From what I remember, the unsafe-perm permission is already set in the plugin, but it only covers the exact portion that snapcraft itself handles (I.E, either when not using override-build, or the specific snapcraftctl build command and not anything around it).
Anyway, my guess/recommendations would be to add the following as build-environment parameters
parts:
cli-worm:
build-environment:
- npm_config_unsafe_perm: 'true'
- SUDO_UID: '0'
- SUDO_GID: '0'
- SUDO_USER: 'root'
- npm_config_prefer_offline: 'true'
It’s been a while so I can’t remember 100%, but there was 3 major problems for me using NPM
-
The unsafe perm flag, to allow NPM to run as root
-
Some modules drop into a subshell to execute other commands (E.G, git). When they drop into the subshell, they try running as a lower priveledged user, they end up failing since they can’t modify the build. This is what SUDO_* variables fix, and instruct any subshells/forks/etc into running as root too, and I assume is what’s causing your actual problem above
3778 error syscall spawn
3779 error file sh
- NPM can get picky and demand packages to be cached offline, and won’t actually grab them if they don’t already exist, so prefer_config_offline nudges them into prefering locally cached modules but not straight up failing if they don’t have them (Since Snapcraft environments are cleaned regularly so failing like that doesn’t make sense).