I now want to create an Ubuntu Core image by working through this proxy. When I try to do a ‘snapcraft login’, the connection always goes over the original URL, not the proxy URL. I want to remove any direct connections to the store from the workflow and do everything via the proxy because I am in a company network with ssl man in the middle interception. Does anybody know if snapcraft can work with the ‘snap-store-proxy’? If so, how do I have to configure it so it uses the proxy url?
Do you want to create a ubuntu core image as base for a server? I never did that but I do not think snap/snapcraft helps with that.
Or you trying to host a proprietary snap? I might be mistaken but I think the store proxy does not provide the means to only locally store a snap. I think the intended workflow is to add your snap to the store and one can proxy that. In this case https://gitlab.com/lol-snap/lol might be more suited to your needs.
Thanks for you replies. I will try to clarify again:
I am just trying to build an Ubuntu Core image without accessing the store directly. I want to access it via the proxy. The reason for this is because I am essentially in an air-gapped environment (because of ssl interception). I don’t want to store any snaps in-house or anything like this. I just want to use the proxy as a proxy to access the store when building an Ubuntu Core image.
The question is now for me: how do I tell snapcraft to do the login and build via the proxy and not via the store directly?
Hi, it looks like you might be looking for a way of instructing snapcraft and or snapd to use the intercepting https proxy (and trusting its CA certificate), and not using the snap-store-proxy? If you used the snap-store-proxy, the communication between the snap-store-proxy and the online store would need to still happen via the intercepting https proxy I assume? If yes, then it doesn’t make much sense to use the snap-store-proxy.
Thanks for your detailed answer. I had gotten snapd and the snap-store-proxy to access the store by providing the self signed cert. snapcraft is what I was having trouble with so I figured I would just run everything over the snap-store-proxy.
Somehow I was unable to find the info about the REQUESTS_CA_BUNDLE env var… I will give that a try and then my issue will probably be solved