After doing an install of jenkins, it thinks it is offline. After a bit of googling, and following suggestions for similar errors, I found that modifying /var/snap/jenkins/99/hudson.model.UpdateCenter.xml and switching the url from https to plain old http, then Jenkins was able to find plugins and updates.
More goolging reveals this is because Java cannot find and certificate authorities to verify SSL connections.
I suspect that the certificates aren’t actually available in the snap given the commit/PR description, and likely the needed certs have to come either from the core snap, or from a stage-packages. I don’t recall all of the stage-packages that the jdk plugin adds, but for one of the snaps I help maintain that uses Java, we use openjdk-8-jdk stage package for other reasons and it seems to have certificates located here:
# cd $SNAP
# ls -la usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts
lrwxrwxrwx 1 root root 47 Dec 11 04:47 usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts -> ../../../../../../../etc/ssl/certs/java/cacerts
# ls etc/ssl/certs/java/cacerts
etc/ssl/certs/java/cacerts
Since this seems to be @popey’s snap, pinging him may help…
Pull requests most welcome, of course. I am also of a mind that this snap should really be classic, given how jenkins can often be used to call out to other random binaries, and being confined will limit its usefulness. What do you think?
Does classic effect how the snap is installed (I’m very new to how they are packaged)?
Is this two separate issues - would it be best to revisit the change in pull/10 and fix the symlink instead of just removing it. Once Jenkins seems happier, then re-visit if it should be classic or not?
