guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#45104] pull: Add a "with-substitutes" option.

From: Mathieu Othacehe
Subject: [bug#45104] pull: Add a "with-substitutes" option.
Date: Tue, 15 Dec 2020 11:24:55 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) 
Hey Chris and Ludo,

> Agreed on these points.

Yes I think you are definitely right on that point.

>                                 (and (evaluation-complete? evaluation)
>                                      (string=? "guix-modular-master"
>                                                (evaluation-spec
>                                                 evaluation))))

On Berlin, evaluations can be completed for days, but the associated
builds never started. I think that searching directly for a completed
build provides a stronger guarantee of available substitutes.

> ;; Pull the latest commit fully built on berlin.guixsd.org.
> (list (channel
>        (name 'guix)
>        (url "https://git.savannah.gnu.org/git/guix.git";)
>        (commit (pk 'commit (latest-commit-successfully-built)))))

Providing such a procedure definitely makes sense though.

>   (channel-with-substitutes-available
>     (channel (name 'guix) …)
>     "https://ci.guix.gnu.org";
>     (specifications->manifest '("emacs" "guile")))

Yes it would be the ultimate thing! However, while finding the latest
commit with an available substitute for a derivation is quite easy,
finding a commit with available derivations for N derivations seems way
more difficult.

> It does mean that we’re asking users to do extra work.  Perhaps there
> could still be a command-line option that would call
> ‘channel-with-substitutes-available’ for you, but at least it would take
> an explicit URL and clarify what Chris mentioned?

Yes, the user would then have to provide the channels that need
available substitutes, the URL to use for the substitution check and
maybe a manifest that also needs available substitutes.

The channels list could default to '("guix") and the URL to
"https://ci.guix.gnu.org"; as it would be a sensible default for most
Guix users I think.

> BTW, doing all this is safer today because ‘guix pull’ will detect and
> prevent downgrades.  Though an attacker who manages to break into
> ci.guix.gnu.org could cause all the users of
> ‘channel-with-substitutes-available’ to no longer receive updates or to
> receive them more slowly than they appear in Git simply by making CI
> even slower than it currently is.

Yes, the downgrade check definitely helps here, as it's often what will
happen with our lagging CI. Regarding the security aspect, I think that
breaking into ci.guix.gnu.org can have other way more impacting
consequences.

Thanks,

Mathieu
reply via email to
[Prev in Thread] Current Thread [Next in Thread]