def create_key(name):
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use '
'`create-key`, you must run `apt install snapd`.')
if not name:
name = 'default'
keys = list(_get_usable_keys(name=name))
if keys:
# `snap create-key` would eventually fail, but we can save the user
# some time in this obvious error case by not bothering to talk to
# the store first.
raise RuntimeError('You already have a key named "{}".'.format(name))
store = storeapi.StoreClient()
try:
account_info = store.get_account_information()
enabled_names = {
account_key['name']
for account_key in account_info['account_keys']}
except storeapi.errors.InvalidCredentialsError:
# Don't require a login here; if they don't have valid credentials,
# then they probably also don't have a key registered with the store
# yet.
enabled_names = set()
if name in enabled_names:
raise RuntimeError(
'You have already registered a key named "{}".'.format(name))
subprocess.check_call(['snap', 'create-key', name])
def create_key(name):
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use '
'`create-key`, you must run `apt install snapd`.')
if not name:
name = 'default'
keys = list(_get_usable_keys(name=name))
if keys:
# `snap create-key` would eventually fail, but we can save the user
# some time in this obvious error case by not bothering to talk to
# the store first.
raise RuntimeError('You already have a key named "{}".'.format(name))
store = storeapi.StoreClient()
try:
account_info = store.get_account_information()
enabled_names = {
account_key['name']
for account_key in account_info['account_keys']
}
except storeapi.errors.InvalidCredentialsError:
# Don't require a login here; if they don't have valid credentials,
# then they probably also don't have a key registered with the store
# yet.
enabled_names = set()
if name in enabled_names:
raise RuntimeError(
'You have already registered a key named "{}".'.format(name))
subprocess.check_call(['snap', 'create-key', name])
def sign_build(snap_filename, key_name=None, local=False):
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use '
'`sign-build`, you must run `apt install snapd`.')
if not os.path.exists(snap_filename):
raise FileNotFoundError(
'The file {!r} does not exist.'.format(snap_filename))
snap_series = storeapi.constants.DEFAULT_SERIES
snap_yaml = _get_data_from_snap_file(snap_filename)
snap_name = snap_yaml['name']
grade = snap_yaml.get('grade', 'stable')
store = storeapi.StoreClient()
with _requires_login():
account_info = store.get_account_information()
try:
authority_id = account_info['account_id']
snap_id = account_info['snaps'][snap_series][snap_name]['snap-id']
except KeyError:
raise RuntimeError(
'Your account lacks permission to assert builds for this '
'snap. Make sure you are logged in as the publisher of '
'\'{}\' for series \'{}\'.'.format(snap_name, snap_series))
snap_build_path = snap_filename + '-build'
if os.path.isfile(snap_build_path):
logger.info(
'A signed build assertion for this snap already exists.')
with open(snap_build_path, 'rb') as fd:
snap_build_content = fd.read()
else:
key = _maybe_prompt_for_key(key_name)
if not local:
is_registered = [
a for a in account_info['account_keys']
if a['public-key-sha3-384'] == key['sha3-384']
]
if not is_registered:
raise RuntimeError(
'The key {!r} is not registered in the Store.\n'
'Please register it with `snapcraft register-key {!r}` '
'before signing and pushing signatures to the '
'Store.'.format(key['name'], key['name']))
snap_build_content = _generate_snap_build(
authority_id, snap_id, grade, key['name'], snap_filename)
with open(snap_build_path, 'w+') as fd:
fd.write(snap_build_content.decode())
logger.info(
'Build assertion {} saved to disk.'.format(snap_build_path))
if not local:
store.push_snap_build(snap_id, snap_build_content.decode())
logger.info(
'Build assertion {} pushed to the Store.'.format(snap_build_path))
def sign_build(snap_filename, key_name=None, local=False):
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use '
'`sign-build`, you must run `apt install snapd`.')
if not os.path.exists(snap_filename):
raise FileNotFoundError(
'The file {!r} does not exist.'.format(snap_filename))
snap_series = storeapi.constants.DEFAULT_SERIES
snap_yaml = _get_data_from_snap_file(snap_filename)
snap_name = snap_yaml['name']
grade = snap_yaml.get('grade', 'stable')
store = storeapi.StoreClient()
with _requires_login():
account_info = store.get_account_information()
try:
authority_id = account_info['account_id']
snap_id = account_info['snaps'][snap_series][snap_name]['snap-id']
except KeyError:
raise RuntimeError(
'Your account lacks permission to assert builds for this '
'snap. Make sure you are logged in as the publisher of '
'\'{}\' for series \'{}\'.'.format(snap_name, snap_series))
snap_build_path = snap_filename + '-build'
if os.path.isfile(snap_build_path):
logger.info('A signed build assertion for this snap already exists.')
with open(snap_build_path, 'rb') as fd:
snap_build_content = fd.read()
else:
key = _maybe_prompt_for_key(key_name)
if not local:
is_registered = [
a for a in account_info['account_keys']
if a['public-key-sha3-384'] == key['sha3-384']
]
if not is_registered:
raise RuntimeError(
'The key {!r} is not registered in the Store.\n'
'Please register it with `snapcraft register-key {!r}` '
'before signing and pushing signatures to the '
'Store.'.format(key['name'], key['name']))
snap_build_content = _generate_snap_build(authority_id, snap_id, grade,
key['name'], snap_filename)
with open(snap_build_path, 'w+') as fd:
fd.write(snap_build_content.decode())
logger.info(
'Build assertion {} saved to disk.'.format(snap_build_path))
if not local:
store.push_snap_build(snap_id, snap_build_content.decode())
logger.info(
'Build assertion {} pushed to the Store.'.format(snap_build_path))
def register_key(name):
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use '
'`register-key`, you must run `apt install snapd`.')
key = _maybe_prompt_for_key(name)
store = storeapi.StoreClient()
if not _login(store, acls=['modify_account_key'], save=False):
raise RuntimeError('Cannot continue without logging in successfully.')
logger.info('Registering key ...')
account_info = store.get_account_information()
account_key_request = _export_key(key['name'], account_info['account_id'])
store.register_key(account_key_request)
logger.info(
'Done. The key "{}" ({}) may be used to sign your assertions.'.format(
key['name'], key['sha3-384']))
def register_key(name):
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use '
'`register-key`, you must run `apt install snapd`.')
key = _maybe_prompt_for_key(name)
store = storeapi.StoreClient()
if not _login(store, acls=['modify_account_key'], save=False):
raise RuntimeError('Cannot continue without logging in successfully.')
logger.info('Registering key ...')
account_info = store.get_account_information()
account_key_request = _export_key(key['name'], account_info['account_id'])
store.register_key(account_key_request)
logger.info(
'Done. The key "{}" ({}) may be used to sign your assertions.'.format(
key['name'], key['sha3-384']))
def cleanbuild(project_options):
if not repo.is_package_installed('lxd'):
raise EnvironmentError(
'The lxd package is not installed, in order to use `cleanbuild` '
'you must install lxd onto your system. Refer to the '
'"Ubuntu Desktop and Ubuntu Server" section on '
'https://linuxcontainers.org/lxd/getting-started-cli/'
'#ubuntu-desktop-and-ubuntu-server to enable a proper setup.')
config = snapcraft.internal.load_config(project_options)
tar_filename = '{}_{}_source.tar.bz2'.format(
config.data['name'], config.data['version'])
with tarfile.open(tar_filename, 'w:bz2') as t:
t.add(os.path.curdir, filter=_create_tar_filter(tar_filename))
snap_filename = common.format_snap_name(config.data)
lxd.Cleanbuilder(snap_filename, tar_filename, project_options).execute()
def cleanbuild(project_options):
if not repo.is_package_installed('lxd'):
raise EnvironmentError(
'The lxd package is not installed, in order to use `cleanbuild` '
'you must install lxd onto your system. Refer to the '
'"Ubuntu Desktop and Ubuntu Server" section on '
'https://linuxcontainers.org/lxd/getting-started-cli/'
'#ubuntu-desktop-and-ubuntu-server to enable a proper setup.')
config = snapcraft.internal.load_config(project_options)
tar_filename = '{}_{}_source.tar.bz2'.format(config.data['name'],
config.data['version'])
with tarfile.open(tar_filename, 'w:bz2') as t:
t.add(os.path.curdir, filter=_create_tar_filter(tar_filename))
snap_filename = common.format_snap_name(config.data)
lxd.Cleanbuilder(snap_filename, tar_filename, project_options).execute()
def list_keys():
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use `list-keys`, '
'you must run `apt install snapd`.')
keys = list(_get_usable_keys())
store = storeapi.StoreClient()
with _requires_login():
account_info = store.get_account_information()
enabled_keys = {
account_key['public-key-sha3-384']
for account_key in account_info['account_keys']}
tabulated_keys = tabulate(
[('*' if key['sha3-384'] in enabled_keys else '-',
key['name'], key['sha3-384'],
'' if key['sha3-384'] in enabled_keys else '(not registered)')
for key in keys],
headers=["", "Name", "SHA3-384 fingerprint", ""],
tablefmt="plain")
print(tabulated_keys)
def list_keys():
if not repo.is_package_installed('snapd'):
raise EnvironmentError(
'The snapd package is not installed. In order to use `list-keys`, '
'you must run `apt install snapd`.')
keys = list(_get_usable_keys())
store = storeapi.StoreClient()
with _requires_login():
account_info = store.get_account_information()
enabled_keys = {
account_key['public-key-sha3-384']
for account_key in account_info['account_keys']
}
tabulated_keys = tabulate(
[('*' if key['sha3-384'] in enabled_keys else '-', key['name'],
key['sha3-384'],
'' if key['sha3-384'] in enabled_keys else '(not registered)')
for key in keys],
headers=["", "Name", "SHA3-384 fingerprint", ""],
tablefmt="plain")
print(tabulated_keys)
