I have been playing with CircleCI recently and thought I’d write up some notes on what I did to get a snap auto building and pushing to the store on their CI system.
I’ve been testing this out with the emoj project I have on github. Here’s what I did to get it all working.
Firstly, sign up for CircleCI for a free account and hook it up to your github project.
.circleci/config.yml to the project.
Here’s the bones of mine, so you can see what’s needed to get it building a snap:-
version: 2 jobs: build: working_directory: ~/emoji machine: true steps: - checkout - run: command: | sudo apt update sudo apt install -y snapd sudo snap install snapcraft --edge --classic /snap/bin/snapcraft
Some things to note:-
- version: specifies the new 2.0 format of the circleci config.
- machine: means we get a real VM rather than a docker container. Currently building a snap inside their docker container won’t work because it’s using the 3.13 Ubuntu 14.04 kernel.
- Real VMs might be a paid service in the future, but currently they’re in beta so free
- I had to specify the path to snapcraft binary because otherwise it’s not found immediately after the snapd/snapcraft install.
Use snapcraft-config-generator.py to generate the store credentials in
.snapcraft/snapcraft.cfg within the project directory.
Important: This file enables you to upload to the edge channel using the snapcraft command so guard it. Add
.gitignore to prevent sharing it with the world.
Alternatively, move it out of the project tree, and do the next steps elsewhere, then move the encrypted version back into the project tree.
Generate a key somehow to encrypt the snapcraft.cfg, for example:-
``export KEY=$(pwgen 64 1)```
In the CircleCI project web UI go to Build Settings -> Environment Variables, add the
$KEY environment variable and set it to whatever pwgen generated on your laptop.
Encrypt the snapcraft.cfg as per the CircleCI docs:-
openssl aes-256-cbc -e -in .snapcraft/snapcraft.cfg -out .snapcraft/snapcraft.encrypted -k $KEY
Add the encrypted version to your project and push to github.
.circleci/config.yml to include a section to decrypt the key before uploading to the store:-
openssl aes-256-cbc -d -in .snapcraft/snapcraft.encrypted -out .snapcraft/snapcraft.cfg -k $KEY
So the deploy section should look a bit like this:-
- deploy: name: Push to Snap Store command: | openssl aes-256-cbc -d -in .snapcraft/snapcraft.encrypted -out .snapcraft/snapcraft.cfg -k $KEY /snap/bin/snapcraft push *.snap
If all works, you should get a snap pushed to the store.
Here’s the full .circleci/config.yml that I’m using:-
version: 2 jobs: build: working_directory: ~/emoji machine: true steps: - checkout - run: command: | sudo apt update sudo apt install -y snapd sudo snap install snapcraft --edge --classic /snap/bin/snapcraft - deploy: name: Push Master to Snap Store command: | openssl aes-256-cbc -d -in .snapcraft/snapcraft.encrypted -out .snapcraft/snapcraft.cfg -k $KEY /snap/bin/snapcraft push *.snap
Suggestions on how to improve this would be welcome.