organist
organist copied to clipboard
Published
20 hours ago •
nickel-lang
nickel-lang
HaskellStack devshell fails to build on macOS with sandbox
HaskellStack devshell depends on many paths which triggers this failure on macOS with sandbox:
trace: warning: Lockfile contents are outdated. Please run "nix run .#regenerate-lockfile" to update them.
shell-env> sandbox-exec: pattern serialization length 67255 exceeds maximum (65535)
error: builder for '/nix/store/4vlmff67wdm337d3ldw3rn2cx4nrqjpn-shell-env.drv' failed with exit code 65;
last 1 log lines:
> sandbox-exec: pattern serialization length 67255 exceeds maximum (65535)
For full logs, run 'nix-store -l /nix/store/4vlmff67wdm337d3ldw3rn2cx4nrqjpn-shell-env.drv'.
Full log from `nix run .\#run-test -- template HaskellStack`
% nix run .\#run-test -- template HaskellStack ~/workspaces/nixel/nickel-nix
+ pushd_temp
++ mktemp -d
+ WORKDIR=/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3
+ trap clean EXIT
+ pushd /var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3
/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3 ~/workspaces/nixel/nickel-nix
+ nix flake new --template path:/Users/tweag/workspaces/nixel/nickel-nix example --accept-flake-config
wrote: /private/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3/example/nickel.lock.ncl
wrote: /private/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3/example/flake.nix
wrote: /private/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3/example/project.ncl
You have just created an Organist-powered development shell.
· Enter the environment with nix develop
· Tweak it by modifying project.ncl
Hint: To be able to leverage the Nickel language server for instant feedback on your configuration, run nix run .#regenerate-lockfile first.
+ pushd ./example
/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3/example /var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3 ~/workspaces/nixel/nickel-nix
+ sed -i 's/shells\.Bash/shells.HaskellStack/' project.ncl
+ prepare_shell
++ nix flake metadata --json --inputs-from path:/Users/tweag/workspaces/nixel/nickel-nix nixpkgs
++ nix eval --impure --raw --expr '(builtins.fromJSON (builtins.readFile "/dev/stdin")).path'
+ NIXPKGS_PATH=/nix/store/35dcag44a0ymww0vy0s4jjgxwpv9g62d-source
+ nix flake update --override-input organist path:/Users/tweag/workspaces/nixel/nickel-nix --override-input nixpkgs path:/nix/store/35dcag44a0ymww0vy0s4jjgxwpv9g62d-source --accept-flake-config
warning: creating lock file '/private/var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3/example/flake.lock'
++ cat nickel.lock.ncl
+ STORED_LOCKFILE_CONTENTS='{
organist = import "../../lib/organist.ncl",
}'
++ nickel export --format raw
+ TEST_SCRIPT='set -euxo pipefail
exec 1>&2
haskell-language-server --version
nickel --version
ormolu --version'
+ echo 'Running with incorrect nickel.lock.ncl'
Running with incorrect nickel.lock.ncl
+ nix develop --accept-flake-config --print-build-logs --command bash
trace: warning: Lockfile contents are outdated. Please run "nix run .#regenerate-lockfile" to update them.
shell-env> sandbox-exec: pattern serialization length 67255 exceeds maximum (65535)
error: builder for '/nix/store/4vlmff67wdm337d3ldw3rn2cx4nrqjpn-shell-env.drv' failed with exit code 65;
last 1 log lines:
> sandbox-exec: pattern serialization length 67255 exceeds maximum (65535)
For full logs, run 'nix-store -l /nix/store/4vlmff67wdm337d3ldw3rn2cx4nrqjpn-shell-env.drv'.
++ clean
++ rm -rf /var/folders/sh/4h8107813mxf50n2rn118p400000gq/T/tmp.H8w7TXbyW3
If I build this path with --keep-failed, the sandbox definition is even bigger:
% ll /private/tmp/nix-build-shell-env.drv-0/.sandbox.sb ~/workspaces/nixel/nickel-nix
-rw-r--r-- 1 _nixbld1 nixbld 87K Nov 23 16:00 /private/tmp/nix-build-shell-env.drv-0/.sandbox.sb
Here it is in full: .sandbox.sb
I've noticed 449 lines pointing to *-doc paths which we probably could skip. Removing all of them trims the size of the file down to 51K.