maint: Suggest ‘guix git authenticate’ for initial authentication.

The previous recommendation, running ‘make authenticate’, was insecure
because it led users to run code from the very repository they want to
authenticate:

  https://lists.gnu.org/archive/html/guix-devel/2024-04/msg00252.html

* Makefile.am (commit_v1_0_0, channel_intro_commit)
(channel_intro_signer, GUIX_GIT_KEYRING, authenticate): Remove.
* Makefile.am (.git/hooks/%): New target, generalization of previous
‘.git/hooks/pre-push’ target.
(nodist_noinst_DATA): Add ‘.git/hooks/post-merge’.
* doc/contributing.texi (Building from Git): Suggest ‘guix git
authenticate’ instead of ‘make authenticate’.
* etc/git/post-merge: New file.
* etc/git/pre-push: Run ‘guix git authenticate’ instead of ‘make
authenticate’.

Reviewed-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Reported-by: Skyler Ferris <skyvine@protonmail.com>
Change-Id: Ia415aa8375013d0dd095e891116f6ce841d93efd

2 files changed, 6 insertions, 1 deletions

diff --git a/etc/git/post-merge b/etc/git/post-merge
new file mode 100755
index 0000000000..f2ad37d35c
--- /dev/null
+++ b/etc/git/post-merge
@@ -0,0 +1,3 @@
+#!/bin/sh
+# Authenticate the repo upon 'git pull' and similar.
+exec guix git authenticate
diff --git a/etc/git/pre-push b/etc/git/pre-push
index 59671b0d58..325b23854b 100755
--- a/etc/git/pre-push
+++ b/etc/git/pre-push
@@ -32,7 +32,9 @@ do
 		# Only use the hook when pushing to Savannah.
 		case "$2" in
 		    *.gnu.org*)
-			exec make authenticate check-channel-news
+			set -e
+			make check-channel-news
+			exec guix git authenticate
 			exit 127
 			;;
 		    *)