| 2 Jan 2025 |
 Atemu | Ah I see | 15:01:08 |
 countoren | * in this machine that i switched to I just use the flake without cloning | 15:01:14 |
| Atemu | Cloning and using the local flake should be easy enough | 15:01:19 |
| Atemu | Ahaahaa wait, this is flakes, I have no idea whether that's simple | 15:01:37 |
| Atemu | Right | 15:01:41 |
| countoren | yes true, tho with my experience it still might deffer between flake to nix-build I had some differences before with file path parsing between the 2 | 15:02:37 |
| countoren | but it was long ago it might be fine now | 15:02:57 |
| Atemu | You should be able to do the simple sanity check regardless of flakes though | 15:05:08 |
| Atemu | It doesn't depend on robotnix | 15:05:25 |
| countoren | anyway trying to understand it better is KEYSDIR is env var expected by the android build tool? | 15:05:53 |
| Atemu | Come again? | 15:09:02 |
| countoren | o it talking about it being directory. ```
Missing KEYSDIR directory, did you use "--option extra-sandbox-paths /keys=..." ?
| 15:10:22 |
| countoren | * o it talking about it being directory. ```
Missing KEYSDIR directory, did you use "--option extra-sandbox-paths /keys=..." ?
| 15:10:44 |
| Atemu | Check whether that directory exists and is readable inside the sandbox | 15:10:53 |
| Atemu | You can do that with a simple runCommand | 15:11:11 |
| Atemu | To skip all the complexity of robotnix for troubleshooting | 15:11:33 |
| countoren | you mean nix shell --pure ? as well? | 15:14:46 |
| countoren | * you mean nix shell --impure ? as well? | 15:15:56 |
| Atemu | However you prefer to eval Nix code | 15:17:57 |
| Atemu | I'd use a repl or --expr but whatever you like | 15:18:15 |
| countoren | where should I see KEYSDIR? | 15:21:08 |
| Atemu | You should check whether the path you've passed through to the sandbox actually exists and the contents are readable | 15:21:34 |
| Atemu | (From within the sandbox of course.) | 15:25:01 |
| countoren | I guess I never had to use extra-sendbox-paths for everything I did until now(like 10 years of nix) I always resulted with a wrapper if "secrets" are involved. I did add it to my nixos configuration getting permission issues now, I will look into it.
but I wonder how hard it will be (or make sense) to "wrap" the builder in writeShellApplication/Script to execute not from a nix sendbox. | 16:17:37 |
| Atemu | That's precisely what the release script does AFAIK | 16:18:11 |
| countoren | o really | 16:18:27 |
| countoren | so I can build release and run it? | 16:18:37 |
| Atemu | Again, never used it | 16:19:25 |
| Atemu | oak did though I think | 16:19:32 |
| Atemu | Just try it | 16:19:36 |
