AUR Sources
Publish source-based AUR packages that build from source via cargo
Anodizer can generate and publish source-based AUR packages that build your project from source using cargo build. This is separate from the AUR binary packages which distribute pre-built binaries.
Classification
| Group | Required (default) | Rollback | Token scope |
|---|---|---|---|
| Submitter | false | none | AUR_SSH_KEY write |
See Release resilience for the full classification table and the Submitter gate semantics.
The required: field
Default: false — an AUR Sources submission failure is logged but does not fail the release.
Set required: true to make the release exit non-zero if this publisher fails:
aur_sources:
- git_url: "ssh://aur@aur.archlinux.org/myapp.git"
required: true
Warning: AUR Sources is a submitter publisher — it force-pushes to the upstream Arch User Repository via SSH. The AUR does not perform moderation, but the package is not "approved" by any external gate; the push itself is the final act. Despite this, the publisher is classified as Submitter because it modifies a shared namespace on an external service with no programmatic rollback path.
Setting
required: truehas no meaningful effect in the common case because the failure mode it guards against (SSH push rejection) happens at push time — the same moment the publisher either succeeds or fails. However, anodizer still emits a config-validation warning to match the consistent submitter policy:<location>: publisher 'aur_source' is a submitter (external moderation queue); `required: true` has no meaningful effect — the submitter gate evaluates at push time, not at approval time.See Publish overview — the
required:field for the full submitter-publisher semantics.
Minimal config
aur_sources:
- git_url: "ssh://aur@aur.archlinux.org/myapp.git"Full config reference
aur_sources:
- name: myapp # optional; package name (default: crate name)
ids: [] # optional; filter by build IDs
description: "A fast CLI tool" # optional
homepage: "https://example.com" # optional
license: MIT # optional; default MIT
maintainers: [] # optional
contributors: [] # optional
provides: [] # optional; defaults to ["{name}"]
conflicts: [] # optional; defaults to ["{name}-bin"]
depends: [] # optional; runtime deps
optdepends: [] # optional
makedepends: ["rust", "cargo"] # optional; build deps
backup: [] # optional; files to back up on upgrade
rel: "1" # optional; package release number
prepare: "" # optional; custom prepare() body
build: "" # optional; defaults to "cargo build --release --locked"
package: "" # optional; custom package() body
install: "" # optional; .install file content
url_template: "" # optional; source archive URL (template)
git_url: "ssh://aur@aur.archlinux.org/myapp.git" # optional; AUR repo URL
git_ssh_command: "" # optional; custom GIT_SSH_COMMAND
private_key: "" # optional; SSH private key path
directory: "" # optional; subdirectory in the git repo
skip_upload: false # optional; "auto" skips prereleases
commit_author:
name: "Bot"
email: "bot@example.com"
commit_msg_template: "" # optional
arches: [] # optional; architecture filter
disable: false # optionalAuthentication
| Config field | Env var | Description |
|---|---|---|
private_key | — | Path to SSH private key file |
git_ssh_command | — | Override the full SSH invocation |
| — | AUR_SSH_KEY | SSH key content (used via private_key: "{{ Env.AUR_SSH_KEY }}") |
Common gotchas
- No
git_url: ifgit_urlis omitted, files are written todist/but not pushed. Useful for local inspection before submitting to AUR. - Version string hyphens: AUR
pkgverdoes not allow hyphens. Anodizer replaces hyphens with underscores. - Default architectures:
x86_64andaarch64are generated by default. Override witharchesif needed.
AUR source config fields
| Field | Type | Default | Description |
|---|---|---|---|
name | string | crate name | Package name (alias: package_name) |
ids | list | none | Filter by build IDs |
description | string | crate name | Package description |
homepage | string | "" | Project homepage URL |
license | string | MIT | License identifier |
maintainers | list | [] | Package maintainers |
contributors | list | [] | Package contributors |
provides | list | [{name}] | Packages this provides |
conflicts | list | ["{name}-bin"] | Conflicting packages |
depends | list | [] | Runtime dependencies |
optdepends | list | [] | Optional dependencies |
makedepends | list | ["rust", "cargo"] | Build dependencies |
backup | list | [] | Files to back up on upgrade |
rel | string | 1 | Package release number |
prepare | string | none | Custom prepare() function body |
build | string | cargo build --release --locked | Custom build() function body |
package | string | auto-generated | Custom package() function body |
install | string | none | Content for a .install file (post-install/pre-remove scripts). When set, the PKGBUILD emits install=<name>.install and the file is written alongside it. |
url_template | string | auto-derived from git URL | Source archive download URL (template) |
git_url | string | none | AUR git repository URL (for pushing) |
git_ssh_command | string | none | Custom GIT_SSH_COMMAND |
private_key | string | none | SSH private key path |
directory | string | repo root | Subdirectory in the git repo |
skip_upload | string/bool | none | Skip git push ("auto" skips for prereleases) |
commit_author | object | none | Git commit author (name, email) |
commit_msg_template | string | none | Custom commit message (template) |
arches | list | none | Architecture filter |
disable | string/bool | none | Disable this config |
Behavior
- Generates PKGBUILD and .SRCINFO files for source-based installation
- Default source URL points to the GitHub release source archive
- Version dashes are replaced with underscores for PKGBUILD compatibility
- Architectures are hardcoded to
x86_64andaarch64 - When
git_urlis set, clones the AUR repo, commits the generated files, and pushes
Full example
aur_sources:
- name: myapp
description: "A fast CLI tool"
homepage: "https://example.com/myapp"
license: Apache-2.0
maintainers:
- "Alice <alice@example.com>"
depends:
- openssl
makedepends:
- rust
- cargo
git_url: "ssh://aur@aur.archlinux.org/myapp.git"
commit_author:
name: "Bot"
email: "bot@example.com"