chore: merge main into hotfix-merge/3.2

.github/workflows/publish-pypi.yaml

@@ -14,6 +14,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        fetch-tags: true
     - uses: actions/setup-python@v5
       with:
         python-version: '3.12'

.github/workflows/security-scan.yaml

@@ -0,0 +1,20 @@
+name: Security scan
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - hotfix/*
+      - work/secscan  # For development
+
+jobs:
+  python-scans:
+    name: Scan Python project
+    uses: canonical/starflow/.github/workflows/scan-python.yaml@main
+    with:
+      packages: python-apt-dev
+      # 1. requirements-noble.txt can't build on jammy
+      # 2. Ignore requirements files in spread tests, as some of these intentionally
+      #    contain vulnerable versions.
+      requirements-find-args: '! -name requirements-noble.txt ! -path "./tests/spread/*"'
+      osv-extra-args: '--config=source/osv-scanner.toml'

.github/workflows/tests.yaml

@@ -80,6 +80,11 @@ jobs:
         run: |
           sudo apt update
           sudo apt install -y python3-pip python3-setuptools python3-wheel python3-venv libapt-pkg-dev
+          pipx install poetry
+          # Jammy runners have too old a version of pip.
+          if [[ $(lsb_release --codename --short) == 'jammy' ]]; then
+            python3 -m pip install -U pip
+          fi
       - name: Setup LXD
         uses: canonical/setup-lxd@v0.1.1
         if: ${{ runner.os == 'Linux' }}
@@ -125,7 +130,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Build snap
-        uses: snapcore/action-build@v1
+        uses: canonical/action-build@v1
         id: snapcraft
       - name: Upload snap artifact
         uses: actions/upload-artifact@v4
@@ -150,7 +155,7 @@ jobs:
           fi
       - name: Publish feature branch to edge/${{ steps.vars.outputs.branch }}
         if: ${{ env.SNAPCRAFT_STORE_CREDENTIALS != '' }}
-        uses: snapcore/action-publish@v1
+        uses: canonical/action-publish@v1
         env:
           SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }}
         with:

.github/workflows/tics.yaml

@@ -25,7 +25,8 @@ jobs:
           sudo apt-get install -y python3 python3-dev libapt-pkg-dev libyaml-dev
           echo "::endgroup::"
           echo "::group::pip install"
-          python -m pip install 'tox<5.0' tox-gh
+          python -m pip install 'tox<5.0' tox-gh poetry
+          pip install -U pip
           echo "::endgroup::"
 
           eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"

.gitignore

@@ -141,6 +141,7 @@ dmypy.json
 *~
 /charmcraft/_version.py
 /results/
+.*.*swp
 
 # Spread files
 .spread-reuse*.yaml

charmcraft/application/commands/init.py

@@ -39,6 +39,7 @@
     "flask-framework": "init-flask-framework",
     "django-framework": "init-django-framework",
     "go-framework": "init-go-framework",
+    "fastapi-framework": "init-fastapi-framework",
 }
 DEFAULT_PROFILE = "simple"
 

charmcraft/application/commands/lifecycle.py

@@ -173,13 +173,48 @@ def run_managed(self, parsed_args: argparse.Namespace) -> bool:
         # notably here, the bundle plugin doesn't work on Windows.
         if sys.platform == "linux" and charmcraft_yaml and charmcraft_yaml.get("type") == "bundle":
             return False
+
         return super().run_managed(parsed_args)
 
+    def _update_charm_libs(self) -> None:
+        """Update charm libs attached to the project."""
+        craft_cli.emit.progress("Checking that charmlibs match 'charmcraft.yaml' values")
+        project = cast(models.CharmcraftProject, self._services.project)
+        libs_svc = cast(services.CharmLibsService, self._services.charm_libs)
+        installable_libs: list[models.CharmLib] = []
+        for lib in project.charm_libs:
+            library_name = utils.QualifiedLibraryName.from_string(lib.lib)
+            if not libs_svc.get_local_version(
+                charm_name=library_name.charm_name, lib_name=library_name.lib_name
+            ):
+                installable_libs.append(lib)
+        if installable_libs:
+            store = cast(services.StoreService, self._services.store)
+            libraries_md = store.get_libraries_metadata(installable_libs)
+            with craft_cli.emit.progress_bar(
+                "Downloading charmlibs...", len(installable_libs)
+            ) as progress:
+                for library in libraries_md:
+                    craft_cli.emit.debug(repr(library))
+                    lib_contents = store.get_library(
+                        library.charm_name,
+                        library_id=library.lib_id,
+                        api=library.api,
+                        patch=library.patch,
+                    )
+                    libs_svc.write(lib_contents)
+                    progress.advance(1)
+
     def _run(
         self,
         parsed_args: argparse.Namespace,
         step_name: str | None = None,
         **kwargs: Any,  # noqa: ANN401 (allow dynamic typing)
     ) -> None:
         self._validate_args(parsed_args)
+
+        project = cast(models.CharmcraftProject, self._services.project)
+        if project.charm_libs:
+            self._update_charm_libs()
+
         return super()._run(parsed_args, step_name, **kwargs)

charmcraft/application/commands/store.py

@@ -18,6 +18,7 @@
 import argparse
 import collections
 import dataclasses
+import datetime
 import os
 import pathlib
 import re
@@ -31,7 +32,6 @@
 from operator import attrgetter
 from typing import TYPE_CHECKING, Any
 
-import craft_platforms
 import yaml
 from craft_application import util
 from craft_cli import ArgumentParsingError, emit
@@ -70,6 +70,7 @@ class _ResourceType(typing.NamedTuple):
 ResourceType = _ResourceType()
 # the list of valid attenuations to restrict login credentials
 VALID_ATTENUATIONS = {getattr(attenuations, x) for x in dir(attenuations) if x.isupper()}
+BUNDLE_REGISTRATION_REMOVAL_URL = "https://discourse.charmhub.io/t/15344"
 
 
 class LoginCommand(CharmcraftCommand):
@@ -349,7 +350,7 @@ class RegisterBundleNameCommand(CharmcraftCommand):
     name = "register-bundle"
     help_msg = "Register a bundle name in the Store"
     overview = textwrap.dedent(
-        """
+        f"""
         Register a bundle name in the Store.
 
         Claim a name for your bundle in Charmhub. Once you have registered
@@ -368,18 +369,35 @@ class RegisterBundleNameCommand(CharmcraftCommand):
            https://discourse.charmhub.io/c/charm
 
         Registration will take you through login if needed.
+
+        \u001b[31mWARNING:\u001b[0m Charmhub will stop accepting new bundle registrations on 2024-11-01.
+        For more information, see:
+        {BUNDLE_REGISTRATION_REMOVAL_URL}
     """
     )
 
-    def fill_parser(self, parser):
+    def fill_parser(self, parser: argparse.ArgumentParser):
         """Add own parameters to the general parser."""
         parser.add_argument("name", help="The name to register in Charmhub")
 
-    def run(self, parsed_args):
+    def run(self, parsed_args: argparse.Namespace) -> int:
         """Run the command."""
+        if datetime.date.today() >= datetime.date(2024, 11, 1):
+            emit.message(
+                "\u001b[31mERROR:\u001b[0m New bundle registration is discontinued as of 2024-11-01.  For more "
+                f"information, see: {BUNDLE_REGISTRATION_REMOVAL_URL}"
+            )
+            return 1
+        emit.progress(
+            "\u001b[31mWARNING:\u001b[0m New bundle registration will stop working on 2024-11-01. For "
+            f"more information, see: {BUNDLE_REGISTRATION_REMOVAL_URL}",
+            permanent=True,
+        )
         store = Store(env.get_store_config())
         store.register_name(parsed_args.name, EntityType.bundle)
         emit.message(f"You are now the publisher of bundle {parsed_args.name!r} in Charmhub.")
+        # TODO(#1810): Replace this with os.EX_OK
+        return 0
 
 
 class UnregisterNameCommand(CharmcraftCommand):
@@ -2011,11 +2029,11 @@ def run(self, parsed_args: argparse.Namespace) -> int:
                     dest_password=credentials.password,
                 )
 
-            image_arch = [
-                craft_platforms.DebianArchitecture.from_machine(arch).value
+            image_arch = {
+                image_service.convert_go_arch_to_charm_arch(arch).value
                 for arch in image_metadata.architectures
-            ]
-            bases = [{"name": "all", "channel": "all", "architectures": image_arch}]
+            }
+            bases = [{"name": "all", "channel": "all", "architectures": sorted(image_arch)}]
 
             # all is green, get the blob to upload to Charmhub
             content = store.get_oci_image_blob(

charmcraft/application/main.py

@@ -23,12 +23,11 @@
 import craft_application
 import craft_cli
 from craft_application import util
-from craft_parts.plugins import plugins
+from craft_parts.plugins.plugins import PluginType
 from overrides import override
 
-from charmcraft import extensions, models, preprocess, services
+from charmcraft import extensions, models, parts, preprocess, services
 from charmcraft.application import commands
-from charmcraft.parts import BundlePlugin, CharmPlugin, ReactivePlugin
 from charmcraft.services import CharmcraftServiceFactory
 
 GENERAL_SUMMARY = """
@@ -119,6 +118,10 @@ def _configure_services(self, provider_name: str | None) -> None:
             project_dir=self.project_dir,
             build_plan=self._build_plan,
         )
+        self.services.update_kwargs(
+            "charm_libs",
+            project_dir=self.project_dir,
+        )
 
     def configure(self, global_args: dict[str, Any]) -> None:
         """Configure the application using any global arguments."""
@@ -131,8 +134,8 @@ def _get_dispatcher(self) -> craft_cli.Dispatcher:
         return self._dispatcher
 
     @override
-    def _get_app_plugins(self) -> dict[str, plugins.PluginType]:
-        return {"charm": CharmPlugin, "bundle": BundlePlugin, "reactive": ReactivePlugin}
+    def _get_app_plugins(self) -> dict[str, PluginType]:
+        return parts.get_app_plugins()
 
     @override
     def _pre_run(self, dispatcher: craft_cli.Dispatcher) -> None: