Mudup installer , update documentation and workflows

.actrc

@@ -0,0 +1,10 @@
+--container-architecture linux/amd64
+-P ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
+--pull=false
+--action-offline-mode
+--container-options
+--privileged
+--container-options
+--security-opt=seccomp=unconfined
+--container-options
+--security-opt=apparmor=unconfined

.github/actions/rust-nightly-setup/action.yml

@@ -0,0 +1,56 @@
+name: Rust Nightly Setup
+
+description: Install Linux prerequisites and setup Rust nightly toolchain for local and GitHub runners
+
+inputs:
+  rust_target:
+    description: Rust target triple to add
+    required: false
+    default: ""
+
+runs:
+  using: composite
+  steps:
+    - name: Installing Prerequisites (Linux)
+      shell: bash
+      run: |
+        if command -v sudo >/dev/null 2>&1; then
+          sudo apt-get update -y
+          sudo apt-get install -y python3 pip build-essential curl liburing-dev clang libclang-dev llvm-dev
+        else
+          apt-get update -y
+          apt-get install -y python3 pip build-essential curl liburing-dev clang libclang-dev llvm-dev
+        fi
+
+    - name: Install rustup
+      shell: bash
+      run: |
+        if ! command -v rustup >/dev/null 2>&1; then
+          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile minimal --default-toolchain nightly
+        fi
+        echo "$HOME/.cargo/bin" >> "$GITHUB_PATH"
+
+    - name: Install Rust Nightly
+      shell: bash
+      run: |
+        if ! rustup toolchain list | grep -q '^nightly'; then
+          rustup toolchain install nightly --profile minimal
+        fi
+        rustup default nightly
+
+    - name: Install rustfmt
+      shell: bash
+      run: |
+        rustup component add rustfmt --toolchain nightly
+        HOST_TRIPLE="$(rustc -vV | sed -n 's/^host: //p')"
+        if [ -n "$HOST_TRIPLE" ]; then
+          rustup component add rustfmt --toolchain "nightly-${HOST_TRIPLE}"
+        fi
+
+    - name: Add Rust target
+      if: ${{ inputs.rust_target != '' }}
+      shell: bash
+      run: |
+        if ! rustup target list --installed --toolchain nightly | grep -q "^${{ inputs.rust_target }}$"; then
+          rustup target add "${{ inputs.rust_target }}"
+        fi

.github/run-actions-locally.md

@@ -1,3 +1,209 @@
-## Run your GitHub Actions locally
+## Run GitHub Actions locally with `act`
 
-https://nektosact.com/introduction.html
+Reference: https://nektosact.com/introduction.html
+
+## Prerequisites
+
+- Docker is installed and running.
+- `act` is installed and available in `PATH`.
+- Linux is required for full `io_uring` coverage.
+- This repo includes a default `.actrc` for the local build workflow.
+
+### Install act
+
+```bash
+curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/nektos/act/master/install.sh | bash -s -- -b $HOME/.local/bin
+```
+
+### Install docker
+
+Reference: https://docs.docker.com/engine/install
+
+
+### Check your environment
+
+```bash
+docker --version
+act --version
+```
+
+## `io_uring` setup
+
+Local `io_uring` tests depend on both the host kernel and the Docker runtime used by `act`.
+
+- Linux kernel should support `io_uring` (recommended `>= 5.10`).
+- `io_uring` must not be disabled by kernel policy.
+- `act` must create the job container with `--privileged`, `seccomp=unconfined`, and `apparmor=unconfined`.
+- Your user must be able to access Docker normally; rootless/restricted Docker setups may still block `io_uring` inside `act`.
+
+Quick host check:
+
+```bash
+uname -r
+cat /proc/sys/kernel/io_uring_disabled
+docker info
+```
+
+Known-good `.actrc`:
+
+```text
+--container-architecture linux/amd64
+-P ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
+--pull=false
+--action-offline-mode
+--privileged
+--container-options
+--security-opt=seccomp=unconfined
+--container-options
+--security-opt=apparmor=unconfined
+```
+
+## Why this exists
+
+We hit a local `act` failure where the host supported `io_uring`, but the `act` job container did not actually start with the required Docker security settings.
+
+Observed error:
+
+```text
+io_uring_queue_init_params error -1
+```
+
+What we confirmed:
+
+- Host kernel supported `io_uring`.
+- `/proc/sys/kernel/io_uring_disabled` was `0`.
+- Docker itself was healthy and reachable.
+- The failing `act` job container had `Privileged=false`.
+- The failing `act` job container only had `apparmor=unconfined`, not `seccomp=unconfined`.
+
+Root cause:
+
+- A stale reused `act` container had been created before the Docker security options were corrected.
+- Because reuse preserves the old container configuration, later `act` runs kept using the wrong runtime settings.
+
+## Verify the `act` container
+
+Inspect the running job container:
+
+```bash
+docker inspect <container_id> --format '{{.HostConfig.Privileged}}'
+docker inspect <container_id> --format '{{json .HostConfig.SecurityOpt}}'
+```
+
+Expected:
+
+- `true`
+- security options including both `seccomp=unconfined` and `apparmor=unconfined`
+
+If you change `.actrc` container security settings, remove the old `act` container before rerunning:
+
+```bash
+docker ps
+docker rm -f <old_act_container_id>
+```
+
+## Common commands
+
+First run or refresh image:
+
+```bash
+act -W .github/workflows/build.yaml -j build --pull=true
+```
+
+Normal run:
+
+```bash
+act -W .github/workflows/build.yaml -j build
+```
+
+Verbose run:
+
+```bash
+act -W .github/workflows/build.yaml -j build -v
+```
+
+Reuse only after the security settings are known-good:
+
+```bash
+act -W .github/workflows/build.yaml -j build --reuse
+```
+
+Run the release workflow locally with a GitHub token:
+
+```bash
+act workflow_dispatch \
+  -W .github/workflows/build-release.yml \
+  -j build-release \
+  -s GITHUB_TOKEN=ghp_xxx
+```
+
+The release workflow uses `softprops/action-gh-release` to create or update a GitHub
+Release. On GitHub Actions, `GITHUB_TOKEN` is provided automatically. When running under
+`act`, secrets are not available unless passed with `-s` or `--secret-file`, so the
+workflow skips the publish step unless a token is provided. Without this guard, the
+release step fails with:
+
+```text
+Parameter token or opts.auth is required
+```
+
+Use a token only when you intentionally want the local run to publish or update a real
+GitHub release. For local build and packaging checks, omit `GITHUB_TOKEN`; the workflow
+will still build and verify release artifacts.
+
+### Keep release artifacts in the local checkout
+
+By default, `act` may run the job in a copied container workspace. Files generated by the
+workflow, including release tarballs, can remain inside the job container instead of
+appearing in this repo checkout.
+
+Use `--bind` when you want generated files to be written back to the local workspace:
+
+```bash
+act workflow_dispatch \
+  -W .github/workflows/build-release.yml \
+  -j build-release \
+  --bind
+```
+
+With `--bind`, the release workflow writes the package and checksum to:
+
+```text
+target/release-artifacts/<version>/<version>/bin/
+target/release-artifacts/<version>/<version>/lib/
+target/release-artifacts/<version>/<version>/lib/lib-list.txt
+target/release-artifacts/<version>/<version>/manifest.txt
+target/release-artifacts/<version>/mududb-<version>-x86_64-unknown-linux-gnu.tar.gz
+target/release-artifacts/<version>/mududb-<version>-x86_64-unknown-linux-gnu.tar.gz.sha256
+target/release-artifacts/<version>/CHANGELOG_RELEASE.md
+```
+
+The tarball stores the payload under a top-level `<version>/` directory. Binaries are in
+`<version>/bin/`, `lib/lib-list.txt` is copied from `build-release/lib-list.txt`, and
+`manifest.txt` records the packaged files. When the `act` job runs as root with `--bind`,
+the workflow resets the generated
+`target/release-artifacts/<version>` directory ownership to the local checkout owner and
+group so generated files are not left as `root:root`. It also mirrors owner permissions
+to group and other users for generated artifact files and directories.
+
+## Workflow inputs
+
+Enable `cargo clean`:
+
+```bash
+act workflow_dispatch -W .github/workflows/build.yaml -j build --input clean_cargo=true
+```
+
+Run release tests:
+
+```bash
+act workflow_dispatch -W .github/workflows/build.yaml -j build --input release_test=true
+```
+
+## Optional local Rust caches
+
+```bash
+export CARGO_HOME="$HOME/.cargo"
+export RUSTUP_HOME="$HOME/.rustup"
+act -W .github/workflows/build.yaml -j build
+```