Better diagnostics if no valid signature found

I downloaded Nix tonight, and immediately broke it by accidentally removing the default binary caching.
After figuring this out, I also failed to fix it properly, due to using the wrong key for Nix's default binary cache

If the diagnostic message would have been clearer about what/where a "signature" for a "substituter" is + comes from, it probably would have saved me a few hours.
Maybe we can save other noobs the same pain?
This commit is contained in:
Gavin Ray 2021-12-08 19:55:34 -05:00 committed by GitHub
parent 75654bacc5
commit 971382cab0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -140,6 +140,8 @@ void PathSubstitutionGoal::tryNext()
{ {
warn("substituter '%s' does not have a valid signature for path '%s'", warn("substituter '%s' does not have a valid signature for path '%s'",
sub->getUri(), worker.store.printStorePath(storePath)); sub->getUri(), worker.store.printStorePath(storePath));
warn("verify that your nix.conf contains a correct signature in 'trusted-public-keys' for %s",
sub->getUri());
tryNext(); tryNext();
return; return;
} }