Hello,
we are developping “manala”, a developper tool aiming to synchronize and templatize some repetitive parts of projects (makefiles, dockerfiles, jenkinsfiles, …)
We are using go language, and everything is open sourced on our github organization (https://github.com/manala/manala)
Release process is handled by well-known GoReleaser.
The tool need access to home dirs to store its cache (using XDG_CACHE_HOME specs), and access to where devs use to set their projects workspace, mainly in home, but can be anywhere else ( devs knows )
It looks like classic confinement is the more appropriate choice, no ?
Snaps have their own per-snap $HOME of $HOME/snap/<snap-name>/<revision>/ - so $XDG_CACHE_HOME for a snap should auto-matically default to $HOME/snap/<snap-name>/<revision>/.cache - can you please explain why this is not suitable?
Also by plugging the home (and optionally the removable-media) interface this should provide the snap access to the usual locations where project workspaces would exist. As such I do not feel classic confinement is required for this snap at this stage.
Ok, we dug a little deeper into the snap mysteries home interface keeps his promises and is perfectly suitable, removable-media could not hurt, and we had to add network too as in obscure conditions, network remains unavailable.
One of main interests of our tool is to keep some files in projects synchronized upon a git repository. This repository could be public, but also private, and we use ssh agent for authentication…
I guess an interface or something is missing, because:
Error connecting to SSH_AUTH_SOCK: dial unix /run/user/1000/keyring/ssh: connect: permission denied
Is there any workaround instead of classic confinement ?
One more thing is that under the hood, we also use notify-send command to send notifications on success or error, when our tool run in background.
This time, the error is
"notify-send": executable file not found in $PATH
I don’t get if its notify-send command itself or $PATH env var which is unavailable…
Strict mode snaps are not able to execute binaries from the host system so you would have to ship your own notify-send binary and then plug the desktop interface to allow your snap to send notifications. For the ssh use-case, you could plug the ssh-keys interface and then ship your own ssh-agent if desired (see Ssh-agent plug request for a past similar discussion).
( devs knows )