| 2 Jan 2025 |
 atemu12 | However you prefer to eval Nix code | 15:17:57 |
| atemu12 | I'd use a repl or --expr but whatever you like | 15:18:15 |
 countoren | where should I see KEYSDIR? | 15:21:08 |
| atemu12 | You should check whether the path you've passed through to the sandbox actually exists and the contents are readable | 15:21:34 |
| atemu12 | (From within the sandbox of course.) | 15:25:01 |
| countoren | I guess I never had to use extra-sendbox-paths for everything I did until now(like 10 years of nix) I always resulted with a wrapper if "secrets" are involved. I did add it to my nixos configuration getting permission issues now, I will look into it.
but I wonder how hard it will be (or make sense) to "wrap" the builder in writeShellApplication/Script to execute not from a nix sendbox. | 16:17:37 |
| atemu12 | That's precisely what the release script does AFAIK | 16:18:11 |
| countoren | o really | 16:18:27 |
| countoren | so I can build release and run it? | 16:18:37 |
| atemu12 | Again, never used it | 16:19:25 |
| atemu12 | oak did though I think | 16:19:32 |
| atemu12 | Just try it | 16:19:36 |
| atemu12 | And/or read the docs on it | 16:19:43 |
| countoren | I will, again Atemu thank you very much | 16:20:06 |
 oak 🏳️🌈♥️ | Yeah, I'm running LineageOS 21 which has been signed with my own keys. I tried to add support for new Android and LineageOS versions in PRs #256 #260 #261 | 16:27:06 |
| oak 🏳️🌈♥️ | But there is this TODO, which I didn't address yet: https://github.com/nix-community/robotnix/blob/master/modules/signing.nix#L124 | 16:28:18 |
| oak 🏳️🌈♥️ | That probably needs some bigger change and probably needs some mapping for which keys are used for which things | 16:33:29 |
| oak 🏳️🌈♥️ | Could we somehow get some CI processes working for this project? I'm also interested in contributing to that | 16:38:43 |
| oak 🏳️🌈♥️ | I was in NixCon Berlin 2024 and they told NixOS Foundation could provide some CI resources for community projects | 16:39:18 |
| atemu12 | Sure | 16:40:42 |
| atemu12 | We had some GH actions stuff that broke at some point because nobody bothered | 16:40:55 |
| atemu12 | Though I doubt we can build anything of interest in GHA | 16:41:04 |
| atemu12 | (x) | 16:41:19 |
| oak 🏳️🌈♥️ | Yeah I guess they give some free monthly hours for open source projects, I think there's a cap that one build can take 6 hours at maximum | 16:41:39 |
| atemu12 | If the machine is slow, we might exceed that | 16:41:59 |
| oak 🏳️🌈♥️ | I'm not completely sure how that works with GitHub, is it organizational or project level | 16:42:05 |
| atemu12 | And RAM is probably the more pressing issue | 16:42:10 |
| atemu12 | I've got access to some builders that I'm sure we could use | 16:42:57 |
| atemu12 | If you want to build some CI, please go right ahead | 16:43:23 |
| oak 🏳️🌈♥️ | :) | 16:43:32 |
