From 02d8367b68b82f679e9604b7077797589738c814 Mon Sep 17 00:00:00 2001 From: Pablo Lamela Date: Fri, 13 Sep 2024 03:27:02 +0200 Subject: [PATCH] Patch for CI --- flake.nix | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index aad8fbc0b0..43c4fd26df 100644 --- a/flake.nix +++ b/flake.nix @@ -67,7 +67,11 @@ inherit (inputs.haskellNix) config; }; inherit (nixpkgs) lib; - + macOS-security = + # make `/usr/bin/security` available in `PATH`, which is needed for stack + # on darwin which calls this binary to find certificates + nixpkgs.writeScriptBin "security" ''exec /usr/bin/security "$@"''; + isDarwin = (system == "x86_64-darwin") || (system == "aarch64-darwin"); gitRevFlag = if inputs.self ? rev then [("--ghc-option=-D__GIT_REV__=\\\"" + inputs.self.rev + "\\\"")] @@ -114,7 +118,7 @@ stylish-haskell = "0.14.6.0"; }; # and from nixpkgs or other inputs - shell.nativeBuildInputs = with nixpkgs; [gh jq yq-go actionlint shellcheck cabal-head]; + shell.nativeBuildInputs = with nixpkgs; [gh jq yq-go actionlint shellcheck cabal-head] ++ (lib.optional isDarwin macOS-security); # disable Hoogle until someone request it shell.withHoogle = false; # Skip cross compilers for the shell @@ -159,9 +163,14 @@ # This define files included in the directory that will be passed to `H.getProjectBase` for this test: filteredProjectBase = inputs.incl ./. mainnetConfigFiles; in '' + export PATH=${macOS-security}/bin:$PATH ${exportCliPath} cp -r ${filteredProjectBase}/* .. - ''; + '' + (if isDarwin + then '' + export PATH=${macOS-security}/bin:$PATH + '' + else ''''); }) { packages.crypton-x509-system.postPatch = ''