name: Build Arch Package

on:
  push:
    branches: [ main, master ]
  pull_request:
    branches: [ main, master ]

jobs:
  build-package:
    runs-on: ubuntu-latest
    container:
      image: archlinux:latest
    
    steps:
    - name: Checkout Repository
      uses: actions/checkout@v4
    
    - name: Setup Build Environment
      run: |
        # System aktualisieren
        pacman -Syu --noconfirm
        
        # Build-Tools installieren
        pacman -S --noconfirm base-devel git namcap pacman-contrib sudo
        
        # Build-User erstellen (makepkg darf nicht als root laufen)
        useradd -m -G wheel builder
        echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
        
        # Ownership für builder setzen
        chown -R builder:builder .
    
    - name: Validate PKGBUILD
      run: |
        sudo -u builder namcap PKGBUILD
    
    - name: Build Package
      run: |
        sudo -u builder makepkg -s --noconfirm --needed
    
    - name: Test Built Package
      run: |
        sudo -u builder namcap *.pkg.tar.zst
    
    - name: Upload Package Artifacts
      uses: actions/upload-artifact@v4
      with:
        name: arch-packages
        path: '*.pkg.tar.zst'
        retention-days: 30
    
    - name: Deploy to Repository
      if: github.ref == 'refs/heads/main'
      run: |
        # Packages zum Repository Server kopieren
        scp *.pkg.tar.zst user@your-server:/srv/repository/
        
        # Repository-Datenbank aktualisieren
        ssh user@your-server "cd /srv/repository && repo-add custom.db.tar.xz *.pkg.tar.zst"