Seeded snap upload permissions reality vs. spec

Iain Lane laney at ubuntu.com
Fri Nov 2 16:28:40 UTC 2018


Hi,

The seeded snaps policy¹ says:

| […] to be included in an Ubuntu image, a snap should have as its
| publisher either the upstream, or the Ubuntu developer community. For
| the latter, a common team should initially be created in the Snap
| Store whose membership is managed by the Developer Membership Board,
| and kept in sync with the ubuntu-core-dev team in Launchpad, with the
| Ubuntu Security team additionally included

but when I check the list of snaps that are currently seeded, I find
that this is not the case:

  $ for snap in $(awk '/seed/ { print $1 }' ~ubuntu-archive/public_html/germinate-output/*.disco/all.snaps); do echo ${snap}; snap info ${snap} | grep publisher; done
  ubuntu-budgie-welcome
  publisher: Ubuntu budgie (ubuntubudgie)
  gnome-3-26-1604
  publisher: Canonical✓
  gnome-calculator
  publisher: Canonical✓
  gnome-characters
  publisher: Canonical✓
  gnome-logs
  publisher: Canonical✓
  gnome-system-monitor
  publisher: Canonical✓
  gtk-common-themes
  publisher: Canonical✓
  lxd
  publisher: Canonical✓
  pulsemixer
  publisher: George Filipkin (georgefilipkin)
  software-boutique
  publisher: Martin Wimpress (flexiondotorg)
  ubuntu-mate-welcome
  publisher: Martin Wimpress (flexiondotorg)

One of those seems to genuinely be the upstream, but for the others I
think they fall into the second category given above.

(Aside: maybe the policy would benefit from becoming clearer about when
a snap is upstream vs. community though, as it would be possible I think
to argue that ubuntu-* and software-boutique are upstream maintained and
so the present publishers are OK, but IMO they should be community.)

I wonder if the TB has a view on the implementation of the policy. I'm
not sure if the current Snap Store makes creating such a team easy or
possible (for example I think you can't specify Launchpad teams here,
which would be the solution if it could be done). If not, perhaps a
decision from the TB would help to have work to enable this prioritised,
so we can fix the publishers in the 19.04 cycle.

This came up just yesterday where we had to create branches for the new
release in order to build initial images for disco, but only a few
developers have access to the seeded snaps to do so, which meant we had
to block on those people becoming available. It'd similarly be a problem
if we ever needed to invoke the reason that the branches exist - to make
special updates - while none of the listed people are around.

Thanks!

-- 
Iain Lane                                  [ iain at orangesquash.org.uk ]
Debian Developer                                   [ laney at debian.org ]
Ubuntu Developer                                   [ laney at ubuntu.com ]

¹ https://wiki.ubuntu.com/UbuntuSeededSnaps#Maintainer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/technical-board/attachments/20181102/2987d9f7/attachment.sig>


More information about the technical-board mailing list