Skip to main content

AUR Sources

Publish source-based AUR packages that build from source via cargo

Anodizer can generate and publish source-based AUR packages that build your project from source using cargo build. This is separate from the AUR binary packages which distribute pre-built binaries.

Classification

GroupRequired (default)RollbackToken scope
SubmitterfalsenoneAUR_SSH_KEY write

See Release resilience for the full classification table and the Submitter gate semantics.

The required: field

Default: false — an AUR Sources submission failure is logged but does not fail the release.

Set required: true to make the release exit non-zero if this publisher fails:

aur_sources:
  - git_url: "ssh://aur@aur.archlinux.org/myapp.git"
    required: true

Warning: AUR Sources is a submitter publisher — it force-pushes to the upstream Arch User Repository via SSH. The AUR does not perform moderation, but the package is not "approved" by any external gate; the push itself is the final act. Despite this, the publisher is classified as Submitter because it modifies a shared namespace on an external service with no programmatic rollback path.

Setting required: true has no meaningful effect in the common case because the failure mode it guards against (SSH push rejection) happens at push time — the same moment the publisher either succeeds or fails. However, anodizer still emits a config-validation warning to match the consistent submitter policy:

<location>: publisher 'aur_source' is a submitter (external moderation queue); `required: true` has no meaningful effect — the submitter gate evaluates at push time, not at approval time.

See Publish overview — the required: field for the full submitter-publisher semantics.

Minimal config

aur_sources:
  - git_url: "ssh://aur@aur.archlinux.org/myapp.git"

Full config reference

aur_sources:
  - name: myapp                      # optional; package name (default: crate name)
    ids: []                          # optional; filter by build IDs
    description: "A fast CLI tool"   # optional
    homepage: "https://example.com"  # optional
    license: MIT                     # optional; default MIT
    maintainers: []                  # optional
    contributors: []                 # optional
    provides: []                     # optional; defaults to ["{name}"]
    conflicts: []                    # optional; defaults to ["{name}-bin"]
    depends: []                      # optional; runtime deps
    optdepends: []                   # optional
    makedepends: ["rust", "cargo"]   # optional; build deps
    backup: []                       # optional; files to back up on upgrade
    rel: "1"                         # optional; package release number
    prepare: ""                      # optional; custom prepare() body
    build: ""                        # optional; defaults to "cargo build --release --locked"
    package: ""                      # optional; custom package() body
    install: ""                      # optional; .install file content
    url_template: ""                 # optional; source archive URL (template)
    git_url: "ssh://aur@aur.archlinux.org/myapp.git"  # optional; AUR repo URL
    git_ssh_command: ""              # optional; custom GIT_SSH_COMMAND
    private_key: ""                  # optional; SSH private key path
    directory: ""                    # optional; subdirectory in the git repo
    skip_upload: false               # optional; "auto" skips prereleases
    commit_author:
      name: "Bot"
      email: "bot@example.com"
    commit_msg_template: ""          # optional
    arches: []                       # optional; architecture filter
    disable: false                   # optional

Authentication

Config fieldEnv varDescription
private_keyPath to SSH private key file
git_ssh_commandOverride the full SSH invocation
AUR_SSH_KEYSSH key content (used via private_key: "{{ Env.AUR_SSH_KEY }}")

Common gotchas

  • No git_url: if git_url is omitted, files are written to dist/ but not pushed. Useful for local inspection before submitting to AUR.
  • Version string hyphens: AUR pkgver does not allow hyphens. Anodizer replaces hyphens with underscores.
  • Default architectures: x86_64 and aarch64 are generated by default. Override with arches if needed.

AUR source config fields

FieldTypeDefaultDescription
namestringcrate namePackage name (alias: package_name)
idslistnoneFilter by build IDs
descriptionstringcrate namePackage description
homepagestring""Project homepage URL
licensestringMITLicense identifier
maintainerslist[]Package maintainers
contributorslist[]Package contributors
provideslist[{name}]Packages this provides
conflictslist["{name}-bin"]Conflicting packages
dependslist[]Runtime dependencies
optdependslist[]Optional dependencies
makedependslist["rust", "cargo"]Build dependencies
backuplist[]Files to back up on upgrade
relstring1Package release number
preparestringnoneCustom prepare() function body
buildstringcargo build --release --lockedCustom build() function body
packagestringauto-generatedCustom package() function body
installstringnoneContent for a .install file (post-install/pre-remove scripts). When set, the PKGBUILD emits install=<name>.install and the file is written alongside it.
url_templatestringauto-derived from git URLSource archive download URL (template)
git_urlstringnoneAUR git repository URL (for pushing)
git_ssh_commandstringnoneCustom GIT_SSH_COMMAND
private_keystringnoneSSH private key path
directorystringrepo rootSubdirectory in the git repo
skip_uploadstring/boolnoneSkip git push ("auto" skips for prereleases)
commit_authorobjectnoneGit commit author (name, email)
commit_msg_templatestringnoneCustom commit message (template)
archeslistnoneArchitecture filter
disablestring/boolnoneDisable this config

Behavior

  • Generates PKGBUILD and .SRCINFO files for source-based installation
  • Default source URL points to the GitHub release source archive
  • Version dashes are replaced with underscores for PKGBUILD compatibility
  • Architectures are hardcoded to x86_64 and aarch64
  • When git_url is set, clones the AUR repo, commits the generated files, and pushes

Full example

aur_sources:
  - name: myapp
    description: "A fast CLI tool"
    homepage: "https://example.com/myapp"
    license: Apache-2.0
    maintainers:
      - "Alice <alice@example.com>"
    depends:
      - openssl
    makedepends:
      - rust
      - cargo
    git_url: "ssh://aur@aur.archlinux.org/myapp.git"
    commit_author:
      name: "Bot"
      email: "bot@example.com"