fabrica is supposed to become the center of an Ubuntu Core based “on premise build appliance”. It uses lxd containers (via pylxd) to clone a git tree and run snapcraft inside, managed via a web UI (eventually it should be similar to “your own in-house build.snapcraft.io machine”)
To spawn containers and run commands in them it will need permission to use the lxd plug … since the snap is supposed to be pre-seeded with a custom gadget in a custom image no auto-connection is required (will be done from gadget.yaml)
the source of the current prototype is at
The binary snap should be in the manual review queue at:
Since there is prior art for granting lxd access to snaps I linked it below:
+1 for use of the lxd interface. Do note that this grants a lot of power to this snap so please use some privilege separation, guard your snap’s APIs, sockets (network or otherwise), etc so another snap or unprivileged user can’t escalate.