Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features...
Transcript of Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features...
![Page 1: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/1.jpg)
Flatpak workshopflatpak.org
![Page 2: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/2.jpg)
Carlos Soriano Sanchez - GNOME Developer
csoriano
Felipe Borges - GNOME Developer
feborges
![Page 3: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/3.jpg)
Overview
· Qt & Portals
● What is Flatpak ● Sdk and runtimes
● Features ● Security & sandboxing
● Docs & tooling ● Create a simple app
● Qt flatpaking ● Docs
● Portals ● Qt + Flatpak Tooling
· Flatpak introduction
· Hacking Gtk+ app & distributing in Flathub● Hacking with a Gtk+ app ● Common tricks
● Debugging ● Distribute your app
![Page 4: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/4.jpg)
Before we start - prepInstall Flatpak and Flathub - https://flatpak.org/setup/
Install GNOME Builder:
$ flatpak install flathub org.gnome.Builder
Builder -> clone -> gitlab.gnome.org/csoriano/baseapp
![Page 5: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/5.jpg)
What is FlatpakBuild orchestration
Distribute
Sandbox
![Page 6: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/6.jpg)
Features of Flatpak - DevelopersCross distro
Reproducible builds
Develop against a specific stack version
Isolated from your system and user’s system
Security by default - Apps are sandboxed
Permissions handling system built-in
![Page 7: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/7.jpg)
Features of Flatpak - DevelopersSigned distribution & updates
Not tied to a single source of distribution
Delta updates
Install multiple versions of the same app
Well defined processes (e.g. resources consumption)
Well known container & kernel technologies
![Page 8: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/8.jpg)
TechnologyOStree
Bubblewrap & CGroups
D-Bus
OCI format
Systemd
AppStream
![Page 9: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/9.jpg)
Technology - OSTreeGit alike management
Delta upgrades
Multiple versions per app
Reproducible builds
Branch ↔ app & AppStream branch ↔ all app branches
OCI format
![Page 10: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/10.jpg)
Technology - Bubblewrap & cgroupsWell defined processes
Sandboxing
Resource management
System isolation
![Page 11: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/11.jpg)
Technology - D-BusCommunication sandbox ↔ system
Portals - permission access (i.e. files, other apps, etc.)
![Page 12: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/12.jpg)
ToolingFlatpak CLI
Flatpak builder
Flatpak manifest
GNOME Builder
GNOME Software
![Page 13: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/13.jpg)
Documentation
docs.flatpak.org
![Page 14: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/14.jpg)
RuntimesBasic runtime dependencies e.g. alsa, cairo, clang, glib
Can be thought of as a /usr filesystem
![Page 15: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/15.jpg)
![Page 16: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/16.jpg)
RuntimesFreedesktop, GNOME, KDE
Specific versioning of the stack
See the most used at flatpak.org/runtimes
![Page 17: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/17.jpg)
SDKThe devel parts of a runtime
Headers, compilers, debuggers, packaging tools
Specific versioning of the stack
See the most used at flatpak.org/runtimes
![Page 18: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/18.jpg)
Security & SandboxingApp is fully containerized/sandboxed
Upfront permissions e.g. dbus names, directory paths, dconf, network...
Portals e.g. app chooser, file chooser, ... (more later)
![Page 19: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/19.jpg)
Simple app code
Generate Python template in GNOME Builder
but, let’s do
gitlab.gnome.org/csoriano/baseapp
![Page 20: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/20.jpg)
Simple app buildFirst building:flatpak-builder --repo=repo .build org.gnome.BaseApp.json
Adding repo:flatpak --user remote-add --no-gpg-verify --if-not-exists workshop repo
flatpak --user install workshop org.gnome.BaseApp
For updating:flatpak --user update org.gnome.BaseApp
![Page 21: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/21.jpg)
Simple app recommendationsReverse DNS name
Desktop file
Icon
Standard build system e.g. Meson, Autotools, CMake
AppStream file
![Page 22: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/22.jpg)
Important manifest optionsBuildsystem - automake, cmake, meson, simple
config-opts
build-commands (especially for simple)
build-options - cflags, env, build-args (global), finish-args
post-install
cleanup
![Page 23: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/23.jpg)
Important manifest optionsSources archive git
Build tweaks patch
shell
script
![Page 24: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/24.jpg)
· Runtime and SDK
· Specific finish-args
· Qt and KDE build systems
· Integration with other desktops + extensions
· Documentation
Qt and KDE flatpaking
![Page 25: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/25.jpg)
· Libraries○ Qt (not all modules, just most used ones)
○ KDE Frameworks
○ Plasma integration libraries and theme (breeze, plasma-integration, kwayland-integration)
· Runtime version based on used Qt version (currently
5.9lts and 5.11)
Runtime and SDK
![Page 26: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/26.jpg)
· --talk-name=org.kde.StatusNotifierWatcher○ needed for system tray support
· --talk-name=org.freedesktop.Notifications○ needed for notification support
○ not needed when using KNotification framework
· --filesystem=xdg-config/kdeglobals:ro○ needed for access to most common KDE configuration (colors, icons, font, theme)
Finish-args
![Page 27: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/27.jpg)
· --env=DCONF_USER_CONFIG_DIR=.config/dconf
· --filesystem=xdg-run/dconf
· --filesystem=~/.config/dconf:ro
Finish-args (for GNOME integration)
![Page 28: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/28.jpg)
· CMake
· CMake-ninja
· QMake
Build systems
![Page 29: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/29.jpg)
Default theme = Breeze
Flatpak uses extensions to support non-default stuff
KDE Extensions:○ org.kde.KStyle.StyleName (org.kde.KStyle.Adwaita)○ org.kde.PlatformTheme.PlatformName (org.kde.PlatformTheme.QGnomePlatform)
Integration and extensions
![Page 30: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/30.jpg)
Portals
![Page 31: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/31.jpg)
PortalsSupport implemented in libraries (Qt, Gtk, KDE Frameworks)
Sandboxed apps communicate with org.freedesktop.portal.Desktop service
Requests are then forwarded to backend implementations:
· xdg-desktop-portal-kde (part of Plasma releases)· xdg-desktop-portal-gtk
![Page 32: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/32.jpg)
Portals· Account· Device· Email· FileChooser· Inhibit· NetworkMonitor· Notification· OpenURI· Print· RemoteDesktop· ScreenCast· Screenshot· Trash
![Page 33: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/33.jpg)
Portals demo
https://flathub.org/apps/details/org.flatpak.qtdemo
![Page 34: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/34.jpg)
KDevelop support
(http://jgrulich.cz/2018/09/03/flatpak-support-in-kdevelop)
Tooling
![Page 35: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/35.jpg)
Hack a Gtk+ app
Let’s use GNOME Builder to look and hack in Nautilus
![Page 36: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/36.jpg)
Debugging
GNOME Builder
or
flatpak-builder --run builddir org.foo.bar.json sh
![Page 37: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/37.jpg)
Debugging - filesystem structureYour binaries are at /app/bin
Your data at /app/share
Generated manifest at /app/manifest.json
Your build at /run (use --keep)
![Page 38: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/38.jpg)
Common tricksAllow network while building (discouraged)
"build-args": [ "--share=network" ]
Custom build system
"buildsystem": "simple", "build-commands": [ "python2 setup.py install --prefix=/app" ],
![Page 39: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/39.jpg)
Common tricksUsing prebuilt binaries
VScode as example: github.com/flathub/com.visualstudio.code
Hack in installed app - Use “dir” & commit code changes before building.
"sources": [ { "type": "git", "dir": "/home/$User/Projects/$Project" } ]
![Page 40: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/40.jpg)
Common tricksOverride permissionsflatpak --user override --filesystem=home org.gnome.Testjs
Debugging a failing build
When building with flatpak-builder, pass --keep-build-dirs
flatpak-builder --run appdir org.my.Manifest.json sh
cd /run/build/failed-modulename
![Page 41: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/41.jpg)
Distribute your appBundled app with .flatpak file
Good for deployments with no public connection
Bad for updates
Reference link with .flatpakref file
![Page 42: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/42.jpg)
Distribute your app
flathub.org
![Page 43: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/43.jpg)
Thank you!flatpak.org
![Page 44: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/44.jpg)
Suggested apps to package· Qt applications
○ QtCreator○ Wireshark○ Trojita○ Clementine○ Yakuake○ Deluge○ Qbittorrent○ Dogecoin-qt○ Otter-browser○ RStudio
· Other○ Any gtk3+ theme○ Any qt theme
· Gtk apps○ Purpleegg○ Mpv○ smplayer/baka-mplayer (to be worked
with mpv)○ http://gnomepomodoro.org/○ Mumble○ pidgin
![Page 45: Flatpak workshop - LinuxDays · Overview · Qt & Portals What is Flatpak Sdk and runtimes Features Security & sandboxing Docs & tooling Create a simple app Qt flatpaking Docs Portals](https://reader033.fdocuments.in/reader033/viewer/2022043008/5f98af5802f5ef2cc27f4259/html5/thumbnails/45.jpg)
This slides + apps proposals
goo.gl/Q2WXWT