Skip to content

Fix CI config issues (actually build with different GHC versions) #1057

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jhrcek wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Fix CI config issues (actually build with different GHC versions) #1057

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
26dab99
Fix CI config issues (actually build with different GHC versions)
jhrcek May 1, 2026
ec437ff
elfutils on linux only
jhrcek May 1, 2026
bf29fbf
Accept flake config
jhrcek May 1, 2026
9ac6695
Minimize unnecessary changes
jhrcek May 4, 2026
43d7881
Env var instead of shellHook
jhrcek May 4, 2026
2743bfe
Add changelog entry, add comment to flake.nix
jhrcek May 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 17 additions & 20 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,13 @@ concurrency:

on:
pull_request:
branches: main
branches: [ main ]

@jhrcek jhrcek May 3, 2026

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The YAML extension in vscode caught couple of schema issues in this config (screenshot below)

  • branches should be an array of values
  • strategy: section has mandatory matrix parameter - but it seems to me since amazonka-gen job is a standalone job, it doesn't make sense to have the strategy key at all.
Image

types:
- opened
- synchronize

push:
branches: main
branches: [ main ]
paths-ignore:
- "configs/**"
- "scripts/**"
Expand All @@ -23,26 +23,23 @@ on:

jobs:
amazonka-gen:
strategy:
fail-fast: false

runs-on: ubuntu-latest

steps:
- uses: cachix/install-nix-action@v22
- uses: cachix/install-nix-action@v31
with:
nix_path: nixpkgs=channel:nixos-unstable
extra_nix_config: |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
extra-substituters = https://cache.iog.io
experimental-features = nix-command flakes

- uses: cachix/cachix-action@v12
- uses: cachix/cachix-action@v17
with:
name: amazonka
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}

- uses: actions/checkout@v3
- uses: actions/checkout@v6

- run: nix build

Expand All @@ -68,27 +65,27 @@ jobs:
run: |-
sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt &

- uses: cachix/install-nix-action@v22
- uses: cachix/install-nix-action@v31
with:
nix_path: nixpkgs=channel:nixos-unstable
extra_nix_config: |
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
extra-substituters = https://cache.iog.io
experimental-features = nix-command flakes

- uses: cachix/cachix-action@v12
- uses: cachix/cachix-action@v17
with:
name: amazonka
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}

- uses: actions/checkout@v3
- uses: actions/checkout@v6

- name: cabal update && cabal freeze
run: |
nix develop --print-build-logs --command \
bash -c 'cabal update && cabal freeze' '.#${{matrix.ghc}}'
nix develop '.#${{matrix.ghc}}' --print-build-logs --command \

@jhrcek jhrcek May 3, 2026
edited
Loading

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This matrix argument was not taken into account at all - all the jobs were using the ghc 9.4.8 provided by the default shell

Image

It seems to me this is because the last param was somehow consumed by the bash -c ... part and not passed to the nix develop command.

Moving the arg before the --command seems to have fixed it (in that I see Build profile: -w ghc-9.6.6 ... in the cabal build core step).

bash -c 'cabal update && cabal freeze'

- uses: actions/cache@v3
- uses: actions/cache@v5
with:
key: v1-${{ runner.os }}-${{ matrix.ghc }}-${{ hashFiles('cabal.project.freeze') }}
restore-keys: |
Expand All @@ -99,15 +96,15 @@ jobs:

- name: cabal build core
run: |
nix develop --print-build-logs --command \
bash -c 'cabal build amazonka-core amazonka' '.#${{matrix.ghc}}'
nix develop '.#${{matrix.ghc}}' --print-build-logs --command \
bash -c 'cabal build amazonka-core amazonka'

- name: cabal build s3-encryption
run: |
nix develop --print-build-logs --command \
bash -c 'cabal build amazonka-s3-encryption' '.#${{matrix.ghc}}'
nix develop '.#${{matrix.ghc}}' --print-build-logs --command \
bash -c 'cabal build amazonka-s3-encryption'

- name: cabal build all
run: |
nix develop --print-build-logs --command \
bash -c 'cabal test all' '.#${{matrix.ghc}}'
nix develop '.#${{matrix.ghc}}' --print-build-logs --command \
bash -c 'cabal test all'
8 changes: 6 additions & 2 deletions flake.nix
View file
Open in desktop

@endgame endgame May 3, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please explain what is forcing you to add the extra packages? I haven't needed them even when running NixOS (which is where I expect the most shenanigans around paths). If there's something wrong with the GHC you get when you use Nix as a package manager on a standard distribution, I think setting up the right ghcWithPackages calls to wire in the native libraries is probably going to work better, but I want to know what the thinking is before I insist on that change.

@jhrcek jhrcek May 4, 2026
edited
Loading

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm still iterating on this (and learning ins and outs of nix along the way), but TBH I initially just let claude-code thrash around to make the build pass. It seems to have found a fix which however has bunch of unnecessary stuff. Based on your remark I pushed it harder into making it demonstrate to me that all the changes are actually necessary and managed to trim it down to just this PKG_CONFIG_PATH declaration below. I still want to look around to see how people using nix + zlib do it in their projects, but this seems to be necessary to avoid linker picking the zlib1g-dev package that comes pre-installed on ubuntu github action runners.

Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@

renameVersion = version: "ghc" + (pkgs.lib.replaceStrings [ "." ] [ "" ] version);

mkDevShell = hsPkgs: pkgs.mkShell {
mkDevShell = hsPkgs: pkgs.mkShell ({
name = "amazonka-${renameVersion hsPkgs.ghc.version}";

buildInputs = [
Expand Down Expand Up @@ -82,7 +82,11 @@
export BOTOCORE=${botocore.outPath}
echo "botocore: $BOTOCORE"
'';
};
} // pkgs.lib.optionalAttrs pkgs.stdenv.isLinux {
# Fix build failure of Haskell zlib package ("error: *** stack smashing detected ***: terminated").
# Without this, pkg-config resolves zlib to whatever zlib is installed on ubuntu GitHub action runners
PKG_CONFIG_PATH = pkgs.lib.makeSearchPath "lib/pkgconfig" [ pkgs.zlib.dev ];
});

amazonka-gen =
# Use ghc92 because we want hashable ==1.3.* for actual
Expand Down
2 changes: 2 additions & 0 deletions lib/amazonka/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,8 @@

### Fixed

- Fix GitHub actions CI config issues (not following schema, actually building with different GHC version on ubuntu runners), bump to latest gh action dependencies (fixing deprecated nodejs runtime warnings).
[\#1057](https://github.com/brendanhay/amazonka/pull/1057)
- `amazonka`: `Amazonka.Auth.SSO.relativeCachedTokenFile` is now pure
[\#1056](https://github.com/brendanhay/amazonka/pull/1056)
- `amazonka-core`: `containers ^>= 0.7` is now supported. `containers-0.7` is shipped with GHC 9.10 and 9.12.
Expand Down