add how-to guide for using snap-review #6 #116
Conversation
There was a problem hiding this comment.
Left some feedback. I like it, we need a good usage guide for this thing!
One thing which I think should be included is a link to where folx can report bugs when using the snap.
| ## Enable snapd | ||
|
|
||
| First check whether `snapd` is enabled on your system. If you are using Ubuntu 16.04 LTS (Xenial Xerus) or later you most likely have `snapd` installed. | ||
|
|
||
| In the terminal type: | ||
|
|
||
| ```bash | ||
| snap version | ||
| ``` | ||
|
|
||
| If you have `snapd` you will get something that looks like: | ||
|
|
||
| ```no-highlight | ||
| snap 2.63+22.04 | ||
| snapd 2.63+22.04 | ||
| series 16 | ||
| ubuntu 22.04 | ||
| kernel 6.5.0-41-generic | ||
| ``` | ||
|
|
||
| If you do not have _snap_ it can be installed in two ways: | ||
|
|
||
| 1. Search for _snapd_ on the Ubuntu Software Centre and install | ||
| 2. Using the command line: | ||
|
|
||
| ```bash | ||
| sudo update | ||
| sudo apt install snapd | ||
| ``` | ||
|
|
||
| Then either log out and back in again, or restart your system. |
There was a problem hiding this comment.
I'm not convinced this part is necessary; I think it might be reasonable to assume that any (developer) who has built a snap used snapcraft to do so, which means they already have snapd installed and running.
Maybe linking to this page as a <note> is sufficient?
|
|
||
| If your snap passes you can then submit it to the Snap Store. | ||
|
|
||
| ## Conclusion |
There was a problem hiding this comment.
As "secure" is part of the requirements in #6, it might be worth mentioning how to use review-tools to check for USNs against the snap?
|
|
||
| If you see warnings about missing fields like `description` or `license`, you need to add these fields to your `snapcraft.yaml` file. | ||
|
|
||
| ### Security Warnings |
There was a problem hiding this comment.
We may want to explain how to ignore these warnings or errors. For instance, review-tools.snap-review --allow-gadget will tell review-tools to ignore that a snap is a gadget snap when doing a review (gadgets aren't generally allowed in the Global Store).
There's likewise a flag for classic snaps.
There was a problem hiding this comment.
I believe there is likewise a mechanism for ignoring disallowed plugs and slots (e.g. snapd-control, super privileged interfaces...) but I'm not certain on how that actually functions (it loads some JSON on the host machine, review-tools has a way of creating that declaration).
|
@tawandamoyo Checking in – have you had a chance to look at @dilyn-corner's feedback? We're interested in publishing your good work. :) |
A how-to guide for using the
review-tools.Addresses #6