I have a CI system that builds and releases my snaps for me whenever I create a pull request. That system has a macaroon that I generated a while back with the permission necessary to do that, with
package_release ACLs. That system recently started failing to release, however:
$ snapcraft login --with creds Login successful. You now have these capabilities: snaps: ['kyrofa-test-snap2'] channels: ['edge'] permissions: ['package_push', 'package_release'] expires: None $ snapcraft push kyrofa-test-snap2_0.1_amd64.snap --release=edge Preparing to push 'kyrofa-test-snap2_0.1_amd64.snap'. After pushing, the resulting snap revision will be released to 'edge' when it passes the Snap Store review. Running the review tools before pushing this snap to the Snap Store. Pushing 'kyrofa-test-snap2_0.1_amd64.snap' [====================================================] 100% Processing...| released Revision 18 of 'kyrofa-test-snap2' created. Error fetching status of snap id 'w99x8XxPrYxC0EyBJK22RibawoEKoCJw' for 'amd64' in '16' series: Permission "package_access" is required as a macaroon caveat..
This has worked for a year now. Breaking my CI isn’t cool, and we document that process (including those ACLs) in a number of places. Is there any chance we can make the old ACLs continue working?