Hi!
I try to build a flutter snap in remote-build with a private github repository as a dependency.
The problem I ran into is that I can’t setup a SSH key in my build that would make it possible to pull the repository.
Is there something that I could have missed to enable this or can someone please advice how I could achieve this?
Thank you!
Hi ! @wunderlich-ben
Is your repository private ?
Hi! @baldeuniversel!
Thanks for the quick reply.
Yes the repository is private for the package.
Is your public key stored on your Github account ?
Yes the public key is stored in Github.
I tried to pull the repository with the key and it worked as expected.
@wunderlich-ben, Is it possible to see the error log?
The issue is that because it is a private repository it needs the ssh key to access the repository.
I tried to add the SSH key setup to the snapcraft.yaml but that failed with errors that github.com is not a know_host.
I couldn’t resolve these issues even not by adding a known_host file.
I tried then snapcraft --bind-ssh
but that has thrown more errors and didn’t work for me.
I’m also not quite sure if the last command is working with remote-builds.
Can I see your *.yaml (the content) file ?
Yes that is my snapcraft.yaml:
name: trunk-works-andon
# x-release-please-start-version
version: 1.17.0
# x-release-please-end
summary: trunk.works andon screen status for use with trunk.works
description: This is trunk-works-andons application.
confinement: strict
compression: lzo
grade: stable
base: core22
apps:
trunk-works-andon:
command-chain: &_command-chain
- bin/graphics-core22-wrapper
- bin/wayland-launch
command: &_command bin/andon
plugs: &_plugs
- opengl
- wayland
- network
- network-observe
- network-bind
- network-status
- network-control
- network-manager
- network-manager-observe
- netlink-audit
- netlink-connector
- qualcomm-ipc-router
- network-setup-observe
- bluetooth-control
- avahi-observe
environment: &_environment
XDG_DATA_HOME: $SNAP_USER_DATA
XDG_DATA_DIRS: $SNAP/usr/share
GDK_GL: gles
daemon:
daemon: simple
restart-delay: 3s
restart-condition: always
command-chain: *_command-chain
command: *_command
plugs: *_plugs
environment: *_environment
plugs:
graphics-core22:
interface: content
target: $SNAP/graphics
default-provider: mesa-core22
environment:
XDG_CACHE_HOME: $SNAP_USER_COMMON/.cache
XDG_CONFIG_HOME: $SNAP_USER_DATA/.config
XDG_CONFIG_DIRS: $SNAP/etc/xdg
XDG_DATA_DIRS: $SNAP/usr/local/share:$SNAP/usr/share
XKB_CONFIG_ROOT: $SNAP/usr/share/X11/xkb
layout:
/usr/share/libdrm:
bind: $SNAP/graphics/libdrm
/usr/share/drirc.d:
symlink: $SNAP/graphics/drirc.d
/usr/local/share/fonts:
bind: $SNAP/usr/local/share/fonts
/usr/share/fonts:
bind: $SNAP/usr/share/fonts
/usr/share/icons:
bind: $SNAP/usr/share/icons
/usr/share/sounds:
bind: $SNAP/usr/share/sounds
/etc/fonts:
bind: $SNAP/etc/fonts
/usr/lib/$CRAFT_ARCH_TRIPLET/gdk-pixbuf-2.0:
bind: $SNAP/usr/lib/$CRAFT_ARCH_TRIPLET/gdk-pixbuf-2.0
/usr/lib/${CRAFT_ARCH_TRIPLET}/gtk-3.0:
bind: $SNAP/usr/lib/${CRAFT_ARCH_TRIPLET}/gtk-3.0
/usr/share/mime:
bind: $SNAP/usr/share/mime
/etc/gtk-3.0:
bind: $SNAP/etc/gtk-3.0
parts:
andon:
plugin: nil
source: .
build-snaps:
- flutter/latest/stable
build-environment:
- C_INCLUDE_PATH: /snap/flutter/current/usr/include
- LD_LIBRARY_PATH: ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/snap/flutter/current/usr/lib/$CRAFT_ARCH_TRIPLET
- PKG_CONFIG_PATH: ${PKG_CONFIG_PATH:+$PKG_CONFIG_PATH:}/snap/flutter/current/usr/lib/$CRAFT_ARCH_TRIPLET/pkgconfig
- XDG_DATA_DIRS: /snap/flutter/current/usr/share${XDG_DATA_DIRS:+:$XDG_DATA_DIRS}
- SSH_KEY_PASSPHRASE: test
override-build: |
set -eux
echo "Installing flutter"
mkdir -p $CRAFT_PART_INSTALL/bin/lib
flutter channel stable
dart pub global activate fvm
export PATH="$PATH":"$HOME/.pub-cache/bin"
# Add github.com to known hosts
mkdir -p ~/.ssh
# Copy the ssh keys to the correct location
openssl aes-256-cbc -d -in $CRAFT_PART_BUILD/snap/ssh/id_rsa_snapcraft.enc -out ~/.ssh/id_rsa -pass pass:$SSH_KEY_PASSPHRASE
chmod 600 ~/.ssh/id_rsa
# Add the public key
cp $CRAFT_PART_SRC/snap/ssh/id_rsa_snapcraft.pub ~/.ssh/id_rsa.pub
chmod 644 ~/.ssh/id_rsa.pub
# Copy the known hosts file to the correct location
cp $CRAFT_PART_SRC/snap/ssh/known_hosts ~/.ssh/known_hosts
# Install dependencies
fvm install
fvm flutter config --enable-linux-desktop
fvm flutter doctor
fvm flutter pub get
echo "Setting up .env file in assets/ folder"
echo "SENTRY_DSN=https://xxx.com" > assets/.env
echo "STREAM_URL=https://example.com" >> assets/.env
echo "ANDONS_AUTH_SECRET_KEY=XXXXX" >> assets/.env
echo "STREAM_API_VERSION=v2" >> assets/.env
echo "Start building the app"
fvm flutter build linux --release -v
echo "Copying the build to the part install folder"
cp -r build/linux/*/release/bundle/* $CRAFT_PART_INSTALL/bin/
stage-packages:
- libgtk-3-0
- libgl1
gsettings+pixbuf+immodules:
plugin: nil
build-packages:
- libgdk-pixbuf2.0-0
- librsvg2-common
- shared-mime-info
- libgtk-3-0
override-build: |
craftctl default
# Update mime database
update-mime-database ${CRAFT_PART_INSTALL}/usr/share/mime
# build immodules cache
mkdir -p ${CRAFT_PART_INSTALL}/usr/lib/${CRAFT_ARCH_TRIPLET}/gtk-3.0/3.0.0/
/usr/lib/${CRAFT_ARCH_TRIPLET}/libgtk-3-0/gtk-query-immodules-3.0 > ${CRAFT_PART_INSTALL}/usr/lib/${CRAFT_ARCH_TRIPLET}/gtk-3.0/3.0.0/immodules.cache
stage-packages:
- librsvg2-common
- gsettings-desktop-schemas
- libglib2.0-bin
override-prime: |
craftctl default
# Compile the gsettings schemas
/usr/lib/${CRAFT_ARCH_TRIPLET}/glib-2.0/glib-compile-schemas "$CRAFT_PRIME/usr/share/glib-2.0/schemas"
# Index the pixbuf loaders
LOADERS_PATH=$(echo ${CRAFT_PRIME}/usr/lib/${CRAFT_ARCH_TRIPLET}/gdk-pixbuf-2.0/*/loaders)
QUERY_LOADERS=/usr/lib/${CRAFT_ARCH_TRIPLET}/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders
GDK_PIXBUF_MODULEDIR=${LOADERS_PATH} ${QUERY_LOADERS} > ${LOADERS_PATH}/../loaders.cache
sed s!$CRAFT_PRIME!!g --in-place ${LOADERS_PATH}/../loaders.cache
setup:
plugin: dump
source: snap/local/wayland-launch
override-build: |
# The plugs needed to run Wayland. (wayland-launch checks them, setup.sh connects them)
# You may add further plugs here if you want these options
PLUGS="opengl wayland graphics-core22"
sed --in-place "s/%PLUGS%/$PLUGS/g" $CRAFT_PART_BUILD/bin/wayland-launch
sed --in-place "s/%PLUGS%/$PLUGS/g" $CRAFT_PART_BUILD/bin/setup.sh
craftctl default
stage-packages:
- inotify-tools
graphics-core22:
after:
- andon
- gsettings+pixbuf+immodules
- setup
source: https://github.com/MirServer/graphics-core22.git
plugin: dump
override-prime: |
craftctl default
${CRAFT_PART_SRC}/bin/graphics-core22-cleanup mesa-core22 nvidia-core22
cd "$CRAFT_PRIME/usr/share/"
rm -rf bug drirc.d glvnd libdrm lintian man
rm -rf applications apport bash-completion dbus-1 doc-base doc gtk-doc\
help pkgconfig libthai metainfo themes thumbnailers xml
prime:
- bin/graphics-core22-wrapper
architectures:
- build-on: amd64
- build-on: arm64
This part you mean ?
source: https://github.com/MirServer/graphics-core22.git
No the part that is failing is in my pubspec.yaml.
I’m sorry, I can’t share the entire file but how I import the repository is like this:
...
widgets:
git:
url: git@github.com:org/libs.git
ref: main
path: widgets
...
@wunderlich-ben , I would have rather done like this :
...
widgets:
plugin: dump
source: git@github.com:org/libs.git
source-type: git
source-branch: main
source-subdir: widgets
...
But before the build, try to run this command (if it is not already done) :
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa # Of course the real path
@baldeuniversel thanks for the update.
I will try the ssh-add.
I might not have made that clear enough, the first part is in my flutter pubspec.yaml and specifies the dependency that I try to install.
Here is the documentation for that: https://dart.dev/tools/pub/dependencies#git-packages
1 Like
Hi @baldeuniversel,
I gave the ssh-add
a try but I still get this error message:
Resolving dependencies...
:: Git error. Command: `git clone --mirror git@github.com:org/libs.git /root/.pub-cache/git/cache/libs-5f281768d50d6aab259de3de9ebca5f241f92f87`
:: stdout:
:: stderr: Cloning into bare repository '/root/.pub-cache/git/cache/libs-5f281768d50d6aab259de3de9ebca5f241f92f87'...
:: ssh: Could not resolve hostname github.com: Name or service not known
:: fatal: Could not read from remote repository.
::
:: Please make sure you have the correct access rights
:: and the repository exists.
Is there anything else that I could try?
@wunderlich-ben, did you try running it with the option --bind-ssh
?
Like this :
snapcraft --bind-ssh
@baldeuniversel I tried that command but it seams like it doesn’t exist for remote-build
@wunderlich-ben , try this before building
ssh-keyscan -H github.com >> ~/.ssh/known_hosts
@baldeuniversel I tried that and we get a new error:
+ ssh-keyscan -H github.com
:: getaddrinfo github.com: Name or service not known
:: getaddrinfo github.com: Name or service not known
:: getaddrinfo github.com: Name or service not known
:: getaddrinfo github.com: Name or service not known
:: getaddrinfo github.com: Name or service not known
It might be a network issue with the remote-build
but that would be odd since it is downloading other dependencies.
Check this file :
/etc/resolv.conf
If this line nameserver 8.8.8.8 is missing, I recommend you to add the line in question, like this :
nameserver 8.8.8.8
In this file /etc/hosts
, if you find any github line, I recommend you to comment the line in question.