Merge branch 'main' into patch-1

canonical · Dec 5, 2024 · 8109466 · 8109466
2 parents 021aff1 + a582a88
commit 8109466
Show file tree

Hide file tree

Showing 232 changed files with 6,688 additions and 3,048 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug.yaml b/.github/ISSUE_TEMPLATE/bug.yaml
@@ -45,7 +45,7 @@ body:
         If possible, please paste your charmcraft.yaml contents. This
         will be automatically formatted into code, so no need for
         backticks.
-      render: shell
+      render: yaml
     validations:
       required: true
   - type: textarea

diff --git a/.github/renovate.json5 b/.github/renovate.json5
@@ -5,7 +5,9 @@
     // Each ignore is probably connected with an ignore in pyproject.toml.
     // Ensure you change this and those simultaneously.
     "urllib3",
+    // Temporary until we remove Windows. https://github.com/canonical/charmcraft/issues/1810
     "windows",  // We'll update Windows versions manually.
+    "tox-gh",  // As of 1.3.2 tox-gh doesn't support Windows 2019's python 3.7.
   ],
   labels: ["dependencies"],  // For convenient searching in GitHub
   baseBranches: ["$default", "/^hotfix\\/.*/"],
@@ -38,7 +40,11 @@
       // Automerge patches, pin changes and digest changes.
       // Also groups these changes together.
       groupName: "bugfixes",
-      excludeDepPatterns: ["lint/.*", "types/.*"],
+      excludeDepPatterns: [
+        "lint/.*",
+        "types/.*",
+        "pyright",  // Pyright needs to be done separately.
+      ],
       matchUpdateTypes: ["patch", "pin", "digest"],
       prPriority: 3, // Patches should go first!
       automerge: true

diff --git a/.github/workflows/publish-pypi.yaml b/.github/workflows/publish-pypi.yaml
@@ -14,6 +14,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        fetch-tags: true
     - uses: actions/setup-python@v5
       with:
         python-version: '3.12'

diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml
@@ -0,0 +1,20 @@
+name: Security scan
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - hotfix/*
+      - work/secscan  # For development
+
+jobs:
+  python-scans:
+    name: Scan Python project
+    uses: canonical/starflow/.github/workflows/scan-python.yaml@main
+    with:
+      packages: python-apt-dev
+      # 1. requirements-noble.txt can't build on jammy
+      # 2. Ignore requirements files in spread tests, as some of these intentionally
+      #    contain vulnerable versions.
+      requirements-find-args: '! -name requirements-noble.txt ! -path "./tests/spread/*"'
+      osv-extra-args: '--config=source/osv-scanner.toml'
diff --git a/.github/workflows/spread.yaml b/.github/workflows/spread.yaml
@@ -85,6 +85,7 @@ jobs:
         name: Run spread
         env:
           CHARMCRAFT_AUTH: ${{ secrets.CHARMCRAFT_AUTH }}
+          CHARMCRAFT_SINGLE_CHARM_AUTH: ${{ secrets.CHARMCRAFT_SINGLE_CHARM_AUTH }}
           CHARM_DEFAULT_NAME: gh-ci-charmcraft-charm
           BUNDLE_DEFAULT_NAME: gh-ci-charmcraft-bundle
         run: |

diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
@@ -45,7 +45,7 @@ jobs:
   run-tests:
     strategy:
       matrix:
-        os: [ubuntu-22.04, ubuntu-24.04, macos-12, macos-13, windows-2019, windows-2022]
+        os: [ubuntu-22.04, ubuntu-24.04, macos-13, macos-14-large, windows-2019, windows-2022]
         include:
           - os: windows-2019
             python-version: |
@@ -55,14 +55,16 @@ jobs:
             python-version: |
               3.11
               3.12
-          - os: macos-12
-            python_version: |
+          - os: macos-14-large
+            python-version: |
               3.10
               3.12
+              3.13
           - os: macos-13
-            python_version: |
+            python-version: |
               3.10
               3.12
+              3.13
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout code
@@ -80,6 +82,14 @@ jobs:
         run: |
           sudo apt update
           sudo apt install -y python3-pip python3-setuptools python3-wheel python3-venv libapt-pkg-dev
+          pipx install poetry
+          # Jammy runners have too old a version of pip.
+          if [[ $(lsb_release --codename --short) == 'jammy' ]]; then
+            python3 -m pip install -U pip
+          fi
+      - name: Setup LXD
+        uses: canonical/[email protected]
+        if: ${{ runner.os == 'Linux' }}
       - name: Install skopeo (mac)
         # This is only necessary for Linux until skopeo >= 1.11 is in repos.
         # Once we're running on Noble, we can get skopeo from apt.
@@ -122,7 +132,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Build snap
-        uses: snapcore/action-build@v1
+        uses: canonical/action-build@v1
         id: snapcraft
       - name: Upload snap artifact
         uses: actions/upload-artifact@v4
@@ -147,7 +157,7 @@ jobs:
           fi
       - name: Publish feature branch to edge/${{ steps.vars.outputs.branch }}
         if: ${{ env.SNAPCRAFT_STORE_CREDENTIALS != '' }}
-        uses: snapcore/action-publish@v1
+        uses: canonical/action-publish@v1
         env:
           SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }}
         with:
@@ -288,7 +298,7 @@ jobs:
   macos-smoke-test:
     strategy:
       matrix:
-        os: [macos-12, macos-13]
+        os: [macos-13, macos-14-large]
     runs-on: ${{ matrix.os }}
     steps:
       # Installing and caching homebrew using the action should speed up subsequent CI:
@@ -306,8 +316,9 @@ jobs:
       - name: Install Homebrew Bundler RubyGems
         if: steps.cache.outputs.cache-hit != 'true'
         run: brew install-bundler-gems
-      - name: Install Multipass
+      - name: Install dependencies with homebrew
         run: |
+          brew install [email protected]  # For building pygit2
           brew install multipass
       - name: Checkout code
         uses: actions/checkout@v4
@@ -318,7 +329,7 @@ jobs:
           cache: 'pip'
       - name: Build and install Charmcraft
         run: |
-          pipx install .
+          pip install -r requirements.txt .
       - name: Check for fully-configured multipass
         run: |
           while ! multipass version; do

diff --git a/.github/workflows/tics.yaml b/.github/workflows/tics.yaml
@@ -25,7 +25,8 @@ jobs:
           sudo apt-get install -y python3 python3-dev libapt-pkg-dev libyaml-dev
           echo "::endgroup::"
           echo "::group::pip install"
-          python -m pip install 'tox<5.0' tox-gh
+          python -m pip install 'tox<5.0' tox-gh poetry
+          pip install -U pip
           echo "::endgroup::"
 
           eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"

diff --git a/.gitignore b/.gitignore
@@ -141,6 +141,7 @@ dmypy.json
 *~
 /charmcraft/_version.py
 /results/
+.*.*swp
 
 # Spread files
 .spread-reuse*.yaml
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -1,12 +1,17 @@
 ## Development environment
 
+We recommend uv for setting up your local development environment:
+
+- [uv snap](https://snapcraft.io/astral-uv)
+- [Official uv binary](https://docs.astral.sh/uv/getting-started/installation/)
+
 To set up an initial development environment:
 
     git clone https://github.com/canonical/charmcraft.git
     cd charmcraft
-    virtualenv venv
-    . venv/bin/activate
-    pip install -r requirements-dev.txt -e .
+    uv venv
+    . .venv/bin/activate
+    uv pip install -r requirements-dev.txt -e .
 
 You will need a copy of `ruff` installed. On many Linux distributions, you
 can install ruff with:
@@ -15,7 +20,7 @@ can install ruff with:
 
 Otherwise, you can install ruff in your virtual environment with:
 
-    pip install ruff
+    uv tool install ruff
 
 
 ## Developing against Charmcraft source
@@ -31,7 +36,7 @@ When you're done, make sure you run the tests.
 
 You can do so with
 
-    pip install -r requirements-dev.txt
+    uv pip install -r requirements-dev.txt
     ./run_tests
 
 Contributions welcome!
diff --git a/charmcraft/application/commands/__init__.py b/charmcraft/application/commands/__init__.py
@@ -14,6 +14,7 @@
 #
 # For further info, check https://github.com/canonical/charmcraft
 """Charmcraft commands."""
+
 import craft_application
 
 from charmcraft.application.commands.analyse import Analyse, Analyze
@@ -109,7 +110,8 @@ def fill_command_groups(app: craft_application.Application) -> None:
         ],
     )
     app.add_command_group(
-        "Extensions", [ExpandExtensionsCommand, ExtensionsCommand, ListExtensionsCommand]
+        "Extensions",
+        [ExpandExtensionsCommand, ExtensionsCommand, ListExtensionsCommand],
     )
     app.add_command_group(
         "Other",

diff --git a/charmcraft/application/commands/analyse.py b/charmcraft/application/commands/analyse.py
@@ -14,6 +14,7 @@
 #
 # For further info, check https://github.com/canonical/charmcraft
 """Command for analysing a charm."""
+
 import argparse
 import json
 import pathlib

diff --git a/charmcraft/application/commands/base.py b/charmcraft/application/commands/base.py
@@ -14,6 +14,7 @@
 #
 # For further info, check https://github.com/canonical/charmcraft
 """Base command for Charmcraft commands."""
+
 from __future__ import annotations
 
 import craft_application.commands

diff --git a/charmcraft/application/commands/extensions.py b/charmcraft/application/commands/extensions.py
@@ -15,6 +15,7 @@
 # For further info, check https://github.com/canonical/charmcraft
 
 """Infrastructure for the 'extensions' command."""
+
 import argparse
 from textwrap import dedent
 

diff --git a/charmcraft/application/commands/init.py b/charmcraft/application/commands/init.py
@@ -15,6 +15,7 @@
 # For further info, check https://github.com/canonical/charmcraft
 
 """Infrastructure for the 'init' command."""
+
 import argparse
 import os
 import pathlib
@@ -39,6 +40,7 @@
     "flask-framework": "init-flask-framework",
     "django-framework": "init-django-framework",
     "go-framework": "init-go-framework",
+    "fastapi-framework": "init-fastapi-framework",
 }
 DEFAULT_PROFILE = "simple"
 
@@ -129,7 +131,9 @@ class InitCommand(base.CharmcraftCommand):
 
     def fill_parser(self, parser):
         """Specify command's specific parameters."""
-        parser.add_argument("--name", help="The name of the charm; defaults to the directory name")
+        parser.add_argument(
+            "--name", help="The name of the charm; defaults to the directory name"
+        )
         parser.add_argument(
             "--author",
             help="The charm author; defaults to the current user name per GECOS",

diff --git a/charmcraft/application/commands/lifecycle.py b/charmcraft/application/commands/lifecycle.py
@@ -14,6 +14,7 @@
 #
 # For further info, check https://github.com/canonical/charmcraft
 """craft-application based lifecycle commands."""
+
 from __future__ import annotations
 
 import pathlib
@@ -171,15 +172,56 @@ def run_managed(self, parsed_args: argparse.Namespace) -> bool:
         # Always use a runner on non-Linux platforms.
         # Craft-parts is not designed to work on non-posix platforms, and most
         # notably here, the bundle plugin doesn't work on Windows.
-        if sys.platform == "linux" and charmcraft_yaml and charmcraft_yaml.get("type") == "bundle":
+        if (
+            sys.platform == "linux"
+            and charmcraft_yaml
+            and charmcraft_yaml.get("type") == "bundle"
+        ):
             return False
+
         return super().run_managed(parsed_args)
 
+    def _update_charm_libs(self) -> None:
+        """Update charm libs attached to the project."""
+        craft_cli.emit.progress(
+            "Checking that charmlibs match 'charmcraft.yaml' values"
+        )
+        project = cast(models.CharmcraftProject, self._services.project)
+        libs_svc = cast(services.CharmLibsService, self._services.charm_libs)
+        installable_libs: list[models.CharmLib] = []
+        for lib in project.charm_libs:
+            library_name = utils.QualifiedLibraryName.from_string(lib.lib)
+            if not libs_svc.get_local_version(
+                charm_name=library_name.charm_name, lib_name=library_name.lib_name
+            ):
+                installable_libs.append(lib)
+        if installable_libs:
+            store = cast(services.StoreService, self._services.store)
+            libraries_md = store.get_libraries_metadata(installable_libs)
+            with craft_cli.emit.progress_bar(
+                "Downloading charmlibs...", len(installable_libs)
+            ) as progress:
+                for library in libraries_md:
+                    craft_cli.emit.debug(repr(library))
+                    lib_contents = store.get_library(
+                        library.charm_name,
+                        library_id=library.lib_id,
+                        api=library.api,
+                        patch=library.patch,
+                    )
+                    libs_svc.write(lib_contents)
+                    progress.advance(1)
+
     def _run(
         self,
         parsed_args: argparse.Namespace,
         step_name: str | None = None,
         **kwargs: Any,  # noqa: ANN401 (allow dynamic typing)
     ) -> None:
         self._validate_args(parsed_args)
+
+        project = cast(models.CharmcraftProject, self._services.project)
+        if project.charm_libs:
+            self._update_charm_libs()
+
         return super()._run(parsed_args, step_name, **kwargs)