Skip to content

ci(snap): add snap release pipeline#1600

Merged
drew merged 5 commits into
mainfrom
dn/snap/build-pipeline
May 27, 2026
Merged

ci(snap): add snap release pipeline#1600
drew merged 5 commits into
mainfrom
dn/snap/build-pipeline

Conversation

@drew
Copy link
Copy Markdown
Collaborator

@drew drew commented May 27, 2026
edited
Loading

Summary

Add the snap release packaging path to Release Dev and Release Tag, including Snapcraft build/publish and release-canary artifact installation.

Supersedes #1494 with some small changes to fix up permissions.

Followup work includes better reuse of build artifacts.

Related Issue

None.

Changes

  • Add a reusable Snap package workflow for amd64 and arm64 builds.
  • Wire snap artifacts into release-dev and release-tag publishing.
  • Update the snap canary to install the release-dev artifact.
  • Fix CI Snapcraft execution on self-hosted runners by setting XDG_RUNTIME_DIR and running under the lxd group.

Testing

  • mise run pre-commit passes
  • Rust tests completed during mise run pre-commit
  • E2E tests added/updated (if applicable)

Notes: mise run pre-commit failed before PR creation because rust:lint reports an unrelated unused warn import in crates/openshell-sandbox/src/process.rs, and python:proto hit a transient .venv dependency race while another pre-commit task recreated the environment.

Checklist

  • Follows Conventional Commits
  • Commits are signed off (DCO)

Note: the current branch contains a wip commit that should be cleaned up before merge.

zyga and others added 5 commits May 27, 2026 10:54
@zyga @drew
ci: add snap build and publish pipeline
ddba590 
Add a snap-package.yml reusable workflow for building snaps on amd64 and
arm64, and wire it into release-dev.yml and release-tag.yml.

The release canary ubuntu-snap job downloads the snap from release-dev
artifacts using actions/download-artifact with run-id instead of fetching
it via an unauthenticated GitHub API call. This is consistent with how all
other package types (deb, rpm, etc.) are consumed across the tree and
avoids rate-limiting issues.

The snap job only runs on workflow_run triggers (not dispatch) since
artifacts are only available from a prior release-dev run. The docker snap
dependency (sudo snap install docker) is required before installing the
openshell snap which plugs the docker interface.

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
@zyga @drew
ci: chmod lxd socket 666 for build, fix docker firewall
b3871a0 
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
@zyga @drew
ci: upload snapcraft failure logs
b182a8f
@zyga @drew
ci: wait for lxd to be ready
3542c90 
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
@drew
wip
25f5efa
@drew drew requested review from a team, derekwaynecarr, maxamillion and mrunalp as code owners May 27, 2026 19:05
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 27, 2026

🌿 Preview your docs: https://nvidia-preview-pr-1600.docs.buildwithfern.com/openshell

@drew drew merged commit 6c7950d into main May 27, 2026
72 checks passed
@drew drew deleted the dn/snap/build-pipeline branch May 27, 2026 22:50
@zyga zyga mentioned this pull request May 28, 2026
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TaylorMutch TaylorMutch TaylorMutch approved these changes

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@maxamillion maxamillion Awaiting requested review from maxamillion maxamillion is a code owner

@derekwaynecarr derekwaynecarr Awaiting requested review from derekwaynecarr derekwaynecarr is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@drew @TaylorMutch @zyga