Not sure if I’m doing something wrong here, but observing the following.
Given api.nix is a simple buildGoModule with a checkPhase that runs unit and integration tests:
On Linux (PopOS w/ Nix):
nix-build api.nixfrom the main shell, $TMPDIR is set to /build, and tests fail because they’re creating a sqlite db in $TMPDIR
nix-shelland then running
nix-build api.nix, $TMPDIR is set to /run/user/1000 and stuff works OK
nix-build --option sandbox false api.nixsucceeds because $TMPDIR becomes /tmp/nix-build-api.drv-0
nix-build api.nixworks, but I’m oberving $TMPDIR being /private/tmp/nix-build-api.drv-0 which behaves like Linux with no sandbox.
The most confusing part here is the different behavior of executing
nix-build on Linux based on if you’re already in nix-shell or not. Is there something I’m obviously doing wrong here? I’d expect that builds are completely hermetic (i.e. being inside of nix-shell not affecting the value of $TMPDIR), and would also expect that $TMPDIR is writable for test data.
Before using $TMPDIR, I used to hardcode /tmp in all of the places that needed this. IIRC, there were problems on macOS. In any case, macOS&linux behavior was different which was defeating the purpose of using something like nix for this.