My snap is generating an error during the staging phase of the build.
My understanding was that the staging phase only wrote files to the ‘stage’ directory.
But the build is complaining that a file already exists on the hosts /etc directory.
The file in question was actually generated by a prior run of snapcraft.
Can you share the yaml for the getcert part which is failing please?
Knowing the destination of staging won’t help, other than to tell you that /etc isn’t within the path used. We reference the staging destination using the variable $SNAPCRAFT_STAGE while building. The reason we put the path into that variable is precisely because the path can and does change depending upon what and how you are building.
There is no preventative measure taken to stop a build system from trampling over your filesystem, so even though we ask build systems to install into $SNAPCRAFT_STAGE a badly behaved builder can still ignore that directive. For example, a Makefile which ignores the DESTDIR variable passed at make install step will install it’s files outside the $SNAPCRAFT_STAGE directory, probably in /usr or /usr/local.
If the build system is one of these badly behaved setups then the files will not make it into the snap without further coercing!
parts:
getcert:
plugin: dump
source: snap/src/scripts/getcert
# run our renew script as a certbot post renewal deploy script
# this installs the certs into the java keystore and restarts tomcat.
organize:
renewal : /etc/letsencrypt/renewal-hooks/deploy
stage-packages:
- certbot
The renewal file was being written directly to the hosts /etc directory.
Full file:
name: tomcat-with-ssl
version: '0.1' # just for humans, typically '1.2+git' or '1.3.2'
summary: Apache Tomcat with SSL activated and managed by Certbot.
description: |
Intended to use as a part to install Apache Tomcat with
SSL enabled and the required certificate automatically
managed by certbot (Lets Encrypt) including automatica renewals.
Note: current if a renewal occurs tomcat will be restarted without warning.
grade: devel # must be 'stable' to release into candidate/stable channels
confinement: devmode # use 'strict' once you have the right plugs and slots
apps:
tomcat:
command: tomcat-launch
daemon: simple
plugs: [network, network-bind]
# used to ran the certbot renewal process.
cron:
command: cron
daemon: simple
plugs: [network, network-bind]
# You must run getcert after the install to create the certificate.
getcert:
command: getcert
plugs: [network, network-bind]
parts:
getcert:
plugin: dump
source: snap/src/scripts/getcert
# run our renew script as a certbot post renewal deploy script
# this installs the certs into the java keystore and restarts tomcat.
organize:
renewal : ${SNAP_DATA}/letsencrypt/renewal-hooks/deploy
renewal : /etc/letsencrypt/renewal-hooks/deploy
stage-packages:
- certbot
tomcat:
plugin: ant
source: https://github.com/apache/tomcat85.git
source-type: git
prepare: |
cp build.properties.default build.properties
install: |
cp -r output/build/* $SNAPCRAFT_PART_INSTALL
cat <<EOF > $SNAPCRAFT_PART_INSTALL/tomcat-launch
#!/bin/sh
export JRE_HOME=\${SNAP}/usr/lib/jvm/default-java/jre
export JAVA_HOME=\${SNAP}/usr/lib/jvm/default-java/jre
export CATALINA_HOME=\${SNAP}
export CATALINA_BASE=\${SNAP_DATA}
export CATALINA_TMPDIR=/tmp
cp -rn \${CATALINA_HOME}/conf \${CATALINA_BASE}/
cp -rn \${CATALINA_HOME}/webapps \${CATALINA_BASE}/
exec \${CATALINA_HOME}/bin/catalina.sh run
EOF
chmod +x $SNAPCRAFT_PART_INSTALL/tomcat-launch
stage-packages:
- libc6
- libbz2-1.0
- libgcc1
- libcomerr2
- libgcrypt20
- liblzma5
- libmount1
- libncursesw5
- libselinux1
- libtinfo5
- libuuid1
- libstdc++6
- libsmartcols1
- libgpg-error0
- libblkid1
- zlib1g
- libpcre3