GNU bug report logs -
#31285
[PATCH 0/1] guix: Add git-fetch/impure.
Previous Next
Reported by: Chris Marusich <cmmarusich <at> gmail.com>
Date: Fri, 27 Apr 2018 08:16:02 UTC
Severity: normal
Tags: patch
Done: Chris Marusich <cmmarusich <at> gmail.com>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Hi Mark, Ludo, and David,
ludo <at> gnu.org (Ludovic Courtès) writes:
> Hello,
>
> Chris Marusich <cmmarusich <at> gmail.com> skribis:
>
>> You've both said that you would prefer not to add git-fetch/impure to
>> Guix. Can you help me to understand why you feel that way? I really
>> think it would be nice if Guix could fetch Git repositories over SSH
>> using public key authentication, so I'm hoping that we can talk about it
>> and figure out an acceptable way to implement it.
>
> One argument against it would be that it encourages people (or at least
> makes it very easy) to write origins that depend on external state, and
> thus may be non-reproducible by others, and that Guix itself should
> provide tools for writing reproducible build definitions.
The impurity bothers me, too. If you don't have the right SSH key
available or your SSH installation isn't configured in just the right
way, then an origin defined using git-fetch/impure won't work.
Could we eliminate the impurity by adding a feature to the guix-daemon
that allows an administrator (i.e., root) to configure an SSH key for
guix-daemon to use when fetching Git repositories over SSH? If it's
possible, I think that would be preferable. What do you think of that
idea?
Also, here's a new version of the patch, which fixes/improves some
random things I noticed.
--
Chris
[0001-guix-Add-git-fetch-impure.patch (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 4 years and 10 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.