From 9370b0ef977bff7e84ac07a81a0e31e75989276b Mon Sep 17 00:00:00 2001
From: Linus Heckemann <git@sphalerite.org>
Date: Mon, 31 Oct 2022 13:07:42 +0100
Subject: [PATCH] hydra-eval-jobs: don't use restrict-eval for Flakes

Pure evaluation should cover all the uses for restrict-eval, and
restrict-eval currently breaks accessing Git inputs on Flakes[1].

[1]: https://github.com/NixOS/nix/issues/7098
---
 src/hydra-eval-jobs/hydra-eval-jobs.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/hydra-eval-jobs/hydra-eval-jobs.cc b/src/hydra-eval-jobs/hydra-eval-jobs.cc
index 18d396203..a3f595989 100644
--- a/src/hydra-eval-jobs/hydra-eval-jobs.cc
+++ b/src/hydra-eval-jobs/hydra-eval-jobs.cc
@@ -306,7 +306,9 @@ int main(int argc, char * * argv)
 
         /* Prevent access to paths outside of the Nix search path and
            to the environment. */
-        evalSettings.restrictEval = true;
+        if (!myArgs.flake) {
+            evalSettings.restrictEval = true;
+        }
 
         /* When building a flake, use pure evaluation (no access to
            'getEnv', 'currentSystem' etc. */