From laney at ubuntu.com Fri Nov 2 16:28:40 2018 From: laney at ubuntu.com (Iain Lane) Date: Fri, 2 Nov 2018 16:28:40 +0000 Subject: Seeded snap upload permissions reality vs. spec Message-ID: <20181102162840.x3heawntos6qbivz@nightingale> Hi, The seeded snaps policy¹ says: | […] to be included in an Ubuntu image, a snap should have as its | publisher either the upstream, or the Ubuntu developer community. For | the latter, a common team should initially be created in the Snap | Store whose membership is managed by the Developer Membership Board, | and kept in sync with the ubuntu-core-dev team in Launchpad, with the | Ubuntu Security team additionally included but when I check the list of snaps that are currently seeded, I find that this is not the case: $ for snap in $(awk '/seed/ { print $1 }' ~ubuntu-archive/public_html/germinate-output/*.disco/all.snaps); do echo ${snap}; snap info ${snap} | grep publisher; done ubuntu-budgie-welcome publisher: Ubuntu budgie (ubuntubudgie) gnome-3-26-1604 publisher: Canonical✓ gnome-calculator publisher: Canonical✓ gnome-characters publisher: Canonical✓ gnome-logs publisher: Canonical✓ gnome-system-monitor publisher: Canonical✓ gtk-common-themes publisher: Canonical✓ lxd publisher: Canonical✓ pulsemixer publisher: George Filipkin (georgefilipkin) software-boutique publisher: Martin Wimpress (flexiondotorg) ubuntu-mate-welcome publisher: Martin Wimpress (flexiondotorg) One of those seems to genuinely be the upstream, but for the others I think they fall into the second category given above. (Aside: maybe the policy would benefit from becoming clearer about when a snap is upstream vs. community though, as it would be possible I think to argue that ubuntu-* and software-boutique are upstream maintained and so the present publishers are OK, but IMO they should be community.) I wonder if the TB has a view on the implementation of the policy. I'm not sure if the current Snap Store makes creating such a team easy or possible (for example I think you can't specify Launchpad teams here, which would be the solution if it could be done). If not, perhaps a decision from the TB would help to have work to enable this prioritised, so we can fix the publishers in the 19.04 cycle. This came up just yesterday where we had to create branches for the new release in order to build initial images for disco, but only a few developers have access to the seeded snaps to do so, which meant we had to block on those people becoming available. It'd similarly be a problem if we ever needed to invoke the reason that the branches exist - to make special updates - while none of the listed people are around. Thanks! -- Iain Lane [ iain at orangesquash.org.uk ] Debian Developer [ laney at debian.org ] Ubuntu Developer [ laney at ubuntu.com ] ¹ https://wiki.ubuntu.com/UbuntuSeededSnaps#Maintainer -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: