aether/vociferate
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 7 Wiki Activity

Compare commits

base: aether:41918cd5dedd50edbabdd0bb07bc988c8b8ad701
Branches Tags
aether:main
aether:v1.2.0 aether:v1.1.0 aether:v1.0.2 aether:v1.0.1 aether:v1.0.0 aether:v0.2.0 aether:v0.1.0
...
compare: aether:995e397bff18045f1709ee6d6a6591d1112add85
Branches Tags
aether:main
aether:v1.2.0 aether:v1.1.0 aether:v1.0.2 aether:v1.0.1 aether:v1.0.0 aether:v0.2.0 aether:v0.1.0

2 Commits
41918cd5de ... 995e397bff

Author SHA1 Message Date
Micheal Wilkinson
995e397bff docs: update upx fallback note
All checks were successful
Push Validation / coverage-badge (push) Successful in 1m24s
Details
Push Validation / recommend-release (push) Successful in 28s
Details
2026-03-21 23:12:30 +00:00
Micheal Wilkinson
8bf7184479 chore(workflows): install upx via ghaction-upx 2026-03-21 23:12:30 +00:00
3 changed files with 19 additions and 73 deletions
Expand all files Collapse all files

45
.gitea/workflows/release.yml
View File

@@ -39,13 +39,10 @@ jobs:
cache: true cache: true
cache-dependency-path: go.sum cache-dependency-path: go.sum
- name: Install release build tools - name: Install UPX
run: | uses: crazy-max/ghaction-upx@v3
set -euo pipefail with:
apt-get update install-only: true
if ! apt-get install -y upx-ucl && ! apt-get install -y upx; then
echo "UPX package install failed; release binaries will be uploaded uncompressed." >&2
fi
- name: Validate formatting - name: Validate formatting
run: test -z "$(gofmt -l .)" run: test -z "$(gofmt -l .)"
@@ -251,49 +248,25 @@ jobs:
set -euo pipefail set -euo pipefail
upx_cmd="" upx_cmd=""
upx_runner=""
if command -v upx >/dev/null 2>&1; then if command -v upx >/dev/null 2>&1; then
upx_cmd=upx upx_cmd=upx
elif command -v upx-ucl >/dev/null 2>&1; then elif command -v upx-ucl >/dev/null 2>&1; then
upx_cmd=upx-ucl upx_cmd=upx-ucl
elif command -v docker >/dev/null 2>&1; then
upx_runner=docker
elif command -v podman >/dev/null 2>&1; then
upx_runner=podman
else else
echo "UPX is not available on PATH and no container runtime is available; continuing without binary compression." >&2 echo "UPX is not available on PATH after install step; continuing without binary compression." >&2
fi fi
mkdir -p dist mkdir -p dist
compress_with_upx() {
local file="$1"
if [[ -n "${upx_cmd}" ]]; then
"${upx_cmd}" --best --lzma "${file}"
return
fi
if [[ "${upx_runner}" == "docker" ]]; then
docker run --rm -v "$PWD/dist:/work" ghcr.io/upx/upx:4.2.4 --best --lzma "/work/$(basename "${file}")"
return
fi
if [[ "${upx_runner}" == "podman" ]]; then
podman run --rm -v "$PWD/dist:/work:Z" ghcr.io/upx/upx:4.2.4 --best --lzma "/work/$(basename "${file}")"
return
fi
return 0
}
for target in linux/amd64 linux/arm64; do for target in linux/amd64 linux/arm64; do
os="${target%/*}" os="${target%/*}"
arch="${target#*/}" arch="${target#*/}"
bin="vociferate_${RELEASE_VERSION}_${os}_${arch}" bin="vociferate_${RELEASE_VERSION}_${os}_${arch}"
GOOS="$os" GOARCH="$arch" go build -trimpath -ldflags="-s -w" -o "dist/${bin}" ./cmd/vociferate GOOS="$os" GOARCH="$arch" go build -trimpath -ldflags="-s -w" -o "dist/${bin}" ./cmd/vociferate
compress_with_upx "dist/${bin}" if [[ -n "${upx_cmd}" ]]; then
"${upx_cmd}" --best --lzma "dist/${bin}"
fi
done done
( (
@@ -373,7 +346,7 @@ jobs:
echo "- Tag: ${TAG_NAME}" echo "- Tag: ${TAG_NAME}"
echo "- Release notes sourced from changelog entry ${RELEASE_VERSION}." echo "- Release notes sourced from changelog entry ${RELEASE_VERSION}."
echo "- Published assets: vociferate_${RELEASE_VERSION}_linux_amd64, vociferate_${RELEASE_VERSION}_linux_arm64, checksums.txt" echo "- Published assets: vociferate_${RELEASE_VERSION}_linux_amd64, vociferate_${RELEASE_VERSION}_linux_arm64, checksums.txt"
echo "- Release binaries use local UPX when available, otherwise containerized UPX (Docker/Podman), otherwise uncompressed upload." echo "- Release binaries are compressed with UPX from crazy-max/ghaction-upx@v3 when available, otherwise uploaded uncompressed."
} >> "$SUMMARY_FILE" } >> "$SUMMARY_FILE"
else else
{ {

45
.gitea/workflows/update-release.yml
View File

@@ -122,13 +122,10 @@ jobs:
cache: true cache: true
cache-dependency-path: go.sum cache-dependency-path: go.sum
- name: Install release build tools - name: Install UPX
run: | uses: crazy-max/ghaction-upx@v3
set -euo pipefail with:
apt-get update install-only: true
if ! apt-get install -y upx-ucl && ! apt-get install -y upx; then
echo "UPX package install failed; release binaries will be uploaded uncompressed." >&2
fi
- name: Preflight release API access - name: Preflight release API access
env: env:
@@ -173,49 +170,25 @@ jobs:
set -euo pipefail set -euo pipefail
upx_cmd="" upx_cmd=""
upx_runner=""
if command -v upx >/dev/null 2>&1; then if command -v upx >/dev/null 2>&1; then
upx_cmd=upx upx_cmd=upx
elif command -v upx-ucl >/dev/null 2>&1; then elif command -v upx-ucl >/dev/null 2>&1; then
upx_cmd=upx-ucl upx_cmd=upx-ucl
elif command -v docker >/dev/null 2>&1; then
upx_runner=docker
elif command -v podman >/dev/null 2>&1; then
upx_runner=podman
else else
echo "UPX is not available on PATH and no container runtime is available; continuing without binary compression." >&2 echo "UPX is not available on PATH after install step; continuing without binary compression." >&2
fi fi
mkdir -p dist mkdir -p dist
compress_with_upx() {
local file="$1"
if [[ -n "${upx_cmd}" ]]; then
"${upx_cmd}" --best --lzma "${file}"
return
fi
if [[ "${upx_runner}" == "docker" ]]; then
docker run --rm -v "$PWD/dist:/work" ghcr.io/upx/upx:4.2.4 --best --lzma "/work/$(basename "${file}")"
return
fi
if [[ "${upx_runner}" == "podman" ]]; then
podman run --rm -v "$PWD/dist:/work:Z" ghcr.io/upx/upx:4.2.4 --best --lzma "/work/$(basename "${file}")"
return
fi
return 0
}
for target in linux/amd64 linux/arm64; do for target in linux/amd64 linux/arm64; do
os="${target%/*}" os="${target%/*}"
arch="${target#*/}" arch="${target#*/}"
bin="vociferate_${RELEASE_VERSION}_${os}_${arch}" bin="vociferate_${RELEASE_VERSION}_${os}_${arch}"
GOOS="$os" GOARCH="$arch" go build -trimpath -ldflags="-s -w" -o "dist/${bin}" ./cmd/vociferate GOOS="$os" GOARCH="$arch" go build -trimpath -ldflags="-s -w" -o "dist/${bin}" ./cmd/vociferate
compress_with_upx "dist/${bin}" if [[ -n "${upx_cmd}" ]]; then
"${upx_cmd}" --best --lzma "dist/${bin}"
fi
done done
( (
@@ -295,7 +268,7 @@ jobs:
echo "- Tag: ${TAG_NAME}" echo "- Tag: ${TAG_NAME}"
echo "- Release notes sourced from changelog entry ${RELEASE_VERSION}." echo "- Release notes sourced from changelog entry ${RELEASE_VERSION}."
echo "- Published assets: vociferate_${RELEASE_VERSION}_linux_amd64, vociferate_${RELEASE_VERSION}_linux_arm64, checksums.txt" echo "- Published assets: vociferate_${RELEASE_VERSION}_linux_amd64, vociferate_${RELEASE_VERSION}_linux_arm64, checksums.txt"
echo "- Release binaries use local UPX when available, otherwise containerized UPX (Docker/Podman), otherwise uncompressed upload." echo "- Release binaries are compressed with UPX from crazy-max/ghaction-upx@v3 when available, otherwise uploaded uncompressed."
} >> "$SUMMARY_FILE" } >> "$SUMMARY_FILE"
else else
{ {

2
CHANGELOG.md
View File

@@ -24,7 +24,7 @@ A `### Breaking` section is used in addition to Keep a Changelog's standard sect
### Fixed ### Fixed
- Hardened `coverage-gate` file input handling by validating and normalizing policy/profile paths before opening files, resolving `G304` findings in `coverage-gate/parse.go`. - Hardened `coverage-gate` file input handling by validating and normalizing policy/profile paths before opening files, resolving `G304` findings in `coverage-gate/parse.go`.
- Made release binary builds resilient by using local `upx` when available, then containerized UPX via Docker/Podman, with final fallback to uncompressed artifacts in both `release.yml` and `update-release.yml`. - Made release binary builds resilient by installing UPX via `crazy-max/ghaction-upx@v3` and falling back to uncompressed artifacts when UPX is still unavailable in both `release.yml` and `update-release.yml`.
## [1.1.0] - 2026-03-21 ## [1.1.0] - 2026-03-21