summaryrefslogtreecommitdiff
path: root/guix/channels.scm
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-06-08 23:22:17 +0200
committerLudovic Courtès <ludo@gnu.org>2020-06-16 16:10:47 +0200
commita9eeeaa6aeeafb817df3aad22a4b85205ac3ec13 (patch)
tree3b95e57daa70ee60c750025d3eeb008b9d90cd11 /guix/channels.scm
parentc3f6f564e909ebefe752d24b325871a4e3a02d40 (diff)
pull: Add '--disable-authentication'.
* guix/channels.scm (latest-channel-instance): Add #:authenticate? and honor it. (latest-channel-instances): Likewise. * guix/scripts/pull.scm (%default-options): Add 'authenticate-channels?'. (show-help, %options): Add '--disable-authentication'. (guix-pull): Pass #:authenticate? to 'latest-channel-instances'. * doc/guix.texi (Invoking guix pull): Document it.
Diffstat (limited to 'guix/channels.scm')
-rw-r--r--guix/channels.scm25
1 files changed, 17 insertions, 8 deletions
diff --git a/guix/channels.scm b/guix/channels.scm
index a82bd340e2..5a83d83427 100644
--- a/guix/channels.scm
+++ b/guix/channels.scm
@@ -390,11 +390,12 @@ commits ~a to ~a (~h new commits)...~%")
(define* (latest-channel-instance store channel
#:key (patches %patches)
starting-commit
+ (authenticate? #f)
(validate-pull
ensure-forward-channel-update))
"Return the latest channel instance for CHANNEL. When STARTING-COMMIT is
true, call VALIDATE-PULL with CHANNEL, STARTING-COMMIT, the target commit, and
-their relation."
+their relation. When AUTHENTICATE? is false, CHANNEL is not authenticated."
(define (dot-git? file stat)
(and (string=? (basename file) ".git")
(eq? 'directory (stat:type stat))))
@@ -408,14 +409,16 @@ their relation."
(when relation
(validate-pull channel starting-commit commit relation))
- (if (channel-introduction channel)
- (authenticate-channel channel checkout commit)
- ;; TODO: Warn for all the channels once the authentication interface
- ;; is public.
- (when (guix-channel? channel)
- (warning (G_ "channel '~a' lacks an introduction and \
+ (if authenticate?
+ (if (channel-introduction channel)
+ (authenticate-channel channel checkout commit)
+ ;; TODO: Warn for all the channels once the authentication interface
+ ;; is public.
+ (when (guix-channel? channel)
+ (warning (G_ "channel '~a' lacks an introduction and \
cannot be authenticated~%")
- (channel-name channel))))
+ (channel-name channel))))
+ (warning (G_ "channel authentication disabled~%")))
(when (guix-channel? channel)
;; Apply the relevant subset of PATCHES directly in CHECKOUT. This is
@@ -463,11 +466,15 @@ allow non-forward updates."))))))))))
(define* (latest-channel-instances store channels
#:key
(current-channels '())
+ (authenticate? #t)
(validate-pull
ensure-forward-channel-update))
"Return a list of channel instances corresponding to the latest checkouts of
CHANNELS and the channels on which they depend.
+When AUTHENTICATE? is true, authenticate the subset of CHANNELS that has a
+\"channel introduction\".
+
CURRENT-CHANNELS is the list of currently used channels. It is compared
against the newly-fetched instances of CHANNELS, and VALIDATE-PULL is called
for each channel update and can choose to emit warnings or raise an error,
@@ -505,6 +512,8 @@ depending on the policy it implements."
(let* ((current (current-commit (channel-name channel)))
(instance
(latest-channel-instance store channel
+ #:authenticate?
+ authenticate?
#:validate-pull
validate-pull
#:starting-commit