Instead of relying on current uid/gid who run sudo ./genimg, use sudo
inside chroot. This fixes when not running genimg under sudo, or who run
sudo is different from build:build in new rootfs.
Instead of relying on pacman keyring on bootstrap host, generate a new
one. This prevents unexpected trust in keyring when bootstrap host have
additional keys configured.
static-networking-service is deprecated in guix. It is recommended to
use static-networking-service-type with a list of static-networking
records, one for each interface. base services has one defined for
localhost already. We extend that with %qemu-static-networking.
Fixes: https://todo.sr.ht/~dhruvin/builds.sr.ht-guix/8
Create a new generate.go file which imports github.com/99designs/gqlgen.
This fixes this kind of error because go mod now knows about the
dependency:
/home/simon/go/pkg/mod/github.com/99designs/gqlgen@v0.13.0/cmd/gen.go:9:2: missing go.sum entry for module providing package github.com/urfave/cli/v2 (imported by github.com/99designs/gqlgen/cmd); to add:
go get github.com/99designs/gqlgen/cmd@v0.13.0
/home/simon/go/pkg/mod/github.com/99designs/gqlgen@v0.13.0/internal/imports/prune.go:15:2: missing go.sum entry for module providing package golang.org/x/tools/go/ast/astutil (imported by github.com/99designs/gqlgen/internal/imports); to add:
go get github.com/99designs/gqlgen/internal/imports@v0.13.0
/home/simon/go/pkg/mod/github.com/99designs/gqlgen@v0.13.0/internal/code/packages.go:8:2: missing go.sum entry for module providing package golang.org/x/tools/go/packages (imported by github.com/99designs/gqlgen/internal/code); to add:
go get github.com/99designs/gqlgen/internal/code@v0.13.0
/home/simon/go/pkg/mod/github.com/99designs/gqlgen@v0.13.0/internal/imports/prune.go:16:2: missing go.sum entry for module providing package golang.org/x/tools/imports (imported by github.com/99designs/gqlgen/internal/imports); to add:
go get github.com/99designs/gqlgen/internal/imports@v0.13.0
graph/resolver.go:7: running "go": exit status 1
missing go.sum entry for module providing package github.com/vektah/dataloaden; to add:
go mod download github.com/vektah/dataloaden
loaders/middleware.go:3: running "./gen": exit status 1
This *looks* like an XSS vulnerability, but shouldn't be, because we
only show SVGs in <img> tags which are protected from XSS even when
served from the same domain.
However, it's still wrong, so let's fix the bug.
We now will build the latest guix if the CI doesn't have substitutes
available. This will ensure the builds are strictly up to date.
This will prevent CI from making guix downgrade.
Fixes: https://todo.sr.ht/~dhruvin/builds.sr.ht-guix/6
If the GraphQL query only fetches the fullURL and not the
last128KiB, don't make an extra HTTP request.
This allows the user to fetch logs on its own, see e.g. [1].
[1]: ac5cc211e2