[revoked] Requesting classic confinement for `sam-cli`


#1

Hi folks, I’m working on snapping the AWS SAM CLI (https://github.com/awslabs/aws-sam-cli). The SAM CLI is a tool for publishing serverless applications on AWS.

It makes use of the AWS CLI (https://docs.aws.amazon.com/cli/index.html) which most AWS users will already have installed and with config located under ~/.aws.

The reason for classic confinement is just that the SAM CLI will need to be able to access those config files in ~/.aws to work.


#2

Oh and also I’d like to request the alias sam for the sam-cli package as that’s what all the documentation expects the executable to be called :slight_smile:


#3

Have you checked out the personal-files interface?


#4

Maybe you should name the snap sam instead.


#5

I’ll give that a try and report back shortly! Thanks :slight_smile:


#6

Two reasons I didn’t take that route:

  1. the application documentation and the repository it’s in refer to it as “the SAM CLI” but the executable you get from installing “the SAM CLI” is sam so it seemed the package ought to be named sam-cli with an alias of sam

  2. Someone else (no idea who) has registered the sam snap but not published anything.


#7

The sam name is reserved but not registered, you can register reserved names via the Request reserved name in the Global store form.


#8

Ah ok thanks! I’m pretty new to snapcraft so still finding my way around.


#9

So I’ve tried to get the personal-files interface working for this but perhaps I’m doing something wrong.

I have the following in my snapcraft.yaml:

plugs:
  aws-config:
    interface: personal-files
    read:
      - $HOME/.aws

apps:
  sam-cli:
    command: bin/sam
    plugs:
      - aws-config

Yet the aws command still can’t seem to load my config. Additionally, if I do snap run --shell sam-cli I don’t see .aws anywhere in the home directory. Should I expect it to be there?


#10

By default HOME is set to ~/snap/snap_identifier/current, you have to overwrite it to the actual user home directory.

This is usually done in a launcher:


#11

Did you connect the interface? i.e. what does snap interfaces sam-cli show?


#12

Ah right. Ok in that case the personal-files interface is still behaving unexpectedly but in a different way: from within the snap (run --shell) I can see everything in my home directory.


#13

@ijohnson Yes, it’s connected correctly:

personal-files          sam-cli:aws-config               :personal-files                 manual

#14

If you have connected the snap to the home interface this is expected as this interface allows access to non-hidden-files-directly-under-the-home-directory in the home directory(you can still list them, but any read attempt will fail).


#15

I haven’t connect the home interface, just the personal-files but I can see and read everything in my home directory (including file in hidden folders). Strange as everything else works just fine :man_shrugging:


#16

You may want try to reproduce it with the gallery-dl snap, be sure to disconnect the home interface as it is default connected.


#17

Good tip, thanks. Yes that seems to work correctly. With home disconnected, I can’t see anything in my real home dir. Do you know of any example snaps with personal-files working correctly that I could try?


#18

Interestingly, I just noticed that if i connect home to gallery-dl and run a shell, I can read dot files :S

Ignore this! It’s because some of my dotfiles are symlinks to non-hidden locations :slight_smile:


#19

Well the aforementioned gallery-dl snap is one of them, here’s the recipe:


#20

Hmm ok thanks. So with home disconnected, I can’t read .config/gallery-dl because No such file or directory (it does exist, of course)

with home connected: Permission denied.

So it looks like there’s something strange going on.