error: executing '/nix/store/.../bin/bash': Argument list too long

Question

error: executing '/nix/store/.../bin/bash': Argument list too long

catwith1hat opened this issue a year ago · 1 comments

Agenix seems to be limited to around 60 secrets and if you try to add more, the process building your host derivation will die with Argument list too long.

[foo:rebuild] building '/nix/store/2shq4mwinwqsc30469mzjg94v17ync8h-nixos-system-foo-23.11.20231207.64cd15e.drv'...
[foo:rebuild] error: builder for '/nix/store/2shq4mwinwqsc30469mzjg94v17ync8h-nixos-system-foo-23.11.20231207.64cd15e.drv' failed with exit code 1;
[foo:rebuild]        last 1 log lines:
[foo:rebuild]        > error: executing '/nix/store/q1c2flcykgr4wwg5a6h450hxbk4ch589-bash-5.2-p15/bin/bash': Argument list too long
[foo:rebuild]        For full logs, run 'nix log /nix/store/2shq4mwinwqsc30469mzjg94v17ync8h-nixos-system-foo-23.11.20231207.64cd15e.drv'.
task: Failed to run task "foo:rebuild": exit status 1
task: Failed to run task "foo:rebuild": exit status 1

Inspecting /nix/store/2shq4mwinwqsc30469mzjg94v17ync8h-nixos-system-foo-23.11.20231207.64cd15e.drv shows a very repetative action snippet which I traced back to installSecret inside age.nix. This installSecret snippet isn't that long but gets replicated for every secret here via:

    ++ (map installSecret (builtins.attrValues cfg.secrets))

I would suggest that installSecret becomes a bash function and then we just call this bash function instead of replicating the installSecret template over and over again. I will open a PR to illustrate this idea.

catwith1hat commented 9 months ago

Ping?