Greetings Store/Security team! I hope you are well!
I recently created the snap pluto and to publish it to the Snap Store I need the custom plug dot-local-share-juju
and the ssh-public-keys
interfaces approved for auto-connection. Pluto is a proof-of-concept CLI application for deploying Ubuntu-based High-Performance Computing clusters using Juju, and it is developed by the HPC team (me specifically) at Canonical. The source code can be audited here. Here’s why I need the dot-local-share-juju
and the ssh-public-keys
interfaces auto-connected:
dot-local-share-juju
This interface needs to be approved/auto-connected because Pluto is a wraps around Juju to deploy HPC-specific charms published to Charmhub. Pluto needs the dot-local-share-juju
(custom personal-files
plug) so it can read/write to the configuration files of a pre-existing Juju installation. It connects to an already configured Juju controller to create a “microhpc” model and deploy the HPC charms there. Without this interface, pluto cannot communicate with the established controller.
ssh-public-keys
This interface needs to be auto-connected because pluto needs public ssh keys so it can execute commands on the deployed HPC charms. It uses these keys to provision a minimal NFS server and set up the home directory for a user located inside an LDAP database. Without access to the public ssh keys, pluto cannot contact these units via ssh to do further provisioning.
Please let me know if you all require further information/justification from me for why I need these interfaces auto-connected/granted!
Side note: how do I go about getting snap ownership transferred to the Canonical namespace on the Snap Store? I also have a juju-bin
plug that needs to be connected to the Juju snap so that pluto can access the Juju binaries.