import: Gracefully report import failures.

Previously, something like 'guix import gnu which' would spit out a
backtrace if, say, the 'which' tarball could not be authenticated.

* guix/upstream.scm (download-tarball): Mention failure modes in
docstring.
* guix/import/gnu.scm (gnu-package->sexp): Return #f when
'download-tarball' returns #f.
* guix/scripts/import.scm (guix-import): Call 'leave' when IMPORTER does
not return a (package ...) sexp.

guix/import/gnu.scm

@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -55,8 +55,8 @@
 (define* (gnu-package->sexp package release
                             #:key (key-download 'interactive))
   "Return the 'package' sexp for the RELEASE (a <gnu-release>) of PACKAGE (a
-<gnu-package>).  Use KEY-DOWNLOAD as the OpenPGP key download policy (see
+<gnu-package>), or #f upon failure.  Use KEY-DOWNLOAD as the OpenPGP key
-'download-tarball' for details.)"
+download policy (see 'download-tarball' for details.)"
   (define name
     (gnu-package-name package))
 
@@ -79,9 +79,10 @@
     (find (cute string-suffix? (string-append archive-type ".sig") <>)
           (upstream-source-signature-urls release)))
 
-  (let ((tarball (with-store store
+  (with-store store
-                   (download-tarball store url sig-url
+    (match (download-tarball store url sig-url
-                                     #:key-download key-download))))
+                             #:key-download key-download)
+      ((? string? tarball)
        `(package
           (name ,name)
           (version ,(upstream-source-version release))
@@ -91,13 +92,16 @@
                                         ,(string-append ".tar." archive-type)))
                     (sha256
                      (base32
-                   ,(bytevector->nix-base32-string (file-sha256 tarball))))))
+                      ,(bytevector->nix-base32-string
+                        (file-sha256 tarball))))))
           (build-system gnu-build-system)
           (synopsis ,(gnu-package-doc-summary package))
           (description ,(gnu-package-doc-description package))
           (home-page ,(match (gnu-package-doc-urls package)
                         ((head . tail) (qualified-url head))))
-       (license find-by-yourself!))))
+          (license find-by-yourself!)))
+      (#f                     ;failure to download or authenticate the tarball
+       #f))))
 
 (define* (gnu->guix-package name
                             #:key (key-download 'interactive))

guix/scripts/import.scm

@@ -107,6 +107,10 @@ Run IMPORTER with ARGS.\n"))
      (show-version-and-exit "guix import"))
     ((importer args ...)
      (if (member importer importers)
-         (let ((expr (apply (resolve-importer importer) args)))
+         (match (apply (resolve-importer importer) args)
-           (pretty-print expr (newline-rewriting-port (current-output-port))))
+           ((and expr ('package _ ...))
+            (pretty-print expr (newline-rewriting-port
+                                (current-output-port))))
+           (x
+            (leave (_ "'~a' import failed~%") importer)))
          (leave (_ "~a: invalid importer~%") importer)))))

guix/upstream.scm

@@ -143,8 +143,9 @@ no update is needed or known."
                            #:key (key-download 'interactive))
   "Download the tarball at URL to the store; check its OpenPGP signature at
 SIGNATURE-URL, unless SIGNATURE-URL is false.  On success, return the tarball
-file name.  KEY-DOWNLOAD specifies a download policy for missing OpenPGP keys;
+file name; return #f on failure (network failure or authentication failure).
-allowed values: 'interactive' (default), 'always', and 'never'."
+KEY-DOWNLOAD specifies a download policy for missing OpenPGP keys; allowed
+values: 'interactive' (default), 'always', and 'never'."
   (let ((tarball (download-to-store store url)))
     (if (not signature-url)
         tarball