Bump leynos/shared-actions from c2b856998a4438bfdaa71c90cde1b03044e5d260 to c366af3e25f7cfb318dccfe58a92d6df5dffdf17

[dependabot]

Bumps leynos/shared-actions from c2b856998a4438bfdaa71c90cde1b03044e5d260 to c366af3e25f7cfb318dccfe58a92d6df5dffdf17.

Changelog

Sourced from leynos/shared-actions's changelog.

Design: A Modernized, Declarative Rust Build and Release Pipeline

1. System Goals

This document outlines a unified, modern design for a reusable Rust build and release pipeline, intended for implementation within the shared-actions repository and consumption by projects such as netsuke. The system's primary goal is to replace the previous architecture, which relied on imperative Python scripts, with a declarative, tool-centric workflow.

2. High-Level Architecture: Configuration as Code

The new architecture embraces the principle of "Configuration as Code". The responsibility for how to build and package software is delegated to specialized tools, while the developer's intent—what to build—is captured in declarative configuration files.

This pipeline is composed of three core, best-in-class tools:

1. cross: A zero-setup cross-compilation tool for Rust. It transparently manages containerized build environments (via Docker or Podman) to provide the correct C toolchains, linkers, and system libraries for any given target triple.
2. clap_mangen: A utility for generating UNIX manual pages directly from a clap-based CLI definition. It is integrated into the build process via a build.rs script to ensure documentation is always synchronized with the application's interface.
3. GoReleaser: A powerful, multi-format release automation tool. It reads a single .goreleaser.yaml file to create archives (.tar.gz), Linux packages (.deb, .rpm), and other formats, as well as checksums and GitHub Releases.

Any necessary "glue" logic will be implemented in self-contained Python scripts that use uv and PEP 723 to manage their dependencies, removing the need for actions/setup-python in consuming workflows.

The workflow proceeds in two distinct stages:

1. Build Stage: A parallelized matrix job that uses cross to compile the Rust binary and its associated man page for each target platform. The resulting artifacts are uploaded for the next stage.
2. Release Stage: A single job that downloads all build artifacts, then orchestrates GoReleaser to package them into archives and distribution formats before creating a GitHub Release.

3. Detailed Component Design for Implementers

3.1 Build Stage: Cross-Compilation and Man Page Generation

The build stage is responsible for producing compiled binaries and

... (truncated)

Commits

• c366af3 Improve MSI version parsing (#192)
• 6cf7069 Refactor GitHub release check retries to use tenacity (#188)
• 2e2aeab Refactor MSI license processing helpers (#191)
• 65d7b1d Add Windows installer packaging step to rust-toy-app workflow (#187)
• 9025f0f chore: bump polythene dependency (#190)
• 6296599 Remove macOS package upload step (#186)
• 125cace Export clone_packaging_project from packaging utils (#189)
• 115653a Harden polythene store selection (#180)
• b068c5b Ensure packaging tests use isolated project copies (#178)
• a6246ca Inline ProcessTimedOut initialization (#165)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dependabot]

A newer version of leynos/shared-actions exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.