Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: cachix/install-nix-action
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v20
Choose a base ref
...
head repository: cachix/install-nix-action
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v30
Choose a head ref
Loading
Showing with 177 additions and 55 deletions.
  1. +15 −0 .editorconfig
  2. +56 −24 .github/workflows/test.yml
  3. +58 −12 README.md
  4. +6 −1 action.yml
  5. +42 −18 install-nix.sh
15 changes: 15 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# EditorConfig is awesome: https://EditorConfig.org

# top-most EditorConfig file
root = true

# Unix-style newlines with a newline ending every file
[*]
charset = utf-8
end_of_line = lf
indent_size = 2
indent_style = space
insert_final_newline = true

[LICENSE]
indent_size = unset
80 changes: 56 additions & 24 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -5,100 +5,132 @@ on:
branches:
- master

env:
nixpkgs_channel: nixpkgs=channel:nixos-24.05
oldest_supported_installer: nix-2.8.0
# Fetch new versions from the Nix CI run: https://github.com/NixOS/nix/blob/master/.github/workflows/ci.yml
# TODO: add pinning upstream or rethink this
pinned_installer_hash: zfzfrbb59jsqrfkldwj8drcr9nhhc49k

jobs:
simple-build:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
os:
- ubuntu-latest
- macos-latest
- macos-13
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Nix
uses: ./
with:
nix_path: nixpkgs=channel:nixos-20.03
nix_path: ${{ env.nixpkgs_channel }}
- run: nix-env -iA cachix -f https://cachix.org/api/v1/install
- run: cat /etc/nix/nix.conf
# cachix should be available and be able to configure a cache
- run: cachix use cachix
- run: nix-build test.nix

custom-nix-path:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
os:
- ubuntu-latest
- macos-latest
- macos-13
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Nix
uses: ./
with:
nix_path: nixpkgs=channel:nixos-20.03
- run: test $NIX_PATH == "nixpkgs=channel:nixos-20.03"
nix_path: ${{ env.nixpkgs_channel }}
- run: test $NIX_PATH == '${{ env.nixpkgs_channel }}'
- run: nix-build test.nix

extra-nix-config:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
os:
- ubuntu-latest
- macos-latest
- macos-13
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Nix
uses: ./
with:
nix_path: nixpkgs=channel:nixos-20.03
nix_path: ${{ env.nixpkgs_channel }}
extra_nix_config: |
sandbox = relaxed
- run: cat /etc/nix/nix.conf
- run: nix-build test.nix --arg noChroot true

flakes:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
os:
- ubuntu-latest
- macos-latest
- macos-13
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Nix
uses: ./
- run: nix flake show github:NixOS/nixpkgs

installer-options:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
os:
- ubuntu-latest
# - macos-latest missing installer for aarch64-darwin
- macos-13
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Nix
uses: ./
with:
nix_path: nixpkgs=channel:nixos-22.05
nix_path: ${{ env.nixpkgs_channel }}
install_options: --tarball-url-prefix https://nixos-nix-install-tests.cachix.org/serve
install_url: https://nixos-nix-install-tests.cachix.org/serve/s62m7lc0q0mz2mxxm9q0kkrcg90njzhq/install
install_url: https://nixos-nix-install-tests.cachix.org/serve/${{ env.pinned_installer_hash }}/install
- run: nix-build test.nix

oldest-supported-installer:
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
- macos-13
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install Nix
uses: ./
with:
nix_path: nixpkgs=channel:nixos-22.05
install_url: https://releases.nixos.org/nix/nix-2.8.0/install
nix_path: ${{ env.nixpkgs_channel }}
install_url: https://releases.nixos.org/nix/${{ env.oldest_supported_installer }}/install
- run: nix-build test.nix

act-support:
strategy:
matrix:
os: [ubuntu-latest]
matrix:
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- run: curl https://raw.githubusercontent.com/nektos/act/master/install.sh | sudo bash
- run: docker pull ghcr.io/catthehacker/ubuntu:js-20.04
- run: ./bin/act -P ubuntu-latest=ghcr.io/catthehacker/ubuntu:js-20.04 push -j simple-build
70 changes: 58 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
@@ -6,8 +6,8 @@ Installs [Nix](https://nixos.org/nix/) on GitHub Actions for the supported platf

By default it has no nixpkgs configured, you have to set `nix_path`
by [picking a channel](https://status.nixos.org/)
or [pin nixpkgs yourself](https://nix.dev/reference/pinning-nixpkgs.html)
(see also [pinning tutorial](https://nix.dev/tutorials/towards-reproducibility-pinning-nixpkgs.html)).
or [pin nixpkgs yourself](https://nix.dev/reference/pinning-nixpkgs)
(see also [pinning tutorial](https://nix.dev/tutorials/towards-reproducibility-pinning-nixpkgs)).

# Features

@@ -18,7 +18,7 @@ or [pin nixpkgs yourself](https://nix.dev/reference/pinning-nixpkgs.html)
- Allows specifying extra Nix configuration options via `extra_nix_config`
- Allows specifying `$NIX_PATH` and channels via `nix_path`
- Share `/nix/store` between builds using [cachix-action](https://github.com/cachix/cachix-action) for simple binary cache setup to speed up your builds and share binaries with your team
- Enables `flakes` and `nix-command` experimental features by default (to disable, set `experimental-features` via `extra_nix_config`)
- Enables KVM on supported machines: run VMs and NixOS tests with full hardware-acceleration

## Usage

@@ -33,8 +33,8 @@ jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v19
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v27
with:
nix_path: nixpkgs=channel:nixos-unstable
- run: nix-build
@@ -51,8 +51,8 @@ jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v19
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v27
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- run: nix build
@@ -73,6 +73,33 @@ To install Nix from any commit, go to [the corresponding installer_test action](

- `nix_path`: set `NIX_PATH` environment variable, for example `nixpkgs=channel:nixos-unstable`

- `enable_kvm`: whether to enable KVM for hardware-accelerated virtualization on Linux. Enabled by default if available.


## Differences from the default Nix installer

Some settings have been optimised for use in CI environments:

- `nix.conf` settings. Override these defaults with `extra_nix_config`:

- The experimental `flakes` and `nix-command` features are enabled. Disable by overriding `experimental-features` in `extra_nix_config`.

- `max-jobs` is set to `auto`.

- `show-trace` is set to `true`.

- `$USER` is added to `trusted-users`.

- `$GITHUB_TOKEN` is added to `access_tokens` if no other `github_access_token` is provided.

- `always-allow-substitutes` is set to `true`.

- `ssl-cert-file` is set to `/etc/ssl/cert.pem` on macOS.

- KVM is enabled on Linux if available. Disable by setting `enable_kvm: false`.

- `$TMPDIR` is set to `$RUNNER_TEMP` if empty.

---

## FAQ
@@ -84,19 +111,18 @@ To install Nix from any commit, go to [the corresponding installer_test action](
run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
```

### How can I run NixOS tests?
### How do I run NixOS tests?

With the following inputs:

```yaml
- uses: cachix/install-nix-action@vXX
with:
enable_kvm: true
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
```

[Note that there's no hardware acceleration on GitHub Actions.](https://github.com/actions/virtual-environments/issues/183#issuecomment-610723516).

### How can I install packages via nix-env from the specified `nix_path`?
### How do I install packages via nix-env from the specified `nix_path`?

```
nix-env -i mypackage -f '<nixpkgs>'
@@ -120,9 +146,29 @@ Otherwise, you can add any binary cache to nix.conf using
install-nix-action's own `extra_nix_config` input:

```yaml
- uses: cachix/install-nix-action@v19
- uses: cachix/install-nix-action@v27
with:
extra_nix_config: |
trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://hydra.iohk.io https://cache.nixos.org/
```
### How do I pass environment variables to commands run with `nix develop` or `nix shell`?

Nix runs commands in a restricted environment by default, called `pure mode`.
In pure mode, environment variables are not passed through to improve the reproducibility of the shell.

You can use the `--keep / -k` flag to keep certain environment variables:

```yaml
- name: Run a command with nix develop
run: nix develop --ignore-environment --keep MY_ENV_VAR --command echo $MY_ENV_VAR
env:
MY_ENV_VAR: "hello world"
```

Or you can disable pure mode entirely with the `--impure` flag:

```
nix develop --impure
```
7 changes: 6 additions & 1 deletion action.yml
Original file line number Diff line number Diff line change
@@ -12,18 +12,23 @@ inputs:
description: 'Additional installer flags passed to the installer script.'
nix_path:
description: 'Set NIX_PATH environment variable.'
enable_kvm:
description: 'Enable KVM for hardware-accelerated virtualization on Linux, if available.'
required: false
default: true
branding:
color: 'blue'
icon: 'sun'
runs:
using: 'composite'
steps:
- run : ${{ github.action_path }}/install-nix.sh
- run : ${GITHUB_ACTION_PATH}/install-nix.sh
shell: bash
env:
INPUT_EXTRA_NIX_CONFIG: ${{ inputs.extra_nix_config }}
INPUT_GITHUB_ACCESS_TOKEN: ${{ inputs.github_access_token }}
INPUT_INSTALL_OPTIONS: ${{ inputs.install_options }}
INPUT_INSTALL_URL: ${{ inputs.install_url }}
INPUT_NIX_PATH: ${{ inputs.nix_path }}
INPUT_ENABLE_KVM: ${{ inputs.enable_kvm }}
GITHUB_TOKEN: ${{ github.token }}
Loading