To make the review of your request easier, please use the following template to provide all the required details and also include any other information that may be relevant.
- name: lc-salt-minion
- description: the agent component of the SaltStack IaC tool bundled up as a snap package.
- snapcraft: https://krei.lambdacreate.com/Snap/lc-salt-minion/src/branch/trunk/snap/snapcraft.yaml
- upstream: GitHub - saltstack/salt: Software to automate the management and configuration of infrastructure and applications at scale. · GitHub
- upstream-relation: maintainer of salt for Alpine Linux, maintainer of saltext-s3fs, author and maintainer of saltext-nebula
- supported-category: I don’t believe this falls into a supported category yet. I do not believe puppet, chef, or similar agent based configuration management systems have been packaged as snaps yet.
- reasoning: for salt-minion to manage the underlying system it needs to have access to modify the configuration of that system. This means running arbitrary commands on the system running the salt-minion, controlling the contents of files under privileged paths such as /etc, or managing system services.
I understand that strict confinement is generally preferred over classic.
I’ve tried the existing interfaces to make the snap to work under strict confinement.
