diff --git a/.bzrignore b/.bzrignore index 32f6501464..e91a6cd02d 100644 --- a/.bzrignore +++ b/.bzrignore @@ -15,4 +15,5 @@ dist htmlcov __pycache__ docs/**.html +*~ *.swp diff --git a/demos/git/README.md b/demos/git/README.md new file mode 100644 index 0000000000..8c3553314b --- /dev/null +++ b/demos/git/README.md @@ -0,0 +1,28 @@ +This example builds git trunk. It demonstrates the use of the 'home' +plug to allow it access to the users home directory. + +After building and installing the snap, you will need to run the following +command to grant it access to your home directory: + +```sh +snap connect git:home ubuntu-core:home +``` + +Only access to the home directory is granted. You can see this containment +in action by attempting to initialize a repository in /tmp: + +```sh +$ mkdir -p /tmp/foo +$ cd /tmp/foo +$ /snap/bin/git init +fatal: Could not change back to '/tmp/foo': No such file or directory +``` + +Initializing and using repositories in your home directory works fine: + +```sh +$ mkdir -p $HOME/tmp/foo +$ cd $HOME/tmp/foo +$ /snap/bin/git init +Initialized empty Git repository in /home/ubuntu/tmp/foo/.git/ +``` diff --git a/demos/git/snapcraft.yaml b/demos/git/snapcraft.yaml index 0d96ff0dd6..76d61faff3 100644 --- a/demos/git/snapcraft.yaml +++ b/demos/git/snapcraft.yaml @@ -5,8 +5,15 @@ description: This example is not really production quality confinement: strict apps: - server: + git: command: bin/git + # git will not have access to files outside of its containment + # until you run the following command after installing the snap: + # snap connect git:home ubuntu-core:home + # After connecting up the home interface it gains access to + # non-hidden files in home directories. + plugs: + - home parts: git: diff --git a/snaps_tests/demos_tests/test_git.py b/snaps_tests/demos_tests/test_git.py new file mode 100644 index 0000000000..fdfd0fc670 --- /dev/null +++ b/snaps_tests/demos_tests/test_git.py @@ -0,0 +1,31 @@ +# -*- Mode:Python; indent-tabs-mode:nil; tab-width:4 -*- +# +# Copyright (C) 2016 Canonical Ltd +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 3 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import snaps_tests + + +class GitTestCase(snaps_tests.SnapsTestCase): + + snap_content_dir = 'git' + + def test_git(self): + self.build_snap(self.snap_content_dir) + self.install_snap(self.snap_content_dir, 'git', '0') + self.snappy_testbed.run_command(['sudo', 'snap', 'connect', + 'git:home', 'ubuntu-core:home']) + self.assertTrue( + self.snappy_testbed.run_command(['/snap/bin/git', + '--version']).startswith('git'))