blob: 08b5be4c74c0673e25ed991afedde2ba85cf4051 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# Maintainer: Pasqual Troncone <pasqualtroncone at gmail dot com>
# Co-Maintainer: AkitaOnRails <boss@akitaonrails.com>
pkgname=ai-jail
pkgver=1.4.0
pkgrel=1
pkgdesc="Sandbox wrapper for AI coding agents"
arch=('x86_64' 'aarch64')
url="https://github.com/akitaonrails/ai-jail"
license=('GPL-3.0-only')
depends=('bubblewrap' 'glibc' 'gcc-libs')
makedepends=('cargo')
optdepends=(
'mise: language version management inside the sandbox'
'docker: Docker socket passthrough for sandboxed agents'
)
# Cargo's release profile strips symbols, so the auto-generated -debug split
# would be empty and would collide with ai-jail-bin-debug if both package
# variants were ever installed on the same machine.
options=('!debug')
conflicts=('ai-jail-bin')
source=("$pkgname-$pkgver.tar.gz::$url/archive/refs/tags/v$pkgver.tar.gz")
sha256sums=('4eb4cffb2ad52bc920f97ee89653722aaf0c3d5cde9e251834a291bb5f19f137')
prepare() {
cd "$pkgname-$pkgver"
export RUSTUP_TOOLCHAIN=stable
cargo fetch --locked --target "$(rustc -vV | sed -n 's/host: //p')"
}
build() {
cd "$pkgname-$pkgver"
export RUSTUP_TOOLCHAIN=stable
export CARGO_TARGET_DIR=target
cargo build --frozen --release
}
check() {
cd "$pkgname-$pkgver"
export RUSTUP_TOOLCHAIN=stable
export HOME="$srcdir/test-home"
mkdir -p "$HOME"
# Keep AUR builds robust across user kernels/containers: run the unit test
# binary, not the sandbox-escape integration tests that require working
# unprivileged namespaces at package-build time.
cargo test --frozen --release --bin ai-jail
}
package() {
cd "$pkgname-$pkgver"
install -Dm0755 -t "$pkgdir/usr/bin/" "target/release/ai-jail"
install -Dm0644 -t "$pkgdir/usr/share/doc/$pkgname/" "README.md"
install -Dm0644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
}
|