From: Christopher Baines <mail@cbaines.net>
Date: Sun, 28 Feb 2021 21:35:36 +0000 (+0000)
Subject: services: guix-build-coordinator: Add dynamic auth record.
X-Git-Url: http://git.hcoop.net/jackhill/guix/guix.git/commitdiff_plain/8a7b4ce0936f456ebd57ea13ec64336d7cd51678

services: guix-build-coordinator: Add dynamic auth record.

* gnu/services/guix.scm (guix-build-coordinator-agent-dynamic-auth,
guix-build-coordinator-agent-dynamic-auth?,
guix-build-coordinator-agent-dynamic-auth-agent-name,
guix-build-coordinator-agent-dynamic-auth-token): New procedures.
(guix-build-coordinator-agent-shepherd-services): Handle new dynamic auth
record.
* doc/guix.texi (Guix Build Coordinator): Document the new dynamic auth
record.
---

diff --git a/doc/guix.texi b/doc/guix.texi
index b75fce4dbc..e8fb346d73 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -31017,6 +31017,23 @@ coordinator.
 @end table
 @end deftp
 
+@deftp {Data Type} guix-build-coordinator-agent-dynamic-auth
+Data type representing an agent authenticating with a coordinator via a
+dyanmic auth token and agent name.
+
+@table @asis
+@item @code{agent-name}
+Name of an agent, this is used to match up to an existing entry in the
+database if there is one.  When no existing entry is found, a new entry
+is automatically added.
+
+@item @code{token}
+Dynamic auth token, this is created and stored in the coordinator
+database, and is used by the agent to authenticate.
+
+@end table
+@end deftp
+
 The Guix Build Coordinator package contains a script to query an
 instance of the Guix Data Service for derivations to build, and then
 submit builds for those derivations to the coordinator.  The service
diff --git a/gnu/services/guix.scm b/gnu/services/guix.scm
index b86e20360b..b0d2c05bcf 100644
--- a/gnu/services/guix.scm
+++ b/gnu/services/guix.scm
@@ -71,6 +71,11 @@
             guix-build-coordinator-agent-password-file-auth-uuid
             guix-build-coordinator-agent-password-file-auth-password-file
 
+            guix-build-coordinator-agent-dynamic-auth
+            guix-build-coordinator-agent-dynamic-auth?
+            guix-build-coordinator-agent-dynamic-auth-agent-name
+            guix-build-coordinator-agent-dynamic-auth-token
+
             guix-build-coordinator-agent-service-type
 
             guix-build-coordinator-queue-builds-configuration
@@ -168,6 +173,13 @@
   (password-file
    guix-build-coordinator-agent-password-file-auth-password-file))
 
+(define-record-type* <guix-build-coordinator-agent-dynamic-auth>
+  guix-build-coordinator-agent-dynamic-auth
+  make-guix-build-coordinator-agent-dynamic-auth
+  guix-build-coordinator-agent-dynamic-auth?
+  (agent-name          guix-build-coordinator-agent-dynamic-auth-agent-name)
+  (token               guix-build-coordinator-agent-dynamic-auth-token))
+
 (define-record-type* <guix-build-coordinator-queue-builds-configuration>
   guix-build-coordinator-queue-builds-configuration
   make-guix-build-coordinator-queue-builds-configuration
@@ -365,7 +377,11 @@
                                uuid password-file)
                             #~(#$(string-append "--uuid=" uuid)
                                #$(string-append "--password-file="
-                                                password-file))))
+                                                password-file)))
+                           (($ <guix-build-coordinator-agent-dynamic-auth>
+                               agent-name token)
+                            #~(#$(string-append "--name=" agent-name)
+                               #$(string-append "--dynamic-auth-token=" token))))
                       #$(simple-format #f "--max-parallel-builds=~A"
                                        max-parallel-builds)
                       #$@(if derivation-substitute-urls