commit 26aef8dd1bfca8fcbc2eca51e0f29e4f6bbf9db6 parent 7f3a3b7c221171ef310a124f1a81e14de8f935ef Author: triesap <tyson@radroots.org> Date: Mon, 22 Jun 2026 03:05:41 +0000 nix: fix release preflight app wrapper - run release preflight through a generated coverage-shell script - avoid shellcheck parsing of escaped multiline sh payloads - keep the public release-preflight app entrypoint unchanged - preserve coverage dev-shell execution for release checks Diffstat:
| M | build/nix/apps.nix | | | 18 | ++++++++++++++---- |
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/build/nix/apps.nix b/build/nix/apps.nix @@ -8,9 +8,19 @@ let stablePath = "export PATH=${toolchains.stable}/bin:$PATH"; coveragePath = "export PATH=${toolchains.stable}/bin:${toolchains.coverage}/bin:$PATH"; - coverageShellExec = command: '' - exec nix develop .#coverage --accept-flake-config -c sh -lc ${lib.escapeShellArg command} sh "$@" - ''; + coverageShellExec = + name: command: + let + scriptName = "${name}-coverage-shell"; + script = pkgs.writeShellApplication { + name = scriptName; + runtimeInputs = common.runtimeInputs.coverage; + text = command; + }; + in + '' + exec nix develop .#coverage --accept-flake-config -c ${script}/bin/${scriptName} "$@" + ''; mkRepoApp = { name, @@ -94,7 +104,7 @@ in runtimeInputs = [ pkgs.nix ]; - command = coverageShellExec common.releasePreflightCommand; + command = coverageShellExec "release-preflight" common.releasePreflightCommand; env = common.exportCoverageEnv; pathPrefix = coveragePath; };