run: |
+          cd aur-repo
+          VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1)
+
+          echo "Updating to version: $VERSION"
+          sed -i "s/^pkgver=.*/pkgver=$VERSION/" PKGBUILD
+
+          AMD64_SHA="${{ needs.build-linux.outputs.deb_sha256_amd64 }}"
+
+          echo "AMD64 DEB SHA256: $AMD64_SHA"
+          sed -i "s/^sha256sums_x86_64=.*/sha256sums_x86_64=('$AMD64_SHA')/" PKGBUILD
+      - name: Update .SRCINFO
+        run: |
+          cd aur-repo
+          sudo -u builduser makepkg --printsrcinfo > .SRCINFO
+      - name: Commit and push changes
+        run: |
+          cd aur-repo
+          chown -R builduser:builduser .
+          sudo -u builduser git config user.name "Defguard Build System"
+          sudo -u builduser git config user.email "[email protected]"
+          sudo -u builduser git add PKGBUILD .SRCINFO
+          sudo -u builduser git commit -m "Updated to $VERSION"
+          sudo -u builduser git push
+          cat PKGBUILD
+          cat .SRCINFO
   build-macos:
     needs:
       - create-release