Local networking in checkPhase?

I’m trying to get some integration tests working that depend on local networking (localhost only).

After discovering __darwinAllowLocalNetworking, I was under the impression that local networking was enabled at build time.

However, running python -m http.server --bind 127.0.0.1 in one pane followed by trying to build this simple flake:

{
  outputs = {
    self,
    nixpkgs,
  }: let
    system = "x86_64-linux";
    pkgs = import nixpkgs {inherit system;};
  in {
    packages.x86_64-linux.default = pkgs.stdenvNoCC.mkDerivation {
      name = "foo";
      src = pkgs.writeText "say-foo" "foo";
      installPhase = "cp $src $out";
      dontUnpack = true;
      doCheck = true;
      checkPhase = ''
        ${pkgs.curl}/bin/curl http://127.0.0.1:8000
      '';
    };
  };
}

I don’t see any request to the python server, and the build fails with curl: (7) Failed to connect to 127.0.0.1 port 8000 after 0 ms: Couldn't connect to server

  • I have a PR open whose checkPhase uses local networking, but the python -m http.server call is in the test, and it seems to work. Is that different somehow?
  • I’m trying to debug the integration tests for this little project, which is using the rust httpmock library in its integration tests, which uses a localhost server to mock external HTTP calls. These tests pass on Linux but fail on Darwin (even though __darwinAllowLocalNetworking is set by default in the rust builder). Any ideas why that might be?