Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No decider configured for protocol '5138a791-8d00-4182-96bc-f1f2688cdde2' (nix) #39

Open
davidak opened this issue May 8, 2022 · 0 comments
Open

No decider configured for protocol '5138a791-8d00-4182-96bc-f1f2688cdde2' (nix) #39

davidak opened this issue May 8, 2022 · 0 comments

Comments

@davidak
Copy link
Contributor

davidak commented May 8, 2022
edited

Describe the bug

Submit key and value:

[davidak@gaming:~]$ sudo /nix/store/sql7z5xkbmydnqinyp3brpp3m76vj13p-trustix-dev/bin/trustix --address unix:///run/trustix-daemon.socket --log-id ***** submit --key "bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d" --value "28899cec2bd12feeabb5d82a3b1eafd23221798ac30a20f449144015746e2321"
DEBU[0000] Dialing remote                                address="unix:///run/trustix-daemon.socket"
DEBU[0000] Submitting mapping                            key=bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d value=28899cec2bd12feeabb5d82a3b1eafd23221798ac30a20f449144015746e2321
OK

Flush

[davidak@gaming:~]$ sudo /nix/store/sql7z5xkbmydnqinyp3brpp3m76vj13p-trustix-dev/bin/trustix --address unix:///run/trustix-daemon.socket --log-id ***** flush
DEBU[0000] Dialing remote                                address="unix:///run/trustix-daemon.socket"

Query key:

[davidak@gaming:~]$ sudo /nix/store/sql7z5xkbmydnqinyp3brpp3m76vj13p-trustix-dev/bin/trustix --address unix:///run/trustix-daemon.socket --log-id ccbfc3d79bc7c05ebb0655fb62e694ab3a69ae55ed16a86faede15f2b8b1e190 query --key "bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d"
DEBU[0000] Dialing remote                                address="unix:///run/trustix-daemon.socket"
DEBU[0000] Requesting log head                          
DEBU[0000] Requesting output mapping for                 key=bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d
Output digest: 5768f7201db3dccf3ec8c5ec2be5108c411396ad8c1351d89294f515456cdc23

Try decide:

[davidak@gaming:~]$ sudo /nix/store/sql7z5xkbmydnqinyp3brpp3m76vj13p-trustix-dev/bin/trustix --address unix:///run/trustix-daemon.socket decide --protocol nix --key bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d
DEBU[0000] Dialing remote                                address="unix:///run/trustix-daemon.socket"
DEBU[0000] Requesting output mappings for                key=bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d
FATA[0000] could not decide: rpc error: code = Unknown desc = No decider configured for protocol '5138a791-8d00-4182-96bc-f1f2688cdde2'

journalctl -u trustix.service -f

May 09 00:49:41 gaming trustix[652959]: time="2022-05-09T00:49:41+02:00" level=debug msg="Checking peer credential for socket"
May 09 00:49:41 gaming trustix[652959]: time="2022-05-09T00:49:41+02:00" level=info msg="Received Decide request" key=bc63f28a4e8dda15107f687e6c3a8848492e89e3bc7726a56a0f1ee68dd9350d

To Reproduce

Needs #38.

  services.trustix = {
    enable = true;

    signers.davidak = {
      type = "ed25519";
      ed25519 = {
        private-key-path = "/var/trustix/keys/private";
      };
    };

    publishers = [
      {
        signer = "davidak";
        protocol = "nix";
        publicKey = {
          type = "ed25519";
          key = "*****";
        };
      }
    ];

    subscribers = [
      {
        protocol = "nix";
        publicKey = {
          type = "ed25519";
          key = "*****";
        };
      }
    ];

    deciders.nix = {
      engine = "percentage";
      #percentage.minimum = 66;
      percentage.minimum = 0;
    };

    # A remote can expose many logs and they are not neccesarily created by the remote in question
    remotes = [
      #"grpc+http://127.0.0.1"
      #"https://cache.nixos.org"
      "unix:///run/trustix-daemon.socket"
    ];

  };

  # Push local builds via the post-build hook
  services.trustix-nix-build-hook = {
    enable = true;
    logID = "*****";
  };

  # Enable the local binary cache server
  services.trustix-nix-cache = {
    enable = true;
    private-key = "/var/trustix/keys/cache-private-key.pem";
    listen = "0.0.0.0";
    port = 9001;
    openFirewall = true;
  };

  # Configure Nix to use it
  nix = {
    binaryCaches = [
      "http://127.0.0.1:9001"
    ];
    binaryCachePublicKeys = [
      "binarycache.example.com:*****"
    ];
  };

Expected behavior

decide should work according to the configuration.

i had write the config differently than the documentation says to avoid errors. this is the only way i found works without errors

Environment

  • OS name + version: NixOS 22.05pre375061.c777cdf5c56
  • Version of the code: 7ed5270

Additional context
Add any other context about the problem here.
@davidak davidak changed the title error: path '/nix/store/hkgpl034l6c5zgzhks2dyp7p41z6qyc4-hello-2.12' is not a valid store path No decider configured for protocol '5138a791-8d00-4182-96bc-f1f2688cdde2' May 8, 2022
@davidak davidak changed the title No decider configured for protocol '5138a791-8d00-4182-96bc-f1f2688cdde2' No decider configured for protocol '5138a791-8d00-4182-96bc-f1f2688cdde2' (nix) May 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@davidak