I am working on publishing the Vicegerent devops tool as a snap. One essential part of the app is access to the host machine’s $PATH variable and the ability to start arbitrary programs.
@jamesh told me in this post that this is only possible with the classic confinement. Thus I would request the permission for that.
I have registered the vicegerent name and got the snap working in local machine.
I have read the linked discussion but I would encourage you first explore other alternatives that iiuc could work in your scenario while keeping your snap under strict confinement. From your github documentation, I see the app “helps you to run predefined sets of commands in the server”: have you tried shipping the tools you need (e.g. stage-package) in your snap?
FYI, if you take a look at our process for reviewing classic confinement snaps, the need to launch arbitrary applications is not generally considered a supported use-case for classic confinement .
So I suggest you turn the snap to strict confinement again and try some of the options provided. You can use snappy-debug to alert you of any denials. snappy-debug will recommend interfaces based on the behavior it observes in your snap. Instructions on how to do so can be found here https://snapcraft.io/docs/debugging-building-snaps#heading--identifying-missing-interfaces
I do not think that shipping the needed tools in the snap would solve the problem. A real-world usecase in a CI/CD pipeline might look like this:
run some general system updates
check that there is enough disk space available
install the new version of the software
run some checks to verify that the installation process was successful
Thus it would not be possible to foresee all the commands which might be needed for the end user. I am afraid that if only a restricted subset of commands are available, the application is not usable in practical scenarios any more.
Would there be an option to publish with classic confinement to only edge or beta channels?
I have also considered just publishing the snap with GitHub releases and asking the users to install it manually, but this way there is no good way to handle updates.
@eeriksp the requirements for classic confinement in regards to vicegerent are understood as it would appear it cannot function as expected (ie launching arbitrary binaries etc) without that permission.
Also from the description from the github project page:
“Vicegerent is a small Go application which helps you to run predefined sets of commands in the server invoked by an HTTP call.”
This would appear to potentially fit within the existing category for classic confinement of “HPC or orchestration agents/software for running workloads on systems without traditional users where the systems are otherwise managed outside of the agent”. This is a bit of a grey area (hence @emitorino’s discussion above as this is not entirely cut-and-dry) but given this is more of a specialist tool I am inclined to look at it more through this lens and so would support the use of classic confinement in this case.
As such, the requirements for classic confinement are understood.
@advocacy could you please perform publisher vetting?
@Igor Right now the GitHub repository page serves that purpose. However, in the future as the documentation grows in size, we are planning to publish a dedicated webpage.
@Igor: For now I believe we can use the vicegerent github repository as the official app page. @eeriksp please let us know as soon as you publish a dedicated webpage for it. Thanks!