I’m Rony, the passwordsafe project owner.
First, thanks to liz134 and all of you for getting to a working pwsafe flatpak. Kudos!
I’d like to add the manifest to the project and formally submit pwsafe to flathub, but first I’d really like to remove the explicit builds of the 3rd party libraries (libqrencode, wxwidgets, Xerces-C), mainly because the manifest points to specific versions, meaning that this is yet another place that needs to be updated when pwsafe’s version dependencies change.
Why are these specific dependencies different from others used by pwsafe, such as libmagic-dev, uuid-dev, libssl-dev, etc.?
I started using/investigating Fedora Silverblue, immutable, read-only operating system’s file system, that you can’t just install deb/rpm into it, because apt/dnf is just not installed and you can’t installed it. The idea of immutable operating system’s file system is read-only. There is strict division between operating system and applications (just like on mobile phones, Chrome OS etc) To install end-user programs, you need special from operating system separated layers like: rpm-ostree layer or podman/docker container layer or highly recommended flatpak layer.
Password Safe is the only program I use on daily basis and I really love the software (I also use it on Windows) and it exactly has the features I need and it was not yet available as flatpak, so I said to myself how hard can it be and I tried to build it myself. Kudos to @HighKingofMelons for massive help, tips and directions provided. Extremely helpful.
I am very pleased you are interested in flatpak. This will simplify the process of releasing every new flatpak version. This was one of the goals when flatpak environment was build, to give a power to software developers to directly distribute the software to end users.
I understand, this is one more thing to take care before releasing. But maybe it is not too complicated. Password Safe has only three libraries to add manually in manifest file. For example before building new flatpak search for new tags: https://github.com/apache/xerces-c/tags and see if there is new stable tag (the one without Release Candidate or Beta or similar in it, so it should be stable build). If it is, then copy the commit number. For example:
I am not knowledgeable enough. Maybe there is some way to automatically retrieve latest stable tag and commit number from github. Anyone know this, please advice.
Like I understand it, please take it with a grain of salt, because my flatpak building journey was only just a short trip, when Password Safe is built in ordinary way (not flatpak) there are just binary versions of libraries installed from apt or dnf repository, you don’t need to deal with library’s source code and only main program (Password Safe) is built.
But when building flatpak libraries must also be built from the source. But some of the libraries are already included in base runtime/sdk and for those you don’t need to explicitly type tags and commits, because they are already build in binary form inside runtime/sdk.
Password Safe building process starts with runtime/sdk:
sdk: org.freedesktop.Sdk (required to build a flatpak)
SSL libraries are already installed in this base runtime image. We can check this. After flatpak is buid and installed, we can enter into flatpak sandbox with command: flatpak run --command=sh --devel com.github.pwsafe.pwsafe and then execute commands inside flatpak’s sandbox. For example I can execute: openssl version and it is returned:
OpenSSL 3.0.9 30 May 2023 (Library: OpenSSL 3.0.9 30 May 2023)
SSL is already included in runtime, probably because it is frequently required.
I don’t think we can avoid specifying exact commit from source code when building libraries. Maybe there is just some way to automatically get tag and commit of last stable version of library.
@ronys, I have simplified and posted updated manifest file and simple instructions how to manually update tags and commits when new Password Safe version is released. It is pretty simple just copy/paste “tag & commit” four times.
So if I understand correctly, I can add the manifest file to Misc in the pwsafe repo so that people can build their own pwsafe flatpaks.
The next step would be to create a pull request in Flathub · GitHub as described in Submission | Flathub Documentation, where I would put the same manifest file?
You can add to your source repository what ever you want.
But I don’t think this is necessary, because if flatpak is published on Flathub, then manifest file can be easily accessible. For example for flatpak Firefox in Links section there is Manifest.
That is exactly like I understand:
fork flathub repository
create new branch e.g. “pwsafe”
add manifest file to this new branch and push to github
create pull request
Then wait for Flathub volunteer for instructions. From Requirements web site, there will be some steps volunteer will require, for example Application icons: Applications must provide application icons in at least 64×64px and 128×128px sizes." If I remember correctly PasswordSafe only provies 48x48px icon currently.
@liz134 is correct here. But for some context, in the future there will be two workflows (in fact some apps like firefox or obs already have the second one)
upload your manifest like liz wrote
have your CI build the flatpak and push it with a secret to a flathub server, for release
