bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#71153: [PATCH] gnu: Validate substitute URLs for guix service.

From: Antero Mejr
Subject: bug#71153: [PATCH] gnu: Validate substitute URLs for guix service.
Date: Thu, 23 May 2024 22:33:42 +0000 
* gnu/services/base.scm (guix-service-type): Validate `substitute-urls' field.

Change-Id: I11ed74304ab02ae550db5479be9f02601857f294
---
If you forget to write "https://"; when specifying a substitute URL in
guix-configuration, the system will end up in a bad state where any
`guix pull` or `guix reconfigure` operation immediately fail. It's
difficult to fix, so validate the field to avoid the problem.

 gnu/services/base.scm | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 85160bd3ab..da26b86c83 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -99,6 +99,7 @@ (define-module (gnu services base)
   #:use-module (srfi srfi-35)
   #:use-module (ice-9 match)
   #:use-module (ice-9 format)
+  #:use-module (web uri)
   #:re-export (user-processes-service-type        ;backwards compatibility
                %default-substitute-urls)
   #:export (fstab-service-type
@@ -2075,6 +2076,11 @@ (define (guix-extension-merge a b)
    (chroot-directories (append (guix-extension-chroot-directories a)
                                (guix-extension-chroot-directories b)))))
 
+(define (validate-substitute-url url-str)
+  (if (string->uri url-str)
+      url-str
+      (error "Not a valid substitute URL: " url-str)))
+
 (define guix-service-type
   (service-type
    (name 'guix)
@@ -2093,8 +2099,10 @@ (define guix-service-type
               (inherit config)
               (authorized-keys (append (guix-extension-authorized-keys 
extension)
                                        (guix-configuration-authorized-keys 
config)))
-              (substitute-urls (append (guix-extension-substitute-urls 
extension)
-                                       (guix-configuration-substitute-urls 
config)))
+              (substitute-urls
+               (map validate-substitute-url
+                    (append (guix-extension-substitute-urls extension)
+                            (guix-configuration-substitute-urls config))))
               (build-machines
                (and (or (guix-configuration-build-machines config)
                         (pair? (guix-extension-build-machines extension)))

base-commit: 9901416233867233192b63fde7f616751127b189
-- 
2.41.0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]