Annoying behaviour of the GPG signature verification pre-push hook

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Annoying behaviour of the GPG signature verification pre-push hook

From:	Leo Famulari
Subject:	Annoying behaviour of the GPG signature verification pre-push hook
Date:	Tue, 27 Mar 2018 17:39:23 -0400
User-agent:	Mutt/1.9.3 (2018-01-21)

In HACKING, we recommend Guix committers install a pre-push hook to
verify their GPG signatures before pushing to Savannah. [0] This is
intended to catch mistakes only.

This generally works, and I tend to forget I'm using it for months at a
time :)

There is one case where the hook is annoying: pushing a new branch.

In this case, Git tries to verify a very large number of commit
signatures. This takes a long time and is bound to fail due to
signatures made with keys that have since expired. [1] You have to
disable the hook temporarily in order to push new branches to our Git
repo.

So, you end up waiting for several minutes for something that is
definitely not going to work.

We discussed this on #guix today [2]. Salient points:

* This annoying behaviour requires users to disable the hook, and they
might forget to re-enable it. That is bad.

* This behaviour forces users to think about signatures, and they might
double-check things by hand after disabling the hook, which is better
than nothing.

* The hook could simply print a warning and allow the new branch to be
pushed, which would avoid the annoying behaviour. But, BAD signatures
have made it into our repo, and they may have been caught by manual
verification.

* Pushing a new branch happens very rarely, so maybe this annoying
behaviour doesn't matter. We could reduce the range of commits to start
at the last release to make it fail more quickly.

* Maybe HACKING should suggest symlinking the hook instead of copying it,
so we could deploy changes to it automatically.

Thoughts? Personally, I'm inclined to leave it as is, perhaps reducing
the range and changing HACKING to suggest a symlink instead of a copy.

[0]
https://git.savannah.gnu.org/cgit/guix.git/tree/HACKING?id=75176f1b94903b592f5b1eb5a1b856c5ec761276#n50
https://git.savannah.gnu.org/cgit/guix.git/tree/etc/git/pre-push?id=75176f1b94903b592f5b1eb5a1b856c5ec761276

[1] This shouldn't count as a failure, in my opinion, but it does.

[2]
https://gnunet.org/bot/log/guix/2018-03-27#T1661747

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Annoying behaviour of the GPG signature verification pre-push hook, Leo Famulari <=

Prev by Date: Re: [orchestration] AWS public cloud images
Next by Date: Re: [orchestration] AWS public cloud images
Previous by thread: Re: Guix orchestration notes
Next by thread: [ANN] "Practical, verifiable software freedom with GuixSD" presentation now available
Index(es):
- Date
- Thread