Skip to content

Fix devx container failures: Bash 3.2 and impure path errors#226

Merged
angerman merged 1 commit intomainfrom
fix/devx-container-bash-purity
Feb 21, 2026
Merged

Fix devx container failures: Bash 3.2 and impure path errors#226
angerman merged 1 commit intomainfrom
fix/devx-container-bash-purity

Conversation

@angerman
Copy link
Copy Markdown
Collaborator

@angerman angerman commented Feb 21, 2026

Summary

  • Use Nix-provided Bash (pkgs.bash) in the devx wrapper shebang instead of /usr/bin/env bash, fixing Bash 3.2 rejection on macOS GitHub Actions runners
  • Disable NIX_ENFORCE_PURITY before sourcing stdenv/setup, fixing cc-wrapper rejecting -I/-L flags pointing outside /nix/store/ (e.g. the cabal package store)

Fixes all 4 failing jobs in stable-haskell/ghc CI.

Test plan

  • Verify generated wrapper shebang points to /nix/store/.../bin/bash
  • Verify NIX_ENFORCE_PURITY= is set before source "$stdenv/setup"
  • stable-haskell/ghc CI passes on both x86_64-linux and aarch64-darwin

@angerman
Fix devx container failures: Bash 3.2 rejection and impure path errors
3e674f9 
Two fixes for CI failures when consuming devx containers:

1. Use Nix-provided Bash in shebang instead of /usr/bin/env bash.
   On macOS GitHub Actions runners, /usr/bin/env bash resolves to
   Apple's Bash 3.2 (GPLv2), but nixpkgs' setup.sh requires Bash 5+.
   pkgs.bash is already in the closure via stdenv.

2. Disable NIX_ENFORCE_PURITY before sourcing stdenv/setup.
   The stdenv preHook defaults NIX_ENFORCE_PURITY to 1, causing
   cc-wrapper to reject -I/-L flags outside /nix/store/. This breaks
   cabal builds that use $HOME/.cabal-devx/store/. Setting it to empty
   before sourcing setup.sh matches nix develop behavior.
@angerman angerman requested a review from Copilot February 21, 2026 07:40
Copilot AI reviewed Feb 21, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the generated devx development-environment wrapper to be more reliable in CI/containers and on macOS by pinning the interpreter and disabling Nix purity enforcement before initializing stdenv.

Changes:

  • Switch the devx wrapper shebang to Nix-provided Bash (${pkgs.bash}/bin/bash) to avoid macOS runner Bash 3.2.
  • Export NIX_ENFORCE_PURITY= before sourcing "$stdenv/setup" so cc-wrapper doesn’t reject non-store -I/-L paths in dev shells.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@angerman angerman added this pull request to the merge queue Feb 21, 2026
Merged via the queue into main with commit 5302e1b Feb 21, 2026
19 of 871 checks passed
@angerman angerman deleted the fix/devx-container-bash-purity branch February 21, 2026 08:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@angerman