about summary refs log tree commit diff
path: root/pkgs/development/compilers/dotnet/common.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/compilers/dotnet/common.nix')
-rw-r--r--pkgs/development/compilers/dotnet/common.nix33
1 files changed, 27 insertions, 6 deletions
diff --git a/pkgs/development/compilers/dotnet/common.nix b/pkgs/development/compilers/dotnet/common.nix
index 49f3e3be4d779..e26fd0e337708 100644
--- a/pkgs/development/compilers/dotnet/common.nix
+++ b/pkgs/development/compilers/dotnet/common.nix
@@ -50,9 +50,18 @@
           runtime ? finalAttrs.finalPackage,
           runInputs ? [],
           run ? null,
+          runAllowNetworking ? false,
         }:
         let
-          built = runCommand "dotnet-test-${name}" { buildInputs = [ finalAttrs.finalPackage ]; } (''
+          sdk = finalAttrs.finalPackage;
+          built = runCommand "dotnet-test-${name}" {
+            buildInputs = [ sdk ];
+            # make sure ICU works in a sandbox
+            propagatedSandboxProfile = toString sdk.__propagatedSandboxProfile + ''
+              (allow network-inbound (local ip))
+              (allow mach-lookup (global-name "com.apple.FSEvents"))
+            '';
+          } (''
             HOME=$PWD/.home
             dotnet new nugetconfig
             dotnet nuget disable source nuget
@@ -65,11 +74,19 @@
           if run == null
             then built
           else
-            runCommand "${built.name}-run" { src = built; nativeBuildInputs = runInputs; } (
-              lib.optionalString (runtime != null) ''
-                # TODO: use runtime here
-                export DOTNET_ROOT=${runtime}
-              '' + run);
+            runCommand "${built.name}-run" ({
+              src = built;
+              nativeBuildInputs = [ built ] ++ runInputs;
+            } // lib.optionalAttrs (stdenv.isDarwin && runAllowNetworking) {
+              sandboxProfile = ''
+                (allow network-inbound (local ip))
+                (allow mach-lookup (global-name "com.apple.FSEvents"))
+              '';
+              __darwinAllowLocalNetworking = true;
+            }) (lib.optionalString (runtime != null) ''
+              # TODO: use runtime here
+              export DOTNET_ROOT=${runtime}
+            '' + run);
 
       # Setting LANG to something other than 'C' forces the runtime to search
       # for ICU, which will be required in most user environments.
@@ -127,6 +144,7 @@
           expect <<"EOF"
             set status 1
             spawn $env(src)/test
+            proc abort { } { exit 2 }
             expect_before default abort
             expect -re {Now listening on: ([^\r]+)\r} {
               set url $expect_out(1,string)
@@ -138,11 +156,14 @@
               exit 1
             }
             send \x03
+            expect_before timeout abort
+            expect eof
             catch wait result
             exit [lindex $result 3]
           EOF
           touch $out
         '';
+        runAllowNetworking = true;
       };
     } // args.passthru.tests or {};
   } // args.passthru or {};
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-01 20:40:28 +0000