diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2e12ad37..d9257856 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -24,13 +24,12 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        args:
-          - build --release
-          - clippy -- -D warnings
-          - test
         arch:
           - amd64
           - arm64
+        rust-version:
+          - stable
+          - nightly
     steps:
     - uses: actions/checkout@v4
       with:
@@ -43,20 +42,7 @@ jobs:
           libbpf-dev \
           protobuf-compiler
 
-        rustup component add clippy
-
-    - shell: python
-      id: args
-      run: |
-        import os
-
-        # Remove the hyphens from arguments like --release, then join
-        # all words with hyphens to have a key that is valid for GHA
-        # caching.
-        args='${{ matrix.args }}'.replace('-', '').split()
-        args='-'.join(args)
-        with open(os.environ.get('GITHUB_OUTPUT'), 'a') as f:
-          f.write(f'args={args}')
+        rustup +${{ matrix.rust-version }} component add clippy
 
     - uses: actions/cache@v4
       with:
@@ -66,8 +52,15 @@ jobs:
           ~/.cargo/registry/cache/
           ~/.cargo/git/db/
           target/
-        key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ steps.args.outputs.args }}-${{ hashFiles('**/Cargo.lock') }}
-    - run: cargo ${{ matrix.args }}
+        key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ matrix.rust-version }}-${{ hashFiles('**/Cargo.lock') }}
+
+    - name: Build
+      run: cargo +${{ matrix.rust-version }} build --release
+    - name: Lint
+      run: cargo +${{ matrix.rust-version }} clippy -- -D warnings
+    - name: Test
+      run: cargo +${{ matrix.rust-version }} test
+
 
   format-check:
     runs-on: ubuntu-24.04
diff --git a/Containerfile b/Containerfile
index e01c58ed..712d4304 100644
--- a/Containerfile
+++ b/Containerfile
@@ -1,12 +1,14 @@
 FROM quay.io/centos/centos:stream9 AS builder
 
+ARG RUST_VERSION=stable
+
 RUN dnf install --enablerepo=crb -y \
         clang \
         libbpf-devel \
         protobuf-compiler \
         protobuf-devel && \
         curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \
-            sh -s -- -y --default-toolchain 1.84 --profile minimal
+            sh -s -- -y --default-toolchain $RUST_VERSION --profile minimal
 
 ENV PATH=/root/.cargo/bin:${PATH}
 
@@ -14,7 +16,7 @@ WORKDIR /app
 
 COPY . .
 
-FROM builder as build
+FROM builder AS build
 
 ARG FACT_VERSION
 RUN --mount=type=cache,target=/root/.cargo/registry \
diff --git a/Makefile b/Makefile
index 8d606af9..1fe10ddc 100644
--- a/Makefile
+++ b/Makefile
@@ -16,6 +16,7 @@ image:
 	docker build \
 		-f Containerfile \
 		--build-arg FACT_VERSION=$(FACT_VERSION) \
+		--build-arg RUST_VERSION=$(RUST_VERSION) \
 		-t $(FACT_IMAGE_NAME) \
 		$(CURDIR)
 
diff --git a/constants.mk b/constants.mk
index 3940a821..31203033 100644
--- a/constants.mk
+++ b/constants.mk
@@ -1,3 +1,5 @@
+RUST_VERSION ?= stable
+
 FACT_TAG ?= $(shell git describe --always --tags --abbrev=10 --dirty)
 FACT_VERSION ?= $(FACT_TAG)
 FACT_REGISTRY ?= quay.io/stackrox-io/fact
diff --git a/docs/release.md b/docs/release.md
index 7f3642d2..1748fd6b 100644
--- a/docs/release.md
+++ b/docs/release.md
@@ -38,14 +38,20 @@ to create the git resources for Konflux before proceeding.
 
 1.  Set the following environment variables:
 
-    *   `STACKROX_SUFFIX`: The major and minor versions of ACS that will use this `fact` version (e.g., `4-10`).
-    *   `FACT_RELEASE`: The release version you set in the previous section.
+    *   `STACKROX_SUFFIX`: The major and minor versions of ACS that will
+        use this `fact` version (e.g., `4-10`).
+    *   `FACT_RELEASE`: The release version you set in the previous
+        section.
     *   `FACT_PATCH`: The patch version for this release (e.g., `0`).
+    *   `RUST_VERSION`: The version of the rust compiler that will be
+        used with this release, usually the latest stable rust version.
+        (e.g., `1.88`).
 
     ```sh
     export STACKROX_SUFFIX=4-10
     export FACT_RELEASE=0.2
     export FACT_PATCH=0
+    export RUST_VERSION=1.88
     ```
 
 1.  On the release branch, run the following commands to update the
@@ -63,6 +69,20 @@ Konflux build configuration and the application version.
         fact/Cargo.toml
     ```
 
+1.  Run the following command to pin the Rust version to be used.
+
+    ```sh
+    sed -i -e "/^RUST_VERSION / s/stable/${RUST_VERSION}/" \
+        Makefile
+    ```
+
+1.  Run the following command to stop mintmaker from attempting to
+    update our crate dependencies.
+
+    ```sh
+    sed -i -e "/\"cargo\",/d" .github/renovate.json5
+    ```
+
 1. Create a new branch for these changes and push it to the repository.
     ```sh
     git checkout -b "release/konflux-resources-${FACT_RELEASE}"
diff --git a/rust-toolchain.toml b/rust-toolchain.toml
deleted file mode 100644
index 9db33c0e..00000000
--- a/rust-toolchain.toml
+++ /dev/null
@@ -1,2 +0,0 @@
-[toolchain]
-channel = "1.84"