ci: add deepin & archlinux build CI

[calsys456]

This may work as intended.

Summary by Sourcery

Add CI workflows to build ddm on Arch Linux and Deepin containers and publish build artifacts.

CI:

• Introduce an Arch Linux GitHub Actions workflow that builds ddm in an Arch container and uploads packaged build artifacts.
• Introduce a Deepin crimson GitHub Actions workflow that installs build dependencies, builds ddm Debian packages, and uploads them as artifacts.

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: calsys456

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[deepin-ci-robot]

Hi @calsys456. Thanks for your PR.

I'm waiting for a linuxdeepin member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[sourcery-ai]

Reviewer's Guide

Adds two new GitHub Actions workflows to build and package ddm on Arch Linux and Deepin Crimson, including building treeland-protocols from source and uploading build artifacts.

File-Level Changes

Change	Details	Files
Add Arch Linux container workflow to build, stage-install, and package ddm artifacts.	Define Arch Linux container job running on ubuntu-latest with archlinux:latest container image Initialize pacman keyring and fully update system packages in the container Install base build and runtime dependencies via pacman, including treeland-protocols and build tools Clone treeland-protocols from GitHub and build/install it from source using CMake and Ninja with /usr prefix Configure and build ddm via CMake/Ninja with Release type and strict compiler warnings (-Wall -Wextra -Werror) Install ddm into a temporary staging directory via DESTDIR Generate PACKAGE_INFO.txt with build metadata and file list, then zip the staged install tree Upload the generated Arch Linux zip artifact with a 30-day retention using actions/upload-artifact@v4	.github/workflows/ddm-archlinux-build.yml
Add Deepin Crimson container workflow to build ddm .deb packages and upload them as artifacts.	Define Deepin-based container job using linuxdeepin/deepin:crimson image on ubuntu-latest runner Override apt sources.list to use deepin crimson repositories and clean sources.list.d Install devscripts, equivs, and git needed for building Debian packages Clone treeland-protocols, generate and install its build-deps, build it as Debian packages, and install the resulting .deb files Install ddm build dependencies from debian/control via mk-build-deps Run dpkg-checkbuilddeps and, on failure, print unmet dependencies and per-package apt-cache policy diagnostics Build ddm Debian binary package with dpkg-buildpackage and list artifacts Collect generated .deb files into dist/ and upload them as artifacts with actions/upload-artifact@v4	.github/workflows/ddm-deepin-build.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 5 issues, and left some high level feedback:

• In the Arch Linux workflow you both install treeland-protocols via pacman and then build/install it from source; consider using only the source build (or only the package) to avoid redundant work and potential conflicts.
• The Arch Linux job runs pacman -Syu multiple times (initial update, then in base deps, then again just to install zip); you can significantly speed up and stabilize the job by doing a single full upgrade and then using pacman -S --needed for additional packages.
• In the Arch Linux CMake invocation you pass -DCMAKE_CXX_FLAGS='${CMAKE_CXX_FLAGS} -Wall -Wextra -Werror', but the single quotes prevent any expansion and ${CMAKE_CXX_FLAGS} is a CMake variable, not a shell one; prefer something like -DCMAKE_CXX_FLAGS="-Wall -Wextra -Werror" or set these flags directly in the CMakeLists instead.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In the Arch Linux workflow you both install `treeland-protocols` via `pacman` and then build/install it from source; consider using only the source build (or only the package) to avoid redundant work and potential conflicts.
- The Arch Linux job runs `pacman -Syu` multiple times (initial update, then in base deps, then again just to install `zip`); you can significantly speed up and stabilize the job by doing a single full upgrade and then using `pacman -S --needed` for additional packages.
- In the Arch Linux CMake invocation you pass `-DCMAKE_CXX_FLAGS='${CMAKE_CXX_FLAGS} -Wall -Wextra -Werror'`, but the single quotes prevent any expansion and `${CMAKE_CXX_FLAGS}` is a CMake variable, not a shell one; prefer something like `-DCMAKE_CXX_FLAGS="-Wall -Wextra -Werror"` or set these flags directly in the CMakeLists instead.

## Individual Comments

### Comment 1
<location> `.github/workflows/ddm-archlinux-build.yml:44-48` </location>
<code_context>
+        with:
+          fetch-depth: 0
+
+      - name: Configure and Build ddm with ci preset
+        run: |
+          echo "Working directory:" $PWD
+          echo "Configuring ddm..."
+          cmake -B build -G Ninja \
+            -DCMAKE_INSTALL_PREFIX=/usr \
+            -DCMAKE_BUILD_TYPE=Release \
</code_context>

<issue_to_address>
**issue (bug_risk):** CMAKE_CXX_FLAGS is not expanded due to single-quoted string and will be passed literally to CMake.

Because the value is single-quoted:

```yaml
-DCMAKE_CXX_FLAGS='${CMAKE_CXX_FLAGS} -Wall -Wextra -Werror'
```
`${CMAKE_CXX_FLAGS}` will not be expanded by the shell and will be passed to CMake literally. If you intend to append to the environment variable, use double quotes instead:

```yaml
-DCMAKE_CXX_FLAGS="${CMAKE_CXX_FLAGS} -Wall -Wextra -Werror"
```
Or set the full flag string directly if you don’t need the existing value.
</issue_to_address>

### Comment 2
<location> `.github/workflows/ddm-archlinux-build.yml:16-20` </location>
<code_context>
+    runs-on: ubuntu-latest
+    container: archlinux:latest
+    steps:
+      - name: Run in container
+        run: |
+          cat /etc/pacman.d/mirrorlist
+          pacman-key --init
+          pacman --noconfirm --noprogressbar -Syu
+
+      - name: Install base dependencies
</code_context>

<issue_to_address>
**suggestion (performance):** You are running a full pacman -Syu twice, which adds unnecessary time and risk in CI.

The first step runs `pacman --noconfirm --noprogressbar -Syu`, and the `Install base dependencies` step also runs `pacman -Syu --noconfirm --noprogressbar ...`, causing a second full upgrade that slows CI and can introduce breaking changes mid-job.

You can usually drop the initial `-Syu` and rely on the one in the dependency install step, or change the first command to `pacman -Sy` if you only need to refresh package databases.

```suggestion
      - name: Run in container
        run: |
          cat /etc/pacman.d/mirrorlist
          pacman-key --init
```
</issue_to_address>

### Comment 3
<location> `.github/workflows/ddm-archlinux-build.yml:70-71` </location>
<code_context>
+          find /tmp/ddm-install -type f | head -20
+          echo "Total files installed: $(find /tmp/ddm-install -type f | wc -l)"
+
+      - name: Create ddm installation package
+        run: |
+          cd /tmp/ddm-install
+
+          # Install zip if not available
+          pacman -Syu --noconfirm zip
+
+          # Create package info
</code_context>

<issue_to_address>
**suggestion (performance):** Re-running pacman -Syu just to install zip is overkill; consider installing zip alongside the other base dependencies.

This command performs a second full system upgrade mid-workflow. To avoid unnecessary work and keep the environment consistent, install `zip` with the earlier base dependencies, or if you only need the package here, use `pacman -S --noconfirm zip` instead.

```suggestion
          # Install zip if not available
          pacman -S --noconfirm zip
```
</issue_to_address>

### Comment 4
<location> `.github/workflows/ddm-deepin-build.yml:45-38` </location>
<code_context>
+      - name: Build ddm deb package
</code_context>

<issue_to_address>
**suggestion (bug_risk):** The workflow continues to dpkg-buildpackage even when dpkg-checkbuilddeps reports unmet dependencies.

Here you capture `dpkg-checkbuilddeps`’s return code and print diagnostics, but always continue to `dpkg-buildpackage`. When build-deps are missing, the build will likely fail later with a less clear error. After printing the analysis, explicitly exit (e.g. `exit 1`) when `BUILDDEPS_RC != 0` so the job fails at the dependency-check step.

Suggested implementation:

```
      - name: Build ddm deb package
        run: |
          set -euxo pipefail

          # Check build dependencies and diagnose missing packages
          set +e
          dpkg-checkbuilddeps 2> /tmp/ddm-builddeps.err
          BUILDDEPS_RC=$?
          set -e

          if [ "$BUILDDEPS_RC" -ne 0 ]; then
            # If build dependencies are missing, fail the job after printing diagnostics

```

Inside the `if [ "$BUILDDEPS_RC" -ne 0 ]; then` block (after whatever logic prints/analyses `/tmp/ddm-builddeps.err` and before the corresponding `fi`), add a line:

```bash
            exit 1
```

This will cause the workflow to fail immediately at the dependency-check step, instead of proceeding to `dpkg-buildpackage` with missing build-deps.
</issue_to_address>

### Comment 5
<location> `.github/workflows/ddm-deepin-build.yml:62-63` </location>
<code_context>
+            # Extract and list each missing package with version requirements
+            echo ""
+            echo "Detailed missing packages analysis:"
+            grep -oP '(?<=Unmet build dependencies: ).*' /tmp/ddm-builddeps.err | tr ' ' '\n' | while read pkg; do
+              if [ -n "$pkg" ]; then
+                # Check if package exists in repos
+                apt-cache policy "$pkg" 2>/dev/null | head -20 || echo "Package '$pkg' not found in any repository"
</code_context>

<issue_to_address>
**issue:** The parsing of dpkg-checkbuilddeps output splits on spaces and will mangle package names with version constraints.

Splitting the error line on spaces means versioned deps are broken into invalid tokens (e.g. `libfoo-dev (>= 1.2), libbar-dev` becomes `libfoo-dev`, `(>=`, `1.2),`, `libbar-dev`), and `apt-cache policy` is run on the fragments, producing misleading output.

Consider splitting on commas, then stripping version constraints and whitespace before calling `apt-cache`, e.g.:

```bash
deps=$(grep -oP '(?<=Unmet build dependencies: ).*' /tmp/ddm-builddeps.err)
printf '%s
' "$deps" | tr ',' '\n' | while read pkg; do
  pkg="$(echo "$pkg" | sed 's/(.*)//' | xargs)"
  [ -n "$pkg" ] || continue
  apt-cache policy "$pkg" 2>/dev/null | head -20 || \
    echo "Package '$pkg' not found in any repository"
done
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}