wait for nix-daemon socket

Turn on daemon (multi-user) mode

.github/workflows/test.yml

@@ -1,4 +1,4 @@
-name: "nix-action test"
+name: "install-nix-action test"
 on:
   pull_request:
   push:
@@ -6,13 +6,19 @@ jobs:
   tests:
     strategy:
       matrix:
-        os: [ubuntu-18.04, macos]
+        os: [ubuntu-18.04, macos-latest]
     runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@v1
     - run: yarn install --frozen-lockfile
     - run: yarn build
+    # TODO: just commit it using github
+    - run: git diff --exit-code
     - run: yarn test
     - name: Install Nix
       uses: ./
+    - run: nix-env -iA cachix -f https://github.com/NixOS/nixpkgs/tarball/ab5863afada3c1b50fc43bf774b75ea71b287cde
+    - run: cat /etc/nix/nix.conf
+    # cachix should be available and be able to configure a cache
+    - run: cachix use cachix
     - run: nix-build test.nix

README.md

@@ -1,8 +1,8 @@
-# nix-action
+# install-nix-action
 
-![github actions badge](https://github.com/cachix/nix-action/workflows/nix-action%20test/badge.svg)
+![github actions badge](https://github.com/cachix/install-nix-action/workflows/install-nix-action%20test/badge.svg)
 
-Installs [Nix](https://nixos.org/nix/) in platform agnostic way (supports: Linux/macOS).
+Installs [Nix](https://nixos.org/nix/) on GitHub Actions for the supported platforms: Linux and macOS.
 
 ## Usage
 
@@ -18,18 +18,22 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v1
-    - uses: cachix/nix-action@v1
+    - uses: cachix/install-nix-action@v3
     - run: nix-build
 ```
 
+
+See [action.yml](action.yml) for all options.
+
 See also [cachix-action](https://github.com/cachix/cachix-action) for
-simple binary cache setup.
+simple binary cache setup to speed up your builds and share binaries
+with developers.
 
 ---
 
 ## Hacking
 
-Install the dependencies  
+Install the dependencies
 ```bash
 $ yarn install
 ```
@@ -39,7 +43,7 @@ Build the typescript
 $ yarn build
 ```
 
-Run the tests :heavy_check_mark:  
+Run the tests :heavy_check_mark:
 ```bash
 $ yarn test
 ```

action.yml

@@ -1,5 +1,5 @@
-name: 'Nix'
-description: 'Install Nix'
+name: 'Install Nix'
+description: 'Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.'
 author: 'Domen Kožar'
 branding:
   color: 'blue'

lib/README.md

@@ -0,0 +1,5 @@
+
+# Generated Code
+
+The files in this directory are generated.
+See [src](../src)

lib/main.js

@@ -20,23 +20,52 @@ const core = __importStar(require("@actions/core"));
 const exec = __importStar(require("@actions/exec"));
 const tc = __importStar(require("@actions/tool-cache"));
 const os_1 = require("os");
-const fs_1 = require("fs");
+function nixConf() {
+    return __awaiter(this, void 0, void 0, function* () {
+        // Workaround a segfault: https://github.com/NixOS/nix/issues/2733
+        yield exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
+        yield exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
+        // Set jobs to number of cores
+        yield exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
+        // Allow binary caches for runner user
+        yield exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]);
+    });
+}
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
-            // rest of the constants
-            const home = os_1.homedir();
-            const { username } = os_1.userInfo();
             const PATH = process.env.PATH;
-            const CERTS_PATH = home + '/.nix-profile/etc/ssl/certs/ca-bundle.crt';
+            const INSTALL_PATH = '/opt/nix';
+            yield nixConf();
+            // Catalina workaround https://github.com/NixOS/nix/issues/2925
+            if (os_1.type() == "Darwin") {
+                yield exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\"  >> /etc/synthetic.conf`]);
+                yield exec.exec("sudo", ["sh", "-c", `mkdir -m 0755 ${INSTALL_PATH} && chown runner ${INSTALL_PATH}`]);
+                yield exec.exec("/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util", ["-B"]);
+                // Needed for sudo to pass NIX_IGNORE_SYMLINK_STORE
+                yield exec.exec("sudo", ["sh", "-c", "echo 'Defaults env_keep += NIX_IGNORE_SYMLINK_STORE'  >> /etc/sudoers"]);
+                core.exportVariable('NIX_IGNORE_SYMLINK_STORE', "1");
+                // Needed for nix-daemon installation
+                yield exec.exec("sudo", ["launchctl", "setenv", "NIX_IGNORE_SYMLINK_STORE", "1"]);
+            }
+            // Needed due to multi-user being too defensive
+            core.exportVariable('ALLOW_PREEXISTING_INSTALLATION', "1");
             // TODO: retry due to all the things that go wrong
             const nixInstall = yield tc.downloadTool('https://nixos.org/nix/install');
-            yield exec.exec("sh", [nixInstall]);
-            core.exportVariable('PATH', `${PATH}:${home}/.nix-profile/bin`);
-            core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/${username}/channels`);
-            // macOS needs certificates hints
-            if (fs_1.existsSync(CERTS_PATH)) {
-                core.exportVariable('NIX_SSL_CERT_FILE', CERTS_PATH);
+            yield exec.exec("sh", [nixInstall, "--daemon"]);
+            // write nix.conf again as installation overwrites it, reload the daemon to pick up changes
+            yield nixConf();
+            yield exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]);
+            // setup env
+            core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`);
+            core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`);
+            if (os_1.type() == "Darwin") {
+                // macOS needs certificates hints
+                core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt');
+                // TODO: nc doesn't work correctly on macOS :(
+                //await exec.exec("sh", ["-c", "while ! nc -zU /nix/var/nix/daemon-socket/socket; do sleep 0.5; done"]);
+                // macOS needs time to reload the daemon :(
+                yield exec.exec("sleep", ["10"]);
             }
         }
         catch (error) {

package.json

@@ -1,8 +1,8 @@
 {
-  "name": "nix-action",
+  "name": "install-nix-action",
   "version": "1.0.0",
   "private": true,
-  "description": "nix-build with the help of caching to Cachix",
+  "description": "Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.",
   "main": "lib/main.js",
   "scripts": {
     "build": "tsc",
@@ -10,7 +10,7 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/cachix/nix-action.git"
+    "url": "git+https://github.com/cachix/install-nix-action.git"
   },
   "keywords": [
     "actions",

shell.nix

@@ -0,0 +1,8 @@
+{ pkgs ? import <nixpkgs> {}
+}:
+
+pkgs.mkShell {
+  name = "install-nix-action-shell";
+
+  buildInputs = [ pkgs.yarn ];
+}

src/main.ts

@@ -1,30 +1,64 @@
 import * as core from '@actions/core';
 import * as exec from '@actions/exec';
 import * as tc from '@actions/tool-cache';
-import {homedir, userInfo} from 'os';
-import {existsSync} from 'fs';
+import {type} from 'os';
+
+async function nixConf() {
+    // Workaround a segfault: https://github.com/NixOS/nix/issues/2733
+    await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
+    await exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
+
+    // Set jobs to number of cores
+    await exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
+
+    // Allow binary caches for runner user
+    await exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]);
+}
 
 async function run() {
   try {
-    const home = homedir();
-    const {username} = userInfo();
     const PATH = process.env.PATH;  
-    const CERTS_PATH = home + '/.nix-profile/etc/ssl/certs/ca-bundle.crt';
+    const INSTALL_PATH = '/opt/nix';
+ 
+    await nixConf();
 
-    // Workaround a segfault: https://github.com/NixOS/nix/issues/2733
-    await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
-    await exec.exec("sudo", ["echo", "http2 = false", ">>", "/etc/nix/nix.conf"]);
+    // Catalina workaround https://github.com/NixOS/nix/issues/2925
+    if (type() == "Darwin") {
+      await exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\"  >> /etc/synthetic.conf`]);
+      await exec.exec("sudo", ["sh", "-c", `mkdir -m 0755 ${INSTALL_PATH} && chown runner ${INSTALL_PATH}`]);
+      await exec.exec("/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util", ["-B"]);
+
+      // Needed for sudo to pass NIX_IGNORE_SYMLINK_STORE
+      await exec.exec("sudo", ["sh", "-c", "echo 'Defaults env_keep += NIX_IGNORE_SYMLINK_STORE'  >> /etc/sudoers"]);
+      core.exportVariable('NIX_IGNORE_SYMLINK_STORE', "1");
+      // Needed for nix-daemon installation
+      await exec.exec("sudo", ["launchctl", "setenv", "NIX_IGNORE_SYMLINK_STORE", "1"]);
+    }
+
+    // Needed due to multi-user being too defensive
+    core.exportVariable('ALLOW_PREEXISTING_INSTALLATION', "1"); 
 
     // TODO: retry due to all the things that go wrong
     const nixInstall = await tc.downloadTool('https://nixos.org/nix/install');
-    await exec.exec("sh", [nixInstall]);
-    core.exportVariable('PATH', `${PATH}:${home}/.nix-profile/bin`)
-    core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/${username}/channels`)
+    await exec.exec("sh", [nixInstall, "--daemon"]);
 
-    // macOS needs certificates hints
-    if (existsSync(CERTS_PATH)) {
-      core.exportVariable('NIX_SSL_CERT_FILE', CERTS_PATH);
+    // write nix.conf again as installation overwrites it, reload the daemon to pick up changes
+    await nixConf();
+    await exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]);
+
+    // setup env
+    core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`)
+    core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`)
+    if (type() == "Darwin") {
+      // macOS needs certificates hints
+      core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt');
+
+      // TODO: nc doesn't work correctly on macOS :(
+      //await exec.exec("sh", ["-c", "while ! nc -zU /nix/var/nix/daemon-socket/socket; do sleep 0.5; done"]);
+      // macOS needs time to reload the daemon :(
+      await exec.exec("sleep", ["10"]);
     }
+
   } catch (error) {
     core.setFailed(`Action failed with error: ${error}`);
     throw(error);