Cw-sh requires personal-files


#1

cw-sh is a CLI tool that allows easy tailing of AWS CloudWatchLogs streams.

To be alligned with AWS ecosystem I’ll need access to personal-files so that I can read .aws/config and .aws/credentials.

The repo:

Thanks in advance.
Regards,
Luca


#2

From the docs description:

This interface is typically used to provide read-only access to top-level hidden data directories within a user’s home directory in order to support importing data from existing applications where the snap is the clear owner of the target directory.

I’m afraid your request doesn’t match above.


#3

Thanks for the response.

What is then the best way for a tool like mine to have access to the necessary files?
I surely cannot change AWS best practice (the preferred location of the config files…)

Thanks in advance for the help,
Luca Grulla


#4

sounds perfectly fine to use personal-files for this … but i’ll leave that to the reviewers (note there is a product sprint going on so many people are away this week (and some also next))


#5

Note that there is precedence for granting AWS applications access to ~/.aws/ with personal-files, see the thread on Requesting auto-connection of personal-files to sam-cli for example.


#6

Snap in your link was granted this access after it was transferred under official aws umbrella. This one is 3rd party project not-affiliated with aws.


#7

Thanks All for the feedback/comments so far.

How can I have feedback also from the reviewers?


#8

As mentioned by others, your snap doesn’t fall under the AWS umbrella and is not the clear owner of these files. You did mention that your snap needs read access to these files, so I’m inclined to allow installation but not auto-connection of personal-files provided your snap is updated to use:

plugs:
  dot-aws-config-credentials:
    interface: personal-files
    read:
    - $HOME/.aws/config
    - $HOME/.aws/credentials

In this manner, users will understand what they are opting into when connecting the interface: snap connect cw-sh:dot-aws-config-credentials

+1 for use of personal-files with the above. -1 for auto-connection.

@reviewers - can others vote on this?


#9

I agree with @jdstrand. +1 for use of personal-files with the above, -1 for auto-connection. This way, users have the flexibility to allow connection if they want.


#10

I’d be ok with this solution.
@reviewers: any additional feedback?


#11

2 votes for, 0 against for use of the personal files interface with the aforementioned snap.yaml

0 votes for, 2 against auto-connection of the interface. This is now live.


#12

Please note that this currently also requires a change to the review-tools, which I’ve done, but it is not in production yet. Feel free to upload but a reviewer will need to manually approve until it is.