LocalStore: Keep track of ultimately trusted paths

These are content-addressed paths or outputs of locally performed builds. They are trusted even if they don't have signatures, so "nix verify-paths" won't complain about them.
2016-03-30 17:35:48 +02:00 · 2016-03-30 17:35:48 +02:00 · 9cee600c88
commit 9cee600c88
parent b86555aa2b
7 changed files with 51 additions and 12 deletions
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@ -2743,6 +2743,14 @@ void DerivationGoal::registerOutputs()
                    throw Error(format("derivation ‘%1%’ may not be deterministic: output ‘%2%’ differs")
                        % drvPath % path);
            }
+
+            /* Since we verified the build, it's now ultimately
+               trusted. */
+            if (!info.ultimate) {
+                info.ultimate = true;
+                worker.store.registerValidPaths({info});
+            }
+
            continue;
        }

@ -2799,6 +2807,7 @@ void DerivationGoal::registerOutputs()
        info.narSize = hash.second;
        info.references = references;
        info.deriver = drvPath;
+        info.ultimate = true;
        infos.push_back(info);
    }