Announcing Project Kebe (open-source Snap store start)

Hello wonderful Snapcraft/Snap/Snapd community!

I would today like to announce Project Kebe. What is Project Kebe? It’s the start to an open source implementation of the Snap Store.

You can find it here: https://github.com/freetocompute/kebe and some answers to potential questions here: https://github.com/freetocompute/docs/blob/main/README.md.

Probably one that’s important is what does it do today? The answer from the docs README is my favorite way of putting it: “Think of something you want it to do and then assume it does NOT do that thing.”

Most importantly there is NO SEMBLANCE OF AUTH. I am starting to think about adding an Ory Kratos based workflow for auth but haven’t given it much thought. I’ve struggled to find good documentation about setting up a reasonable Macaroon workflow locally so if someone wants to contribute in that area it would be fantastic.

It would be very nice to use the tooling as much as possible without additional patches or supplemental tools.

However some things I’ve been able to accomplish with it:

  • host and install snaps on a Linux Mint desktop
  • use ubuntu-image to build and boot an Ubuntu Core 18 image with my own model assertion

This has been a huge educational experience (which is honestly as a single person all it could be before the universe dies) but secondarily I always did want it to be an actual, eventually usable store alternative.

It’s been the culmination of many months of work (not this code base per se) but lots of internal notes, etc and previous even more hacky versions of this.

I always wanted to release it when it was “finished” but that’s not realistic as this is an enormous effort. I’ll continue working on it but I would obviously appreciate any contributions. Every facet needs serious and enormous help!

I am hoping to add more documentation today to help others get a “working setup” with the existing Helm and MicroK8s based workflow.

Please be kind! :slight_smile: Feel free to ask any questions here.

THIS IS A PERSONAL PROJECT

I’ve done it on my nights and weekends and it is not endorsed, sponsored or in any other way supported except by me, the individual.

7 Likes

Links to other parts of the project:

Useful branch of snapd for Kebe purposes:

4 Likes

This is great news, congratulations and I hope this project will get the support from community. I see a huge potential in having an open-source implementation of the store that could be used in embedded space where people shipping their applications as Docker containers and on the contrary snaps offer much more power there.

As you might remember, I am in kind of in a similar boat. We have a need to build a snap store that complements the main store. I have been able to patch snapd to support custom signing authority and it serves as a base for all the future effort I am working on.

For our use case I am exploring an alternative approach where we write a snap cli tool from scratch that talks to the snapd sock BUT is also able to talk our company hosted store (basic HTTP service). Our store will take precedence over the Canonical store in case a snap of the same name exists in both stores.

This approach will work for us because

  1. For version 1 we only need a small subset of snap features
  2. We won’t need to heavily patch snapd
  3. Gives us the flexibility to write the client in the language of our choice

As I make more progress in the coming weeks, I will share my progress as well.

5 Likes

Thanks, me too!

I do! The version of snapd I’m using only patches like one or two lines of actual code and then several variables. Otherwise it’s stock 2.49.2 (at the moment).

Other code bases/implementations I have proxy all unknown requests to the Canonical store. The code in Github does not at the moment. I would like to implement several options for that behavior.

That would be fantastic.

As of yesterday I can now use Snapcraft master to login against my store with no patches. Merely exporting alternative URLs is all that is necessary:

UBUNTU_ONE_SSO_URL STORE_DASHBOARD_URL

So the basics of macaroon generation and discharging is working (that was a slog). It’s not ready to land yet and I would like to put in the necessary code to protect the limited, existing endpoints so that at least the basics are there.

This will make my life a lot easier if I can just use Snapcraft, as-is, with no changes. And from that many (all?) things will flow!

It’s exciting if overwhelming! :slight_smile:

2 Likes

Thanks for this awesome project. Snap store is the only black box in the community lol

3 Likes

I’m really happy to see this, thank you for your work!

1 Like