 Okay, so I'm talk here is about status update on flat packs in Fedora My name is Owen Taylor. I work at Red Hat. I'm the Architect for our desktop team. I've worked on almost every piece of the desktop But this is in my project for the last year or two to really try to improve our flat packs for you in Fedora so the project that we're talking about is building flat packs and flat pack runtimes from Fedora RPMs on Fedora infrastructure So that's sort of saying it's a subset of the bigger flat pack problem and if you were in the last talk you you probably heard about a Sort of different ways in flat packs and building them you know building flat packs directly from source using Flat hub to put your flat packs on I'm looking more particularly at building flat packs within the firm structure and using the RPM pipeline So just so everybody's clear on what a flat pack is You know the most basic idea is that you have your operating system and then you separate graphic applications out and so they can be updated separately from the operating system and so that Optionally you can add sandboxing there. Your graphic applications are in containers and Flat pack additionally has the idea of our runtime Which is the idea that some set of libraries can also be put into an image But then shared between mobile applications so that updates those Those libraries are shared between all the applications and they don't have to every application doesn't have to duplicate its own copy of Coop C which is what you would see in the classic server-side container world So So I said so we're building flat packs and runtimes from You know from store our pianist So why do we want to do this? Why don't we just want to build everything from source? Well, you know one reason is we wanted to make even more flat packs available if you went up to Flathub today You'd see about 450 Applications there, which is a lot you might say but Fedora has about 1,000 graphic applications into So we'd like to harvest some of those Fedora applications Older applications might be applications that nobody wants to put into Flathub and get them into the set of flat packs for everybody use We also want the ability to Ship a version of Fedora particular Fedora silver blue, which is an image-based version of Fedora Which only has applications as flat packs and have a big set of flat packs available for that Even if without the user having to go out Explore find Flathub find other places to get flat packs from so we'll say these are Out-of-the-box Fedora software in flat packs and then the final thing is that authority has a lot of infrastructure for checking lessons is for For tracking security problems and building software in a way that people trust so if we can extend that to The flat packs are creating in particular the one time for creating then that gives an advantage you know people may like to say this is a more appealing set of Flat packs for me to use so those are some of the reasons why we're You know engaged in the in this exercise to build flat access way and you know a third or fourth reason Is not really a reason much for much for users, but for me as a developer is that you know what we're doing in Fedora is always You know has an eye on what we're in doing around later And we some of these infrastructure that we're building out here some of the ways we're doing it are things We are playing to reuse when building software for for well So Again sort of reviewing what a flatback looks like if when a flap is running it has its own files of some namespace and There are a couple different directories there that that come from different sources in that space the slash app directory is Where you have the application itself and any? Libraries that are bundled in that application. It's the flat back image The slash user slash Etsy on the other hand come from the runtime the set of shared libraries And then you might have other directories like slash Homer slash dev which income from the running system But depends a little bit on what kind of sandboxing you have set up if you don't have visibility to the user's home Then you won't have home will not be the system home directory So it with a fedora flatback this app this Slash app directory is made up of four packages, but since they're located slash app We actually have to rebuild them because standard floor packages are going to have a prefix of slash user And we have to actually rebuild the force code to change where they're located the runtime on the other hand It's made up of absolutely standard floor packages just the same ones that are You would install it a normal fedora So we rebuild The packages were in a bundle we use fedora modularity for that door modularity being a way of Bill handle different sets of packages within fedora in a Very structured fashion We take those and we use the the door container build service to build An OCI so basically a doctorate a certain evolution of the doctor format and We look at we do that with the core care build service And then we distribute via the fedora container registry So both this in terms of how what we're building and how we're distributing it We try to stick very close to how fedora and its containers and this is to try to keep any sort of a necessary unnecessary separation Happening between what we're doing for containers on the server side and what we're doing for containers on the desktop side So so what's the status of this well? It's as I think I had a talk here last year in January That it's almost there and turned out to go until November till we actually Got it fully operational, but you can you know now if you're a user you can add the clap-back remote for the fedora repository There's a sort of standard one and then the testing one which adds So basically the versions testing versions of patients Which are in updates testing that job or a job has pushed them before they've been gone stable You don't need both you can have one or the other And So do we have a lot of flat packs well to be honest? No, there are three in the repository right now I we did so we're trying to jump start of that a little bit and we had a hackfest This this week in the red at office to sort of sit down for a couple hours and try to turn out some more I think that there are I know at least 14 which are almost ready to To to push out to the pod for that could be built don't right now So hopefully I'll be able to set up three years 20 or 30 within a week or so But you know that's still small number if you look at flat hub as I said there's about 450 there so You know, but the good thing is that it's not like we're losing the race here because But our users get both of these it's not they get either the the one from fedora or the ones for the flat hub of they actually Can get the intersection of what's on either one and that's I think an important thing to understand about the Flatpack ecosystem is not built around the you have a single app store like it has to be in the app store to be available instead you can have any number of Remotes of sources for flat packs Enable in your system and they're all information from all those once it's downloaded and combined So either on the command line or a good on software you see both sets of applications so I want to talk a little bit about the view for a photographer packaging. There are some tools to Create a template for your flat pack to build it locally and don't you have it building locally? You can build it then in Koji and I'll Do a very very simple demo of this So so the first thing we're going to do is demo is we're going to use the rpm to flat pack thing to Tool to create a template here And what I'm going to use a shortcut is that the open to flap tools knows that if can go out and look on Flat hub and say this app is already on flat hub Let me use that as a template to help figure out what all the sandboxing options I need are and some of the other things that you know would have to be added manually otherwise so that's going to look at the set of Rpms in the Fedora box stories and the and look up on that hub for something called quarter possible and then Go ahead and write out the metadata files you need okay, so So this is this one is the module metadata file and it's actually Really very small. There's some the sub up. There's like a description here which comes from their spec file This stuff is just basically boilerplate saying that it uses the flat pack runtime Module, and then there's a single rpm in this one just the application itself And says this by default saying pull the door 29 branch of quarter possible The other file that you have says After you build it, how do you make it into a flat pack? and There's just some options here saying it can use once X to X and X 11 a wayland and audio and Beconf And you can do this, you know if you didn't have the flat-hub shortcut You'd have to create this by hand and there's some examples in the docs, but um The having to be able to pull up from flat. I'll make them a little faster So then I can do that pack module Build.install and that's how you Does not like modularity expects you to build an introductory name the same as your module That should work better So I'm gonna now go back to my presentation because that will take some minutes to complete and This there is a tutorial on web on the web that Goes for all this and also has more detailed information about what goes into your container.yaml and so forth So is it easy to do this or hard to do this it really depends upon how many Libraries you can bundle if you just have not gone in any like I just showed you it's easy If you have to bundle many many libraries then one of them is not going to rebuild properly It looks gonna wrong and you might spend a long time trying to get your thing to a flat pack So what we're doing to address this is we have a flat pack common module which has Pre-built things really located into slash app that can be just pulled into a flat pack and bundled without having to build them from the source And that the idea there is to make it easy and this is sort of showing what the fact is this is Listing that the thousand applications that are in fedora How many things you'd have to bundle to make a flat pack out of them and the greens up at the bottom here? Is once I don't have to put anything the little pink thing at the top is okay, so we have to bundle more than a hundred libraries You know, it's like not gonna work So and over here. We're showing is as we add more things you know in common How does it become easier so you can see that you this is currently good on common and we made You know they've gone for 400 to 500 which are pretty much in the easy category So that's like no that helps the package you're there, you know, there's like Low-hanging fruit for the future is adding Katie libraries and Pearl to it That would add a lot more applications there that I think a lot of things that are sort of pink have like using like Katie and Pearl And then they get a ton of libraries yet to bundle So what's going on the future? for Fedora 30 looking at some improvements to go software to display on permissions better and Also handle on better when their application between sources If you have an application in both flat hub and in the Fedora pop stories Showing a very sensible user interface that defaults to installing one of them and then maybe you can select the other one if you want to We're looking for improvements for packages to make flat back common better bigger to make it easier less things you have to install Make local builds faster make any errors easy to understand and One important thing is going to be automatic rebuilds. So to be able to It's so many updates a package in Fedora. Say, ah, this package is bundled into these three flat packs automatically rebuild the flat packs and Then say tell the maintainer look we built a new version of your flat pack Why don't you test it out make sure it works and then you can submit the update. So that that's a goal. It's a Requires some new services running on the floor infrastructure. So it's a little bit You know some civil work getting there, but that's probably the next thing we have to tackle for Working on flat backs in Fedora another thing that we want to Work on is extensions So the idea of extension is a part of the flap ecosystem I didn't want to show in my initial picture is that an extension is a set of code that set of files that can be added to a flat back or runtime to add new capabilities It could be themes and the codex is an important part. We add new media codecs application plugins Sometimes you want to split off language support for an application to a separate extension you think about lever office Including all these filling dictionaries for every language makes for a very big a very big Flat back to download if you know only the what you need for your current language makes it a much smaller download So we don't currently have support for building those within the door can build system But that's something we can tackle in the future. It's really make it the story complete So farther in the future some things we would like to do is To look at signature support currently when you You're installing from the footer right for the footer registry you get a it's an index which has cryptographic caches of all the Flatbacks to install and those are checked and you know So there's and the index is over each ps and delighted directly from Fedora So you have some level of safety there But having cryptographic signatures on the flat packs would give more flexibility and more resilience against tampering Eventually, we might want to move to be able to skip the argument step there Be able to build a flat pack directly from source in Fedora. I think that's something generally we're looking at in Fedora is saying You know, do we need spec files? Do we need to go tar tar ball to spec file to final result or can we make things simpler for packages? So eventually, you know once we get some momentum there I think we might want to look at how we can go directly from source But within the Fedora infrastructure, but that's not something that that's not the initial step That's a future step once we have things going so And let's see if the See how the okay, so It um build it all that I had sex it install So then it installed it and it should be installed now. So Water a console and there I have The GNOME Tetris version, so Okay, the GNOME Russian game of falling blocks Not which is not Tetris So that's So that's so in that case was the very simplest case of creating a flat back in Fedora I did not have to edit a single line of the files that they were all created by RPM to a flat pack fully correctly so And that and you know, that's probably our our several a hundred and more applications that are gonna be that simple And then some which will take more work So let's go Okay, so I guess I take questions now so So how did it how did it know? How did you know how to do everything just make it work? so so when it It's it's so when the the RPM to clap X that okay, there's a quarter possible RPM there It doesn't have any requirements when on the runtime. So let's create a module that just list that that one spec file then it built it in an environment where the The RPM macros were changed. So like bender was no longer user bin It was at bin and where the standard percent configure macro that you use when configuring a Configuring in a spec file go past past dash dash prefix equals slash app to automate and then that that So that so it automatically moved everything over to Change it to a slash app and usually when things fail is because the spec file hard-coded slash user somewhere in the It's instructions and then you have to go out and fix the spec file Yeah, so these are things that you know yet Usually these are fixed fixes. They're just making things conform better to the door packaging guidelines So that it's a fedora that's using a fedora runtime, which is basically also generated in the doorcam build system it basically just I mean basically just installs a whole lot of lots of fedora packages Which are to find in a module to and then build a container out of them So so that's right now. That's a runtime. That's only a runtime and not an SDK so it means that you can't compile against it You can only You only run application which these type of kicking to generate through our pms against it We in the future might also generate an SDK from there. Okay. Well, thank you. Yeah Yeah Okay, so, I mean I think using the Fedora one Oh, I'm sorry. The question was what was what would be the advantage of using the Fedora SDK in runtime over using the free desktop runtime. Well, I mean, I think that the advantage of using Fedora SDK aren't completely clear But if we were to also generate to CentOS SDK then you could say okay This is going to be maintained with security fixes over You know five years seven year lifetime which could give you a You know something for a decade, so they want to be stable to be an advantage there You know, I mean it also, you know, that would I say be the main thing. It's just knowing that it's contained within the With with maintenance of the underlying distribution. So whatever door gives you, you know, or whatever You know, whatever whatever CentOS gets you or whatever you're sourcing from would have would carry over to the SDK I mean, also you would get the security updates from the distribution industry in the runtime So so the question was if The app if quarter parcel is involved available from both as an RPM in Fedora and a flatback of Fedora and a flatback on Flathub what's experienced for the user there? and then, you know So you only can have one installed in active at the same time. That's basically because the You know, it doesn't really make sense to the user if there's like three different quarter parcel icons And with all the same name and same icon showing up in your your application launcher But you know the goal with what we're working on for the next version of GNOME software is that you could go to GNOME software Click look at quarter parcel there and install applications see that. Oh, I have the Fedora flatback installed Change that say I want to install the Flathub one instead And and then which switch it over that way so it's something that is available to the user, but it's not like you can have the choice of running where and the other red at When you launch the application Yeah, I don't don't think flatback will allow you to have two things with the same application ID installed at the same time but I'm not even sure about that if they've yeah, but um Maybe if there are different branches you can but you're right that it's basically the application The desktop file is the thing that limits it to only having one exposed to the operating system Okay. Well, thank you everybody