From 9a4aa1f40b1c9dae7877e65bcc6e7944d1d23e0f Mon Sep 17 00:00:00 2001 From: Vehbi Sinan Tunalioglu Date: Thu, 14 Aug 2025 15:54:46 +0800 Subject: [PATCH] chore(deps): switch to nixos-unstable that brings GHC v9.8.4 This required some hacks and workarounds for static builds. --- build-static.sh | 24 +++++++++++++++++++++--- cabal.project | 29 +++++++++++++++++++++++++++++ flake.lock | 8 ++++---- flake.nix | 2 +- 4 files changed, 55 insertions(+), 8 deletions(-) diff --git a/build-static.sh b/build-static.sh index 21fcad6..151b5db 100644 --- a/build-static.sh +++ b/build-static.sh @@ -12,7 +12,7 @@ set -eo pipefail ## `--enable-executable-stripping`, hence the `strip` command usage. ## GHC version: -GHC_VERSION="9.6.6" +GHC_VERSION="9.8.4" ## Docker image: DOCKER_IMAGE="quay.io/benz0li/ghc-musl:${GHC_VERSION}" @@ -32,6 +32,9 @@ CONTAINER_NAME="static-builder-for-${EXECUTABLE_NAME}" ## Create/update .cabal file: hpack +## Update package list: +cabal update + ## Cleanup first: cabal clean cabal v1-clean @@ -39,6 +42,11 @@ cabal v1-clean ## First, pin all packages as per Nix: cabal freeze +## Fix tls package version (Remove the line that contains "any.tls ==2.1.1,"): +## +## Note that this is a workaround until nixpkgs provides tls>=2.1.1 as stock dependency. +sed -i '/any.tls ==2.1.1,/d' cabal.project.freeze + ## Run the Docker container: docker run -i --detach -v "$(pwd):/app" --name "${CONTAINER_NAME}" "${DOCKER_IMAGE}" /bin/bash @@ -49,10 +57,20 @@ docker exec "${CONTAINER_NAME}" git config --global --add safe.directory /app docker exec "${CONTAINER_NAME}" cabal update ## Build the static binary: -docker exec -w "/app" "${CONTAINER_NAME}" cabal build --enable-executable-static +## +## Note that the `--allow-newer` flag is used to allow newer versions of +## dependencies, which is to allow jail-broken nixpkgs dependencies in a +## non-nix build environment that adopts our .freeze file generated under +## Nix. +docker exec -w "/app" "${CONTAINER_NAME}" cabal build --enable-executable-static --allow-newer ## Get the path to the executable: -BUILD_PATH="$(docker exec -w "/app" "${CONTAINER_NAME}" cabal list-bin "${EXECUTABLE_NAME}")" +## +## Note that the `--allow-newer` flag is used to allow newer versions of +## dependencies, which is to allow jail-broken nixpkgs dependencies in a +## non-nix build environment that adopts our .freeze file generated under +## Nix. +BUILD_PATH="$(docker exec -w "/app" "${CONTAINER_NAME}" cabal list-bin --allow-newer "${EXECUTABLE_NAME}")" ## Strip debugging symbols: docker exec "${CONTAINER_NAME}" strip "${BUILD_PATH}" diff --git a/cabal.project b/cabal.project index fdadb42..4b620a2 100644 --- a/cabal.project +++ b/cabal.project @@ -3,3 +3,32 @@ packages: package * ghc-options: -fwrite-ide-info + +-- BEGIN WORKAROUND +-- +-- This workaround is needed to avoid duplicate record field errors on amazonka +-- libraries as per migration to GHC 9.8.4. +-- +-- Once all amazonka libraries are updated for GHC 9.8 and/or later, we can +-- remove this workaround. +package amazonka-ec2 + ghc-options: -XDuplicateRecordFields + +package amazonka-lightsail + ghc-options: -XDuplicateRecordFields + +package amazonka-route53 + ghc-options: -XDuplicateRecordFields + +package amazonka-s3 + ghc-options: -XDuplicateRecordFields + +package amazonka-sso + ghc-options: -XDuplicateRecordFields + +package amazonka-sts + ghc-options: -XDuplicateRecordFields + +package amazonka + ghc-options: -XDuplicateRecordFields +-- END WORKAROUND diff --git a/flake.lock b/flake.lock index 716110c..1aa393f 100644 --- a/flake.lock +++ b/flake.lock @@ -20,16 +20,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1751274312, - "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", + "lastModified": 1755027561, + "narHash": "sha256-IVft239Bc8p8Dtvf7UAACMG5P3ZV+3/aO28gXpGtMXI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674", + "rev": "005433b926e16227259a1843015b5b2b7f7d1fc3", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.11", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/flake.nix b/flake.nix index 5f70310..4743bca 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "clompse - Patrol Cloud Resources"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; };