From 6a48121a93b21a463c53750e2c3a917f9e4f79f5 Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:19:00 +0545
Subject: [PATCH 1/8] cross

---
 .github/workflows/release.yaml | 88 +++++++++++++++++++++++-----------
 1 file changed, 60 insertions(+), 28 deletions(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 255e00a..30b9e6f 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -1,12 +1,17 @@
 name: soar-dl release
-
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true
+  
 on:
   push:
     tags:
       - "v*.*.*"
 permissions:
+  attestations: write
   contents: write
-
+  id-token: write
+  
 jobs:
   generate-changelog:
     name: Generate changelog
@@ -33,14 +38,22 @@ jobs:
       fail-fast: false
       matrix:
         build:
-          - {
-              NAME: x86_64-linux,
-              TARGET: x86_64-unknown-linux-musl,
-            }
           - {
               NAME: aarch64-linux,
               TARGET: aarch64-unknown-linux-musl,
             }
+          - {
+              NAME: loongarch64-linux,
+              TARGET: loongarch64-unknown-linux-musl
+            }
+          - {
+              NAME: riscv64-linux,
+              TARGET: riscv64gc-unknown-linux-musl
+            }
+          - {
+              NAME: x86_64-linux,
+              TARGET: x86_64-unknown-linux-musl,
+            }
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -52,41 +65,52 @@ jobs:
       - name: Install dependencies
         shell: bash
         run: |
-          sudo apt-get update
-          sudo apt-get install -y --no-install-recommends \
-            --allow-unauthenticated musl-tools b3sum
+          sudo apt update -y
+          sudo apt install b3sum findutils file -y
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable
         with:
           targets: ${{ matrix.build.TARGET }}
 
-      - name: Install cross-compilation tools
-        uses: taiki-e/setup-cross-toolchain-action@v1
-        with:
-          target: ${{ matrix.build.TARGET }}
+      - name: Install Cross
+        shell: bash
+        run: |
+          cargo install cross --git "https://github.com/cross-rs/cross" --jobs="$(($(nproc)+1))"
+          hash -r &>/dev/null
+          command -v cross &>/dev/null || { echo "cross command not found" >&2; exit 1; }
 
       - name: Build
-        run: cargo build -F binary --release --locked --target ${{ matrix.build.TARGET }}
+        env:
+          RUSTFLAGS: "-C target-feature=+crt-static \
+                      -C default-linker-libraries=yes \
+                      -C link-self-contained=yes \
+                      -C opt-level=3 \
+                      -C debuginfo=none \
+                      -C strip=symbols \
+                      -C link-arg=-Wl,-S \
+                      -C link-arg=-Wl,--build-id=none \
+                      -C link-arg=-Wl,--discard-all \
+                      -C link-arg=-Wl,--strip-all"
+        run: cross +nightly build --features "binary" --release --locked --target "${{ matrix.build.TARGET }}" --jobs="$(($(nproc)+1))" --verbose
 
       - name: Prepare release assets
+        env:
+          ARTIFACT: "release/soar-dl-${{ matrix.build.NAME }}"
+          ARCHIVE: "soar-dl-${{ matrix.build.NAME }}.tar.gz"
         shell: bash
         run: |
           mkdir -p release
-          cp {LICENSE,README.md,CHANGELOG.md} release/
-          cp "target/${{ matrix.build.TARGET }}/release/soar-dl" release/
-
-      - name: Create release artifacts
-        shell: bash
-        run: |
-            cp release/soar-dl soar-dl-${{ matrix.build.NAME }}
-            b3sum soar-dl-${{ matrix.build.NAME }} \
-              > soar-dl-${{ matrix.build.NAME }}.b3sum
-            tar -czvf soar-dl-${{ matrix.build.NAME }}.tar.gz \
-              release/
-            b3sum soar-dl-${{ matrix.build.NAME }}.tar.gz \
-              > soar-dl-${{ matrix.build.NAME }}.tar.gz.b3sum
-
+          cp {LICENSE,README.md} release/
+          cp "target/${{ matrix.build.TARGET }}/release/soar-dl" "${ARTIFACT}"
+          b3sum "${ARTIFACT}" > "${ARTIFACT}.b3sum"
+          cp "${ARTIFACT}" .
+          cp "${ARTIFACT}.b3sum" .
+          tar -czvf "${ARCHIVE}" release/
+          b3sum "${ARCHIVE}" > "${ARCHIVE}.b3sum"
+          bash -c 'realpath "${ARTIFACT}" ; realpath "${ARCHIVE}"' | xargs -I "{}" bash -c \
+           'printf "\nFile: $(basename {})\n  Type: $(file -b {})\n  B3sum: $(b3sum {} | cut -d" " -f1)\n  SHA256sum: $(sha256sum {} | cut -d" " -f1)\n  Size: $(du -bh {} | cut -f1)\n"'
+           
       - name: Publish to GitHub
         if: ${{ !contains(github.ref, '-') }}
         uses: svenstaro/upload-release-action@v2
@@ -110,3 +134,11 @@ jobs:
           tag: ${{ github.ref }}
           release_name: "Pre-release v${{ env.RELEASE_VERSION }}"
           prerelease: true
+
+      - name: Attest Build Provenance
+        uses: actions/attest-build-provenance@v2.4.0
+        with:
+          subject-name: "soar-dl-v${{ env.RELEASE_VERSION }}-${{ matrix.build.NAME }}"
+          subject-path: |
+            soar-dl-${{ matrix.build.NAME }}*
+          show-summary: true

From 219643e4c2e2b8a710feecf164541e85d733494e Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:19:38 +0545
Subject: [PATCH 2/8] dispatch

---
 .github/workflows/release.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 30b9e6f..398eb12 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -4,6 +4,7 @@ concurrency:
   cancel-in-progress: true
   
 on:
+  workflow_dispatch:
   push:
     tags:
       - "v*.*.*"

From 53a049c364346224bf9576a33841bafed7822d45 Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:26:48 +0545
Subject: [PATCH 3/8] Update release.yaml

---
 .github/workflows/release.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 398eb12..f74e2c6 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -4,10 +4,11 @@ concurrency:
   cancel-in-progress: true
   
 on:
-  workflow_dispatch:
   push:
     tags:
       - "v*.*.*"
+  workflow_dispatch:
+      
 permissions:
   attestations: write
   contents: write

From 99ddf2278c20045fdfee13a6d198d0f72d30ceee Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:32:09 +0545
Subject: [PATCH 4/8] Update nightly.yaml

---
 .github/workflows/nightly.yaml | 75 ++++++++++++++++++++++++++--------
 1 file changed, 58 insertions(+), 17 deletions(-)

diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index 8bb30c8..0ca7a7a 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -7,7 +7,9 @@ on:
   workflow_dispatch:  
 
 permissions:
+  attestations: write
   contents: write
+  id-token: write
 
 jobs:
   remove-nightly-tag:
@@ -28,14 +30,22 @@ jobs:
       fail-fast: false
       matrix:
         build:
-          - {
-              NAME: x86_64-linux,
-              TARGET: x86_64-unknown-linux-musl,
-            }
           - {
               NAME: aarch64-linux,
               TARGET: aarch64-unknown-linux-musl,
             }
+          - {
+              NAME: loongarch64-linux,
+              TARGET: loongarch64-unknown-linux-musl
+            }
+          - {
+              NAME: riscv64-linux,
+              TARGET: riscv64gc-unknown-linux-musl
+            }
+          - {
+              NAME: x86_64-linux,
+              TARGET: x86_64-unknown-linux-musl,
+            }
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -49,29 +59,52 @@ jobs:
       - name: Install dependencies
         shell: bash
         run: |
-          sudo apt-get update
-          sudo apt-get install -y --no-install-recommends \
-            --allow-unauthenticated musl-tools b3sum
+          sudo apt update -y
+          sudo apt install b3sum findutils file -y
 
       - name: Install Rust toolchain
         uses: dtolnay/rust-toolchain@stable
         with:
           targets: ${{ matrix.build.TARGET }}
 
-      - name: Install cross-compilation tools
-        uses: taiki-e/setup-cross-toolchain-action@v1
-        with:
-          target: ${{ matrix.build.TARGET }}
+      - name: Install Cross
+        shell: bash
+        run: |
+          cargo install cross --git "https://github.com/cross-rs/cross" --jobs="$(($(nproc)+1))"
+          hash -r &>/dev/null
+          command -v cross &>/dev/null || { echo "cross command not found" >&2; exit 1; }
 
       - name: Build
-        run: SOAR_NIGHTLY=1 cargo build -F binary --release --locked --target ${{ matrix.build.TARGET }}
-
-      - name: Prepare nightly binary
+        env:
+          RUSTFLAGS: "-C target-feature=+crt-static \
+                      -C default-linker-libraries=yes \
+                      -C link-self-contained=yes \
+                      -C opt-level=3 \
+                      -C debuginfo=none \
+                      -C strip=symbols \
+                      -C link-arg=-Wl,-S \
+                      -C link-arg=-Wl,--build-id=none \
+                      -C link-arg=-Wl,--discard-all \
+                      -C link-arg=-Wl,--strip-all"
+          SOAR_NIGHTLY: "1"
+        run: cross +nightly build --features "binary" --release --locked --target "${{ matrix.build.TARGET }}" --jobs="$(($(nproc)+1))" --verbose
+          
+      - name: Prepare release assets
+        env:
+          ARTIFACT: "release/soar-dl-nightly-${{ matrix.build.NAME }}"
+          ARCHIVE: "soar-dl-nightly-${{ matrix.build.NAME }}.tar.gz"
         shell: bash
         run: |
-          mkdir -p nightly
-          cp "target/${{ matrix.build.TARGET }}/release/soar-dl" nightly/soar-dl-nightly-${{ matrix.build.NAME }}
-          b3sum nightly/soar-dl-nightly-${{ matrix.build.NAME }} > nightly/soar-dl-nightly-${{ matrix.build.NAME }}.b3sum
+          mkdir -p release
+          cp {LICENSE,README.md} release/
+          cp "target/${{ matrix.build.TARGET }}/release/soar-dl" "${ARTIFACT}"
+          b3sum "${ARTIFACT}" > "${ARTIFACT}.b3sum"
+          cp "${ARTIFACT}" .
+          cp "${ARTIFACT}.b3sum" .
+          tar -czvf "${ARCHIVE}" release/
+          b3sum "${ARCHIVE}" > "${ARCHIVE}.b3sum"
+          bash -c 'realpath "${ARTIFACT}" ; realpath "${ARCHIVE}"' | xargs -I "{}" bash -c \
+           'printf "\nFile: $(basename {})\n  Type: $(file -b {})\n  B3sum: $(b3sum {} | cut -d" " -f1)\n  SHA256sum: $(sha256sum {} | cut -d" " -f1)\n  Size: $(du -bh {} | cut -f1)\n"'
 
       - name: Upload nightly binary
         uses: softprops/action-gh-release@v2
@@ -84,3 +117,11 @@ jobs:
           draft: false
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Attest Build Provenance
+        uses: actions/attest-build-provenance@v2.4.0
+        with:
+          subject-name: "soar-dl-nightly-${{ matrix.build.NAME }}"
+          subject-path: |
+            soar-dl-nightly-${{ matrix.build.NAME }}*
+          show-summary: true

From 7780a39772743a0479ba3d36fa6b288953d064d3 Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:36:58 +0545
Subject: [PATCH 5/8] fix

---
 .github/workflows/nightly.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index 0ca7a7a..d98b830 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -91,17 +91,17 @@ jobs:
           
       - name: Prepare release assets
         env:
-          ARTIFACT: "release/soar-dl-nightly-${{ matrix.build.NAME }}"
+          ARTIFACT: "nightly/soar-dl-nightly-${{ matrix.build.NAME }}"
           ARCHIVE: "soar-dl-nightly-${{ matrix.build.NAME }}.tar.gz"
         shell: bash
         run: |
-          mkdir -p release
-          cp {LICENSE,README.md} release/
+          mkdir -p nightly
+          cp {LICENSE,README.md} nightly/
           cp "target/${{ matrix.build.TARGET }}/release/soar-dl" "${ARTIFACT}"
           b3sum "${ARTIFACT}" > "${ARTIFACT}.b3sum"
           cp "${ARTIFACT}" .
           cp "${ARTIFACT}.b3sum" .
-          tar -czvf "${ARCHIVE}" release/
+          tar -czvf "${ARCHIVE}" nightly/
           b3sum "${ARCHIVE}" > "${ARCHIVE}.b3sum"
           bash -c 'realpath "${ARTIFACT}" ; realpath "${ARCHIVE}"' | xargs -I "{}" bash -c \
            'printf "\nFile: $(basename {})\n  Type: $(file -b {})\n  B3sum: $(b3sum {} | cut -d" " -f1)\n  SHA256sum: $(sha256sum {} | cut -d" " -f1)\n  Size: $(du -bh {} | cut -f1)\n"'

From 78584efd0c3e114a7189e262fd11c662a834c38f Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:41:41 +0545
Subject: [PATCH 6/8] fix

---
 .github/workflows/nightly.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index d98b830..32f5f27 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -109,7 +109,7 @@ jobs:
       - name: Upload nightly binary
         uses: softprops/action-gh-release@v2
         with:
-          files: nightly/*
+          files: soar-dl-nightly-${{ matrix.build.NAME }}*
           tag_name: nightly
           name: ${{ steps.version.outputs.version }}
           body: "This is an automated nightly build of soar-dl."

From 457153157809e2ac3dce1e5e2c11bd6cc349ef19 Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 13:49:32 +0545
Subject: [PATCH 7/8] fix

---
 .github/workflows/nightly.yaml | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index 32f5f27..91e29b4 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -91,17 +91,17 @@ jobs:
           
       - name: Prepare release assets
         env:
-          ARTIFACT: "nightly/soar-dl-nightly-${{ matrix.build.NAME }}"
-          ARCHIVE: "soar-dl-nightly-${{ matrix.build.NAME }}.tar.gz"
+          ARTIFACT: "release/soar-dl-${{ matrix.build.NAME }}"
+          ARCHIVE: "soar-dl-${{ matrix.build.NAME }}.tar.gz"
         shell: bash
         run: |
-          mkdir -p nightly
-          cp {LICENSE,README.md} nightly/
+          mkdir -p release
+          cp {LICENSE,README.md} release/
           cp "target/${{ matrix.build.TARGET }}/release/soar-dl" "${ARTIFACT}"
           b3sum "${ARTIFACT}" > "${ARTIFACT}.b3sum"
           cp "${ARTIFACT}" .
           cp "${ARTIFACT}.b3sum" .
-          tar -czvf "${ARCHIVE}" nightly/
+          tar -czvf "${ARCHIVE}" release/
           b3sum "${ARCHIVE}" > "${ARCHIVE}.b3sum"
           bash -c 'realpath "${ARTIFACT}" ; realpath "${ARCHIVE}"' | xargs -I "{}" bash -c \
            'printf "\nFile: $(basename {})\n  Type: $(file -b {})\n  B3sum: $(b3sum {} | cut -d" " -f1)\n  SHA256sum: $(sha256sum {} | cut -d" " -f1)\n  Size: $(du -bh {} | cut -f1)\n"'
@@ -109,7 +109,7 @@ jobs:
       - name: Upload nightly binary
         uses: softprops/action-gh-release@v2
         with:
-          files: soar-dl-nightly-${{ matrix.build.NAME }}*
+          files: soar-dl-${{ matrix.build.NAME }}*
           tag_name: nightly
           name: ${{ steps.version.outputs.version }}
           body: "This is an automated nightly build of soar-dl."
@@ -121,7 +121,7 @@ jobs:
       - name: Attest Build Provenance
         uses: actions/attest-build-provenance@v2.4.0
         with:
-          subject-name: "soar-dl-nightly-${{ matrix.build.NAME }}"
+          subject-name: "nightly-soar-dl-${{ matrix.build.NAME }}"
           subject-path: |
-            soar-dl-nightly-${{ matrix.build.NAME }}*
+            soar-dl-${{ matrix.build.NAME }}*
           show-summary: true

From b51ca8d7fe6996d61547fd1764a18fd7db7972ab Mon Sep 17 00:00:00 2001
From: Ajam <AjamX101@gmail.com>
Date: Mon, 23 Jun 2025 14:40:24 +0545
Subject: [PATCH 8/8] fix

---
 .github/workflows/nightly.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index 91e29b4..43e78c3 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -1,5 +1,8 @@
 name: soar-dl nightly
-
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true
+  
 on:
   push:
     branches:
@@ -121,7 +124,7 @@ jobs:
       - name: Attest Build Provenance
         uses: actions/attest-build-provenance@v2.4.0
         with:
-          subject-name: "nightly-soar-dl-${{ matrix.build.NAME }}"
+          subject-name: "soar-dl-nightly-${{ matrix.build.NAME }}"
           subject-path: |
             soar-dl-${{ matrix.build.NAME }}*
           show-summary: true