* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command @ 2020-07-06 8:37 Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès 2020-07-06 9:24 ` [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command zimoun 0 siblings, 2 replies; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 8:37 UTC (permalink / raw) To: 42225; +Cc: Ludovic Courtès Hello Guix! This patch series factorizes Git repo authentication and adds a ‘guix git-authenticate’ command that’s essentially an interface to (guix git-authenticate). Not surprisingly I guess. The nice thing is that people will be able to use it for external channels (otherwise they would have to use ‘guix pull’ to check that everything’s alright). And we’ll be able to use it for other Git repositories as well, such as maintenance.git, but really any Git repo. I put the “Invoking” node under “Development”, not sure if that’s the best place. Also, I considered doing a ‘guix git’ command, of which ‘authenticate’ would be one sub-command and maybe ‘clone’ another one. But for ‘clone’ I thought that ‘guix download’ would be a better fit. So I concluded that ‘guix git-authenticate’ was a good choice in the end. Feedback welcome! Ludo’. Ludovic Courtès (5): git-authenticate: Factorize 'authenticate-repository'. Add 'etc/historical-authorizations'. git: Add 'with-git-error-handling'. Add 'guix git-authenticate'. maint: Remove 'build-aux/git-authenticate.scm'. Makefile.am | 15 +- build-aux/git-authenticate.scm | 322 ------------------------------ doc/guix.texi | 83 +++++++- etc/historical-authorizations | 179 +++++++++++++++++ guix/channels.scm | 118 +++-------- guix/git-authenticate.scm | 101 +++++++++- guix/git.scm | 19 ++ guix/scripts/git-authenticate.scm | 176 ++++++++++++++++ guix/scripts/pull.scm | 18 -- guix/scripts/time-machine.scm | 4 +- po/guix/POTFILES.in | 1 + tests/guix-git-authenticate.sh | 56 ++++++ 12 files changed, 655 insertions(+), 437 deletions(-) delete mode 100644 build-aux/git-authenticate.scm create mode 100644 etc/historical-authorizations create mode 100644 guix/scripts/git-authenticate.scm create mode 100644 tests/guix-git-authenticate.sh -- 2.26.2 ^ permalink raw reply [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository'. 2020-07-06 8:37 [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command Ludovic Courtès @ 2020-07-06 8:43 ` Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 2/5] Add 'etc/historical-authorizations' Ludovic Courtès ` (3 more replies) 2020-07-06 9:24 ` [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command zimoun 1 sibling, 4 replies; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 8:43 UTC (permalink / raw) To: 42225; +Cc: Ludovic Courtès * guix/git-authenticate.scm (repository-cache-key) (verify-introductory-commit, authenticate-repository): New procedures. * guix/channels.scm (verify-introductory-commit): Remove. (authenticate-channel): Rewrite in terms of 'authenticate-repository'. --- guix/channels.scm | 118 ++++++++++---------------------------- guix/git-authenticate.scm | 101 +++++++++++++++++++++++++++++++- 2 files changed, 131 insertions(+), 88 deletions(-) diff --git a/guix/channels.scm b/guix/channels.scm index 500c956f0f..bbabf654a9 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -315,100 +315,44 @@ result is unspecified." (define commit-short-id (compose (cut string-take <> 7) oid->string commit-id)) -(define (verify-introductory-commit repository introduction keyring) - "Raise an exception if the first commit described in INTRODUCTION doesn't -have the expected signer." - (define commit-id - (channel-introduction-first-signed-commit introduction)) - - (define actual-signer - (openpgp-public-key-fingerprint - (commit-signing-key repository (string->oid commit-id) - keyring))) - - (define expected-signer - (channel-introduction-first-commit-signer introduction)) - - (unless (bytevector=? expected-signer actual-signer) - (raise (condition - (&message - (message (format #f (G_ "initial commit ~a is signed by '~a' \ -instead of '~a'") - commit-id - (openpgp-format-fingerprint actual-signer) - (openpgp-format-fingerprint expected-signer)))))))) - (define* (authenticate-channel channel checkout commit #:key (keyring-reference-prefix "origin/")) "Authenticate the given COMMIT of CHANNEL, available at CHECKOUT, a directory containing a CHANNEL checkout. Raise an error if authentication fails." + (define intro + (channel-introduction channel)) + + (define cache-key + (string-append "channels/" (symbol->string (channel-name channel)))) + + (define keyring-reference + (channel-metadata-keyring-reference + (read-channel-metadata-from-source checkout))) + + (define (make-reporter start-commit end-commit commits) + (format (current-error-port) + (G_ "Authenticating channel '~a', commits ~a to ~a (~h new \ +commits)...~%") + (channel-name channel) + (commit-short-id start-commit) + (commit-short-id end-commit) + (length commits)) + + (progress-reporter/bar (length commits))) + ;; XXX: Too bad we need to re-open CHECKOUT. (with-repository checkout repository - (define start-commit - (commit-lookup repository - (string->oid - (channel-introduction-first-signed-commit - (channel-introduction channel))))) - - (define end-commit - (commit-lookup repository (string->oid commit))) - - (define cache-key - (string-append "channels/" (symbol->string (channel-name channel)))) - - (define keyring-reference - (channel-metadata-keyring-reference - (read-channel-metadata-from-source checkout))) - - (define keyring - (load-keyring-from-reference repository - (string-append keyring-reference-prefix - keyring-reference))) - - (define authenticated-commits - ;; Previously-authenticated commits that don't need to be checked again. - (filter-map (lambda (id) - (false-if-exception - (commit-lookup repository (string->oid id)))) - (previously-authenticated-commits cache-key))) - - (define commits - ;; Commits to authenticate, excluding the closure of - ;; AUTHENTICATED-COMMITS. - (commit-difference end-commit start-commit - authenticated-commits)) - - (define reporter - (progress-reporter/bar (length commits))) - - ;; When COMMITS is empty, it's because END-COMMIT is in the closure of - ;; START-COMMIT and/or AUTHENTICATED-COMMITS, in which case it's known to - ;; be authentic already. - (unless (null? commits) - (format (current-error-port) - (G_ "Authenticating channel '~a', \ -commits ~a to ~a (~h new commits)...~%") - (channel-name channel) - (commit-short-id start-commit) - (commit-short-id end-commit) - (length commits)) - - ;; If it's our first time, verify CHANNEL's introductory commit. - (when (null? authenticated-commits) - (verify-introductory-commit repository - (channel-introduction channel) - keyring)) - - (call-with-progress-reporter reporter - (lambda (report) - (authenticate-commits repository commits - #:keyring keyring - #:report-progress report))) - - (cache-authenticated-commit cache-key - (oid->string - (commit-id end-commit)))))) + (authenticate-repository repository + (string->oid + (channel-introduction-first-signed-commit intro)) + (channel-introduction-first-commit-signer intro) + #:end (string->oid commit) + #:keyring-reference + (string-append keyring-reference-prefix + keyring-reference) + #:make-reporter make-reporter + #:cache-key cache-key))) (define* (latest-channel-instance store channel #:key (patches %patches) diff --git a/guix/git-authenticate.scm b/guix/git-authenticate.scm index 082c44ee06..99fd9c3594 100644 --- a/guix/git-authenticate.scm +++ b/guix/git-authenticate.scm @@ -18,14 +18,18 @@ (define-module (guix git-authenticate) #:use-module (git) + #:autoload (gcrypt hash) (sha256) #:use-module (guix base16) - #:use-module ((guix git) #:select (false-if-git-not-found)) + #:autoload (guix base64) (base64-encode) + #:use-module ((guix git) + #:select (commit-difference false-if-git-not-found)) #:use-module (guix i18n) #:use-module (guix openpgp) #:use-module ((guix utils) #:select (cache-directory with-atomic-file-output)) #:use-module ((guix build utils) #:select (mkdir-p)) + #:use-module (guix progress) #:use-module (srfi srfi-1) #:use-module (srfi srfi-11) #:use-module (srfi srfi-26) @@ -44,6 +48,9 @@ previously-authenticated-commits cache-authenticated-commit + repository-cache-key + authenticate-repository + git-authentication-error? git-authentication-error-commit unsigned-commit-error? @@ -339,3 +346,95 @@ authenticated (only COMMIT-ID is written to cache, though)." (display ";; List of previously-authenticated commits.\n\n" port) (pretty-print lst port)))))) + +\f +;;; +;;; High-level interface. +;;; + +(define (repository-cache-key repository) + "Return a unique key to store the authenticate commit cache for REPOSITORY." + (string-append "checkouts/" + (base64-encode + (sha256 (string->utf8 (repository-directory repository)))))) + +(define (verify-introductory-commit repository keyring commit expected-signer) + "Look up COMMIT in REPOSITORY, and raise an exception if it is not signed by +EXPECTED-SIGNER." + (define actual-signer + (openpgp-public-key-fingerprint + (commit-signing-key repository (commit-id commit) keyring))) + + (unless (bytevector=? expected-signer actual-signer) + (raise (condition + (&message + (message (format #f (G_ "initial commit ~a is signed by '~a' \ +instead of '~a'") + (oid->string (commit-id commit)) + (openpgp-format-fingerprint actual-signer) + (openpgp-format-fingerprint expected-signer)))))))) + +(define* (authenticate-repository repository start signer + #:key + (keyring-reference "keyring") + (cache-key (repository-cache-key repository)) + (end (reference-target + (repository-head repository))) + (historical-authorizations '()) + (make-reporter + (const progress-reporter/silent))) + "Authenticate REPOSITORY up to commit END, an OID. Authentication starts +with commit START, an OID, which must be signed by SIGNER; an exception is +raised if that is not the case. Return an alist mapping OpenPGP public keys +to the number of commits signed by that key that have been traversed. + +The OpenPGP keyring is loaded from KEYRING-REFERENCE in REPOSITORY, where +KEYRING-REFERENCE is the name of a branch. The list of authenticated commits +is cached in the authentication cache under CACHE-KEY. + +HISTORICAL-AUTHORIZATIONS must be a list of OpenPGP fingerprints (bytevectors) +denoting the authorized keys for commits whose parent lack the +'.guix-authorizations' file." + (define start-commit + (commit-lookup repository start)) + (define end-commit + (commit-lookup repository end)) + + (define keyring + (load-keyring-from-reference repository keyring-reference)) + + (define authenticated-commits + ;; Previously-authenticated commits that don't need to be checked again. + (filter-map (lambda (id) + (false-if-git-not-found + (commit-lookup repository (string->oid id)))) + (previously-authenticated-commits cache-key))) + + (define commits + ;; Commits to authenticate, excluding the closure of + ;; AUTHENTICATED-COMMITS. + (commit-difference end-commit start-commit + authenticated-commits)) + + ;; When COMMITS is empty, it's because END-COMMIT is in the closure of + ;; START-COMMIT and/or AUTHENTICATED-COMMITS, in which case it's known to + ;; be authentic already. + (if (null? commits) + '() + (let ((reporter (make-reporter start-commit end-commit commits))) + ;; If it's our first time, verify START-COMMIT's signature. + (when (null? authenticated-commits) + (verify-introductory-commit repository keyring + start-commit signer)) + + (let ((stats (call-with-progress-reporter reporter + (lambda (report) + (authenticate-commits repository commits + #:keyring keyring + #:default-authorizations + historical-authorizations + #:report-progress report))))) + (cache-authenticated-commit cache-key + (oid->string (commit-id end-commit))) + + stats)))) -- 2.26.2 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 2/5] Add 'etc/historical-authorizations'. 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès @ 2020-07-06 8:43 ` Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 3/5] git: Add 'with-git-error-handling' Ludovic Courtès ` (2 subsequent siblings) 3 siblings, 0 replies; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 8:43 UTC (permalink / raw) To: 42225; +Cc: Ludovic Courtès * etc/historical-authorizations: New file. Data extracted from 'build-aux/git-authenticate.scm'. * Makefile.am (EXTRA_DIST): Add it. --- Makefile.am | 1 + etc/historical-authorizations | 179 ++++++++++++++++++++++++++++++++++ 2 files changed, 180 insertions(+) create mode 100644 etc/historical-authorizations diff --git a/Makefile.am b/Makefile.am index 8988cdfa12..e125e07e99 100644 --- a/Makefile.am +++ b/Makefile.am @@ -552,6 +552,7 @@ EXTRA_DIST += \ etc/news.scm \ etc/release-manifest.scm \ etc/system-tests.scm \ + etc/historical-authorizations \ build-aux/build-self.scm \ build-aux/compile-all.scm \ build-aux/hydra/evaluate.scm \ diff --git a/etc/historical-authorizations b/etc/historical-authorizations new file mode 100644 index 0000000000..429054c9a5 --- /dev/null +++ b/etc/historical-authorizations @@ -0,0 +1,179 @@ +;; List of "historical" committers---people once authorized committers before +;; the '.guix-authorizations' file was created. +;; +;; This file is provided for historical and auditing purposes. It is known +;; good starting at least at 'v1.0.0'. +;; +;; The format is the same as for '.guix-authorizations'. User names are those +;; found on <https://savannah.gnu.org/project/memberlist.php?group=guix> along +;; with the fingerprint of the signing (sub)key. + +(authorizations + (version 0) + + (("AD17 A21E F8AE D8F1 CC02 DBD9 F7D5 C9BF 765C 61E3" + (name "andreas")) + ("2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5" + (name "ajgrf")) + ("306F CB8F 2C01 C25D 29D3 0556 61EF 502E F602 52F2" + (name "alexvong1995")) + ("4FB9 9F49 2B12 A365 7997 E664 8246 0C08 2A0E E98F" + (name "alezost")) + ("50F3 3E2E 5B0C 3D90 0424 ABE8 9BDC F497 A4BB CC7F" + (name "ambrevar")) + ("27D5 86A4 F890 0854 329F F09F 1260 E464 82E6 3562" + (name "apteryx")) + ("7F73 0343 F2F0 9F3C 77BF 79D3 2E25 EE8B 6180 2BB3" + (name "arunisaac")) + (;; primary: "3B12 9196 AE30 0C3C 0E90 A26F A715 5567 3271 9948" + "9A2B 401E D001 0650 1584 BAAC 8BC4 F447 6E8A 8E00" + (name "atheia")) + (;; primary: "BE62 7373 8E61 6D6D 1B3A 08E8 A21A 0202 4881 6103" + "39B3 3C8D 9448 0D2D DCC2 A498 8B44 A0CD C7B9 56F2" + (name "bandali")) + (;; primary: "34FF 38BC D151 25A6 E340 A0B5 3453 2F9F AFCA 8B8E" + "A0C5 E352 2EF8 EF5C 64CD B7F0 FD73 CAC7 19D3 2566" + (name "bavier")) + ("3774 8024 880F D3FF DCA2 C9AB 5893 6E0E 2F1B 5A4C" + (name "beffa")) + ("BCF8 F737 2CED 080A 67EB 592D 2A6A D9F4 AAC2 0DF6" + (name "benwoodcroft")) + ("45CC 63B8 5258 C9D5 5F34 B239 D37D 0EA7 CECC 3912" + (name "biscuolo")) + ("7988 3B9F 7D6A 4DBF 3719 0367 2506 A96C CF63 0B21" + (name "boskovits")) + ("DFC0 C7F7 9EE6 0CA7 AE55 5E19 6722 43C4 A03F 0EEE" + (name "brettgilio")) + (;; primary: "0401 7A2A 6D9A 0CCD C81D 8EC2 96AB 007F 1A7E D999" + "09CD D25B 5244 A376 78F6 EEA8 0CC5 2153 1979 91A5" + (name "carl")) + ("3E89 EEE7 458E 720D 9754 E0B2 5E28 A33B 0B84 F577" + (name "cbaines")) + ("3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5" + (name "civodul")) + ("510A 8628 E2A7 7678 8F8C 709C 4BC0 2592 5FF8 F4D3" + (name "cwebber")) + (;; primary: "295A F991 6F46 F8A1 34B0 29DA 8086 3842 F0FE D83B" + "76CE C6B1 7274 B465 C02D B3D9 E71A 3554 2C30 BAA5" + (name "dannym")) + ("B3C0 DB4D AD73 BA5D 285E 19AE 5143 0234 CEFD 87C3" + (name "davexunit")) + ( ;FIXME: to be confirmed! + "8CCB A7F5 52B9 CBEA E1FB 2915 8328 C747 0FF1 D807" + (name "davexunit (2nd)")) + ("53C4 1E6E 41AA FE55 335A CA5E 446A 2ED4 D940 BF14" + (name "daviwil")) + ("6909 6DFD D702 8BED ACC5 884B C5E0 51C7 9C0B ECDB" + (name "dvc")) + ("5F43 B681 0437 2F4B A898 A64B 33B9 E9FD E28D 2C23" + (name "dvc (old)")) + ("A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351" + (name "efraim")) + ("9157 41FE B22F A4E3 3B6E 8F8D F4C1 D391 7EAC EE93" + (name "efraim (old)")) + (;; primary: "2453 02B1 BAB1 F867 FDCA 96BC 8F3F 861F 82EB 7A9A" + "CBC5 9C66 EC27 B971 7940 6B3E 6BE8 208A DF21 FE3F" + (name "glv")) + ("2219 43F4 9E9F 276F 9499 3382 BF28 6CB6 593E 5FFD" + (name "hoebjo")) + ("B943 509D 633E 80DD 27FC 4EED 634A 8DFF D3F6 31DF" + (name "htgoebel")) + ("7440 26BA 7CA3 C668 E940 1D53 0B43 1E98 3705 6942" + (name "ipetkov")) + (;; primary: "66A5 6D9C 9A98 BE7F 719A B401 2652 5665 AE72 7D37" + "0325 78A6 8298 94E7 2AA2 66F5 D415 BF25 3B51 5976" + (name "iyzsong")) + + ;; https://lists.gnu.org/archive/html/guix-devel/2018-04/msg00229.html + ("DB34 CB51 D25C 9408 156F CDD6 A12F 8797 8D70 1B99" + (name "janneke (old)")) + ("1A85 8392 E331 EAFD B8C2 7FFB F3C1 A0D9 C1D6 5273" + (name "janneke")) + + (;; primary: "1BA4 08C5 8BF2 0EA7 3179 635A 865D C0A3 DED9 B5D0" + "E31D 9DDE EBA5 4A14 8A20 4550 DA45 97F9 47B4 1025" + (name "jlicht")) + ("8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3" + (name "jmd")) + ("83B6 703A DCCA 3B69 4BCE 2DA6 E6A5 EE3C 1946 7A0D" + (name "kkebreau")) + ("45E5 75FA 53EA 8BD6 1BCE 0B4E 3ADC 75F0 13D6 78F9" + (name "leungbk")) + (;; primary: "4F71 6F9A 8FA2 C80E F1B5 E1BA 5E35 F231 DE1A C5E0" + "B051 5948 F1E7 D3C1 B980 38A0 2646 FA30 BACA 7F08" + (name "lfam")) + ("2AE3 1395 932B E642 FC0E D99C 9BED 6EDA 32E5 B0BC" + (name "lsl88")) + ("CBF5 9755 CBE7 E7EF EF18 3FB1 DD40 9A15 D822 469D" + (name "marusich")) + ("BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA" + (name "mbakke")) + ("D919 0965 CE03 199E AF28 B3BE 7CEF 2984 7562 C516" + (name "mhw")) + ("4008 6A7E 0252 9B60 31FB 8607 8354 7635 3176 9CA6" + (name "mothacehe")) + ("F2A3 8D7E EB2B 6640 5761 070D 0ADE E100 9460 4D37" + (name "mthl")) + (;; primary: "F5BC 5534 C36F 0087 B39D 36EF 1C9D C4FE B9DB 7C4B" + "F5DA 2032 4B87 3D0B 7A38 7672 0DB0 FF88 4F55 6D79" + (name "nckx")) + (;; primary: "F5BC 5534 C36F 0087 B39D 36EF 1C9D C4FE B9DB 7C4B" + "7E8F AED0 0944 78EF 72E6 4D16 D889 B0F0 18C5 493C" + (name "nckx (revoked; not compromised)")) + ("E576 BFB2 CF6E B13D F571 33B9 E315 A758 4613 1564" + (name "niedzejkob")) + ("ED0E F1C8 E126 BA83 1B48 5FE9 DA00 B4F0 48E9 2F2D" + (name "ngz")) + ("CEF4 CB91 4856 BA38 0A20 A7E2 3008 88CB 39C6 3817" + (name "pelzflorian")) + (;; primary: "B68B DF22 73F9 DA0E 63C1 8A32 515B F416 9242 D600" + "C699 ED09 E51B CE89 FD1D A078 AAC7 E891 896B 568A" + (name "pgarlick")) + ("3A86 380E 58A8 B942 8D39 60E1 327C 1EF3 8DF5 4C32" + (name "phant0mas")) + ("74D6 A930 F44B 9B84 9EA5 5606 C166 AA49 5F7F 189C" + (name "reepca")) + ("BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC" + (name "rekado")) + ("0154 E1B9 1CC9 D9EF 7764 8DE7 F3A7 27DB 44FC CA36" + (name "rhelling")) + ("17CB 2812 EB63 3DFF 2C7F 0452 C3EC 1DCA 8430 72E1" + (name "roelj (old)")) + (;; From commit cc51c03ff867d4633505354819c6d88af88bf919 (March 2020). + ;; See <https://lists.gnu.org/archive/html/guix-devel/2020-03/msg00070.html>. + "F556 FD94 FB8F 8B87 79E3 6832 CBD0 CD51 38C1 9AFC" + (name "roelj")) + ("B5FA E628 5B41 3728 B2A0 FAED 4311 1F45 2008 6A0C" + (name "roptat (old)")) + (;; From commit 2cbede5935eb6a40173bbdf30a9ad22bf7574c22 (Jan. 2020). See + ;; <https://lists.gnu.org/archive/html/guix-devel/2020-01/msg00499.html>. + "1EFB 0909 1F17 D28C CBF9 B13A 53D4 57B2 D636 EE82" + (name "roptat")) + (;; primary: "D6B0 C593 DA8C 5EDC A44C 7A58 C336 91F7 1188 B004" + "A02C 2D82 0EF4 B25B A6B5 1D90 2AC6 A5EC 1C35 7C59" + (name "samplet")) + ("77DD AD2D 97F5 31BB C0F3 C7FD DFB5 EB09 AA62 5423" + (name "sleep_walker")) + ("F494 72F4 7A59 00D5 C235 F212 89F9 6D48 08F3 59C7" + (name "snape")) + ("4E26 CCE9 578E 0828 9855 BDD4 1C79 95D2 D5A3 8336" + (name "steap")) + ("9ADE 9ECF 2B19 C180 9C99 5CEA A1F4 CFCC 5283 6BAC" + (name "taylanub")) + + ;; https://lists.gnu.org/archive/html/guix-devel/2017-03/msg00826.html + (;; primary: "1DD1 681F E285 E07F 11DC 0C59 2E15 A6BC D77D 54FD" + "3D2C DA58 819C 08C2 A649 D43D 5C3B 064C 724A 5726" + (name "thomasd")) + ("A5C5 92EA 606E 7106 A6A3 BC08 98B2 1575 91E1 2B08" + (name "thomasd (old)")) + + ("D712 1D73 A40A 7264 9E43 ED7D F284 6B1A 0D32 C442" + (name "toothbrush")) + ("6580 7361 3BFC C5C7 E2E4 5D45 DC51 8FC8 7F97 16AA" + (name "vagrantc")) + (;; primary: "C955 CC5D C048 7FB1 7966 40A9 199A F6A3 67E9 4ABB" + "7238 7123 8EAC EB63 4548 5857 167F 8EA5 001A FA9C" + (name "wigust")) + ("FF47 8FB2 64DE 32EC 2967 25A3 DDC0 F535 8812 F8F2" + (name "wingo")))) -- 2.26.2 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 3/5] git: Add 'with-git-error-handling'. 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 2/5] Add 'etc/historical-authorizations' Ludovic Courtès @ 2020-07-06 8:43 ` Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 4/5] Add 'guix git-authenticate' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 5/5] maint: Remove 'build-aux/git-authenticate.scm' Ludovic Courtès 3 siblings, 0 replies; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 8:43 UTC (permalink / raw) To: 42225; +Cc: Ludovic Courtès * guix/scripts/pull.scm (report-git-error, with-git-error-handling): Move to... * guix/git.scm: ... here. * guix/scripts/time-machine.scm: Adjust accordingly. --- guix/git.scm | 19 +++++++++++++++++++ guix/scripts/pull.scm | 18 ------------------ guix/scripts/time-machine.scm | 4 +++- 3 files changed, 22 insertions(+), 19 deletions(-) diff --git a/guix/git.scm b/guix/git.scm index 0d8e617cc9..19c1cb59d3 100644 --- a/guix/git.scm +++ b/guix/git.scm @@ -29,6 +29,7 @@ #:use-module (guix records) #:use-module (guix gexp) #:use-module (guix sets) + #:use-module ((guix diagnostics) #:select (leave)) #:use-module (rnrs bytevectors) #:use-module (ice-9 match) #:use-module (srfi srfi-1) @@ -39,6 +40,7 @@ honor-system-x509-certificates! with-repository + with-git-error-handling false-if-git-not-found update-cached-checkout url+commit->name @@ -209,6 +211,23 @@ dynamic extent of EXP." (call-with-repository directory (lambda (repository) exp ...))) +(define (report-git-error error) + "Report the given Guile-Git error." + ;; Prior to Guile-Git commit b6b2760c2fd6dfaa5c0fedb43eeaff06166b3134, + ;; errors would be represented by integers. + (match error + ((? integer? error) ;old Guile-Git + (leave (G_ "Git error ~a~%") error)) + ((? git-error? error) ;new Guile-Git + (leave (G_ "Git error: ~a~%") (git-error-message error))))) + +(define-syntax-rule (with-git-error-handling body ...) + (catch 'git-error + (lambda () + body ...) + (lambda (key err) + (report-git-error err)))) + (define (load-git-submodules) "Attempt to load (git submodules), which was missing until Guile-Git 0.2.0. Return true on success, false on failure." diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index f953957161..807daec593 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -63,7 +63,6 @@ #:re-export (display-profile-content channel-commit-hyperlink) #:export (channel-list - with-git-error-handling guix-pull)) \f @@ -464,23 +463,6 @@ true, display what would be built without actually building it." (unless (honor-system-x509-certificates!) (honor-lets-encrypt-certificates! store))) -(define (report-git-error error) - "Report the given Guile-Git error." - ;; Prior to Guile-Git commit b6b2760c2fd6dfaa5c0fedb43eeaff06166b3134, - ;; errors would be represented by integers. - (match error - ((? integer? error) ;old Guile-Git - (leave (G_ "Git error ~a~%") error)) - ((? git-error? error) ;new Guile-Git - (leave (G_ "Git error: ~a~%") (git-error-message error))))) - -(define-syntax-rule (with-git-error-handling body ...) - (catch 'git-error - (lambda () - body ...) - (lambda (key err) - (report-git-error err)))) - \f ;;; ;;; Profile. diff --git a/guix/scripts/time-machine.scm b/guix/scripts/time-machine.scm index f9bcec651a..441673b780 100644 --- a/guix/scripts/time-machine.scm +++ b/guix/scripts/time-machine.scm @@ -24,10 +24,12 @@ #:use-module (guix channels) #:use-module (guix store) #:use-module (guix status) + #:use-module ((guix git) + #:select (with-git-error-handling)) #:use-module ((guix utils) #:select (%current-system)) #:use-module ((guix scripts pull) - #:select (with-git-error-handling channel-list)) + #:select (channel-list)) #:use-module ((guix scripts build) #:select (%standard-build-options show-build-options-help -- 2.26.2 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 4/5] Add 'guix git-authenticate'. 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 2/5] Add 'etc/historical-authorizations' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 3/5] git: Add 'with-git-error-handling' Ludovic Courtès @ 2020-07-06 8:43 ` Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 5/5] maint: Remove 'build-aux/git-authenticate.scm' Ludovic Courtès 3 siblings, 0 replies; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 8:43 UTC (permalink / raw) To: 42225; +Cc: Ludovic Courtès * guix/scripts/git-authenticate.scm: New file. * tests/guix-git-authenticate.sh: New files. * Makefile.am (MODULES): Add the former. (SH_TESTS): Add the latter. * doc/guix.texi (Channels)[Specifying Channel Authorizations]: Mention 'guix git-authenticate'. (Invoking guix git-authenticate): New node. * po/guix/POTFILES.in: Add 'guix/scripts/git-authenticate.scm'. --- Makefile.am | 2 + doc/guix.texi | 83 +++++++++++++- guix/scripts/git-authenticate.scm | 176 ++++++++++++++++++++++++++++++ po/guix/POTFILES.in | 1 + tests/guix-git-authenticate.sh | 56 ++++++++++ 5 files changed, 315 insertions(+), 3 deletions(-) create mode 100644 guix/scripts/git-authenticate.scm create mode 100644 tests/guix-git-authenticate.sh diff --git a/Makefile.am b/Makefile.am index e125e07e99..2058f9d1ea 100644 --- a/Makefile.am +++ b/Makefile.am @@ -281,6 +281,7 @@ MODULES = \ guix/scripts/publish.scm \ guix/scripts/edit.scm \ guix/scripts/size.scm \ + guix/scripts/git-authenticate.scm \ guix/scripts/graph.scm \ guix/scripts/weather.scm \ guix/scripts/container.scm \ @@ -463,6 +464,7 @@ SH_TESTS = \ tests/guix-build-branch.sh \ tests/guix-download.sh \ tests/guix-gc.sh \ + tests/guix-git-authenticate.sh \ tests/guix-hash.sh \ tests/guix-pack.sh \ tests/guix-pack-localstatedir.sh \ diff --git a/doc/guix.texi b/doc/guix.texi index ce17c2de8e..77e2971acd 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -3981,6 +3981,7 @@ Before that, some security considerations. @subsection Channel Authentication +@anchor{channel-authentication} @cindex authentication, of channel code The @command{guix pull} and @command{guix time-machine} commands @dfn{authenticate} the code retrieved from channels: they make sure each @@ -4200,6 +4201,7 @@ add a meta-data file @file{.guix-channel} that contains: @cindex channel authorizations @subsection Specifying Channel Authorizations +@anchor{channel-authorizations} As we saw above, Guix ensures the source code it pulls from channels comes from authorized developers. As a channel author, you need to specify the list of authorized developers in the @@ -4259,6 +4261,18 @@ pair---i.e., the commit that introduced @file{.guix-authorizations}, and the fingerprint of the OpenPGP used to sign it. @end enumerate +Before pushing to your public Git repository, you can run @command{guix +git-authenticate} to verify that you did sign all the commits you are +about to push with an authorized key: + +@example +guix git-authenticate @var{commit} @var{signer} +@end example + +@noindent +where @var{commit} and @var{signer} are your channel introduction. +@xref{Invoking guix git-authenticate}, for details. + Publishing a signed channel requires discipline: any mistake, such as an unsigned commit or a commit signed by an unauthorized key, will prevent users from pulling from your channel---well, that's the whole point of @@ -4862,9 +4876,10 @@ pack} command allows you to create @dfn{application bundles} that can be easily distributed to users who do not run Guix. @menu -* Invoking guix environment:: Setting up development environments. -* Invoking guix pack:: Creating software bundles. -* The GCC toolchain:: Working with languages supported by GCC. +* Invoking guix environment:: Setting up development environments. +* Invoking guix pack:: Creating software bundles. +* The GCC toolchain:: Working with languages supported by GCC. +* Invoking guix git-authenticate:: Authenticating Git repositories. @end menu @node Invoking guix environment @@ -5602,6 +5617,68 @@ The package @code{gfortran-toolchain} provides a complete GCC toolchain for Fortran development. For other languages, please use @samp{guix search gcc toolchain} (@pxref{guix-search,, Invoking guix package}). + +@node Invoking guix git-authenticate +@section Invoking @command{guix git-authenticate} + +The @command{guix git-authenticate} command authenticates a Git checkout +following the same rule as for channels (@pxref{channel-authentication, +channel authentication}). That is, starting from a given commit, it +ensures that all subsequent commits are signed by an OpenPGP key whose +fingerprint appears in the @file{.guix-authorizations} file of its +parent commit(s). + +You will find this command useful if you maintain a channel. But in +fact, this authentication mechanism is useful in a broader context, so +you might want to use it for Git repositories that have nothing to do +with Guix. + +The general syntax is: + +@example +guix git-authenticate @var{commit} @var{signer} [@var{options}@dots{}] +@end example + +By default, this command authenticates the Git checkout in the current +directory; it outputs nothing and exits with exit code zero on success +and non-zero on failure. @var{commit} above denotes the first commit +where authentication takes place, and @var{signer} is the OpenPGP +fingerprint of public key used to sign @var{commit}. Together, they +form a ``channel introduction'' (@pxref{channel-authentication, channel +introduction}). The options below allow you to fine-tune the process. + +@table @code +@item --repository=@var{directory} +@itemx -r @var{directory} +Open the Git repository in @var{directory} instead of the current +directory. + +@item --keyring=@var{reference} +@itemx -k @var{reference} +Load OpenPGP keyring from @var{reference}, the reference of a branch +such as @code{origin/keyring} or @code{my-keyring}. The branch must +contain OpenPGP public keys in @file{.key} files, either in binary form +or ``ASCII-armored''. By default the keyring is loaded from the branch +named @code{keyring}. + +@item --stats +Display commit signing statistics upon completion. + +@item --cache-key=@var{key} +Previously-authenticated commits are cached in a file under +@file{~/.cache/guix/authentication}. This option forces the cache to be +stored in file @var{key} in that directory. + +@item --historical-authorizations=@var{file} +By default, any commit whose parent commit(s) lack the +@file{.guix-authorizations} file is considered inauthentic. In +contrast, this option considers the authorizations in @var{file} for any +commit that lacks @file{.guix-authorizations}. The format of @var{file} +is the same as that of @file{.guix-authorizations} +(@pxref{channel-authorizations, @file{.guix-authorizations} format}). +@end table + + @c ********************************************************************* @node Programming Interface @chapter Programming Interface diff --git a/guix/scripts/git-authenticate.scm b/guix/scripts/git-authenticate.scm new file mode 100644 index 0000000000..e3ba767675 --- /dev/null +++ b/guix/scripts/git-authenticate.scm @@ -0,0 +1,176 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2020 Ludovic Courtès <ludo@gnu.org> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (guix scripts git-authenticate) + #:use-module (git) + #:use-module (guix ui) + #:use-module (guix scripts) + #:use-module (guix git-authenticate) + #:autoload (guix openpgp) (openpgp-format-fingerprint + openpgp-public-key-fingerprint) + #:use-module ((guix channels) #:select (openpgp-fingerprint)) + #:use-module ((guix git) #:select (with-git-error-handling)) + #:use-module (guix progress) + #:use-module (guix base64) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:use-module (srfi srfi-37) + #:use-module (ice-9 format) + #:use-module (ice-9 match) + #:export (guix-git-authenticate)) + +;;; Commentary: +;;; +;;; Authenticate a Git checkout by reading '.guix-authorizations' files and +;;; following the "authorizations invariant" also used by (guix channels). +;;; +;;; Code: + +(define %options + ;; Specifications of the command-line options. + (list (option '(#\h "help") #f #f + (lambda args + (show-help) + (exit 0))) + (option '(#\V "version") #f #f + (lambda args + (show-version-and-exit "guix git-authenticate"))) + + (option '(#\r "repository") #t #f + (lambda (opt name arg result) + (alist-cons 'directory arg result))) + (option '(#\e "end") #t #f + (lambda (opt name arg result) + (alist-cons 'end-commit (string->oid arg) result))) + (option '(#\k "keyring") #t #f + (lambda (opt name arg result) + (alist-cons 'keyring-reference arg result))) + (option '("cache-key") #t #f + (lambda (opt name arg result) + (alist-cons 'cache-key arg result))) + (option '("historical-authorizations") #t #f + (lambda (opt name arg result) + (alist-cons 'historical-authorizations arg + result))) + (option '("stats") #f #f + (lambda (opt name arg result) + (alist-cons 'show-stats? #t result))))) + +(define %default-options + '((directory . ".") + (keyring-reference . "keyring"))) + +(define (show-stats stats) + "Display STATS, an alist containing commit signing stats as returned by +'authenticate-repository'." + (format #t (G_ "Signing statistics:~%")) + (for-each (match-lambda + ((signer . count) + (format #t " ~a ~10d~%" + (openpgp-format-fingerprint + (openpgp-public-key-fingerprint signer)) + count))) + (sort stats + (match-lambda* + (((_ . count1) (_ . count2)) + (> count1 count2)))))) + +(define (show-help) + (display (G_ "Usage: guix git-authenticate COMMIT SIGNER [OPTIONS...] +Authenticate the given Git checkout using COMMIT/SIGNER as its introduction.\n")) + (display (G_ " + -r, --repository=DIRECTORY + open the Git repository at DIRECTORY")) + (display (G_ " + -k, --keyring=REFERENCE + load keyring from REFERENCE, a Git branch")) + (display (G_ " + --stats display commit signing statistics upon completion")) + (display (G_ " + --cache-key=KEY cache authenticated commits under KEY")) + (display (G_ " + --historical-authorizations=FILE + read historical authorizations from FILE")) + (newline) + (display (G_ " + -h, --help display this help and exit")) + (display (G_ " + -V, --version display version information and exit")) + (newline) + (show-bug-report-information)) + +\f +;;; +;;; Entry point. +;;; + +(define (guix-git-authenticate . args) + (define options + (parse-command-line args %options (list %default-options) + #:build-options? #f)) + + (define (command-line-arguments lst) + (reverse (filter-map (match-lambda + (('argument . arg) arg) + (_ #f)) + lst))) + + (define commit-short-id + (compose (cut string-take <> 7) oid->string commit-id)) + + (define (make-reporter start-commit end-commit commits) + (format (current-error-port) + (G_ "Authenticating commits ~a to ~a (~h new \ +commits)...~%") + (commit-short-id start-commit) + (commit-short-id end-commit) + (length commits)) + + (if (isatty? (current-error-port)) + (progress-reporter/bar (length commits)) + progress-reporter/silent)) + + (with-error-handling + (with-git-error-handling + (match (command-line-arguments options) + ((commit signer) + (let* ((directory (assoc-ref options 'directory)) + (show-stats? (assoc-ref options 'show-stats?)) + (keyring (assoc-ref options 'keyring-reference)) + (repository (repository-open directory)) + (end (match (assoc-ref options 'end-commit) + (#f (reference-target + (repository-head repository))) + (oid oid))) + (history (match (assoc-ref options 'historical-authorizations) + (#f '()) + (file (call-with-input-file file + read-authorizations)))) + (cache-key (or (assoc-ref options 'cache-key) + (repository-cache-key repository)))) + (define stats + (authenticate-repository repository (string->oid commit) + (openpgp-fingerprint signer) + #:end end + #:keyring-reference keyring + #:historical-authorizations history + #:cache-key cache-key + #:make-reporter make-reporter)) + + (when (and show-stats? (not (null? stats))) + (show-stats stats)))))))) diff --git a/po/guix/POTFILES.in b/po/guix/POTFILES.in index 62b3cbf4e4..bd2aacd164 100644 --- a/po/guix/POTFILES.in +++ b/po/guix/POTFILES.in @@ -53,6 +53,7 @@ guix/scripts/upgrade.scm guix/scripts/search.scm guix/scripts/show.scm guix/scripts/gc.scm +guix/scripts/git-authenticate.scm guix/scripts/hash.scm guix/scripts/import.scm guix/scripts/import/cran.scm diff --git a/tests/guix-git-authenticate.sh b/tests/guix-git-authenticate.sh new file mode 100644 index 0000000000..a149584421 --- /dev/null +++ b/tests/guix-git-authenticate.sh @@ -0,0 +1,56 @@ +# GNU Guix --- Functional package management for GNU +# Copyright © 2020 Ludovic Courtès <ludo@gnu.org> +# +# This file is part of GNU Guix. +# +# GNU Guix is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GNU Guix is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +# +# Test the 'guix git-authenticate' command-line utility. +# + +# Skip if we're not in a Git checkout. +[ -d "$abs_top_srcdir/.git" ] || exit 77 + +# Skip if there's no 'keyring' branch. +guile -c '(use-modules (git)) + (member "refs/heads/keyring" (branch-list (repository-open ".")))' || \ + exit 77 + +# Keep in sync with '%default-channels' in (guix channels)! +intro_commit="9edb3f66fd807b096b48283debdcddccfea34bad" +intro_signer="BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA" + +cache_key="test-$$" + +guix git-authenticate "$intro_commit" "$intro_signer" \ + --cache-key="$cache_key" --stats \ + --end=9549f0283a78fe36f2d4ff2a04ef8ad6b0c02604 + +rm "$XDG_CACHE_HOME/guix/authentication/$cache_key" + +# Commit and signer of the 'v1.0.0' tag. +v1_0_0_commit="6298c3ffd9654d3231a6f25390b056483e8f407c" +v1_0_0_signer="3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5" # civodul +v1_0_1_commit="d68de958b60426798ed62797ff7c96c327a672ac" + +# This should fail because these commits lack '.guix-authorizations'. +if guix git-authenticate "$v1_0_0_commit" "$v1_0_0_signer" \ + --cache-key="$cache_key" --end="$v1_0_1_commit"; +then false; else true; fi + +# This should work thanks to '--historical-authorizations'. +guix git-authenticate "$v1_0_0_commit" "$v1_0_0_signer" \ + --cache-key="$cache_key" --end="$v1_0_1_commit" --stats \ + --historical-authorizations="$abs_top_srcdir/etc/historical-authorizations" -- 2.26.2 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 5/5] maint: Remove 'build-aux/git-authenticate.scm'. 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès ` (2 preceding siblings ...) 2020-07-06 8:43 ` [bug#42225] [PATCH 4/5] Add 'guix git-authenticate' Ludovic Courtès @ 2020-07-06 8:43 ` Ludovic Courtès 3 siblings, 0 replies; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 8:43 UTC (permalink / raw) To: 42225; +Cc: Ludovic Courtès * Makefile.am (channel_intro_commit, channel_intro_signer): New variables. (authenticate): Use it. (EXTRA_DIST): Remove 'build-aux/git-authenticate.scm'. * build-aux/git-authenticate.scm: Remove. --- Makefile.am | 12 +- build-aux/git-authenticate.scm | 322 --------------------------------- 2 files changed, 7 insertions(+), 327 deletions(-) delete mode 100644 build-aux/git-authenticate.scm diff --git a/Makefile.am b/Makefile.am index 2058f9d1ea..f321b3c4e1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -568,7 +568,6 @@ EXTRA_DIST += \ build-aux/check-channel-news.scm \ build-aux/compile-as-derivation.scm \ build-aux/generate-authors.scm \ - build-aux/git-authenticate.scm \ build-aux/test-driver.scm \ build-aux/update-guix-package.scm \ build-aux/update-NEWS.scm \ @@ -640,14 +639,17 @@ install-data-hook: # Commit corresponding to the 'v1.0.0' tag. commit_v1_0_0 = 6298c3ffd9654d3231a6f25390b056483e8f407c +# Introduction of the 'guix' channel. Keep in sync with (guix channels)! +channel_intro_commit = 9edb3f66fd807b096b48283debdcddccfea34bad +channel_intro_signer = BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA + # Authenticate the current Git checkout by checking signatures on every commit # starting from $(commit_v1_0_0). authenticate: guix/openpgp.go guix/git-authenticate.go guix/git.go $(AM_V_at)echo "Authenticating Git checkout..." ; \ - "$(top_builddir)/pre-inst-env" $(GUILE) \ - --no-auto-compile -e git-authenticate \ - "$(top_srcdir)/build-aux/git-authenticate.scm" \ - "$(commit_v1_0_0)" + "$(top_builddir)/pre-inst-env" guix git-authenticate \ + --cache-key=channels/guix --stats \ + "$(channel_intro_commit)" "$(channel_intro_signer)" # Assuming Guix is already installed and the daemon is up and running, this # rule builds from $(srcdir), creating and building derivations. diff --git a/build-aux/git-authenticate.scm b/build-aux/git-authenticate.scm deleted file mode 100644 index e670264f28..0000000000 --- a/build-aux/git-authenticate.scm +++ /dev/null @@ -1,322 +0,0 @@ -;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2019, 2020 Ludovic Courtès <ludo@gnu.org> -;;; Copyright © 2020 Tobias Geerinckx-Rice <me@tobias.gr> -;;; -;;; This file is part of GNU Guix. -;;; -;;; GNU Guix is free software; you can redistribute it and/or modify it -;;; under the terms of the GNU General Public License as published by -;;; the Free Software Foundation; either version 3 of the License, or (at -;;; your option) any later version. -;;; -;;; GNU Guix is distributed in the hope that it will be useful, but -;;; WITHOUT ANY WARRANTY; without even the implied warranty of -;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -;;; GNU General Public License for more details. -;;; -;;; You should have received a copy of the GNU General Public License -;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. - -;;; -;;; Authenticate a range of commits. -;;; - -(use-modules (git) - (guix base16) - (guix git) - (guix git-authenticate) - (guix i18n) - ((guix openpgp) - #:select (openpgp-public-key-fingerprint - openpgp-format-fingerprint)) - (guix progress) - (srfi srfi-1) - (srfi srfi-26) - (ice-9 match) - (ice-9 format) - (ice-9 pretty-print)) - -\f -(define %historical-committers - ;; List of "historical" committers---people once authorized committers - ;; before the '.guix-authorizations' file was created. - ;; - ;; These are the user names found on - ;; <https://savannah.gnu.org/project/memberlist.php?group=guix> along with - ;; the fingerprint of the signing (sub)key. - '(("andreas" - "AD17 A21E F8AE D8F1 CC02 DBD9 F7D5 C9BF 765C 61E3") - ("ajgrf" - "2A39 3FFF 68F4 EF7A 3D29 12AF 6F51 20A0 22FB B2D5") - ("alexvong1995" - "306F CB8F 2C01 C25D 29D3 0556 61EF 502E F602 52F2") - ("alezost" - "4FB9 9F49 2B12 A365 7997 E664 8246 0C08 2A0E E98F") - ("ambrevar" - "50F3 3E2E 5B0C 3D90 0424 ABE8 9BDC F497 A4BB CC7F") - ("apteryx" - "27D5 86A4 F890 0854 329F F09F 1260 E464 82E6 3562") - ("arunisaac" - "7F73 0343 F2F0 9F3C 77BF 79D3 2E25 EE8B 6180 2BB3") - ("atheia" - ;; primary: "3B12 9196 AE30 0C3C 0E90 A26F A715 5567 3271 9948" - "9A2B 401E D001 0650 1584 BAAC 8BC4 F447 6E8A 8E00") - ("bandali" - ;; primary: "BE62 7373 8E61 6D6D 1B3A 08E8 A21A 0202 4881 6103" - "39B3 3C8D 9448 0D2D DCC2 A498 8B44 A0CD C7B9 56F2") - ("bavier" - ;; primary: "34FF 38BC D151 25A6 E340 A0B5 3453 2F9F AFCA 8B8E" - "A0C5 E352 2EF8 EF5C 64CD B7F0 FD73 CAC7 19D3 2566") - ("beffa" - "3774 8024 880F D3FF DCA2 C9AB 5893 6E0E 2F1B 5A4C") - ("benwoodcroft" - "BCF8 F737 2CED 080A 67EB 592D 2A6A D9F4 AAC2 0DF6") - ("biscuolo" - "45CC 63B8 5258 C9D5 5F34 B239 D37D 0EA7 CECC 3912") - ("boskovits" - "7988 3B9F 7D6A 4DBF 3719 0367 2506 A96C CF63 0B21") - ("brettgilio" - "DFC0 C7F7 9EE6 0CA7 AE55 5E19 6722 43C4 A03F 0EEE") - ("carl" - ;; primary: "0401 7A2A 6D9A 0CCD C81D 8EC2 96AB 007F 1A7E D999" - "09CD D25B 5244 A376 78F6 EEA8 0CC5 2153 1979 91A5") - ("cbaines" - "3E89 EEE7 458E 720D 9754 E0B2 5E28 A33B 0B84 F577") - ("civodul" - "3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5") - ("cwebber" - "510A 8628 E2A7 7678 8F8C 709C 4BC0 2592 5FF8 F4D3") - ("dannym" - ;; primary: "295A F991 6F46 F8A1 34B0 29DA 8086 3842 F0FE D83B" - "76CE C6B1 7274 B465 C02D B3D9 E71A 3554 2C30 BAA5") - ("davexunit" - "B3C0 DB4D AD73 BA5D 285E 19AE 5143 0234 CEFD 87C3") - ("davexunit (2nd)" ;FIXME: to be confirmed! - "8CCB A7F5 52B9 CBEA E1FB 2915 8328 C747 0FF1 D807") - ("daviwil" - "53C4 1E6E 41AA FE55 335A CA5E 446A 2ED4 D940 BF14") - ("dvc" - "6909 6DFD D702 8BED ACC5 884B C5E0 51C7 9C0B ECDB") - ("dvc (old)" - "5F43 B681 0437 2F4B A898 A64B 33B9 E9FD E28D 2C23") - ("efraim" - "A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351") - ("efraim (old)" - "9157 41FE B22F A4E3 3B6E 8F8D F4C1 D391 7EAC EE93") - ("glv" - ;; primary: "2453 02B1 BAB1 F867 FDCA 96BC 8F3F 861F 82EB 7A9A" - "CBC5 9C66 EC27 B971 7940 6B3E 6BE8 208A DF21 FE3F") - ("hoebjo" - "2219 43F4 9E9F 276F 9499 3382 BF28 6CB6 593E 5FFD") - ("htgoebel" - "B943 509D 633E 80DD 27FC 4EED 634A 8DFF D3F6 31DF") - ("ipetkov" - "7440 26BA 7CA3 C668 E940 1D53 0B43 1E98 3705 6942") - ("iyzsong" - ;; primary: "66A5 6D9C 9A98 BE7F 719A B401 2652 5665 AE72 7D37" - "0325 78A6 8298 94E7 2AA2 66F5 D415 BF25 3B51 5976") - - ;; https://lists.gnu.org/archive/html/guix-devel/2018-04/msg00229.html - ("janneke (old)" - "DB34 CB51 D25C 9408 156F CDD6 A12F 8797 8D70 1B99") - ("janneke" - "1A85 8392 E331 EAFD B8C2 7FFB F3C1 A0D9 C1D6 5273") - - ("jlicht" - ;; primary: "1BA4 08C5 8BF2 0EA7 3179 635A 865D C0A3 DED9 B5D0" - "E31D 9DDE EBA5 4A14 8A20 4550 DA45 97F9 47B4 1025") - ("jmd" - "8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3") - ("kkebreau" - "83B6 703A DCCA 3B69 4BCE 2DA6 E6A5 EE3C 1946 7A0D") - ("leungbk" - "45E5 75FA 53EA 8BD6 1BCE 0B4E 3ADC 75F0 13D6 78F9") - ("lfam" - ;; primary: "4F71 6F9A 8FA2 C80E F1B5 E1BA 5E35 F231 DE1A C5E0" - "B051 5948 F1E7 D3C1 B980 38A0 2646 FA30 BACA 7F08") - ("lsl88" - "2AE3 1395 932B E642 FC0E D99C 9BED 6EDA 32E5 B0BC") - ("marusich" - "CBF5 9755 CBE7 E7EF EF18 3FB1 DD40 9A15 D822 469D") - ("mbakke" - "BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA") - ("mhw" - "D919 0965 CE03 199E AF28 B3BE 7CEF 2984 7562 C516") - ("mothacehe" - "4008 6A7E 0252 9B60 31FB 8607 8354 7635 3176 9CA6") - ("mthl" - "F2A3 8D7E EB2B 6640 5761 070D 0ADE E100 9460 4D37") - ("nckx" - ;; primary: "F5BC 5534 C36F 0087 B39D 36EF 1C9D C4FE B9DB 7C4B" - "F5DA 2032 4B87 3D0B 7A38 7672 0DB0 FF88 4F55 6D79") - ("nckx (revoked; not compromised)" - ;; primary: "F5BC 5534 C36F 0087 B39D 36EF 1C9D C4FE B9DB 7C4B" - "7E8F AED0 0944 78EF 72E6 4D16 D889 B0F0 18C5 493C") - ("niedzejkob" - "E576 BFB2 CF6E B13D F571 33B9 E315 A758 4613 1564") - ("ngz" - "ED0E F1C8 E126 BA83 1B48 5FE9 DA00 B4F0 48E9 2F2D") - ("pelzflorian" - "CEF4 CB91 4856 BA38 0A20 A7E2 3008 88CB 39C6 3817") - ("pgarlick" - ;; primary: "B68B DF22 73F9 DA0E 63C1 8A32 515B F416 9242 D600" - "C699 ED09 E51B CE89 FD1D A078 AAC7 E891 896B 568A") - ("phant0mas" - "3A86 380E 58A8 B942 8D39 60E1 327C 1EF3 8DF5 4C32") - ("reepca" - "74D6 A930 F44B 9B84 9EA5 5606 C166 AA49 5F7F 189C") - ("rekado" - "BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC") - ("rhelling" - "0154 E1B9 1CC9 D9EF 7764 8DE7 F3A7 27DB 44FC CA36") - ("roelj (old)" - "17CB 2812 EB63 3DFF 2C7F 0452 C3EC 1DCA 8430 72E1") - ("roelj" - ;; From commit cc51c03ff867d4633505354819c6d88af88bf919 (March 2020). - ;; See <https://lists.gnu.org/archive/html/guix-devel/2020-03/msg00070.html>. - "F556 FD94 FB8F 8B87 79E3 6832 CBD0 CD51 38C1 9AFC") - ("roptat (old)" - "B5FA E628 5B41 3728 B2A0 FAED 4311 1F45 2008 6A0C") - ("roptat" - ;; From commit 2cbede5935eb6a40173bbdf30a9ad22bf7574c22 (Jan. 2020). See - ;; <https://lists.gnu.org/archive/html/guix-devel/2020-01/msg00499.html>. - "1EFB 0909 1F17 D28C CBF9 B13A 53D4 57B2 D636 EE82") - ("samplet" - ;; primary: "D6B0 C593 DA8C 5EDC A44C 7A58 C336 91F7 1188 B004" - "A02C 2D82 0EF4 B25B A6B5 1D90 2AC6 A5EC 1C35 7C59") - ("sleep_walker" - "77DD AD2D 97F5 31BB C0F3 C7FD DFB5 EB09 AA62 5423") - ("snape" - "F494 72F4 7A59 00D5 C235 F212 89F9 6D48 08F3 59C7") - ("steap" - "4E26 CCE9 578E 0828 9855 BDD4 1C79 95D2 D5A3 8336") - ("taylanub" - "9ADE 9ECF 2B19 C180 9C99 5CEA A1F4 CFCC 5283 6BAC") - - ;; https://lists.gnu.org/archive/html/guix-devel/2017-03/msg00826.html - ("thomasd" - ;; primary: "1DD1 681F E285 E07F 11DC 0C59 2E15 A6BC D77D 54FD" - "3D2C DA58 819C 08C2 A649 D43D 5C3B 064C 724A 5726") - ("thomasd (old)" - "A5C5 92EA 606E 7106 A6A3 BC08 98B2 1575 91E1 2B08") - - ("toothbrush" - "D712 1D73 A40A 7264 9E43 ED7D F284 6B1A 0D32 C442") - ("vagrantc" - "6580 7361 3BFC C5C7 E2E4 5D45 DC51 8FC8 7F97 16AA") - ("wigust" - ;; primary: "C955 CC5D C048 7FB1 7966 40A9 199A F6A3 67E9 4ABB" - "7238 7123 8EAC EB63 4548 5857 167F 8EA5 001A FA9C") - ("wingo" - "FF47 8FB2 64DE 32EC 2967 25A3 DDC0 F535 8812 F8F2"))) - -(define %historical-authorized-signing-keys - ;; Fingerprint of historically authorized signing keys. - (map (match-lambda - ((name fingerprint) - (base16-string->bytevector - (string-downcase (string-filter char-set:graphic fingerprint))))) - %historical-committers)) - -(define %use-historical-authorizations? - ;; Whether to allow authentication of past commits using - ;; %HISTORICAL-AUTHORIZED-SIGNING-KEYS for when '.guix-authorizations' was - ;; missing. - (getenv "GUIX_USE_HISTORICAL_AUTHORIZATIONS")) - -(define %introductory-commit - ;; This is the commit that appears in the official 'guix' channel - ;; introduction. XXX: Keep in sync with (guix channels)! - "9edb3f66fd807b096b48283debdcddccfea34bad") - -(define %commits-with-bad-signature - ;; Commits with a known-bad signature. - '("6a34f4ccc8a5d4a48e25ad3c9c512f8634928b91")) ;2016-12-29 - -(define %unsigned-commits - ;; Commits lacking a signature. - '()) - -(define commit-short-id - (compose (cut string-take <> 7) oid->string commit-id)) - -\f -;;; -;;; Entry point. -;;; - -(define (git-authenticate args) - (define repository - (repository-open ".")) - - (let loop ((args args)) - (match args - ((_ start end) - (define start-commit - (commit-lookup repository - (string->oid (if %use-historical-authorizations? - start - %introductory-commit)))) - (define end-commit - (commit-lookup repository (string->oid end))) - - (define authenticated-commits - ;; Previously-authenticated commits that don't need to be checked - ;; again. - (filter-map (lambda (id) - (false-if-exception - (commit-lookup repository (string->oid id)))) - (previously-authenticated-commits "channels/guix"))) - - (define commits - ;; Commits to authenticate, excluding the closure of - ;; AUTHENTICATED-COMMITS. - (commit-difference end-commit start-commit - authenticated-commits)) - - (define reporter - (progress-reporter/bar (length commits))) - - (define historical-authorizations - ;; List of authorizations in effect before '.guix-authorizations' was - ;; introduced. By default, assume there were no authorizations; this - ;; is what 'guix pull' does. - (if %use-historical-authorizations? - %historical-authorized-signing-keys - '())) - - (format #t (G_ "Authenticating ~a to ~a (~a commits)...~%") - (commit-short-id start-commit) - (commit-short-id end-commit) - (length commits)) - - (let ((stats (call-with-progress-reporter reporter - (lambda (report) - (authenticate-commits repository commits - #:default-authorizations - historical-authorizations - #:report-progress report))))) - (cache-authenticated-commit "channels/guix" - (oid->string (commit-id end-commit))) - - (unless (null? stats) - (format #t (G_ "Signing statistics:~%")) - (for-each (match-lambda - ((signer . count) - (format #t " ~a ~10d~%" - (openpgp-format-fingerprint - (openpgp-public-key-fingerprint signer)) - count))) - (sort stats - (match-lambda* - (((_ . count1) (_ . count2)) - (> count1 count2)))))))) - ((command start) - (let* ((head (repository-head repository)) - (end (reference-target head))) - (loop (list command start (oid->string end))))) - (_ - (format (current-error-port) - (G_ "Usage: git-authenticate START [END] - -Authenticate commits START to END or the current head.\n")))))) -- 2.26.2 ^ permalink raw reply related [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-06 8:37 [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès @ 2020-07-06 9:24 ` zimoun 2020-07-06 12:46 ` Ludovic Courtès 1 sibling, 1 reply; 13+ messages in thread From: zimoun @ 2020-07-06 9:24 UTC (permalink / raw) To: Ludovic Courtès, 42225; +Cc: Ludovic Courtès Hi Ludo, On Mon, 06 Jul 2020 at 10:37, Ludovic Courtès <ludo@gnu.org> wrote: > I put the “Invoking” node under “Development”, not sure if that’s > the best place. Also, I considered doing a ‘guix git’ command, > of which ‘authenticate’ would be one sub-command and maybe ‘clone’ > another one. But for ‘clone’ I thought that ‘guix download’ would > be a better fit. So I concluded that ‘guix git-authenticate’ was > a good choice in the end. On the topic of other subcommands, I have in mind log and tag. Currently, I have --8<---------------cut here---------------start------------->8--- export CKT=~/.cache/guix/checkouts/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq export SRC=~/src/guix --8<---------------cut here---------------end--------------->8--- and I run "git -C $CKT" or "git -C $SRC", for example: git -C $SRC log | grep Update And I would like to be able to simply run; guix git log | grep Update And the same for tagging commits. Which implies also improve what "guix pull" and "guix time-machine" accept. All the best, simon ^ permalink raw reply [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-06 9:24 ` [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command zimoun @ 2020-07-06 12:46 ` Ludovic Courtès 2020-07-06 13:27 ` zimoun 0 siblings, 1 reply; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 12:46 UTC (permalink / raw) To: zimoun; +Cc: 42225 Hi, zimoun <zimon.toutoune@gmail.com> skribis: > On Mon, 06 Jul 2020 at 10:37, Ludovic Courtès <ludo@gnu.org> wrote: > >> I put the “Invoking” node under “Development”, not sure if that’s >> the best place. Also, I considered doing a ‘guix git’ command, >> of which ‘authenticate’ would be one sub-command and maybe ‘clone’ >> another one. But for ‘clone’ I thought that ‘guix download’ would >> be a better fit. So I concluded that ‘guix git-authenticate’ was >> a good choice in the end. > > On the topic of other subcommands, I have in mind log and tag. > > Currently, I have > > export CKT=~/.cache/guix/checkouts/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq > export SRC=~/src/guix > > and I run "git -C $CKT" or "git -C $SRC", for example: > > git -C $SRC log | grep Update > > And I would like to be able to simply run; > > guix git log | grep Update Good point. Though hopefully this particular use case (finding new package updates) is well served by ‘guix pull --news’, no? It’s not entirely clear to me what a ‘guix git log’ command would do in fact: show the log for the ‘guix’ channel? For all channels (how?)? For the specified channel? For what commit range? > And the same for tagging commits. Which implies also improve what "guix > pull" and "guix time-machine" accept. Tagging commits is tricky because users only have a *cached* checkout. So if we want persistent tags, we’ll have to develop a separate mechanism. Could be useful, though perhaps redundant with the (unimplemented) idea of tagging generation? In the short term, we don’t need to solve all these problems: we can also go for ‘git-authenticate’ and rename it once we have these other commands. Thanks, Ludo’. ^ permalink raw reply [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-06 12:46 ` Ludovic Courtès @ 2020-07-06 13:27 ` zimoun 2020-07-06 19:48 ` Ludovic Courtès 0 siblings, 1 reply; 13+ messages in thread From: zimoun @ 2020-07-06 13:27 UTC (permalink / raw) To: Ludovic Courtès; +Cc: 42225 On Mon, 6 Jul 2020 at 14:46, Ludovic Courtès <ludo@gnu.org> wrote: > > git -C $SRC log | grep Update > > > > And I would like to be able to simply run; > > > > guix git log | grep Update > > Good point. Though hopefully this particular use case (finding new > package updates) is well served by ‘guix pull --news’, no? It is not for new package updates, but the contrary. :-) I use it for searching versions back in time. Which commit introduces which version. To be honest, I am almost never use "guix pull --news" because I am pulling once every full moon, and even when I do, I run an ugly script like: --8<---------------cut here---------------start------------->8--- #!/bin/bash # url-cache-directory from guix/git.scm # pjmkgl... = hash("https://git.savannah.gnu.org/git/guix.git") CACHE=~/.cache/guix/checkouts CHECKOUT=${CACHE}/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq printf "Updating local checkout:\n'$CHECKOUT'..." git -C $CHECKOUT pull -q echo " done." guix pull --commit=$(git -C $CHECKOUT \ log \ --before=$(date --date='2 weeks ago' +%Y-%m-%d) \ --format="%h" | head -n1) \ $@ --8<---------------cut here---------------end--------------->8--- because I do want the substitutes available. Well, for example, I run: "guix pull --news" and I get 15 new packages and 367 packages upgraded. > It’s not entirely clear to me what a ‘guix git log’ command would do in > fact: show the log for the ‘guix’ channel? For all channels (how?)? > For the specified channel? For what commit range? This is maybe out of the current bug report. I do not know if it is good to discuss here. Well, quickly we could imagine: guix git log # for guix channel guix git log --channel=name Then for the commit range, it could be the same UI as "git log". Since the commit messages are well-formatted, it is pretty easy to grep in. Moreover, "git worktree" could be added too. Well, the idea behind is to avoid clone+guix-environment+./pre-env-inst. > > And the same for tagging commits. Which implies also improve what "guix > > pull" and "guix time-machine" accept. > > Tagging commits is tricky because users only have a *cached* checkout. > So if we want persistent tags, we’ll have to develop a separate > mechanism. Could be useful, though perhaps redundant with the > (unimplemented) idea of tagging generation? Well, I do not want persistent tags. I am fine with local tags. I mean it is easy to tag my local repo with something meaningful for me and then lookup couple of weeks later. I do with "git -C $SRC" but I would like nicer to be able to run: guix git log | grep bazinga guix git tag foo guix time-machine --commit=foo -- > In the short term, we don’t need to solve all these problems: we can > also go for ‘git-authenticate’ and rename it once we have these other > commands. I have learnt that renaming will not work. :-) Because backward compatibilities and break the workflow of someone. So I would take the other route, go for "guix git authenticate" and hoping that other commands would come soon. Well, I do not know. It is just a suggestion reading your message. :-) Cheers, simon ^ permalink raw reply [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-06 13:27 ` zimoun @ 2020-07-06 19:48 ` Ludovic Courtès 2020-07-06 21:27 ` zimoun 0 siblings, 1 reply; 13+ messages in thread From: Ludovic Courtès @ 2020-07-06 19:48 UTC (permalink / raw) To: zimoun; +Cc: 42225 Hi, zimoun <zimon.toutoune@gmail.com> skribis: > On Mon, 6 Jul 2020 at 14:46, Ludovic Courtès <ludo@gnu.org> wrote: > >> > git -C $SRC log | grep Update >> > >> > And I would like to be able to simply run; >> > >> > guix git log | grep Update >> >> Good point. Though hopefully this particular use case (finding new >> package updates) is well served by ‘guix pull --news’, no? > > It is not for new package updates, but the contrary. :-) > I use it for searching versions back in time. Which commit introduces > which version. > > To be honest, I am almost never use "guix pull --news" because I am > pulling once every full moon, and even when I do, I run an ugly script > like: > > #!/bin/bash > > # url-cache-directory from guix/git.scm > # pjmkgl... = hash("https://git.savannah.gnu.org/git/guix.git") > CACHE=~/.cache/guix/checkouts > CHECKOUT=${CACHE}/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq > > printf "Updating local checkout:\n'$CHECKOUT'..." > git -C $CHECKOUT pull -q > echo " done." > > guix pull --commit=$(git -C $CHECKOUT \ > log \ > --before=$(date --date='2 weeks ago' +%Y-%m-%d) \ > --format="%h" | head -n1) \ > $@ > > because I do want the substitutes available. Well, for example, I > run: "guix pull --news" and I get 15 new packages and 367 packages > upgraded. We’re drifting off-topic, but this is interesting. I just hope few people do that, but at least it’s a reminder of the sad situation wrt. substitute availability. I don’t understand why you wouldn’t run ‘guix pull --news’ though. It provides useful info beyond packages, doesn’t it? [...] >> In the short term, we don’t need to solve all these problems: we can >> also go for ‘git-authenticate’ and rename it once we have these other >> commands. > > I have learnt that renaming will not work. :-) > Because backward compatibilities and break the workflow of someone. > So I would take the other route, go for "guix git authenticate" and > hoping that other commands would come soon. Well, this particular renaming would be easy: it’s really just renaming, with a known name, a situation very different from that of ‘guix environment’ if that’s what you were alluding to. Thanks, Ludo’. ^ permalink raw reply [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-06 19:48 ` Ludovic Courtès @ 2020-07-06 21:27 ` zimoun 2020-07-11 11:01 ` bug#42225: " Ludovic Courtès 0 siblings, 1 reply; 13+ messages in thread From: zimoun @ 2020-07-06 21:27 UTC (permalink / raw) To: Ludovic Courtès; +Cc: 42225 Hi, On Mon, 06 Jul 2020 at 21:48, Ludovic Courtès <ludo@gnu.org> wrote: > We’re drifting off-topic, but this is interesting. I just hope few > people do that, but at least it’s a reminder of the sad situation > wrt. substitute availability. I have started to do so during lockdown. I was in South of France (Millau \o/) only with my laptop which is not so much powerful. Well, on one hand it is the availability of package substitutes; but except some corner case and bad luck, in general* it is fine for me. On the other hand, I am really annoyed by building the derivations. But the new Guile compiler for derivation and other such optimizations could really improve the situation. :-) *general: well, it should not be possible to pull packages that do not build. It is rare but it happens and it is really frustrating: burn CPU and finally end with "build error". Anyway! Off-topic. > I don’t understand why you wouldn’t run ‘guix pull --news’ though. It > provides useful info beyond packages, doesn’t it? The command "guix pull --news" is useful. It provides useful information about packages, features, etc. But I read "--news" directly on guix-patches. :-) However, "guix pull --news" is not useful for what I want: find the commit backward in order to feed "guix time-machine --commit=". From my point of view, "--news" is useful forward. Other said, I delete the old generations I pulled e.g. 1 year ago so "--news" cannot work in this case. Anyway! Another off-topic. >>> In the short term, we don’t need to solve all these problems: we can >>> also go for ‘git-authenticate’ and rename it once we have these other >>> commands. >> >> I have learnt that renaming will not work. :-) >> Because backward compatibilities and break the workflow of someone. >> So I would take the other route, go for "guix git authenticate" and >> hoping that other commands would come soon. > > Well, this particular renaming would be easy: it’s really just renaming, > with a known name, a situation very different from that of ‘guix > environment’ if that’s what you were alluding to. Well, I do not think that particular renaming would be easy; as any other renaming: changing established things is hard. It is easy to add, not to remove. And from my point of view "guix git-authenticate" is not special enough to deserve a subcommand. But we all enjoy different taste of wine. :-) Anyway. Because we are drifting too much, let open another discussion and move forward this one. So, it was my bikeshedding feedback. :-) Cheers, simon ^ permalink raw reply [flat|nested] 13+ messages in thread
* bug#42225: [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-06 21:27 ` zimoun @ 2020-07-11 11:01 ` Ludovic Courtès 2020-07-16 0:12 ` [bug#42225] " zimoun 0 siblings, 1 reply; 13+ messages in thread From: Ludovic Courtès @ 2020-07-11 11:01 UTC (permalink / raw) To: zimoun; +Cc: 42225-done Hi! I pushed this after renaming the command to ‘guix git authenticate’ after all: 62b8bbc2c2 news: Add entry for 'guix git authenticate'. 96bf434c70 maint: Remove 'build-aux/git-authenticate.scm'. a98712785e Add 'guix git authenticate'. 69db2993b5 git: Add 'with-git-error-handling'. 4b9b8b2ec2 Add 'etc/historical-authorizations'. 838f2bdfa8 git-authenticate: Factorize 'authenticate-repository'. Ludo’. ^ permalink raw reply [flat|nested] 13+ messages in thread
* [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command 2020-07-11 11:01 ` bug#42225: " Ludovic Courtès @ 2020-07-16 0:12 ` zimoun 0 siblings, 0 replies; 13+ messages in thread From: zimoun @ 2020-07-16 0:12 UTC (permalink / raw) To: Ludovic Courtès; +Cc: 42225-done Hi Ludo, On Sat, 11 Jul 2020 at 13:01, Ludovic Courtès <ludo@gnu.org> wrote: > I pushed this after renaming the command to ‘guix git authenticate’ > after all: Cool! And this new subcommand opens room of new other subsubcommands. :-) Cheers, simon ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2020-07-16 0:13 UTC | newest] Thread overview: 13+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2020-07-06 8:37 [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 1/5] git-authenticate: Factorize 'authenticate-repository' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 2/5] Add 'etc/historical-authorizations' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 3/5] git: Add 'with-git-error-handling' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 4/5] Add 'guix git-authenticate' Ludovic Courtès 2020-07-06 8:43 ` [bug#42225] [PATCH 5/5] maint: Remove 'build-aux/git-authenticate.scm' Ludovic Courtès 2020-07-06 9:24 ` [bug#42225] [PATCH 0/5] Add 'guix git-authenticate' command zimoun 2020-07-06 12:46 ` Ludovic Courtès 2020-07-06 13:27 ` zimoun 2020-07-06 19:48 ` Ludovic Courtès 2020-07-06 21:27 ` zimoun 2020-07-11 11:01 ` bug#42225: " Ludovic Courtès 2020-07-16 0:12 ` [bug#42225] " zimoun
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/guix.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).