Meeting notes for June 12th
25 sec cold boot (150 runs)
snapshotting needs to run now
ACTION will have numbers by EOD (for 1GB ram, then will run with more)
ACTION something building end to end by Friday for 16.04 from a branch so others can try.
Should we move to multipass now, or continue spiking with qemu?
- Continue with qemu until we know exactly what we want.
- Test the intention, not the implementation
what should the build user be? should we build as a user or root?
- isn’t it a world of pain to not build as root?
- doesn’t matter as long as we have an option to become root
mounting as 9p, can you have files not owned by root?
- ACTION security model option
where will we store the vms?
- agreement from the sprint is to have a hardcoded url for the image
- with a hash or without a hash?
- the problem with a hash is that you have to update snapcraft every time you update an image, so leave it off for now
- fine to have the json in github and then downloading the image based on what you find on github
- the only attack vector we get that we wouldn’t have otherwise is no delay from someone hacking github; otherwise you’d have to wait for a release
ACTION can you give us an example of the json file, how you plan to support the json file for the next meeting?
- the case of having a part with no plugin defintion would not be allowed when you use a base
- As well as having a part in
after that’s not defined
- and we need to sort out the case of desktop files
- we probably need to organise the conversation around templates so we’re not forcing - people writing desktop apps to copy everything into their snapcraft.yaml
ACTION next tuesday we should start discussing templates
kyle thinks they should be more like plugs
gustavo thinks layered approach is the right way to go
some system to reject parts of the template as well
use the template but this specific bit is wrong for my case