Not working with recent Hydra versions
Opened this issue · 3 comments
Hi, thanks for this project -- it's super useful.
I have noticed, unfortunately, that it doesn't seem to work with recent Hydra versions. I'm not sure when this happened, nor whether it was a change in gitignore.nix
or Hydra itself, but with the most recent version of gitignore.nix
and Hydra 2020-06-23 (the latest version in nixpkgs as of 2020-07-28), I get a restricted mode error any time I try to use gitignoreSource ./.
as a src
attribute inside a project; e.g.,
hydra-eval-jobs returned exit code 1:
error: "\u001b[31;1merror:\u001b[0m\u001b[34;1m --- RestrictedPathError --- hydra-eval-jobs\u001b[0m\naccess to path '\u001b[33;1m/nix/store/2k8r1any80g67n58iaghcrwad8kwhh3r-source\u001b[0m' is forbidden in restricted mode"
error: --- EndOfFile --- hydra-eval-jobs
unexpected EOF reading a line
(Sorry for the HTML escaping -- Hydra's error messages are pretty bad.)
Is anyone else able to reproduce this behavior?
We have run into this problem as well. For now we have patched our Hydra to disable the restrictions, but that is not really a proper fix ....
It looks like either hydra is putting sources in the store before evaluating, or you're invoking gitignore on a source that's already in the store. Could you enable --show-trace and/or check what the contents of the store path are?
I think this down to haskell.nix
, actually. See input-output-hk/haskell.nix#496
I noticed because, now that we've switched one of our haskell.nix
projects to a Flake, we're having the same issue with nix flake check
when we use gitignoreSource
on the Haskell project (or nearly any other source filter, including nixpkgs
's own cleanSourceWith
; though haskell.nix
's own cleanGit
function works, strangely enough). However, we have a PureScript project in the same repo that is built with vanilla mkDerivation
, and we can use gitignoreSource
on the PureScript project's src
attribute without any issues (neither nix flake check
, nor on our Hydra).