Dedicated Snap Store configuration¶
Warning
Example values are provided for store configuration in this document. If you are a Dedicated Snap Store customer, you will be provided with a set of documentation with the details of your store.
This section provides links to useful documentation as well as important facts associated with your Dedicated Snap Store.
Store architecture¶
Your Dedicated Snap Store is composed of two stores, your Base store and your Device View store.
Your Base store is: Alpha 3 (acme-store)
Your Device View store is: acme id (acme-id)
Your Device View store is configured to automatically include all snaps from global
All stores (including your Device View store) always include the snapd snap and the LTS core snaps (i.e. core18, core20, core22, core24).
Accounts and roles¶
Ubuntu SSO accounts underpin developer interactions with the various Stores. To understand accounts and roles, please read:
Your store has been provisioned with the following IDs and roles:
Base Store |
Device view Store |
|
|---|---|---|
Store Name |
Alpha 3 |
acme id |
Store ID |
acme-store |
acme-id |
Admin(s) |
||
Publisher(s) |
(none) |
|
Reviewer(s) |
(none) |
|
Viewer(s) |
The Admin role can be used to grant these roles to other accounts, as well.
Brand account¶
The Brand account was set up for your Dedicated Snap Store at the time of store creation. The Brand account defines the Brand scope of authority, and it must be used for certain functions You can find those functions here.
Your Brand account is: brand@acme.com (account-id: brand-account)
As a publisher, after registering snap names the Brand account may make other developer accounts Collaborators on these snaps. These accounts may then upload future revisions of these snaps. We recommend that collaborators be added as soon as possible to avoid using the Brand credentials for longer than necessary.
Brand keys¶
Keys are used for signing a variety of documents called assertions, Some of these assertions are signed by Canonical, and some must be signed by keys registered to the Brand account.
Limit access to Brand keys. It’s strongly advised that you consider using a PKI system or key vault to protect your Brand keys, and limit access to them. Hardware cryptotokens are another possibility, although they may be more challenging to use than PKI systems in practice.
Ubuntu Pro & Support Portal account¶
An Ubuntu Pro account and Support Portal access are also included with your Dedicated Snap Store.
Access has been granted to the SSO account: pro@acme.com
Ubuntu Pro Dashboard¶
Dedicated Snap Store customers are provided an Ubuntu Pro account to
enable access to ESM updates during snap builds (enabled by use of the
SNAPCRAFT_UA_TOKEN environment variable). This is accomplished by adding your
Pro token to CI/CD systems used to build your snaps. This token can be accessed
by signing into the Ubuntu Pro Dashboard
using the account mentioned at the beginning of this section.
Support Portal¶
Dedicated Snap Store customers are also provided access to our Support Portal which can be used to create support cases. The Support Portal can be accessed by signing into the Support Portal Dashboard using the account mentioned at the beginning of this section.
Canonical support will setup one contact point for the support account. Currently the Technical support contact set for the Dedicated Snap Store is pro@acme.com.
For examples on some common support tickets, refer to File a support ticket.
Landscape¶
Landscape enables you to manage a fleet of devices by controlling updates, triggering remote snap installation, and other more advanced fleet management features.
Landscape is made available to you through a software-as-a-service (SaaS) model, hosted and managed by Canonical, or as a self-hosted option. Refer to the Landscape documentation for more.
Please contact customersuccess@canonical.com to request a Landscape SaaS account.
Serial Vault¶
The Serial Vault is responsible for providing your devices with a serial assertion, which is used for connecting to a Device View store. The Serial Vault can be accessed by the administrator, admin@acme.com.
To get started with the Serial Vault, please refer to the Configure Serial Vault.