how to make your application into a flatpak · fedora infrastructure module build service (mbs) –...
TRANSCRIPT
![Page 1: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/1.jpg)
How to make your application into a Flatpak
Owen TaylorRed Hat
Flock 2017August 29, 2017
![Page 2: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/2.jpg)
The Flatpak Model
![Page 3: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/3.jpg)
OSDisplayServer
InitSystem Kernel
Libraries
![Page 4: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/4.jpg)
● Applications as OS packages● Problems:
– Tied update cycles– Distribution specific packages– No security
OS
tuxkartGIMP
DisplayServer
InitSystem Kernel
Libraries
![Page 5: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/5.jpg)
OS AppGIMP Libraries
Apptuxkart LibrariesDisplay
ServerInit
System Kernel
Libraries
![Page 6: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/6.jpg)
OS AppGIMP
Libraries
Apptuxkart
Libraries
Runtime Libraries
• Avoids duplication on disk and in memory
• Security updates in one place
DisplayServer
InitSystem Kernel
Libraries
![Page 7: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/7.jpg)
OS AppGIMP Libraries
Apptuxkart
Runtime Libraries
AppScribus
AppChrome
Runtime Libraries
Libraries
Libraries Libraries
DisplayServer
InitSystem Kernel
Libraries
![Page 8: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/8.jpg)
Desktop Applications
✔LibreOffice ✔GIMP ✔tuxkart ✔Eclipse ✔Google Chrome ✗MariaDB ✗Wordpress ✗vi
![Page 9: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/9.jpg)
Where do you get Flatpaks● From application creators
– Open source projects– Companies
● Or from Linux distributors● Decentralized
![Page 10: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/10.jpg)
Where do you get Runtimes● “Upstream” runtimes
– org.freedesktop.Platform– org.gnome.Platform– org.kde.Platform
● Distribution runtimes– org.fedoraproject.Platform
![Page 11: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/11.jpg)
Distribution advantages● Packaging of older applications● Existing build recipes● Security updates mechanism
![Page 12: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/12.jpg)
Security and Permissions
![Page 13: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/13.jpg)
ApplicationEnvironment
![Page 14: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/14.jpg)
ApplicationEnvironment
Display Server(Wayland)
Network
Permissions
![Page 15: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/15.jpg)
ApplicationEnvironment
(not effectively sandboxed)
Display Server(X11)
Network
Filesystemaccess
![Page 16: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/16.jpg)
ApplicationEnvironment
Display Server(Wayland)
Network
Permissions
Filesystemaccess
Printingsystem
File Portal Print Portal Portals
![Page 17: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/17.jpg)
Portals● Simple, inherently secure system services (D-Bus)● Safe via user interaction● Available portals
– File, Print, Show URI, Network Status, HTTP Proxy Config● GNOME and KDE backends
![Page 18: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/18.jpg)
Portal Demo
![Page 19: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/19.jpg)
Flatpak Implementation● Each application has it’s own Filesystem namespace
– Runtime is available at /usr– Application and bundled libraries at /app
● Other kernel security features– PID and UID namespaces– seccomp
![Page 20: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/20.jpg)
OSTree● “git for binaries”● Deduplication
– On disk– In memory– On the network
● Atomic updates
![Page 21: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/21.jpg)
OCI Images● Alternate way to distribute a Flatpak● From Open Container Initiative (https://www.opencontainers.org/)
● Evolution of the Docker format● Advantages:
– avoids lots of small files– allows distribution alongside server containers
![Page 22: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/22.jpg)
OSTreeRepository
OSTreeRepository
Docker/OCIRegistry
Flatpak
GNOMESoftware
![Page 23: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/23.jpg)
Flatpaks fromFedora Packages
![Page 24: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/24.jpg)
Why Flatpak if you can RPM?● Sandboxing● Reliable upgrades without rebooting● Ability to try out applications from newer/older Fedora● Installation on top of Atomic Workstation
![Page 25: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/25.jpg)
Flatpak=
A module packaged into a container image
![Page 26: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/26.jpg)
Flatpak=
A (particular sort of) module packaged into a (particular sort of) container image
![Page 27: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/27.jpg)
The big picture● Modules:
– flatpak-runtime module– One module per Flatpak application
● Built into OCI Images by the Fedora Layered Image Build Service● Distributed via registry.fedoraproject.org
![Page 28: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/28.jpg)
Why modules● Natural way to do rebuilds of packages with –prefix=/app● Increased packager flexibility● Alignment with general modularity efforts● No extra new infrastructure components
![Page 29: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/29.jpg)
Fedora Infrastructure● Module Build Service (MBS) – manages module builds in Koji● Product Definition Center (PDC) – stores information about module
builds● On Demand Compose Service (ODCS) – creates yum repositories for
module builds● Fedora Layered Image Build Service (FLIBS) – builds containers and
now flatpaks● registry.fedoraproject.org – stores containers and now flatpaks
![Page 30: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/30.jpg)
An example Flatpak
Eye of GNOMEImage Viewer
![Page 31: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/31.jpg)
eog.yaml● Module metadata file● Describes what packages should be built● And what those packages depend upon
![Page 32: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/32.jpg)
document: modulemdversion: 1data: summary: Eye of GNOME Application Module description: The Eye of GNOME image viewer (eog) is the official image viewer for the GNOME desktop [...] license: module: [ MIT ] dependencies: buildrequires: flatpak-runtime: f26 base-runtime: f26 perl: f26 common-build-dependencies: f26 shared-userspace: f26 requires: flatpak-runtime: f26 profiles: default: rpms: - eog
eog.yaml
![Page 33: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/33.jpg)
components: rpms: eog: rationale: Core application ref: f26 buildorder: 3 exempi: rationale: Dependency ref: f26 buildorder: 2 libexif: rationale: Dependency ref: f26 buildorder: 2 glade: rationale: Build dependency for libpeas ref: f26 buildorder: 1 libpeas: rationale: Dependency ref: f26 buildorder: 2
eog.yaml
![Page 34: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/34.jpg)
$ flatpak-module create-modulemd \ --from-package eog -o eog.yaml
Creating eog.yaml● https://pagure.io/flatpak-module-tools
● https://github.com/fedora-modularity/depchase● Future common module tools
![Page 35: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/35.jpg)
flatpak.json● Has flatpak-specific metadata● Describes the runtime environment
![Page 36: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/36.jpg)
{ "id": "org.gnome.eog", "runtime": "org.fedoraproject.Platform", "runtime-version": "26", "command": "eog", "tags": ["Viewer"], "finish-args": ["--filesystem=host", "--share=ipc", "--socket=x11", "--socket=wayland", "--socket=session-bus", "--filesystem=~/.config/dconf:ro", "--filesystem=xdg-run/dconf", "--talk-name=ca.desrt.dconf", "--env=DCONF_USER_CONFIG_DIR=.config/dconf"]}
flatpak.json
man flatpak-build-finish
![Page 37: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/37.jpg)
Local build
$ mbs-build local
$ flatpak-module create-flatpak -l eog:f26 \ --module eog --info flatpak.json[ prints path to org.gnome.eog.flatpak ]
$ flatpak-install --user <path_to_bundle>
$ flatpak run org.gnome.eog
![Page 38: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/38.jpg)
Koji Build (in progress)
$ flatpak remote-add –registry \ fedora-candidate candidate-registry.fedoraproject.org
$ flatpak install fedora-candidate org.gnome.eog
$ flatpak run org.gnome.org
$ fedpkg clone module/eog && cd eog
$ mbs-build submit
$ koji-containerbuild flatpak-build candidate \ git://pkgs.fedoraproject.org/module/eog#origin/master \ --git-branch=master –module=eog:master
![Page 39: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/39.jpg)
Project status● Building modules with prefix=/app● Layered Image Build Service support for Flatpak
– atomic-reactor– osbs-client– koji-containerbuild
● OCI Support in docker registry (existing patch)● Exporting browsing info from docker registry● Installing flatpaks from a docker registry
Working
Working, unmerged
Needs to be written
![Page 40: How to make your application into a Flatpak · Fedora Infrastructure Module Build Service (MBS) – manages module builds in Koji Product Definition Center (PDC) – stores information](https://reader035.vdocuments.us/reader035/viewer/2022062604/5fbd88297f6cea2b47727e71/html5/thumbnails/40.jpg)
Questions?
https://fedoraproject.org/wiki/Workstation/Flatpakshttps://flatpak.org
@FlatpakAppsirc.freenode.net:#flatpak
irc.freenode.net:#fedora-workstation