Troubleshooting a Rust build with Carnix on a MacOS system

I’ve been using Carnix to make nix derivations from my Cargo files for a while. I’m not 100% clear on what is happening, and I can’t actually interpret the output from Carnix, but I’ve been able to work with this.

I’m on a Mac, and one of the things I frequently have to do is to include the MacOS Security framework (pkgs.darwin.apple_sdk.frameworks.Security) in a build. I at some point learned that, when I have to add this to the crates that my app depends on, I can use an override to add the framework like so:

  security = pkgs.darwin.apple_sdk.frameworks.Security;
  fitnesstrax_server_crate = ((import ./Cargo.nix).fitnesstrax_server {}).override {
    rust = rustc;
    crateOverrides = pkgs.defaultCrateOverrides // {
      mime_guess = attrs: { buildInputs = [ security ]; };
      orizentic = attrs: { buildInputs = [ security ]; };
      fitnesstrax = attrs: { buildInputs = [ security ]; };
      fitnesstrax_server = attrs: { buildInputs = [ security ]; };
    };
  };

This was working for a long while, but I recently broke one of my crates into library + server. Both require the Security framework. I can see in the process mime_guess, orizentic and fitnesstrax all successfully building, but linking fails when building fitnesstrax_server because the Security framework is missing.

How can I reach in deep enough to the system to inspect the environment that fitnesstrax_server is building in? I particularly want to know what the buildInputs (and other dependencies) actually are, so that I can see whether my override is working in this case.

If you decide to look at the repository, the code above appears in server/default.nix, and it changes in between the last known good build and the broken one, as a result of me extracting an entire library into a separate directory.

Last known good build: https://github.com/luminescent-dreams/fitnesstrax/tree/f4702d62505b7bd27a48ffb3a2c48f5abf0ca3b0
The code you see above: https://github.com/luminescent-dreams/fitnesstrax/tree/669752fedf806b487ce007e2e88a36f7e08b0e3d

Figured out how to make this work this morning.

It turns out that the cargo derivation allows me to specify overrides for crates that don’t actually exist in the derivation. This confused me a bit, because fitnesstrax_server, the executable crate that I am building, is (I think), the entire Cargo.nix derivation. As such, the way to inject system dependencies into it is like this:

  security = pkgs.darwin.apple_sdk.frameworks.Security;
  fitnesstrax_server_crate = ((import ./Cargo.nix).fitnesstrax_server {}).override {
    rust = rustc;
    buildInputs = [ security ];
    crateOverrides = pkgs.defaultCrateOverrides // {
      mime_guess = attrs: { buildInputs = [ security ]; };
      orizentic = attrs: { buildInputs = [ security ]; };
      fitnesstrax = attrs: { buildInputs = [ security ]; };
    };
  };

I think I will still want to dig in a bit deeper to analyze the structure of what carnix creates. As I learn things, I’ll write up notes about how to analyze things, particularly with nix repl.