You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was looking at the grafana-agent snap to make use of it in Anbox Cloud and found the following things which would be great to have fixed to establish a trust boundary on maintenance / origin.
No link to GitHub repository from snap store
The snap store page has no information about the source repository of the snap. Furthermore it also doesn't show the correct license but rather sets "unknown" which isn't correct.
Snap is owned by individual user rather than Canonical team
The grafana-agent on the snap store is currently owned https://snapcraft.io/publisher/0x12b whereas the GitHub repository is maintained by the Canonical Observability team. Can this be please aligned so that we don't install snaps owned by individuals into users deployment for an official Canonical maintained solution?
Old version in latest/stable
The version in latest/stable is quite old (from Aug 2023). There is a 0.40-classic/stable channel but it is unclear what this is for and why it should be used instead of the default latest/stable channel. Also latest upstream is 0.43.3 Can this be clarified in the snap description or the default channel changed to what should be used by users?
The text was updated successfully, but these errors were encountered:
Hey!
I was looking at the grafana-agent snap to make use of it in Anbox Cloud and found the following things which would be great to have fixed to establish a trust boundary on maintenance / origin.
No link to GitHub repository from snap store
The snap store page has no information about the source repository of the snap. Furthermore it also doesn't show the correct license but rather sets "unknown" which isn't correct.
Snap is owned by individual user rather than Canonical team
The
grafana-agenton the snap store is currently owned https://snapcraft.io/publisher/0x12b whereas the GitHub repository is maintained by the Canonical Observability team. Can this be please aligned so that we don't install snaps owned by individuals into users deployment for an official Canonical maintained solution?Old version in
latest/stableThe version in
latest/stableis quite old (from Aug 2023). There is a0.40-classic/stablechannel but it is unclear what this is for and why it should be used instead of the defaultlatest/stablechannel. Also latest upstream is 0.43.3 Can this be clarified in the snap description or the default channel changed to what should be used by users?The text was updated successfully, but these errors were encountered: