channels: Error out when the 'guix' channel lacks an introduction.

* guix/channels.scm (latest-channel-instance): Raise an error instead of warning when 'guix is unauthenticated. * tests/channels.scm ("latest-channel-instances, missing introduction for 'guix'"): New test.
2020-06-24 14:53:08 +02:00 · 2020-06-24 14:53:08 +02:00 · ead5c46147
commit ead5c46147
parent 0a8dd8aae5
2 changed files with 31 additions and 3 deletions
--- a/guix/channels.scm
+++ b/guix/channels.scm
@ -406,9 +406,16 @@ their relation.  When AUTHENTICATE? is false, CHANNEL is not authenticated."
            ;; TODO: Warn for all the channels once the authentication interface
            ;; is public.
            (when (guix-channel? channel)
-              (warning (G_ "channel '~a' lacks an introduction and \
-cannot be authenticated~%")
-                       (channel-name channel))))
+              (raise (condition
+                      (&message
+                       (message (format #f (G_ "channel '~a' lacks an \
+introduction and cannot be authenticated~%")
+                                        (channel-name channel))))
+                      (&fix-hint
+                       (hint (G_ "Add the missing introduction to your
+channels file to address the issue.  Alternatively, you can pass
+@option{--disable-authentication}, at the risk of running unauthenticated and
+thus potentially malicious code.")))))))
        (warning (G_ "channel authentication disabled~%")))

    (when (guix-channel? channel)
--- a/tests/channels.scm
+++ b/tests/channels.scm
@ -402,6 +402,27 @@
                         (channel-news-for-commit channel commit5 commit1))
                    '(#f "tag-for-first-news-entry")))))))

+(unless (which (git-command)) (test-skip 1))
+(test-assert "latest-channel-instances, missing introduction for 'guix'"
+  (with-temporary-git-repository directory
+      '((add "a.txt" "A")
+        (commit "first commit")
+        (add "b.scm" "#t")
+        (commit "second commit"))
+    (with-repository directory repository
+      (let* ((commit1 (find-commit repository "first"))
+             (commit2 (find-commit repository "second"))
+             (channel (channel (url (string-append "file://" directory))
+                               (name 'guix))))
+
+        (guard (c ((message-condition? c)
+                   (->bool (string-contains (condition-message c)
+                                            "introduction"))))
+          (with-store store
+            ;; Attempt a downgrade from NEW to OLD.
+            (latest-channel-instances store (list channel))
+            #f))))))
+
 (unless (gpg+git-available?) (test-skip 1))
 (test-equal "authenticate-channel, wrong first commit signer"
  #t