From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Tobias Geerinckx-Rice <me@tobias.gr>
Cc: 50892@debbugs.gnu.org
Subject: [bug#50892] [PATCH] guix-install.sh: Authorize all project build farms at once.
Date: Wed, 29 Sep 2021 12:51:07 -0400 [thread overview]
Message-ID: <87r1d71g1w.fsf@gmail.com> (raw)
In-Reply-To: <20210929154310.25788-1-me@tobias.gr> (Tobias Geerinckx-Rice's message of "Wed, 29 Sep 2021 17:43:10 +0200")
Tobias Geerinckx-Rice <me@tobias.gr> writes:
> * etc/guix-install.sh (sys_authorize_build_farms):
> Iterate over all hosts.
> ---
> etc/guix-install.sh | 23 +++++++++++++++--------
> 1 file changed, 15 insertions(+), 8 deletions(-)
>
> diff --git a/etc/guix-install.sh b/etc/guix-install.sh
> index b0d4a8b95e..e3b8485a50 100755
> --- a/etc/guix-install.sh
> +++ b/etc/guix-install.sh
> @@ -1,21 +1,21 @@
> #!/bin/sh
> # GNU Guix --- Functional package management for GNU
> # Copyright © 2017 sharlatan <sharlatanus@gmail.com>
> # Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>
> # Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
> -# Copyright © 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
> +# Copyright © 2019–2021 Tobias Geerinckx-Rice <me@tobias.gr>
> # Copyright © 2020 Morgan Smith <Morgan.J.Smith@outlook.com>
> # Copyright © 2020 Simon Tournier <zimon.toutoune@gmail.com>
> # Copyright © 2020 Daniel Brooks <db48x@db48x.net>
> # Copyright © 2021 Jakub Kądziołka <kuba@kadziolka.net>
> # Copyright © 2021 Chris Marusich <cmmarusich@gmail.com>
> # Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
> #
> # This file is part of GNU Guix.
> #
> # GNU Guix is free software; you can redistribute it and/or modify it
> # under the terms of the GNU General Public License as published by
> # the Free Software Foundation; either version 3 of the License, or (at
> # your option) any later version.
> #
> # GNU Guix is distributed in the hope that it will be useful, but
> @@ -476,38 +476,45 @@ sys_enable_guix_daemon()
> ;;
> esac
>
> _msg "${INF}making the guix command available to other users"
>
> [ -e "$local_bin" ] || mkdir -p "$local_bin"
> ln -sf "${var_guix}/bin/guix" "$local_bin"
>
> [ -e "$info_path" ] || mkdir -p "$info_path"
> for i in "${var_guix}"/share/info/*; do
> ln -sf "$i" "$info_path"
> done
> }
>
> sys_authorize_build_farms()
> -{ # authorize the public key of the build farm
> +{ # authorize the public key(s) of the build farm(s)
> + local hosts=(
> + ci.guix.gnu.org
> + bordeaux.guix.gnu.org
> + )
> +
> if prompt_yes_no "Permit downloading pre-built package binaries from the \
> -project's build farm? (yes/no)"; then
> - guix archive --authorize \
> - < "~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub" \
> - && _msg "${PAS}Authorized public key for ci.guix.gnu.org"
> - else
> - _msg "${INF}Skipped authorizing build farm public keys"
> +project's build farms? (yes/no)"; then
> + for host in "${hosts[@]}"; do
> + guix archive --authorize \
> + < "~root/.config/guix/current/share/guix/$host.pub" \
> + && _msg "${PAS}Authorized public key for $host"
> + done
> + else
> + _msg "${INF}Skipped authorizing build farm public keys"
> fi
> }
>
> sys_create_init_profile()
> { # Define for better desktop integration
> # This will not take effect until the next shell or desktop session!
> [ -d "/etc/profile.d" ] || mkdir /etc/profile.d # Just in case
> cat <<"EOF" > /etc/profile.d/guix.sh
> # _GUIX_PROFILE: `guix pull` profile
> _GUIX_PROFILE="$HOME/.config/guix/current"
> export PATH="$_GUIX_PROFILE/bin${PATH:+:}$PATH"
> # Export INFOPATH so that the updated info pages can be found
> # and read by both /usr/bin/info and/or $GUIX_PROFILE/bin/info
> # When INFOPATH is unset, add a trailing colon so that Emacs
> # searches 'Info-default-directory-list'.
Tested on a VM:
./guix-install.sh: line 500: ~root/.config/guix/current/share/guix/bordeaux.guix.gnu.org.pub: No such file or directory
root@ubuntu:~# echo $?
1
I think we should fetch the keys from our online repo, so we can ensure
1. they are available
2. they are up to date.
Thanks!
Maxim
prev parent reply other threads:[~2021-09-29 16:52 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-29 15:43 [bug#50892] [PATCH] guix-install.sh: Authorize all project build farms at once Tobias Geerinckx-Rice via Guix-patches via
2021-09-29 16:49 ` Tobias Geerinckx-Rice via Guix-patches via
2022-12-08 11:34 ` bug#59781: bug#50892: " Ludovic Courtès
2022-12-08 21:27 ` [bug#50892] " pelzflorian (Florian Pelz)
2022-12-09 9:01 ` bug#50892: bug#59781: [version 1.4.0rc1] install.sh script should authorize bordeaux Ludovic Courtès
2022-12-08 21:42 ` bug#59781: bug#50892: [PATCH] guix-install.sh: Authorize all project build farms at once Tobias Geerinckx-Rice via Bug reports for GNU Guix
2022-12-09 9:09 ` [bug#50892] bug#59781: [version 1.4.0rc1] install.sh script should authorize bordeaux Ludovic Courtès
2021-09-29 16:51 ` Maxim Cournoyer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87r1d71g1w.fsf@gmail.com \
--to=maxim.cournoyer@gmail.com \
--cc=50892@debbugs.gnu.org \
--cc=me@tobias.gr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.