Separating the generation of the Arch git package (on each commit to
master) from the generation of the Arch stable package (only on a new
tag) ensures that:
1. The checksum of the package isn't calculated on an older version of
the archive.
2. The stable version of the package is always exactly aligned with the
commit associated to the tag.
Weird errors seem to happen on Twine on that image:
```
Traceback (most recent call last):
File "/usr/bin/twine", line 5, in <module>
from twine.__main__ import main
File "/usr/lib/python3.11/site-packages/twine/__init__.py", line 32, in <module>
import importlib.metadata
File "/usr/lib/python3.11/importlib/metadata/__init__.py", line 17, in <module>
from . import _adapters, _meta
File "/usr/lib/python3.11/importlib/metadata/_adapters.py", line 3, in <module>
import email.message
File "/usr/lib/python3.11/email/message.py", line 15, in <module>
from email import utils
File "/usr/lib/python3.11/email/utils.py", line 28, in <module>
import random
File "/usr/lib/python3.11/random.py", line 49, in <module>
from math import log as _log, exp as _exp, pi as _pi, e as _e, ceil as _ceil
ImportError: Error relocating /usr/lib/python3.11/lib-dynload/math.cpython-311-x86_64-linux-musl.so: _PyModule_Add: symbol not found
```
A fully self-contained 1.5k LoC Drone file isn't very maintainable, and
it makes it hard to reuse parts that are shared across multiple steps
(like SSH and git configuration).
We shouldn't rely on `git diff`. Even when the underlying source code
hasn't changed, and the cache is dumped with `sort_keys=True`, some of
the generated snippets of docstrings may change, leading the CI/CD
pipeline to get stuck in a push loop.
We should instead look for changes to the plugins, backends, events and
schemas folders before and after the CI/CD trigger to infer if we need
to regenerate the file.
The cache is no longer generated at runtime when the application runs -
which may take quite a while, especially on fresh installations.
A `components.json.gz` file is instead generated by the CI/CD process on
every commit to the main branch, and distributed with the package.
The application will read this file when the `inspect` plugin is first
initialized.
This also means that we can no longer cache the `install_cmds`, as they
change depending on the target OS. A new
`application.get_install_commands` action has now been made available to
the UI, so it can get the correct installation commands at runtime.
- `iputils` should be an explicit system dependency for `ping`.
Some minimal systems (like some Docker images) may not have the `ping`
command installed out of the box.
- `hid` and `marshmallow_dataclass` should be among the auto-mocked
modules.
`update-apt-repo` should first copy the existing repo root on the S3
bucket to a local temporary directory, so we don't do expensive (and
very slow) file operations on the s3fs filesystem.
After everything is done, we should do a current->old, tmp->current, rm old
dance to update the repo on S3.