tests/main/cohorts: replace yq with a Python snippet
The yq tool changed its command line arguments and the test broke. Try not to depend on external tools and use a simple Python snippet to extract the cohort key.
Signed-off-by: Maciej Borzecki <email address hidden>
interfaces/greengrass-support: finalize the flavor attribute names
The flavor attribute names are now as follows:
- "legacy-container" is the full containerization also known as "Greengrass container" in AWS's UI. - "no-container" is the process-mode, no confinement mode, also known as "no container" in AWS's UI.
The PR that added greengras attribute names was merged prematurely before Samuele had a chance to review the naming. This commit adds the TODO and will be milestoned 2.49 to ensure that we do not release anything to stable with the preliminary names.
interfaces/greengrass-support: add additional "process" flavor for 1.11 update
This adds a new attribute to the greengrass-support interface, "flavor", which indicates what mode of containerization the greengrassd daemon is meant to be supporting with the plug. With no flavor attribute, or the "container" flavor, then the old policy is available so as to not break old users of the snap, but with a new "process" flavor, then a far less privileged version of the interface is provided, which allows the greengrassd daemon to implement no containerization and thus the lambdas that are run are not run with the additional privilege afforded to the original implementation of the interface, as that would allow lambdas to trivially escape the sandbox.
These accesses are generally useful to snaps wanting to know more about their host system, but also more specifically useful to the new version of the Greengrass snap which will use much less privilege to run.
