I have a snap parts directory called secrets (which holds tls certificates for my application). squashfs on my snapped application reveals this (secrets) directory in the first level of squashfs-root directory. In the snap application, I have tried to access my tls certificates with $SNAP/secrets/* but failed 100% of the time.
What is the correct way to resolve absolute file paths within a snap?
name: ventio
version: '0.0.2'
summary: Single-line elevator pitch for your amazing snap
description: |
You have a paragraph or two to tell the
most important story about your snap. Keep it under 100 words though,
we live in tweetspace and your description wants to look good in the snap
store.
base: core18
grade: devel
confinement: devmode
parts:
ventio:
plugin: python
source: .
requirements: ['requirements.txt']
secrets:
plugin: dump
source: .
apps:
ventio:
command: bin/ventio
environment:
PATH: $SNAP/usr/bin:$SNAP/bin/:$PATH
PYTHONPATH: $SNAP/usr/lib/python3/site-packages:$SNAP/usr/local/lib/python3.6/dist-packages:$PYTHONPATH
it helps if you add three backticks ``` in the line above and below text you paste, that way the indentation stays intact and it becomes better readable for us …
The fact is that you do not have read or write access to files inside your snap. But, if you’re packaging some extra files that you need to access later, the correct solution is to use layout in snapcraft.yaml : Snap layouts | Snapcraft documentation
In my case,
layout:
/etc/termi:
bind: $SNAP/secrets
With this, I could read my key file from /etc/termi/keyfilename
This makes it look as if the file is coming from outside the snap.