me/guix
Archived
1
0
Fork 0
Code Activity

maint: "make authenticate" behaves like 'guix pull' by default.

Browse source 
* build-aux/git-authenticate.scm (%use-historical-authorizations?)
(%introductory-commit): New variables.
* build-aux/git-authenticate.scm (git-authenticate): Use pass the empty
list as #:default-authorizations when %USE-HISTORICAL-AUTHORIZATIONS? is
false.
This commit is contained in:
Ludovic Courtès 2020-06-16 15:52:46 +02:00
parent 838ac881ec
commit 619972f7b5
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 24 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
build-aux/git-authenticate.scm
View file

@ -218,6 +218,17 @@
(string-downcase (string-filter char-set:graphic fingerprint))))) (string-downcase (string-filter char-set:graphic fingerprint)))))
%historical-committers)) %historical-committers))
(define %use-historical-authorizations?
;; Whether to allow authentication of past commits using
;; %HISTORICAL-AUTHORIZED-SIGNING-KEYS for when '.guix-authorizations' was
;; missing.
(getenv "GUIX_USE_HISTORICAL_AUTHORIZATIONS"))
(define %introductory-commit
;; This is the commit that appears in the official 'guix' channel
;; introduction. XXX: Keep in sync with (guix channels)!
"9edb3f66fd807b096b48283debdcddccfea34bad")
(define %commits-with-bad-signature (define %commits-with-bad-signature
;; Commits with a known-bad signature. ;; Commits with a known-bad signature.
'("6a34f4ccc8a5d4a48e25ad3c9c512f8634928b91")) ;2016-12-29 '("6a34f4ccc8a5d4a48e25ad3c9c512f8634928b91")) ;2016-12-29
@ -242,7 +253,10 @@
(match args (match args
((_ start end) ((_ start end)
(define start-commit (define start-commit
(commit-lookup repository (string->oid start))) (commit-lookup repository
(string->oid (if %use-historical-authorizations?
start
%introductory-commit))))
(define end-commit (define end-commit
(commit-lookup repository (string->oid end))) (commit-lookup repository (string->oid end)))
@ -263,6 +277,14 @@
(define reporter (define reporter
(progress-reporter/bar (length commits))) (progress-reporter/bar (length commits)))
(define historical-authorizations
;; List of authorizations in effect before '.guix-authorizations' was
;; introduced. By default, assume there were no authorizations; this
;; is what 'guix pull' does.
(if %use-historical-authorizations?
%historical-authorized-signing-keys
'()))
(format #t (G_ "Authenticating ~a to ~a (~a commits)...~%") (format #t (G_ "Authenticating ~a to ~a (~a commits)...~%")
(commit-short-id start-commit) (commit-short-id start-commit)
(commit-short-id end-commit) (commit-short-id end-commit)
@ -272,7 +294,7 @@
(lambda (report) (lambda (report)
(authenticate-commits repository commits (authenticate-commits repository commits
#:default-authorizations #:default-authorizations
%historical-authorized-signing-keys historical-authorizations
#:report-progress report))))) #:report-progress report)))))
(cache-authenticated-commit "channels/guix" (cache-authenticated-commit "channels/guix"
(oid->string (commit-id end-commit))) (oid->string (commit-id end-commit)))