Lets the workflow set, e.g., public-read on the uploaded object so the
HTTPS URL is actually downloadable without further configuration. Empty
default means no ACL is sent — required for modern AWS buckets with
Object Ownership = "Bucket owner enforced" that reject any ACL.
Validates the value against the AWS canned-ACL list at config time so
typos fail before the upload runs. Wires the input through action.yml,
config, and the orchestrator; adds a unit test that the ACL is forwarded
to PutObjectInput when set and omitted when empty.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
After a successful S3 upload, log the HTTPS URL so the workflow run
output shows where the artefact was published. Uses the regional
virtual-hosted form for AWS S3 and path-style for custom endpoints,
matching how NewClient configures the client.
The URL is what the object would be served at if the bucket allows
public reads — the orchestrator does not assert anything about the
bucket's access policy.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
go mod tidy promotes golang.org/x/mod from indirect to a direct
require now that internal/wails imports it. Also removes the
testdata/sample/go.sum that go get accidentally generated inside
the fixture.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replaces the handwritten bytesBuf/eof workaround with the canonical
bytes.NewReader + io.EOF, and adds behavioural tests for the Dir, Env,
and Stdin branches of Real.Run that the original plan didn't cover.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Leon Mika