build: Add GUIX_GIT_KEYRING variable for make authenticate.

* Makefile.am (GUIX_GIT_KEYRING): New variable.
(authenticate): Use GUIX_GIT_KEYRING to select the keyring branch
reference.
* doc/contributing.texi (Building from Git): Add an example about the
use of GUIX_GIT_KEYRING.
This commit is contained in:
Miguel Ángel Arruga Vivas 2020-10-24 14:35:09 +02:00
parent 31c894c652
commit ef6596a20c
No known key found for this signature in database
GPG Key ID: 634C6E8979FABEC2
2 changed files with 12 additions and 0 deletions

@ -666,9 +666,11 @@ channel_intro_commit = 9edb3f66fd807b096b48283debdcddccfea34bad
channel_intro_signer = BBB0 2DDF 2CEA F6A8 0D1D E643 A2A0 6DF2 A33A 54FA
# Authenticate the current Git checkout by checking signatures on every commit.
GUIX_GIT_KEYRING = origin/keyring
authenticate:
$(AM_V_at)echo "Authenticating Git checkout..." ; \
guix git authenticate \
--keyring=$(GUIX_GIT_KEYRING) \
--cache-key=channels/guix --stats \
"$(channel_intro_commit)" "$(channel_intro_signer)"

@ -140,6 +140,16 @@ make authenticate
The first run takes a couple of minutes, but subsequent runs are faster.
Or, when your configuration for your local Git repository doesn't match
the default one, you can provide the reference for the @code{keyring}
branch through the variable @code{GUIX_GIT_KEYRING}. The following
example assumes that you have a Git remote called @samp{myremote}
pointing to the official repository:
@example
make authenticate GUIX_GIT_KEYRING=myremote/keyring
@end example
@quotation Note
You are advised to run @command{make authenticate} after every
@command{git pull} invocation. This ensures you keep receiving valid