channels: Error out when the 'guix' channel lacks an introduction.

* guix/channels.scm (latest-channel-instance): Raise an error instead of
warning when 'guix is unauthenticated.
* tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"):
New test.
This commit is contained in:
Ludovic Courtès 2020-06-24 14:53:08 +02:00
parent 0a8dd8aae5
commit ead5c46147
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
2 changed files with 31 additions and 3 deletions

View file

@ -406,9 +406,16 @@ (define (dot-git? file stat)
;; TODO: Warn for all the channels once the authentication interface
;; is public.
(when (guix-channel? channel)
(warning (G_ "channel '~a' lacks an introduction and \
cannot be authenticated~%")
(raise (condition
(&message
(message (format #f (G_ "channel '~a' lacks an \
introduction and cannot be authenticated~%")
(channel-name channel))))
(&fix-hint
(hint (G_ "Add the missing introduction to your
channels file to address the issue. Alternatively, you can pass
@option{--disable-authentication}, at the risk of running unauthenticated and
thus potentially malicious code.")))))))
(warning (G_ "channel authentication disabled~%")))
(when (guix-channel? channel)

View file

@ -402,6 +402,27 @@ (define (find-commit* message)
(channel-news-for-commit channel commit5 commit1))
'(#f "tag-for-first-news-entry")))))))
(unless (which (git-command)) (test-skip 1))
(test-assert "latest-channel-instances, missing introduction for 'guix'"
(with-temporary-git-repository directory
'((add "a.txt" "A")
(commit "first commit")
(add "b.scm" "#t")
(commit "second commit"))
(with-repository directory repository
(let* ((commit1 (find-commit repository "first"))
(commit2 (find-commit repository "second"))
(channel (channel (url (string-append "file://" directory))
(name 'guix))))
(guard (c ((message-condition? c)
(->bool (string-contains (condition-message c)
"introduction"))))
(with-store store
;; Attempt a downgrade from NEW to OLD.
(latest-channel-instances store (list channel))
#f))))))
(unless (gpg+git-available?) (test-skip 1))
(test-equal "authenticate-channel, wrong first commit signer"
#t