Add toolchain-specific cargo cache key and clean shellstub imports

[leynos]

Summary

• extend the rust-build-release action cache key to include the runner OS and resolved toolchain
• move shellstub's collections.abc and pathlib imports behind a TYPE_CHECKING guard now that annotations are postponed

Testing

• make lint

---

https://chatgpt.com/codex/tasks/task_e_68cbdfd0184c8322b1de62c19f1c0203

Summary by Sourcery

Include runner OS and resolved toolchain in the CI cache key and postpone shellstub imports of collections.abc and pathlib behind a TYPE_CHECKING guard.

Enhancements:

• Move shellstub imports of collections.abc and pathlib behind a TYPE_CHECKING guard to defer runtime imports

CI:

• Extend rust-build-release action cache key to include the runner OS and resolved toolchain

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR improves cache key specificity by incorporating runner OS and resolved Rust toolchain, and cleans up shellstub imports by deferring them behind TYPE_CHECKING now that annotations are postponed.

Class diagram for updated shellstub.py imports

classDiagram
    class shellstub {
        +dataclasses as dc
        +json
        +os
        +typing as typ
        +TYPE_CHECKING: bool
        +if TYPE_CHECKING:
            collections.abc as cabc
            pathlib.Path
    }

Loading

File-Level Changes

Change	Details	Files
Defer shellstub’s collections.abc and pathlib imports to type‐checking time	Removed runtime imports of collections.abc and pathlib Added TYPE_CHECKING guard to import collections.abc and pathlib only during static analysis	shellstub.py
Enhance Rust build-release action cache key with OS and toolchain	Appended runner.os and env.RBR_TOOLCHAIN to shared-key	.github/actions/rust-build-release/action.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Summary by CodeRabbit

• New Features

  • None

• Bug Fixes

  • Docker/Podman discovery timeouts are now treated as unavailable instead of failing, improving reliability of runtime detection.

• Tests

  • Added coverage to validate timeout handling for Docker and Podman discovery.

• Chores

  • Improved cache keying to separate caches by OS and toolchain.
  • Windows workflow now writes environment variables using PowerShell for better compatibility.
  • Minor YAML formatting adjustments in Windows toolchain setup.
  • Optimised Python imports to reduce unnecessary runtime dependencies.

Walkthrough

State the key modifications: add an OS/toolchain-aware shared cache key to the Rust build action, move typing-only imports in Python to TYPE_CHECKING, treat subprocess timeouts as runtime-unavailable in container runtime detection, add tests for those timeouts, and adjust minor YAML formatting and a workflow step to use PowerShell for setting environment variables.

Changes

Cohort / File(s)	Summary of Changes
CI action — rust-build-release .github/actions/rust-build-release/action.yml	Add shared-key: ${{ runner.os }}-toolchain-${{ env.RBR_TOOLCHAIN }} to the Cache cargo step to separate caches by OS and toolchain.
Runtime detection & tests .github/actions/rust-build-release/src/runtime.py, .github/actions/rust-build-release/tests/test_runtime.py	Treat subprocess.TimeoutExpired as a failure during runtime discovery (Docker/Podman), returning False instead of propagating; add tests validating timeout handling for Docker and Podman discovery paths.
Type-check-only imports shellstub.py	Move collections.abc (cabc) and Path imports behind if TYPE_CHECKING, keeping from __future__ import annotations so runtime imports are avoided.
Windows setup action formatting .github/actions/setup-windows-gnu/action.yml	Change install scalar from folded to literal block style and move explanatory text to YAML comments; preserve package list.
Workflow — windows step change .github/workflows/rust-toy-app.yml	Change Windows step to use PowerShell (pwsh) and append environment variables to GITHUB_ENV via Out-File instead of Bash echo.

Sequence Diagram(s)

Provide a high-level view of runtime discovery with timeout handling.

sequenceDiagram
  autonumber
  participant Caller as runtime_available()
  participant RuntimeCmd as run_validated()
  note right of RuntimeCmd #f4f4f4: subprocess invocation
  Caller->>RuntimeCmd: invoke runtime discovery command
  alt command returns success
    RuntimeCmd-->>Caller: stdout (info)
    Caller-->>Caller: parse info -> return True
  else command raises OSError/CalledProcessError
    RuntimeCmd-->>Caller: exception
    Caller-->>Caller: treat as unavailable -> return False
  else command raises TimeoutExpired
    RuntimeCmd-->>Caller: TimeoutExpired
    Caller-->>Caller: treat as unavailable -> return False
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

Caches split by OS and toolchain bright,
Timeouts caught and paused commands turned light.
Imports hide until types take their stage,
Tests nod approval on the new small page.
CI hums along — a tidy, quieter flight.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 77.78% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title concisely and accurately summarises the two main changes in the pull request by highlighting the introduction of a toolchain-specific cache key and the refactoring of shellstub imports, so a reviewer can immediately understand the primary purpose of the update.
Description Check	✅ Passed	The description clearly outlines the key changes—extending the cache key and moving imports behind a TYPE_CHECKING guard—and relates directly to the modified files and testing steps, providing sufficient context for review.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/update-cache-key-in-rust-build-release

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 Ruff (0.12.2)

.github/actions/rust-build-release/src/runtime.py

�[1;31mruff failed�[0m
�[1mCause:�[0m Failed to load configuration /ruff.toml
�[1mCause:�[0m Failed to parse /ruff.toml
�[1mCause:�[0m TOML parse error at line 26, column 3
|
26 | "RSE100", # Use of assert detected
| ^^^^^^^^
Unknown rule selector: RSE100

.github/actions/rust-build-release/tests/test_runtime.py

�[1;31mruff failed�[0m
�[1mCause:�[0m Failed to load configuration /ruff.toml
�[1mCause:�[0m Failed to parse /ruff.toml
�[1mCause:�[0m TOML parse error at line 26, column 3
|
26 | "RSE100", # Use of assert detected
| ^^^^^^^^
Unknown rule selector: RSE100

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sourcery-ai]

Hey there - I've reviewed your changes and found some issues that need to be addressed.

Prompt for AI Agents

Please address the comments from this code review:

## Individual Comments

### Comment 1
<location> `.github/actions/rust-build-release/action.yml:53` </location>
<code_context>
       with:
         toolchain: ${{ env.RBR_TOOLCHAIN }}
         workspaces: ${{ inputs.project-dir }}
+        shared-key: ${{ runner.os }}-toolchain-${{ env.RBR_TOOLCHAIN }}
         cache-on-failure: true
     - name: Install nfpm
</code_context>

<issue_to_address>
**issue (review_instructions):** Add behavioural and unit tests for the new 'shared-key' input to ensure its correct functionality.

You introduced a new 'shared-key' input to the rust-build-release action. Demonstrate its behaviour and correctness with both behavioural and unit tests, as required by the review instructions.

<details>
<summary>Review instructions:</summary>

**Path patterns:** `**/*`

**Instructions:**
For any new feature or change to an existing feature, both behavioural *and* unit tests are required.

</details>
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/actions/rust-build-release/src/runtime.py (1)

98-107: Bound rustc probe time to avoid hangs.

Add a small timeout to the rustc -vV probe and handle TimeoutExpired so CI cannot stall on misconfigured toolchains.

Apply this diff:

         result = run_validated(
             exec_path,
             ["-vV"],
             allowed_names=("rustc", "rustc.exe"),
             capture_output=True,
             text=True,
             check=True,
+            timeout=10,
         )
-    except (FileNotFoundError, subprocess.CalledProcessError, OSError):
+    except (FileNotFoundError, subprocess.CalledProcessError, subprocess.TimeoutExpired, OSError):
         return default

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ef6da9d and a88c05c.

📒 Files selected for processing (4)

• .github/actions/rust-build-release/src/runtime.py (2 hunks)
• .github/actions/rust-build-release/tests/test_runtime.py (2 hunks)
• .github/actions/setup-windows-gnu/action.yml (1 hunks)
• .github/workflows/rust-toy-app.yml (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

.github/actions/rust-build-release/tests/test_runtime.py (2)

.github/actions/rust-build-release/tests/conftest.py (4)

• runtime_module (193-199)
• module_harness (113-122)
• patch_shutil_which (89-91)
• patch_attr (104-106)

.github/actions/rust-build-release/src/runtime.py (1)

• runtime_available (20-81)

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Sourcery review
• GitHub Check: python-tests (windows-latest)
• GitHub Check: python-tests (ubuntu-latest)
• GitHub Check: build-release (windows-latest, x86_64-pc-windows-gnu)
• GitHub Check: build-release (windows-latest, aarch64-pc-windows-gnu)

🔇 Additional comments (5)

.github/workflows/rust-toy-app.yml (1)

40-43: Use PowerShell-safe GITHUB_ENV writes on Windows (LGTM).

Switch to shell: pwsh and Out-File correctly writes UTF‑8 lines to $env:GITHUB_ENV. No functional gaps spotted.

.github/actions/rust-build-release/src/runtime.py (2)

39-41: Treat discovery timeouts as unavailable (LGTM).

Catching subprocess.TimeoutExpired in discovery is the right failure mode.

---

57-59: Handle Podman security inspection timeouts (LGTM).

Extending the except clause to include TimeoutExpired aligns behaviour with discovery.

.github/actions/rust-build-release/tests/test_runtime.py (2)

38-61: Validate docker discovery timeout behaviour (LGTM).

Test accurately simulates a discovery timeout and asserts False.

---

128-155: Validate Podman security timeout behaviour (LGTM).

Test covers the new timeout path for the security query and asserts False.

Add two more fast tests to lock down adjacent failure modes:

• JSON decode error in Podman security output returns False.
• Non‑zero return from the initial info probe returns False.

What is the documented behaviour of GitHub Actions regarding writing environment files from PowerShell (newline and UTF‑8 requirements)?