Hi Felix and 45mg,
I came up with a quick dirty hack for solving my authentication problems on guix
forks and channel forks, and upon seeing this discussion I thought I'd share
some bits.
It's a very simple trick, only requires (roughly) 3 lines of code in
'guix/git-authenticate.scm'.
See [1] for the diff (in the guix-hacks branch), just search for the 'init auth
hack' commit (I rebase it all the time so its better if you search for the
commit as any links will get broken soon).
If you don't want to, it goes something like this:
------
...
(unless (or (member (openpgp-public-key-fingerprint signing-key)
(commit-authorized-keys repository commit
default-authorizations))
(member (openpgp-format-fingerprint
(openpgp-public-key-fingerprint signing-key))
'("XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX")))
...
------
After I add my fingerprint to the 'or' condition, I also add my public key to
the 'keyring' branch of the fork [2].
After that we need to bootstrap it once with '--disable-authentication', and
after bootstrapping it once you can freely rebase with only '--allow-downgrades'
(or don't rebase at all, your call) and enjoy full authentication on your fork.
No need to mess with introductory commits, you can just keep guix' default one.
No need to edit '.guix-authorizations'.
It also works for authenticated channel forks, you just need to add your key to
the 'keyring' branch of the channel fork and it will work.
Just sharing this quick hack I use, its far from ideal but it works for me, and
seeing this discussion I thought it might be useful for someone in the meantime
:)
Best regards,
Murilo
[1] https://codeberg.org/look/guix/commits/branch/guix-hacks
[2]
https://codeberg.org/look/guix/commit/8e2902aabb14e93864920bac51a178aeedf8a563
