GitLab

Fix #1738

Fix #1653

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* [breaking] report platforms installation dir in compile result

* Added platforms and libraries used in the build report

* Report used libraries even in case of unsuccessful build

* Added 3rd party platform url in InstalledPlatofrm grpc response

* Added temporary functionality to support profile creation

It will be probably deprecated and removed once a better UX is implemented.

* Updated documentation

* Use the last part of the FQBN for suggested profile name

* Move DefaultIndexURL under arduino/globals as it should be

* Use global index url

* Output an error if dump-profile is used with json output

* De-parallelize and increase verbosity of integration tests

* Hide output of some test

Otherwise Windows runners may raise this exception:

  E UnicodeEncodeError: 'charmap' codec can't encode characters in position 890-897: character maps to <undefined>

* Update test/pytest.ini
Co-authored-by: Umberto Baldi <34278123+umbynos@users.noreply.github.com>
Co-authored-by: Umberto Baldi <34278123+umbynos@users.noreply.github.com>

The latest 1.5.0 requires go1.18+.

We could put it back to "latest" once we migrate to go1.18.

* Fixed libraries-set selection for discovery

Fix #1740

* removed useless variable

* Added tests

* Updated readme

* Fixed initializaion of profile libraries

* Apply suggestions from code review

The library must be installed globally in order to provide coverage of the bug.
Co-authored-by: per1234 <accounts@perglass.com>
Co-authored-by: per1234 <accounts@perglass.com>

* cosmetic: renamed import

* Simplify function pm.DownloadPlatformRelease

* Implementation of the Profiles parser

* Added methods to get profiles from sketch

* Added gRPC parameters to support profiles

* Added function to load packages for profiles

* Added support for profiles in compile command

* Added progress callback and installMissing flag (stubs) in pm.PrepareLibrariesAndPackageManagersForProfile

* Added auto-install procedures for profiles

* Handle platform not found errors

* Draft implementation of upload with profiles

* Made packagemamager.loadToolsFromPackage public

* Simplified callbacks in commands.Init

* cosmetic: added shortcut variable for library manager

* cosmetic: added shortcut variable for package manager; small readability improvement

* Wiring profiles into arduino-cli and gRPC implementation

* Made gRPC Init return a full Profile structure

Makes it more future-proof in case of further expasion

* (tech debt) Disable profiles if compiling with --libraries/--library

* Fixed some linter warnings

* Apply suggestions from code review
Co-authored-by: per1234 <accounts@perglass.com>

* Added profiles specification docs

* Allow both sketch.yaml and .yml (with priority for .yaml)

* Correctly handle nil return value

* Apply suggestions from code review
Co-authored-by: per1234 <accounts@perglass.com>

* Apply suggestions from code review

* Provide `core install` suggestions only when compiling without profiles

* Remove stray comment

* Fixed some comments in protoc files

* Apply suggestions from code review

* Apply suggestions from code review
Co-authored-by: per1234 <accounts@perglass.com>

* Implemented missing AsYaml methods and added tests

* Apply suggestions from code review

* run of prettier formatter

* Preserve profiles ordering in profiles.yaml

* Apply suggestions from code review
Co-authored-by: per1234 <accounts@perglass.com>
Co-authored-by: per1234 <accounts@perglass.com>

* Fixed '--libraries' and '--library' flags description in compile command.

* Apply suggestions from code review
Co-authored-by: per1234 <accounts@perglass.com>
Co-authored-by: per1234 <accounts@perglass.com>

* Allow downloading index and signature in a tar.bz2 archive

* Make some configurations resilient to empty settings

* Added tests

* fix comment

* Apply suggestions from code review
Co-authored-by: Umberto Baldi <34278123+umbynos@users.noreply.github.com>

* Allow .tar.bz2 package index URL

* Fix errors in timeout checks

* Fixed check for stale package_index.json files
Co-authored-by: Umberto Baldi <34278123+umbynos@users.noreply.github.com>

* Removed 'stats' library

* Adjust sub-projects go.mod

* Updated licensed cache

* Removed test for prometheus and updated python deps

* Optimization: skip commands.Init() when no library was installed

* Optimization: skip commands.Init() when no platform was installed

Since many gRPC calls may happen together, to better understand what's
happening now:

- each call is identified by a sequence number (even if they are
  interleaved)
- when a non-streaming calls ends a "CALL END" log is printed

The real name for a lib (the name stored in the library.properties)
is required to find a library in the index. The installed name, which
matches the diretory name, is not valid for looking up libraries in
the index.

Libraries that do not have a library.properties file, or where the
name value in that file does not match the value in library_index.json,
cannot be upgrade by the CLI.

Also Fix tests for outdated libs

The tests for update and outdated changed the library.properties
file for an installed lib, but also wiped out the name field.
Since we rely on that field to determine the library name when
using the RealName property, the test's change was causing a failure
outside the scope of the test itself.

High quality feedback via GitHub issues is a very valuable contribution to the project. It is important to make the
issue creation and management process as efficient as possible for the contributors, maintainers, and developers.

Issue templates are helpful to the maintainers and developers because it establishes a standardized framework for the
issues and encourages the contributors to provide the essential information.

The contributor is now presented with a web form when creating an issue. This consists of multi-line input fields that
have the same formatting, preview, and attachment capabilities as the standard GitHub Issue composer, in addition to
menus and checkboxes where appropriate.

The use of this form-based system should provide a much better experience for the contributors and also result in higher
quality issues by establishing a standardized framework for the issues and encouraging contributors to provide the
essential information.

A template chooser allows the contributor to select the appropriate template type, redirects support requests to the
appropriate communication channels via "Contact Links", and provides a prominent link to security policy to guide any
vulnerability disclosures.

The clear separation of the types of issues encourages the reporter to fit their report into a specific issue category,
resulting in more clarity. Automatic labeling according to template choice allows the reporter to do the initial
classification.

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

* Updated library_index.json for testing

* Use easyjson for parsing library_index

* Added benchmarks for json deconding.

Results:

$ go test -v -benchmem -bench BenchmarkIndexParsing github.com/arduino/arduino-cli/arduino/libraries/librariesindex
=== RUN   TestIndexer
--- PASS: TestIndexer (0.16s)
goos: linux
goarch: amd64
pkg: github.com/arduino/arduino-cli/arduino/libraries/librariesindex
cpu: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
BenchmarkIndexParsingStdJSON
BenchmarkIndexParsingStdJSON-8                 5         214872730 ns/op          94.52 MB/s    58956539 B/op     418973 allocs/op
BenchmarkIndexParsingEasyJSON
BenchmarkIndexParsingEasyJSON-8               16          69215472 ns/op         293.42 MB/s    56162664 B/op     418966 allocs/op
PASS
ok      github.com/arduino/arduino-cli/arduino/libraries/librariesindex 4.442s

easyjson is 3x faster.

* Updated license check cache

* Added easyjson to package_index.json parser

* Allow easyjson to match tags in case-insensitive

See https://github.com/mailru/easyjson/pull/372

* Added easyjson generation task in Taskfile

* Added github action check

* Update .github/workflows/check-easyjson.yml
Co-authored-by: per1234 <accounts@perglass.com>
Co-authored-by: per1234 <accounts@perglass.com>

A "Check Go Dependencies" GitHub Actions workflow is used to check whether all Go package dependencies of the modules in
this repository use compatible licenses.

This workflow is hosted and maintained in a repository dedicated to a collection of such reusable Arduino tooling project assets.

Several enhancements have been made to the upstream file, which are pulled into the Arduino CLI repository here:

- Add schedule event trigger to catch breakage caused by external changes
  https://github.com/arduino/tooling-project-assets/commit/e71e4702279bd165769efd830f276b6b492de92c
- Run workflow on release branch creation
  https://github.com/arduino/tooling-project-assets/commit/22504dc85c1bea37613506016e677cd545a9af1b

The script which provides convenient installation of Arduino CLI is hosted and maintained in a separate repository which
contains the collection of reusable tooling project assets. Some defects were present in the script's handling of lack
of a build for a specific host architecture, which manifested when users with Apple M1 systems attempted to use it.

These defects were fixed and some general improvements made to the related code.

- Remove broken frivolous function from install script
  https://github.com/arduino/tooling-project-assets/commit/127116b30163e5c63384d6a46c57f9f5d093d61a
- Remove unnecessary use of eval from install script
  https://github.com/arduino/tooling-project-assets/commit/e2b5740daf890aa20d27d901ee8fc11743b38036
- Fallback to x86-64 release when macOS ARM 64-bit build not available
  https://github.com/arduino/tooling-project-assets/commit/d8c59e3caac6182077e9bbefe3a5209c3ec96782

Those are pulled into the Arduino CLI project here.

* Changes in errors.MultipleBoardsDetectedError and errors.NoBoardsDetectedError

- The message formatting has been fixed
- The errors now accepts a *rpc.Port instead of a *discovery.Port
- The new error NoBoardsDetectedError has been added

* Renamed some variable in compile/compile.go to improve readability

fqbn -> fqbnArg
port -> portArgs
detectedFqbn -> fqbn
discoveryPort -> port

* Renamed some variable in debug/debug.go to improve readability

fqbn -> fqbnArg
port -> portArgs
discoveryPort -> port

* Fixed some error formatting

* Renamed some variable in compile/compile.go to improve readability

fqbn -> fqbnArg
port -> portArgs
discoveryPort -> port

* Refactored board autodetection in upload/compile

- use `board.List()` instead of implementing a duplicate of it
- factored the logic that calculates FQBN, Port and possibly
  autodetects FQBN, so we have a single implementation for all
  commands of the cli.

* Removed SupportedUserFieldsRequest.Address gRPC parameter

Because it's no more needed

* Added notes about technical debt

* Factored --discovery-timeout flag and added timeout to board autodetection

* Added docs

* Fixed error message and integration tests

* Update cli/arguments/port.go
Co-authored-by: Umberto Baldi <34278123+umbynos@users.noreply.github.com>
Co-authored-by: Umberto Baldi <34278123+umbynos@users.noreply.github.com>

* Fix typo

* Rename custom keys filename to make more clear that private key is used to sign and public key is used for encryption

* Update Security setting postbuild.cmd path

* Update Security setting keychain path

* Update Security setting default keys filename

* Updated relaxed-semver library to v0.9.0

* Fixed errors translations

* Make architecture explicit in loadPlatform

* Extracted subrotuine loadToolReleaseFromDirectory

* Added cores.InstallPlatformInDirectory(..) helper function

* legacy: allow using a preconfigured library manager in build

The "Check Go Dependencies" GitHub Actions workflow checks for dependencies with incompatible or unapproved license
types.

The dependency license metadata consumed by the "Licensed" tool is cached in the project repository, in a dedicated file
for each dependency.

The `check-cache` job of the workflow checks whether that cache is in sync with the project's current dependencies. It
does this by using the "Licensed" tool to update the cache and then a `git diff` command to check whether that resulted
in any changes (which would indicate it is out of sync).

Out of sync states could result from any of three distinct conditions:

- Missing metadata file
- Incorrect metadata file contents
- Superfluous metadata file

An incorrectly configured `git diff` command previously caused the last of these to be missed.

My first take at this system was simply using `git diff --exit-code` alone. That detects the last two, but misses the
first. I added the `git add --intent-to-add .` command to detect added files, but didn't realize that it caused the last
to be missed.

Superfluous files in the dependency license metadata cache won't actually interfere with its intended functionality, but
it is still important to avoid an accumulation of unused files.

The new commands will catch all three of the possible out of sync conditions by staging all changes that result from
the metadata cache update to the repository and then comparing those against the `HEAD` commit.

I considered an alternative approach which works just as well as the chosen one:

```
git add .
git diff --exit-code HEAD
```

However, I feel that the `--cached` flag makes the `git diff` command more self-explanatory.

* Moved downloaders subroutines in 'resources' package

* Moved function to the correct file

* Merge Download subroutine for resources

* Factored all download subroutines

* Allow passing nil Config in resource.Download method

* Moved some package in their appropriate place.

httpclient is now under arduino/httpclient.
Some configuration values have been moved under 'configuration' package,
and the related subroutines have been refactored.

* Created IndexResource and factored out all download utilities

* Fix regression in unit-tests

* Adjusted integration tests

* Fixed linter problems

* Moved DownloadFile from 'resources' package into 'httpclient'

* Factored all progress reports callback definitions in the rpc package

* Updated UPGRADING.md

* Applied suggestions from code review
Co-authored-by: per1234 <accounts@perglass.com>

* Fixed typos
Co-authored-by: per1234 <accounts@perglass.com>

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Made monitor.jsonDecodeLoop more thread resilient

* Use idiomatic way to check for channel-closed event

* Ensure that monitor processes are killed and collected correctly

* Simplified (and fixed...) monitor stream handling

There is no need to spawn two goroutines, one is enough. Also the extra
context is not needed anymore. The monitor port can be closed when the
goroutine with the grpc recv loop ends.

* Fix cli crash if no configuration is provided in the Monitor gRPC call

* Extended term_example gRPC API test coverage

Now it cycles on the same port two times.

* Reduce timeout for monitor close/quit commands to 250ms

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

The "github-stats" GitHub Actions workflow periodically gathers GitHub release asset download statistics for Arduino CLI
and pushes the results to Datadog.

There are no known problems with this workflow. However, the companion "arduino-stats" workflow that did the same for
the downloads of Arduino CLI from downloads.arduino.cc was broken and thus removed from the repository.

The GitHub stats are not very valuable on their own as they only provide an unknown fraction of the total downloads of
Arduino CLI. They have also not ended up being used. Since it doesn't provide any value and represents a maintenance
burden, it is hereby removed from the repository.

The "arduino-stats" GitHub Actions workflow was designed to periodically gather download statistics from Arduino CDN and
push results to Datadog.

The recorded stats showed a periodic decrease in total download count. Since this is patently impossible, it is clear
that something was wrong with the system and that the recorded data was not usable. An investigation into the problem
was never done.

On 2022-03-14, the runs of the "arduino-stats" GitHub Actions workflow began to fail. Because there had not been any
relevant change in the repository between the last successful run and the first failing run, it seems that some external
change caused the breakage. Since the workflow was not ever working successfully and the lack of an investigation about
that indicates that the stats are not of immediate importance, the best course of action is to simply remove the broken
infrastructure from the repository rather than investing time into fixing something that isn't being used anyway.