Is it possible to publish a self contained flatpak file to flathub?

NickJAllen · January 20, 2022, 2:33pm

We would like to build and test our application using flatpak. So the idea is that a build machine would build the .flatpak self countained file that another machine could then use to run automated tests on our application. Once we are happy the tests are good then we would like to upload this prebuilt and tested flatpak file to flathub for publication.

However, it seems the flatpak publishing can only be done by building again on the flathub servers (which may result in something slightly different to what we tested). We also don’t need to build again as we already did that as part of our own local build process.

So ideally, we would just upload the flatpak file to flathub when we want to publish our update.

Is this possible?

Kind regards,

Nicholas Allen

nedrichards · January 21, 2022, 5:36pm

So, this is certainly something that we’re thinking about. And in Seeking contractors for work on Flathub project we’re looking at ways to manage binary uploads from verified developers and have just appointed some contractors to begin working on this, along with a number of other improvements to the developer experience.

I am interested in the question about if the build could result in something different from what you tested, if your manifest it written to the flathub standards it really shouldn’t, although we can’t guarantee fully reproducible builds currently this is certainly something that flatpak is intended to make a lot easier so I’d be really interested in your specific concerns or if there’s anything else you have to share. I love your concern though, this is exactly the kind of problem we believe real developers have and want to help solve!

NickJAllen · January 25, 2022, 7:20am

Thank you for you response. The reason I think there is a potential for something different to be built on the flathub servers vs what we used internally is bugs in flatpak or different versions of flatpak-builder used on our side vs what was used on the server side. Maybe that is being a bit paranoid but if we could guarantee the binary that we tested was identical and that was what we published that would remove this possibility.

At the moment I’m actually dealing with what appears to be a bug between how the flathub server builds vs how we build internally. When I build on the flathub server using the same manifest and sources it works but when building on my local machine it all builds and can install but when the app is run I get this error:

bwrap: Can’t mkdir /app/lib/i386-linux-gnu: Read-only file system
error: ldconfig failed, exit status 256

I will post a separate question about this but it kind of supports my concerns that what we build as a binary and run automated tests on can be different to what flathub has from the same sources.

nedrichards · April 8, 2022, 8:46pm

Sure, and work is now very much ongoing on this topic btw.! Sorry that I’ve only just looked back now but doing something like

$ flatpak install org.gnome.Platform.Compat.i386

I think would help (or the 32 bit compat for whatever your platform is). You might also want to make sure that your app requires a 32 bit extension rather than marking it as just optional.