Refresh Control is not supported by ubuntu-image
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Snap Store Server |
Invalid
|
Undecided
|
Unassigned | ||
Ubuntu Image |
Fix Released
|
Undecided
|
Unassigned | ||
snapd |
Fix Released
|
High
|
Samuele Pedroni |
Bug Description
Building an Ubuntu Core image that respects Refresh Control is very difficult or impossible.
ubuntu-image does not obtain validated snap revisions: it just pulls the current revision on the specified channel. After first boot and refresh, the validated revisions are obtained & installed, but the first boot does not use validated revisions because they are not seeded.
If one has the validated snaps and their assertions in the current working dir when running ubuntu-image, one could install them into the image, asserted, using '--snap SNAPFILE'. But, there are problems getting the validated snaps/assertions. Notably, 'snap download SNAP --revision=FOO` is only supported for accounts with "developer access" (see the tool's help).
Refresh Control is most useful to control snaps that the brand specifically does *not* control, but it is precisely these snaps that cannot be downloaded with .snap download SNAP --revision...'.
(Not really sure if this issue should be filed against snapd or ubuntu-image...)
Changed in snapd: | |
assignee: | nobody → Samuele Pedroni (pedronis) |
Changed in ubuntu-image: | |
status: | New → In Progress |
Changed in snapd: | |
status: | In Progress → Fix Committed |
Changed in snapstore-server: | |
status: | New → Invalid |
Changed in ubuntu-image: | |
status: | In Progress → Fix Committed |
information type: | Public → Public Security |
information type: | Public Security → Public |
Changed in ubuntu-image: | |
status: | Fix Committed → Fix Released |
Changed in snapd: | |
status: | Fix Committed → Fix Released |
Note that the possible work around of building an image using sideloaded snaps of the validated revisions is not allowed when the model assertion uses "grade: signed" or "grade: secured" but only works with "grade: dangerous". Since "grade: dangerous" is not a preferred choice for production images, building a production image with validated snaps is currently difficult.