This in theory is pretty easy because it’s just a static binary but I think it might need Classic confinement, much like the snap for Helm itself. However I’m new to building snaps so I’m happy to be told I’m wrong.
From my understanding of the tool it needs access to yaml files in the directory you run the command in. It also needs permissions to run Helm. It may also need additional access to hidden directories storing Helm configuration in the user’s home directory but I’m not certain about that.
However immediately when I try and run with strict confinement I don’t have permissions to access files in the working directory of the command, and I can’t see an interface which obviously looks like it will solve this.
edit: Added the home plug and solved that problem but now I can’t find a way to be able to execute Helm (from the Helm snap) unless I bundle my own version of Helm.
If you need to run binaries on the host system, you will need classic confinement. Can you explain why you can’t include helm in the snap? That would be the recommended way.
I can’t include Helm in the snap without having the same problems explained here, which caused the Helm snap to switch to classic confinement: Classic confinement for existing Helm snap
Also I don’t think in this case it would be a good user experience even if it could work due to the way these Kubernetes tools share configuration in .kube/config for example.
With classic confinement I can install kubectl, helm and helmfile separately and use the release channel I want for each tool e.g. kubectl 1.15, helm 2.16 branch. This is often desirable.
Hi. What a coincidence that we’re both doing this at the same time!
I’ve had a quick look at your snap but I don’t see how it gets around the issues with accessing the helm binary or yaml files. I still believe this needs classic confinement for the reasons I’ve stated above, similar to Helm itself.
@sweston you’re right what a coincidence. We are trying to fix a lack.
BTW you’re right. I’m still checking solutions to get around the issues you had.
The helm classic request happened a couple of years ago and before a lot of discussion surrounding k8s, so I’d like to talk about this request anew.
@sweston - you mentioned “With classic confinement I can install kubectl, helm and helmfile separately and use the release channel I want for each tool e.g. kubectl 1.15, helm 2.16 branch”. Can you describe a couple/few representative use cases of how these 3 snaps are used together and how to drive helm?
Also, in your own words, can you describe why helm cannot be included in your snap?
@sweston hi there, @vdenaropapa was interested in taking over Helm, could you let us know if you’re still working on this or are OK with transferring the snap name to him?
Thanks. FYI a transfer is requested here in the forum, though we do ask that you add the recipient as a collaborator and for them to accept the collaboration invite, so we can verify authorization and intent.
Since it’s been a while, I recommend waiting for @vdenaropapa to confirm he’s still interested in all this before proceeding.
what a coincidence. We are trying to fix a lack.
BTW you’re right. I’m still checking solutions to get around the issues you had.
helmfile is on the wave