Add a Snap build

[flexiondotorg]

Add snap to script/electron-builder-linux.yml and also stage the required packages and set confinement to classic.

Bump the electron-builder version to 20.28.4, this is needed as it fixes a bug when creating Snaps that use classic confinement.

• snap: do not set environment for classic electron-userland/electron-builder#3300

[shiftkey]

Can you clarify why this is needed? Ideally GitHub Desktop should be launching it's embedded Git package, and if something is not working as expected then I'd like to get that fixed in https://github.com/desktop/dugite-native

[flexiondotorg]

I originally created the GitHub Desktop as a strictly confined Snap and that exposed a requirement for calling git. Sadly I don't have the logs for that anymore. If git is not required then git-core can be dropped from the stage-packages: and as the Snap is now using classic confinement it will find git if it is installed on the host system.

[flexiondotorg]

I originally created the GitHub Desktop Snap with strict confinement, this highlighted an issue where git was being called (sorry I don't have the logs anymore) but due to the strict sandboxing wasn't permitted to execute the git binary installed on the host OS. Therefore I bundled git-core in the Snap.

Now that the GitHub Desktop Snap is using classic confinement, If there is a requirement to execute git it will be permitted to execute the git binary on the host OS.

Would you prefer I drop git-core from the PR?

[shiftkey]

Let me figure out how to test it locally and confirm git-core isn't required.

[shiftkey]

A heads-up: from 1.4.0 the embedded Git package will link to libcurl directly - I've documented the new dependencies in desktop#5478 for reference.

[flexiondotorg]

Are you vendoring libcurl in GitHub Desktop 1.4.0? If you are going to start bundling your own libcurl with GitHub Desktop then libcurl3-gnutls can be dropped from staged-packages:.

[shiftkey]

Are you vendoring libcurl in GitHub Desktop 1.4.0?

No, shared libraries still.

[shiftkey]

I'm trying to run this up on Ubuntu 14.04 but I get stuck in this loop (I've done sudo apt install snapd to install the snap CLI):

$ yarn run package
$ ts-node -P script/tsconfig.json script/package.ts
  • electron-builder version=20.28.4
  • loaded configuration file=/home/shiftkey/src/desktop/script/electron-builder-linux.yml
  • writing effective config file=dist/builder-effective-config.yaml
  • building        target=snap arch=x64 file=dist/GitHubDesktop-linux-amd64-1.4.0-beta0.snap
  • building        target=AppImage arch=x64 file=dist/GitHubDesktop-linux-x86_64-1.4.0-beta0.AppImage
  ⨯ snapcraft is not installed, please: sudo snap install snapcraft --classic
Error: /home/shiftkey/src/desktop/node_modules/app-builder-bin/linux/x64/app-builder exited with code 1
    at ChildProcess.childProcess.once.code (/home/shiftkey/src/desktop/node_modules/builder-util/src/util.ts:254:14)
    at Object.onceWrapper (events.js:317:30)
    at emitTwo (events.js:126:13)
    at ChildProcess.emit (events.js:214:7)
    at maybeClose (internal/child_process.js:925:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:209:5)
From previous event:
    at SnapTarget.build (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/targets/snap.ts:146:44)
    at Function.buildAsyncTargets (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/platformPackager.ts:139:36)
    at /home/shiftkey/src/desktop/node_modules/app-builder-lib/src/platformPackager.ts:125:24
    at Generator.next (<anonymous>)
From previous event:
    at AsyncTaskManager.add (/home/shiftkey/src/desktop/node_modules/builder-util/src/asyncTaskManager.ts:14:20)
    at LinuxPackager.packageInDistributableFormat (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/platformPackager.ts:122:17)
    at /home/shiftkey/src/desktop/node_modules/app-builder-lib/src/platformPackager.ts:113:10
    at Generator.next (<anonymous>)
    at runCallback (timers.js:810:20)
    at tryOnImmediate (timers.js:768:5)
    at processImmediate [as _immediateCallback] (timers.js:745:5)
From previous event:
    at LinuxPackager.pack (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/platformPackager.ts:110:95)
    at /home/shiftkey/src/desktop/node_modules/app-builder-lib/src/packager.ts:376:24
    at Generator.next (<anonymous>)
    at xfs.stat (/home/shiftkey/src/desktop/node_modules/fs-extra-p/node_modules/fs-extra/lib/mkdirs/mkdirs.js:56:16)
    at /home/shiftkey/src/desktop/node_modules/graceful-fs/polyfills.js:287:18
    at FSReqWrap.oncomplete (fs.js:153:5)
From previous event:
    at Packager.doBuild (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/packager.ts:344:39)
    at /home/shiftkey/src/desktop/node_modules/app-builder-lib/src/packager.ts:314:57
    at Generator.next (<anonymous>)
    at /home/shiftkey/src/desktop/node_modules/graceful-fs/graceful-fs.js:99:16
    at /home/shiftkey/src/desktop/node_modules/graceful-fs/graceful-fs.js:43:10
    at FSReqWrap.oncomplete (fs.js:135:15)
From previous event:
    at Packager._build (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/packager.ts:285:133)
    at /home/shiftkey/src/desktop/node_modules/app-builder-lib/src/packager.ts:281:23
    at Generator.next (<anonymous>)
From previous event:
    at Packager.build (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/packager.ts:238:14)
    at build (/home/shiftkey/src/desktop/node_modules/app-builder-lib/src/index.ts:58:28)
    at build (/home/shiftkey/src/desktop/node_modules/electron-builder/src/builder.ts:227:10)
    at then (/home/shiftkey/src/desktop/node_modules/electron-builder/src/cli/cli.ts:42:48)
    at runCallback (timers.js:810:20)
    at tryOnImmediate (timers.js:768:5)
    at processImmediate [as _immediateCallback] (timers.js:745:5)
From previous event:
    at Object.args [as handler] (/home/shiftkey/src/desktop/node_modules/electron-builder/src/cli/cli.ts:42:48)
    at Object.runCommand (/home/shiftkey/src/desktop/node_modules/electron-builder/node_modules/yargs/lib/command.js:237:44)
    at Object.parseArgs [as _parseArgs] (/home/shiftkey/src/desktop/node_modules/electron-builder/node_modules/yargs/yargs.js:1059:30)
    at Object.get [as argv] (/home/shiftkey/src/desktop/node_modules/electron-builder/node_modules/yargs/yargs.js:1000:21)
    at Object.<anonymous> (/home/shiftkey/src/desktop/node_modules/electron-builder/src/cli/cli.ts:25:28)
    at Module._compile (module.js:652:30)
    at Object.Module._extensions..js (module.js:663:10)
    at Module.load (module.js:565:32)
    at tryModuleLoad (module.js:505:12)
    at Function.Module._load (module.js:497:3)
    at Function.Module.runMain (module.js:693:10)
    at startup (bootstrap_node.js:191:16)
    at bootstrap_node.js:612:3
Done in 14.89s.

But this still occurs after I've installed the dependencies:

$ sudo snap install snapcraft --classic
snap "snapcraft" is already installed, see 'snap help refresh'
$ sudo snap refresh
All snaps up to date.

[flexiondotorg]

@shiftkey In order to build a Snap it is currently required to use an Ubuntu 16.04 based host/container/VM. If you are building via Travis they now have support for Xenial (16.04).

[shiftkey]

In order to build a Snap it is currently required to use an Ubuntu 16.04 based host/container/VM.

This might complicate things, because I've had to fall back to using Ubuntu 14.04 for packaging because of glibc issues when compiling native modules that can be then supported on older distros (I was previously using 16.04): #29

[shiftkey]

I've rebased this branch on top of upstream which now has other improvements to the electron-builder-linux.yml config, but I still encounter an error running this on Ubuntu 18.04:

https://gist.github.com/shiftkey/03ce9d169b4e4ef4c48368f30ef7a5a2

The feeds it is complaining about are custom feeds that I've added to install specific versions of Node and Yarn (recommended by them), and I confirmed I have apt-transport-https installed too:

$ apt list --installed | grep apt-transport-https

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

apt-transport-https/bionic-updates,bionic-updates,bionic-security,bionic-security,now 1.6.3ubuntu0.1 all [installed]

[shiftkey]

Cross-referencing this comment from #59

I believe it's because of an undeclared capability in the app. It should be as simple as modifying the package.json file by adding an interface.

The underlying error is related to our use of libsecret - which has been declared - but maybe an additional capability needs to be added as part of the Snap image:

An AppArmor policy prevents this sender from sending this message to this recipient; type="method_call", sender=":1.291" (uid=1000 pid=22162 comm="/snap/github-desktop/31/opt/GitHubDesktop/desktop " label="snap.github-desktop.github-desktop (enforce)") interface="org.freedesktop.Secret.Service" member="OpenSession" error name="(unset)" requested_reply="0" destination=":1.20" (uid=1000 pid=1732 comm="/usr/bin/gnome-keyring-daemon --daemonize --login " label="unconfined")

[flexiondotorg]

@shiftkey Regarding apt-transport-https missing from the packaging, this is fixed in the very soon to be released Snapcraft 2.44. However, including that in your build deps is fine for now and long-term.

As for the AppArmor denial arising from libseret, the password-manager-service interface needs connecting after the GitHub Desktop snap is installed:

snap connect github-desktop:password-manager-service

Connecting interface is also exposed via GNOME Software when installing snaps.