diff mbox series

[bug#50892] guix-install.sh: Authorize all project build farms at once.

Message ID 87edtaf7sz.fsf_-_@gnu.org
State New
Headers show
Series [bug#50892] guix-install.sh: Authorize all project build farms at once. | expand

Commit Message

Ludovic Courtès Dec. 8, 2022, 11:34 a.m. UTC 
Hi,

Tobias Geerinckx-Rice <me@tobias.gr> skribis:

> Tobias Geerinckx-Rice via Guix-patches via 写道:
>> +                 <
>> "~root/.config/guix/current/share/guix/$host.pub" \
>
> This file is missing for bordeaux in the 1.3.0 release, so this would
> have to wait until the next one…

If there are no objections I’d like to push to ‘master’ and
‘version-1.4.0’ this modified version of your patch.

Thanks,
Ludo’.

Comments

pelzflorian (Florian Pelz) Dec. 8, 2022, 9:27 p.m. UTC | #1 
Ludovic Courtès <ludo@gnu.org> writes:
> If there are no objections I’d like to push to ‘master’ and
> ‘version-1.4.0’ this modified version of your patch.

Thank you two, this patch works (on 1.3.0 only ci.guix.gnu.org, on
1.4.0rc1 also bordeaux, except when I decline authorization).

Regards,
Florian
Tobias Geerinckx-Rice Dec. 8, 2022, 9:42 p.m. UTC | #2 
Ludovic Courtès 写道:
> If there are no objections I’d like to push to ‘master’ and
> ‘version-1.4.0’ this modified version of your patch.

No objections, thanks!

(Ugh, this patch is so ugly, all to work around that triplication 
in ~/.config/guix/current/share/guix/*.pub…  Would it be OK for 
‘guix archive --authorize’ to silently ignore duplicate keys?)

Kind regards,

T G-R
Ludovic Courtès Dec. 9, 2022, 9:01 a.m. UTC | #3 
Hi,

"pelzflorian (Florian Pelz)" <pelzflorian@pelzflorian.de> skribis:

> Ludovic Courtès <ludo@gnu.org> writes:
>> If there are no objections I’d like to push to ‘master’ and
>> ‘version-1.4.0’ this modified version of your patch.
>
> Thank you two, this patch works (on 1.3.0 only ci.guix.gnu.org, on
> 1.4.0rc1 also bordeaux, except when I decline authorization).

Pushed to both branches.  Thanks to the two of you!

Ludo’.
diff mbox series

Patch

From f13e03d57ae9784a349bfa2eab0285e2c5b58eb7 Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Wed, 29 Sep 2021 17:43:10 +0200
Subject: [PATCH] guix-install.sh: Authorize all project build farms at once.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* etc/guix-install.sh (sys_authorize_build_farms):
Iterate over all hosts.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
---
 etc/guix-install.sh | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index 6bef21bb7e..fb9006b3e2 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -492,14 +492,22 @@  sys_enable_guix_daemon()
 }
 
 sys_authorize_build_farms()
-{ # authorize the public key of the build farm
+{ # authorize the public key(s) of the build farm(s)
+    local hosts=(
+	ci.guix.gnu.org
+	bordeaux.guix.gnu.org
+    )
+
     if prompt_yes_no "Permit downloading pre-built package binaries from the \
-project's build farm?"; then
-        guix archive --authorize \
-             < ~root/.config/guix/current/share/guix/ci.guix.gnu.org.pub \
-            && _msg "${PAS}Authorized public key for ci.guix.gnu.org"
-        else
-            _msg "${INF}Skipped authorizing build farm public keys"
+project's build farms?"; then
+	for host in "${hosts[@]}"; do
+	    local key=~root/.config/guix/current/share/guix/$host.pub
+	    [ -f "$key" ] \
+		&& guix archive --authorize < "$key" \
+		&& _msg "${PAS}Authorized public key for $host"
+	done
+    else
+        _msg "${INF}Skipped authorizing build farm public keys"
     fi
 }
 
-- 
2.38.1