Better diagnostics if no valid signature found

I downloaded Nix tonight, and immediately broke it by accidentally removing the default binary caching. After figuring this out, I also failed to fix it properly, due to using the wrong key for Nix's default binary cache If the diagnostic message would have been clearer about what/where a "signature" for a "substituter" is + comes from, it probably would have saved me a few hours. Maybe we can save other noobs the same pain?
author: Gavin Ray <ray.gavin97@gmail.com> 2021-12-08 19:55:34 -0500
committer: GitHub <noreply@github.com> 2021-12-08 19:55:34 -0500
commit: 971382cab0c8ee057706e3dd4a124252d6b3547d (patch)
tree: afacf82e13d04c3f26098b1229a2417a1577f8a7 /src/libstore/build/substitution-goal.cc
parent: 75654bacc571bf4c193599ecd68f7c94d63994e7 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc
index 29a8cfb87..4c3701b27 100644
--- a/src/libstore/build/substitution-goal.cc
+++ b/src/libstore/build/substitution-goal.cc
@@ -140,6 +140,8 @@ void PathSubstitutionGoal::tryNext()
     {
         warn("substituter '%s' does not have a valid signature for path '%s'",
             sub->getUri(), worker.store.printStorePath(storePath));
+        warn("verify that your nix.conf contains a correct signature in 'trusted-public-keys' for %s",
+            sub->getUri());
         tryNext();
         return;
     }
author	Gavin Ray <ray.gavin97@gmail.com>	2021-12-08 19:55:34 -0500
committer	GitHub <noreply@github.com>	2021-12-08 19:55:34 -0500
commit	971382cab0c8ee057706e3dd4a124252d6b3547d (patch)
tree	afacf82e13d04c3f26098b1229a2417a1577f8a7 /src/libstore/build/substitution-goal.cc
parent	75654bacc571bf4c193599ecd68f7c94d63994e7 (diff)