ci: build binary artifacts for pushes/PRs

[cpu]

This branch adds a CI job for all pushes & PRs that builds binary artifacts for rustls-ffi for:

• Windows (x86_64 MSVC)
• Linux (x86_64 GNU)
• Apple (ARM64)

Binary artifacts are built in release mode using stable rust, with the default crypto provider (aws-lc-rs) and cert compression enabled.

For FIPS, no cert-compression, the ring crypto provider, or other customization you will need to build from source.

These are automatically added to the CI run as artifacts. This has the advantage that we don't need any special write permissions and can manually attach binary artifacts to the releases we publish as appropriate. For now I'd like to avoid automating the release process. Artifact links associated with a branch are valid for ~90d.

You can see the artifacts produced for this PR here, under the annotations.

Unpacking the archives gives structure like:

# Linux
.
├── include
│   └── rustls.h
├── lib
│   └── x86_64-linux-gnu
│       ├── librustls.a
│       ├── librustls.so
│       ├── librustls.so.0.15.0
│       └── pkgconfig
│           └── rustls.pc

# MacOS
.
├── include
│   └── rustls.h
├── lib
│   ├── librustls.0.15.0.dylib
│   ├── librustls.a
│   ├── librustls.dylib
│   └── pkgconfig
│       └── rustls.pc

# Windows
.
├── bin
│   ├── rustls.dll
│   └── rustls.pdb
├── include
│   └── rustls.h
├── lib
│   ├── pkgconfig
│   │   └── rustls.pc
│   ├── rustls.def
│   ├── rustls.dll.lib
│   └── rustls.lib

Resolves #218

[cpu]

I haven't done extensive testing of the built artifacts from an external project yet, I'll try to that shortly. I have some confidence the artifacts are workable since we're leaning on cargo-c/cargo for the heavy lifting but it feels important to verify before attaching to a real release.

[cpu]

I haven't done extensive testing of the built artifacts from an external project yet,

Setting this as draft until I do the above. It might take me a few days to get to this.