summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-06-16 15:33:57 +0200
committerLudovic Courtès <ludo@gnu.org>2020-06-16 16:10:47 +0200
commit838ac881ec98cb71d4a4e4b20773573f99ecbf25 (patch)
treebf5b3c47c0dff0d6f7c9bd2892e710d3dd456ad0
parenta9eeeaa6aeeafb817df3aad22a4b85205ac3ec13 (diff)
time-machine: Add '--disable-authentication'.
* guix/inferior.scm (cached-channel-instance): Add #:authenticate? and pass it to 'latest-channel-instances'. * guix/scripts/time-machine.scm (show-help, %options): Add '--disable-authentication'. (%default-options): Add 'authenticate-channels?'. (guix-time-machine): Honor it.
-rw-r--r--guix/inferior.scm9
-rw-r--r--guix/scripts/time-machine.scm15
2 files changed, 19 insertions, 5 deletions
diff --git a/guix/inferior.scm b/guix/inferior.scm
index c9a5ee5129..d347754bbc 100644
--- a/guix/inferior.scm
+++ b/guix/inferior.scm
@@ -687,13 +687,16 @@ failing when GUIX is too old and lacks the 'guix repl' command."
(define* (cached-channel-instance store
channels
#:key
+ (authenticate? #t)
(cache-directory (%inferior-cache-directory))
(ttl (* 3600 24 30)))
"Return a directory containing a guix filetree defined by CHANNELS, a list of channels.
The directory is a subdirectory of CACHE-DIRECTORY, where entries can be reclaimed after TTL seconds.
-This procedure opens a new connection to the build daemon."
+This procedure opens a new connection to the build daemon. AUTHENTICATE?
+determines whether CHANNELS are authenticated."
(define instances
- (latest-channel-instances store channels))
+ (latest-channel-instances store channels
+ #:authenticate? authenticate?))
(define key
(bytevector->base32-string
@@ -732,6 +735,8 @@ This procedure opens a new connection to the build daemon."
(mbegin %store-monad
(show-what-to-build* (list profile))
(built-derivations (list profile))
+ ;; Note: Caching is fine even when AUTHENTICATE? is false because
+ ;; we always call 'latest-channel-instances?'.
(symlink* (derivation->output-path profile) cached)
(add-indirect-root* cached)
(return cached))))))
diff --git a/guix/scripts/time-machine.scm b/guix/scripts/time-machine.scm
index 1e800e160f..f9bcec651a 100644
--- a/guix/scripts/time-machine.scm
+++ b/guix/scripts/time-machine.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019 Konrad Hinsen <konrad.hinsen@fastmail.net>
-;;; Copyright © 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -55,6 +55,9 @@ Execute COMMAND ARGS... in an older version of Guix.\n"))
--commit=COMMIT use the specified COMMIT"))
(display (G_ "
--branch=BRANCH use the tip of the specified BRANCH"))
+ (display (G_ "
+ --disable-authentication
+ disable channel authentication"))
(newline)
(show-build-options-help)
(newline)
@@ -80,6 +83,9 @@ Execute COMMAND ARGS... in an older version of Guix.\n"))
(option '("branch") #t #f
(lambda (opt name arg result)
(alist-cons 'ref `(branch . ,arg) result)))
+ (option '("disable-authentication") #f #f
+ (lambda (opt name arg result)
+ (alist-cons 'authenticate-channels? #f result)))
(option '(#\h "help") #f #f
(lambda args
(show-help)
@@ -98,6 +104,7 @@ Execute COMMAND ARGS... in an older version of Guix.\n"))
(print-build-trace? . #t)
(print-extended-build-trace? . #t)
(multiplexed-build-output? . #t)
+ (authenticate-channels? . #t)
(graft? . #t)
(debug . 0)
(verbosity . 1)))
@@ -124,12 +131,14 @@ Execute COMMAND ARGS... in an older version of Guix.\n"))
(with-git-error-handling
(let* ((opts (parse-args args))
(channels (channel-list opts))
- (command-line (assoc-ref opts 'exec)))
+ (command-line (assoc-ref opts 'exec))
+ (authenticate? (assoc-ref opts 'authenticate-channels?)))
(when command-line
(let* ((directory
(with-store store
(with-status-verbosity (assoc-ref opts 'verbosity)
(set-build-options-from-command-line store opts)
- (cached-channel-instance store channels))))
+ (cached-channel-instance store channels
+ #:authenticate? authenticate?))))
(executable (string-append directory "/bin/guix")))
(apply execl (cons* executable executable command-line))))))))