From 8426524a2b36946887d12d16fa5cde670b404bb7 Mon Sep 17 00:00:00 2001 From: Sander Date: Tue, 9 Jan 2024 22:52:24 +0000 Subject: [PATCH] daemon: check for credentials early --- dist/main/index.js | 10 +++++++--- src/main.ts | 10 +++++++--- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/dist/main/index.js b/dist/main/index.js index 924900af..7153f76c 100644 --- a/dist/main/index.js +++ b/dist/main/index.js @@ -7816,14 +7816,18 @@ async function setup() { core.exportVariable('CACHIX_SIGNING_KEY', signingKey); } let supportsDaemonInterface = (cachixVersion) ? semver_1.default.gte(cachixVersion, '1.7.0') : false; - let supportsPostBuildHook = isTrustedUser(); + let supportsPostBuildHook = await isTrustedUser(); + let hasPushCredentials = signingKey !== "" || authToken !== ""; if (useDaemon && !supportsDaemonInterface) { core.warning(`Cachix Daemon is not supported by this version of Cachix (${cachixVersion}). Ignoring the 'useDaemon' option.`); } if (useDaemon && !supportsPostBuildHook) { core.warning("This user is not allowed to set the post-build-hook. Ignoring the 'useDaemon' option."); } - let supportsDaemon = supportsDaemonInterface && supportsPostBuildHook; + if (useDaemon && !hasPushCredentials) { + core.warning("No push credentials found. Ignoring the 'useDaemon' option."); + } + let supportsDaemon = supportsDaemonInterface && supportsPostBuildHook && hasPushCredentials; core.saveState('supportsDaemon', supportsDaemon); if (useDaemon && supportsDaemon) { const tmpdir = process.env['RUNNER_TEMP'] ?? os.tmpdir(); @@ -7902,7 +7906,7 @@ async function upload() { } } else { - core.info('Pushing is disabled as signingKey nor authToken are set (or are empty?) in your YAML file.'); + core.info('Pushing is disabled because neither signingKey nor authToken are set (or are empty?) in your YAML file.'); } } catch (error) { diff --git a/src/main.ts b/src/main.ts index 752be59d..cf651161 100644 --- a/src/main.ts +++ b/src/main.ts @@ -102,15 +102,19 @@ async function setup() { } let supportsDaemonInterface = (cachixVersion) ? semver.gte(cachixVersion, '1.7.0') : false; - let supportsPostBuildHook = isTrustedUser(); + let supportsPostBuildHook = await isTrustedUser(); + let hasPushCredentials = signingKey !== "" || authToken !== ""; if (useDaemon && !supportsDaemonInterface) { core.warning(`Cachix Daemon is not supported by this version of Cachix (${cachixVersion}). Ignoring the 'useDaemon' option.`) } if (useDaemon && !supportsPostBuildHook) { core.warning("This user is not allowed to set the post-build-hook. Ignoring the 'useDaemon' option."); } + if (useDaemon && !hasPushCredentials) { + core.warning("No push credentials found. Ignoring the 'useDaemon' option."); + } - let supportsDaemon = supportsDaemonInterface && supportsPostBuildHook; + let supportsDaemon = supportsDaemonInterface && supportsPostBuildHook && hasPushCredentials; core.saveState('supportsDaemon', supportsDaemon); if (useDaemon && supportsDaemon) { @@ -202,7 +206,7 @@ async function upload() { await exec.exec(`${__dirname}/push-paths.sh`, [cachixBin, cachixArgs, name, pathsToPush, pushFilter]); } } else { - core.info('Pushing is disabled as signingKey nor authToken are set (or are empty?) in your YAML file.'); + core.info('Pushing is disabled because neither signingKey nor authToken are set (or are empty?) in your YAML file.'); } } catch (error) { core.setFailed(`Action failed with error: ${error}`);