-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Updating Snapcraft STORE_LOGIN secret
Store Login In order to upload to the store, the action requires login credentials. Rather than a user name and password, the action expects the data produced by the snapcraft export-login command.
As well as preventing the exposure of the password, it also allows the credentials to be locked down to only the access the action requires:
$ snapcraft export-login --snaps=PACKAGE_NAME \ --acls package_access,package_push,package_update,package_release \ exported.txt
This will produce a file exported.txt containing the login data, which should be a multi-line file starting with [login.ubuntu.com]. The credentials can be restricted further with the --channels and --expires arguments if desired.
In order to make the credentials available to the workflow, they should be stored as a repository secret:
choose the “Settings” tab. choose “Secrets” from the menu on the left. click “Add a new secret”. set the name to STORE_LOGIN (or whatever is referenced in the workflow), and paste the contents of exported.txt as the value.