Adopt shared actions for release packaging

[leynos]

Summary

• replace the goreleaser-based release workflow with the shared rust-build-release and linux-packages actions, enriching the generated nfpm manifest and publishing packages via softprops/action-gh-release
• add build scripts and static man pages so the client and daemon stage documentation for packaging
• refresh the packaging documentation and cucumber expectations to describe the shared-actions-driven release pipeline

Testing

• make fmt
• make lint
• make test
• make nixie

---

https://chatgpt.com/codex/tasks/task_e_68d952556b888322813fde83e70b4217

Summary by Sourcery

Adopt shared composite GitHub Actions for cross‐platform release packaging: replace the GoReleaser workflow with rust-build-release and linux-packages actions in a build matrix, stage static man pages via build scripts, publish packages with softprops/action-gh-release, and update documentation and tests to reflect the new pipeline.

New Features:

• Add build scripts and static man pages staging for comand and daemon

Enhancements:

• Replace GoReleaser workflow with shared rust-build-release and linux-packages actions
• Introduce GitHub Actions matrix to build and package both comenq and comenqd on x86_64 and aarch64
• Publish deb and rpm artefacts via softprops/action-gh-release

Documentation:

• Refresh automated packaging documentation and design docs to describe the shared-actions release pipeline

Tests:

• Update workflow detection logic and Cucumber scenarios to assert use of shared release actions

[sourcery-ai]

Reviewer's Guide

This PR replaces the GoReleaser-based release workflow with a matrix-driven GitHub Actions pipeline that leverages shared composite actions for building and packaging, updates test detection logic, refreshes documentation to describe the new process, and adds build scripts and static man pages to stage documentation into packages.

Sequence diagram for the new release packaging pipeline

sequenceDiagram
  participant GitHubActions
  participant RustBuildRelease
  participant LinuxPackages
  participant SoftpropsGHRelease

  GitHubActions->>RustBuildRelease: Build binaries (comenq, comenqd)
  RustBuildRelease->>RustBuildRelease: Stage static man pages
  RustBuildRelease->>LinuxPackages: Generate nfpm manifest & package
  LinuxPackages->>GitHubActions: Return .deb/.rpm packages
  GitHubActions->>SoftpropsGHRelease: Upload packages
  SoftpropsGHRelease->>GitHubActions: Create draft GitHub Release

Loading

Class diagram for new build.rs scripts in client and daemon crates

classDiagram
  class BuildScriptComenq {
    +main()
    -copy_man_page() std::io::Result<()>
  }
  class BuildScriptComenqd {
    +main()
    -copy_man_page() std::io::Result<()>
  }
  BuildScriptComenq : main() calls copy_man_page()
  BuildScriptComenqd : main() calls copy_man_page()

Loading

File-Level Changes

Change	Details	Files
Replace GoReleaser workflow with matrix-driven shared actions	Introduce build-packages job with binary/target matrix Set RELEASE_VERSION, clean dist, and invoke shared rust-build-release action Upload .deb/.rpm artifacts and nfpm manifest Publish draft GitHub Release via softprops/action-gh-release	.github/workflows/release.yml
Update workflow detection logic and tests for shared actions	Rename uses_goreleaser to uses_shared_release_actions Adjust YAML parsing to detect both builder and publisher actions Update exports, step implementations, and feature assertions Expand tests to cover missing builder and missing publisher cases	test-support/src/workflow.rs test-support/src/lib.rs tests/steps/release_steps.rs tests/features/release.feature
Refresh documentation to describe shared-actions-driven pipeline	Rewrite automated-cross-platform-packaging guide for composite actions Update design doc section on packaging and release workflow Retain original GoReleaser plan for historical context	docs/automated-cross-platform-packaging.md docs/comenq-design.md
Add build scripts and static man pages for packaging stage	Add build.rs in client and daemon crates to stage man pages Introduce static man page files under packaging/man	crates/comenq/build.rs crates/comenqd/build.rs packaging/man/comenq.1 packaging/man/comenqd.1

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Summary by CodeRabbit

• New Features

  • Debian and RPM packages for x86_64 and ARM64 Linux for both the client (comenq) and daemon (comenqd).
  • Installable manual pages for comenq(1) and comenqd(8).

• Documentation

  • Updated packaging and release guides to reflect the new cross‑platform workflow.

• Chores

  • Revamped release pipeline using shared actions; builds, packages, and uploads artefacts to draft releases.

• Tests

  • Updated workflow detection and feature tests to match the new release process.

Walkthrough

Replace GoReleaser with a matrix-based Linux packaging workflow using shared actions and nfpm. Add build scripts to stage man pages for comenq and comenqd. Add man pages. Update docs to reflect the new release process. Rename test helpers and steps to detect the shared release actions.

Changes

Cohort / File(s)	Summary
Release workflow overhaul .github/workflows/release.yml	Replace GoReleaser with a matrix job building comenq/comenqd for x86_64 and aarch64 Linux; derive RELEASE_VERSION from the ref, build via leynos/shared-actions/rust-build-release, generate nfpm manifests, package deb/rpm, upload per-matrix artefacts, and create a draft GitHub Release attaching built packages.
Docs: packaging and design docs/automated-cross-platform-packaging.md, docs/comenq-design.md	Rewrite to document the shared-actions-based release flow, nfpm packaging, matrix targets, man-page staging, and draft release publication; retain GoReleaser as historical context.
Rust build scripts for man pages crates/comenq/build.rs, crates/comenqd/build.rs	Add build.rs to copy respective *.1 man pages from packaging/man into OUT_DIR and emit cargo:rerun-if-changed.
Manual pages packaging/man/comenq.1, packaging/man/comenqd.1	Add man pages documenting the client and daemon commands, defaults, files and usage.
Test support API change test-support/src/lib.rs, test-support/src/workflow.rs	Rename uses_goreleaser → uses_shared_release_actions; change detection to require both the Rust builder and the release publisher actions; update exported symbol and tests.
BDD tests update tests/features/release.feature, tests/steps/release_steps.rs	Update scenario names, step text and assertions to use the new shared-release-actions helper and phrasing.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant GH as GitHub Actions
  participant Builder as rust-build-release
  participant NFPM as nfpm
  participant GHRel as action-gh-release

  Dev->>GH: Push tag (vX.Y.Z)
  activate GH
  GH->>GH: build-packages (matrix: {bin, arch, target})
  rect rgba(200,230,255,0.3)
    note right of GH: Prepare RELEASE_VERSION, clean dist
    GH->>Builder: Setup toolchain & build --release
    Builder-->>GH: Binaries per matrix
    GH->>GH: Generate nfpm.yaml (bin-specific)
    GH->>NFPM: Package .deb and .rpm
    NFPM-->>GH: Artefacts (${bin}-${arch})
    GH->>GH: Upload artefacts
  end
  GH->>GH: release (needs: build-packages)
  GH->>GH: Download artefacts
  GH->>GHRel: Create draft release, attach packages
  deactivate GH

Loading

sequenceDiagram
  autonumber
  participant Cargo as cargo build
  participant Script as build.rs
  participant FS as Filesystem

  Cargo->>Script: Run build script
  Script->>FS: Resolve CARGO_MANIFEST_DIR and OUT_DIR
  Script->>FS: Copy packaging/man/<bin>.1 -> OUT_DIR/<bin>.1
  Script->>Cargo: Emit cargo:rerun-if-changed=<path>
  Script-->>Cargo: Exit (success or panic on error)

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• Automate release with GoReleaser #28 — Alter release workflow detection and add initial goreleaser-aware tests; strongly related because this change replaces that detection with shared-release-actions logic.

Poem

New tags ring out, the matrix spins,
Two bins, two arches, neatly twins.
Man pages ride the build’s embrace,
NFPM wraps each tidy case.
Tests now ask the actions shared — a draft release, precisely prepared. 🛠️📦

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title “Adopt shared actions for release packaging” succinctly and accurately describes the core change of replacing the GoReleaser workflow with shared composite actions for package building and publishing.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.
Description Check	✅ Passed	The pull request description clearly outlines the replacement of the GoReleaser-based release workflow with shared composite actions, the addition of build scripts and static man pages, and the refresh of related documentation and tests, matching the changes in the diff summaries.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/update-release-workflow-and-documentation

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sourcery-ai]

Hey there - I've reviewed your changes and they look great!

Blocking issues:

• An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. (link)

Prompt for AI Agents

Please address the comments from this code review:

## Individual Comments

### Comment 1
<location> `crates/comenq/build.rs:13` </location>
<code_context>
+    let manifest_dir = PathBuf::from(env::var("CARGO_MANIFEST_DIR").expect("CARGO_MANIFEST_DIR"));
+    let source = manifest_dir.join("../../packaging/man/comenq.1");
+    let out_dir = PathBuf::from(env::var("OUT_DIR").expect("OUT_DIR"));
+    fs::create_dir_all(&out_dir)?;
+    let dest = out_dir.join("comenq.1");
+    fs::copy(&source, &dest)?;
</code_context>

<issue_to_address>
**nitpick:** Creating the output directory may be redundant as OUT_DIR should already exist.

Since Cargo ensures OUT_DIR exists, you can remove create_dir_all unless you need to create additional subdirectories.
</issue_to_address>

### Comment 2
<location> `crates/comenq/build.rs:1` </location>
<code_context>
+use std::{env, fs, path::PathBuf};
+
+fn main() {
</code_context>

<issue_to_address>
**issue (review_instructions):** Missing //! module-level comment at the top of the file.

Please add a //! comment at the top of this module to describe its purpose, as required by the review instructions.

<details>
<summary>Review instructions:</summary>

**Path patterns:** `**/*.rs`

**Instructions:**
Every module must begin with a //! comment.

</details>
</issue_to_address>

### Comment 3
<location> `crates/comenqd/build.rs:1` </location>
<code_context>
+use std::{env, fs, path::PathBuf};
+
+fn main() {
</code_context>

<issue_to_address>
**issue (review_instructions):** Missing //! module-level comment at the top of the file.

Please add a //! comment at the top of this module to describe its purpose, as required by the review instructions.

<details>
<summary>Review instructions:</summary>

**Path patterns:** `**/*.rs`

**Instructions:**
Every module must begin with a //! comment.

</details>
</issue_to_address>

### Comment 4
<location> `.github/workflows/release.yml:158` </location>
<code_context>
        uses: softprops/action-gh-release@v2
</code_context>

<issue_to_address>
**security (yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha):** An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

*Source: opengrep*
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting

• @codex fix this CI failure
• @codex address that feedback

[leynos]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Another round soon, please!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting

• @codex fix this CI failure
• @codex address that feedback

[leynos]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[leynos]

@sourcery-ai review

[sourcery-ai]

Hey there - I've reviewed your changes and they look great!

Prompt for AI Agents

Please address the comments from this code review:

## Individual Comments

### Comment 1
<location> `test-support/src/workflow.rs:50-52` </location>
<code_context>
-    use super::uses_goreleaser;
+    use super::uses_shared_release_actions;
+
+    #[test]
+    #[expect(clippy::expect_used, reason = "simplify test output")]
+    fn detects_shared_actions() {
+        let yaml = r"
+        jobs:
</code_context>

<issue_to_address>
**suggestion (testing):** Consider adding tests for malformed or incomplete YAML inputs.

Tests currently only cover valid cases and missing actions. Including cases with malformed YAML or missing keys (such as 'jobs', 'steps', or non-array steps) will help verify error handling and prevent silent failures.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}