From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:470:142:3::10]:33067)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jEVUd-0007tk-QE
 for guix-patches@gnu.org; Wed, 18 Mar 2020 06:00:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jEVUY-0007Uo-PE
 for guix-patches@gnu.org; Wed, 18 Mar 2020 06:00:07 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:33856)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1jEVUY-0007TG-Ku
 for guix-patches@gnu.org; Wed, 18 Mar 2020 06:00:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jEVUY-0007ac-Ie
 for guix-patches@gnu.org; Wed, 18 Mar 2020 06:00:02 -0400
Subject: [bug#39684] [PATCH] etc: Automatically download the pgp key
Resent-Message-ID: <handler.39684.B39684.158452555029087@debbugs.gnu.org>
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
References: <20200220022220.04906816@tachikoma.lepiller.eu>
 <20200220134159.70db5633@tachikoma.lepiller.eu>
Date: Wed, 18 Mar 2020 10:59:00 +0100
In-Reply-To: <20200220134159.70db5633@tachikoma.lepiller.eu> (Julien
 Lepiller's message of "Thu, 20 Feb 2020 13:41:59 +0100")
Message-ID: <87o8su9e6z.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Julien Lepiller <julien@lepiller.eu>
Cc: 39684@debbugs.gnu.org

Hi Julien!

Julien Lepiller <julien@lepiller.eu> skribis:

>>>From aebea6bcfa615bc644c9afa1120eeb34f0956c5a Mon Sep 17 00:00:00 2001
> From: Julien Lepiller <julien@lepiller.eu>
> Date: Thu, 20 Feb 2020 02:14:39 +0100
> Subject: [PATCH] etc: Add an `allow-import-gpg' option to the installer
>  script.
>
> * etc/guix-install.sh: Add an `allow-import-gpg' option to support
> fetching the OpenPGP public key automatically.

Sounds like a good idea.

> --- a/etc/guix-install.sh
> +++ b/etc/guix-install.sh
> @@ -57,6 +57,7 @@ INF=3D"[ INFO ] "
>  DEBUG=3D0
>  GNU_URL=3D"https://ftp.gnu.org/gnu/guix/"
>  OPENPGP_SIGNING_KEY_ID=3D"3CE464558A84FDC69DB40CFB090B11993D9AEBB5"
> +GPG_IMPORT=3D0

Perhaps define:

  OPENPGP_KEY_URL=3D"https://sv.gnu.org/people/viewgpg.php?user_id=3D15145"

and use it everywhere?

>  # This script needs to know where root's home directory is.  However, we
>  # cannot simply use the HOME environment variable, since there is no gua=
rantee
> @@ -109,9 +110,14 @@ chk_gpg_keyring()
>      # Without --dry-run this command will create a ~/.gnupg owned by roo=
t on
>      # systems where gpg has never been used, causing errors and confusio=
n.
>      gpg --dry-run --list-keys ${OPENPGP_SIGNING_KEY_ID} >/dev/null 2>&1 =
|| (
> -        _err "${ERR}Missing OpenPGP public key.  Fetch it with this comm=
and:"
> -        echo "  wget https://sv.gnu.org/people/viewgpg.php?user_id=3D151=
45 -qO - | gpg --import -"
> -        exit 1
> +        if [ "${GPG_IMPORT}" =3D "1" ]; then
> +          wget https://sv.gnu.org/people/viewgpg.php?user_id=3D15145 -qO=
 - | gpg --import -

This would become wget "$OPENPGP_KEY_URL" (better use quotes).

Thanks!

Ludo=E2=80=99.