Snapcraft can be used to package and distribute Python applications in a way that enables convenient installation by users.
The process of creating a snap for a Python application builds on standard Python packaging tools, making it possible to adapt or integrate an application’s existing packaging into the snap building process.
For Python projects using pyproject.toml and PEP 517, use Snapcraft from its edge channel:
sudo snap refresh snapcraft --edge
Getting started
Snaps are defined in a single snapcraft.yaml file placed in a
snap folder at the root of your project. This YAML file describes
the application, its dependencies and how it should be built.
The following example shows an entire snapcraft.yaml file based on the snap
of an existing project, liquidctl, a command
line tool to control the power, cooling and LED status for a variety of
USB-attached devices:
name: liquidctl
summary: a status and control utility to for power, cooling and LED components
description: |
liquidctl is a command-line tool to monitor and control the fan speed,
LED colour and pump volumes of specific power supplies,
motherboards, graphics cards and cooling solutions.
The liquidctl snap unofficial and is not endorsed by the upsteam project.
version: test
base: core22
confinement: strict
parts:
liquidctl:
plugin: python
source: .
stage-packages:
- python3-usb
apps:
liquidctl:
command: bin/liquidctl
plugs:
- raw-usb
- hardware-observe
We’ll break this down in the following sections.
Metadata
The snapcraft.yaml file starts with a small amount of human-readable metadata, which is often already available in the project’s own packaging metadata or
project README.md. This data is used in the presentation of the application
in the Snap Store.
name: liquidctl
summary: a status and control utility to for power, cooling and LED components
description: |
liquidctl is a command-line tool to monitor and control the fan speed,
LED colour and pump volumes of specific power supplies, motherboards,
graphics cards and cooling solutions.
The liquidctl snap unofficial and is not endorsed by the upsteam project.
version: test
The name must be unique in the Snap Store. Valid snap names consist of lower-case alphanumeric characters and hyphens. They cannot be all numbers and they also cannot start or end with a hyphen.
The summary can not exceed 79 characters. More detail can be provided after
description, where a chevron can be used to declare a multi-line description.
The version value is arbitrary. We’re calling this version test, but it
could equally be a number. The output snap will include the version value in
its filename. More advanced snaps set this value automatically with External
metadata.
Base
The base keyword declares which base snap to use with the project. A base snap is a special kind of snap that provides a run-time environment alongside a minimal set of libraries that are common to most applications.
base: core22
This example uses core22, which is built from Ubuntu 22.04
LTS and is the currently recommended base
for most snaps. See Base snaps for more details.
Security model
Snaps are containerised to ensure more predictable application behaviour and greater security. Unlike other container systems, the shape of this confinement can be changed through a set of interfaces. These are declarations that tell the system to give permission for specific tasks, such as accessing a webcam or binding to a network port.
The next section describes the level of confinement applied to the running application:
confinement: strict
Confinement determines the amount of access an application has to system
resources, such as files, the network, peripherals and services. A value of
strict is ideal because this isolates a snap, except for access permitted
through its interfaces.
However, it is best to start creating a snap with a confinement level that provides
warnings for confinement issues instead of strictly applying confinement.
This is done by specifying the devmode (developer mode) confinement value.
When a snap is in devmode, runtime confinement violations will be allowed but
reported. These can be reviewed by running journalctl -xe.
Because devmode is only intended for development, snaps must be set to strict confinement before they can be published as “stable” in the Snap Store. Once an application is working well in devmode, you can review confinement violations, add appropriate interfaces, and switch to strict confinement.
Parts
Parts define what sources are needed to build the application. Parts can be anything: programs, libraries, or other needed assets, but for this example, we only need to use one part:
parts:
liquidctl:
plugin: python
source: .
stage-packages:
- python3-usb
The plugin keyword is used to select a language or technology-specific
plugin that knows how to perform the build steps for the project.
In this example, the Python plugin is used to automate the build of
this Python-based project.
The source keyword points to the source code of the Python project, which
can be a local directory or remote Git repository. In this case, it refers to
a local copy of the source code in a directory called liquidctl.
Apps
Apps are the commands you want to expose to users, and also the names of any
background services the application provides. Each key under apps is the
command name that should be made available on users’ systems.
The command specifies the path to the binary to be run. This is resolved
relative to the root of the snap contents.
apps:
liquidctl:
command: bin/liquidctl
plugs:
- raw-usb
- hardware-observe
If the command name matches the name of the snap specified in the top-level
name keyword (see the Metadata section above), the binary file will be given
the same name as the snap, as in this example.
If the names differ, the binary file name will be prefixed with the snap name
to avoid naming conflicts between installed snaps. An example of this would be
liquidctl.some-command.
The plugs section declares which interfaces
an app needs to function, such as home to access
local files, or network to access the network. In
this case, liquidctl needs access to USB devices, which can be satisfied with
the raw-usb interface for device input and output, and
hardware-observe to enable the system
to see which devices are connected.
Building the snap
First, clone the upstream project:
git clone https://github.com/liquidctl/liquidctl.git
Inside this, create a snap directory and inside this create a snapcraft.yaml file that contains the above metadata.
The snap can now be built by running the snapcraft command in the project’s root directory (up one level from snap/snapcraft.yaml):
$ snapcraft
Executed: pull liquidctl
Executed: build liquidctl
Executed: stage liquidctl
Executed: prime liquidctl
Executed parts lifecycle
Generated snap metadata
Created snap package liquidctl_test_amd64.snap
The resulting snap can be installed locally. This requires the --dangerous flag because the snap is not signed by the Snap Store.
snap install liquidctl_test_amd64.snap --dangerous
You can then try it out:
liquidctl -h
Removing the snap is simple too:
sudo snap remove liquidctl
You can also clean up the build environment, although this will slow down the next initial build:
snapcraft clean
By default, when you make a change to snapcraft.yaml, snapcraft only builds the parts that have changed. Cleaning a build, however, forces your snap to be rebuilt in a clean environment and will take longer.
Publishing your snap
To share your snaps you need to publish them in the Snap Store. First, create an account on the dashboard. Here you can customise how your snaps are presented, review your uploads and control publishing.
You’ll need to choose a unique “developer namespace” as part of the account creation process. This name will be visible by users and associated with your published snaps.
Make sure the snapcraft command is authenticated using the email address attached to your Snap Store account:
snapcraft login
Reserve a name for your snap
You can publish your own version of a snap, provided you do so under a name you have rights to. You can register a name on dashboard.snapcraft.io, or by running the following command:
snapcraft register mypythonsnap
Be sure to update the name: in your snapcraft.yaml to match this registered name, then run snapcraft again.
Upload your snap
Use snapcraft to push the snap to the Snap Store.
snapcraft upload --release=edge mypythonsnap_*.snap
If you’re happy with the result, you can commit the snapcraft.yaml to your GitHub repo and turn on automatic builds so any further commits automatically get released to edge, without requiring you to manually build locally.
Congratulations! You’ve just built and published your first Python snap. For a more in-depth overview of the snap building process, see Creating a snap.
Last updated 1 year, 1 month ago.