test macos-13

Based on the content of files already in the repo.

.editorconfig

@@ -0,0 +1,15 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+
+[LICENSE]
+indent_size = unset

.github/workflows/test.yml

@@ -9,14 +9,14 @@ jobs:
   simple-build:
     strategy:
       matrix:
-        os: [ubuntu-latest, macos-latest]
+        os: [ubuntu-latest, macos-latest, macos-13]
     runs-on: ${{ matrix.os }}
     steps:
     - uses: actions/checkout@v3
     - name: Install Nix
       uses: ./
       with:
-        nix_path: nixpkgs=channel:nixos-20.03
+        nix_path: nixpkgs=channel:nixos-22.11
     - run: nix-env -iA cachix -f https://cachix.org/api/v1/install
     - run: cat /etc/nix/nix.conf
     # cachix should be available and be able to configure a cache
@@ -46,7 +46,7 @@ jobs:
     - name: Install Nix
       uses: ./
       with:
-        nix_path: nixpkgs=channel:nixos-20.03
+        nix_path: nixpkgs=channel:nixos-22.11
         extra_nix_config: |
           sandbox = relaxed
     - run: cat /etc/nix/nix.conf
@@ -73,7 +73,7 @@ jobs:
     - name: Install Nix
       uses: ./
       with:
-        nix_path: nixpkgs=channel:nixos-22.05
+        nix_path: nixpkgs=channel:nixos-22.11
         install_options: --tarball-url-prefix https://nixos-nix-install-tests.cachix.org/serve
         install_url: https://nixos-nix-install-tests.cachix.org/serve/s62m7lc0q0mz2mxxm9q0kkrcg90njzhq/install
     - run: nix-build test.nix
@@ -88,7 +88,7 @@ jobs:
     - name: Install Nix
       uses: ./
       with:
-        nix_path: nixpkgs=channel:nixos-22.05
+        nix_path: nixpkgs=channel:nixos-22.11
         install_url: https://releases.nixos.org/nix/nix-2.8.0/install
     - run: nix-build test.nix
 

README.md

@@ -1,6 +1,6 @@
 # install-nix-action
 
-![github actions badge](https://github.com/cachix/install-nix-action/workflows/install-nix-action%20test/badge.svg)
+![GitHub Actions badge](https://github.com/cachix/install-nix-action/workflows/install-nix-action%20test/badge.svg)
 
 Installs [Nix](https://nixos.org/nix/) on GitHub Actions for the supported platforms: Linux and macOS.
 
@@ -13,12 +13,12 @@ or [pin nixpkgs yourself](https://nix.dev/reference/pinning-nixpkgs.html)
 
 - Quick installation (~4s on Linux, ~20s on macOS)
 - Multi-User installation (with sandboxing enabled only on Linux)
-- [Self-hosted github runner](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners) support
+- [Self-hosted GitHub runner](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners) support
 - Allows specifying Nix installation URL via `install_url` (the oldest supported Nix version is 2.3.5)
-- Allows specifying extra Nix configration options via `extra_nix_config`
+- Allows specifying extra Nix configuration options via `extra_nix_config`
 - Allows specifying `$NIX_PATH` and channels via `nix_path`
 - Share `/nix/store` between builds using [cachix-action](https://github.com/cachix/cachix-action) for simple binary cache setup to speed up your builds and share binaries with your team
-- Enables `flakes` and `nix-command` experimental features by default (to disable, set ``experimental-features`` via ``extra_nix_config``) 
+- Enables `flakes` and `nix-command` experimental features by default (to disable, set `experimental-features` via `extra_nix_config`)
 
 ## Usage
 
@@ -34,13 +34,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: cachix/install-nix-action@v18
+    - uses: cachix/install-nix-action@v20
       with:
         nix_path: nixpkgs=channel:nixos-unstable
     - run: nix-build
 ```
 
-
 ## Usage with Flakes
 
 ```yaml
@@ -53,7 +52,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
-    - uses: cachix/install-nix-action@v18
+    - uses: cachix/install-nix-action@v20
       with:
         github_access_token: ${{ secrets.GITHUB_TOKEN }}
     - run: nix build
@@ -66,11 +65,11 @@ To install Nix from any commit, go to [the corresponding installer_test action](
 
 - `extra_nix_config`: append to `/etc/nix/nix.conf`
 
-- `github_access_token`: configure nix to pull from github using the given github token. This helps work around rate limit issues.
+- `github_access_token`: configure Nix to pull from GitHub using the given GitHub token. This helps work around rate limit issues. Has no effect when `access-tokens` is also specified in `extra_nix_config`.
 
-- `install_url`: specify URL to install Nix from (useful for testing non-stable releases or pinning Nix for example https://releases.nixos.org/nix/nix-2.3.7/install)
+- `install_url`: specify URL to install Nix from (useful for testing non-stable releases or pinning Nix, for example https://releases.nixos.org/nix/nix-2.3.7/install)
 
-- `install_options`: Additional installer flags passed to the installer script.
+- `install_options`: additional installer flags passed to the installer script.
 
 - `nix_path`: set `NIX_PATH` environment variable, for example `nixpkgs=channel:nixos-unstable`
 
@@ -80,13 +79,12 @@ To install Nix from any commit, go to [the corresponding installer_test action](
 
 ### How do I print nixpkgs version I have configured?
 
-
 ```yaml
 - name: Print nixpkgs version
   run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
 ```
 
-### How can I run NixOS tests?
+### How do I run NixOS tests?
 
 With the following inputs:
 
@@ -98,7 +96,7 @@ With the following inputs:
 
 [Note that there's no hardware acceleration on GitHub Actions.](https://github.com/actions/virtual-environments/issues/183#issuecomment-610723516).
 
-### How can I install packages via nix-env from the specified `nix_path`?
+### How do I install packages via nix-env from the specified `nix_path`?
 
 ```
 nix-env -i mypackage -f '<nixpkgs>'
@@ -122,26 +120,29 @@ Otherwise, you can add any binary cache to nix.conf using
 install-nix-action's own `extra_nix_config` input:
 
 ```yaml
-- uses: cachix/install-nix-action@v18
+- uses: cachix/install-nix-action@v20
   with:
     extra_nix_config: |
       trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
       substituters = https://hydra.iohk.io https://cache.nixos.org/
 ```
 
-## Hacking
+### How do I pass environment variables to commands run with `nix develop` or `nix shell`?
 
-Install the dependencies
-```bash
-$ yarn install
+Nix runs commands in a restricted environment by default, called `pure mode`.
+In pure mode, environment variables are not passed through to improve the reproducibility of the shell.
+
+You can use the `--keep / -k` flag to keep certain environment variables:
+
+```yaml
+- name: Run a command with nix develop
+  run: nix develop --ignore-environment --keep MY_ENV_VAR --command echo $MY_ENV_VAR
+  env:
+    MY_ENV_VAR: "hello world"
 ```
 
-Build the typescript
-```bash
-$ yarn build
-```
+Or you can disable pure mode entirely with the `--impure` flag:
 
-Run the tests :heavy_check_mark:
-```bash
-$ yarn test
+```
+nix develop --impure
 ```

action.yml

@@ -18,7 +18,7 @@ branding:
 runs:
   using: 'composite'
   steps:
-    - run : ${{ github.action_path }}/install-nix.sh
+    - run : ${GITHUB_ACTION_PATH}/install-nix.sh
       shell: bash
       env:
         INPUT_EXTRA_NIX_CONFIG: ${{ inputs.extra_nix_config }}
@@ -26,3 +26,4 @@ runs:
         INPUT_INSTALL_OPTIONS: ${{ inputs.install_options }}
         INPUT_INSTALL_URL: ${{ inputs.install_url }}
         INPUT_NIX_PATH: ${{ inputs.nix_path }}
+        GITHUB_TOKEN: ${{ github.token }}

install-nix.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-if type -p nix &>/dev/null ; then
-  echo "Aborting: Nix is already installed at $(type -p nix)"
+if nix_path="$(type -p nix)" ; then
+  echo "Aborting: Nix is already installed at ${nix_path}"
   exit
 fi
 
@@ -15,18 +15,23 @@ trap 'rm -rf "$workdir"' EXIT
 
 # Configure Nix
 add_config() {
-  echo "$1" | tee -a "$workdir/nix.conf" >/dev/null
+  echo "$1" >> "$workdir/nix.conf"
 }
 # Set jobs to number of cores
 add_config "max-jobs = auto"
+if [[ $OSTYPE =~ darwin ]]; then
+  add_config "ssl-cert-file = /etc/ssl/cert.pem"
+fi
 # Allow binary caches for user
-add_config "trusted-users = root $USER"
+add_config "trusted-users = root ${USER:-}"
 # Add github access token
-if [[ $INPUT_GITHUB_ACCESS_TOKEN != "" ]]; then
-  add_config "access-tokens" "github.com=$INPUT_GITHUB_ACCESS_TOKEN"
+if [[ -n "${INPUT_GITHUB_ACCESS_TOKEN:-}" ]]; then
+  add_config "access-tokens = github.com=$INPUT_GITHUB_ACCESS_TOKEN"
+elif [[ -n "${GITHUB_TOKEN:-}" ]]; then
+  add_config "access-tokens = github.com=$GITHUB_TOKEN"
 fi
 # Append extra nix configuration if provided
-if [[ $INPUT_EXTRA_NIX_CONFIG != "" ]]; then
+if [[ -n "${INPUT_EXTRA_NIX_CONFIG:-}" ]]; then
   add_config "$INPUT_EXTRA_NIX_CONFIG"
 fi
 if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "experimental-features" ]]; then
@@ -52,10 +57,10 @@ else
   add_config "build-users-group ="
   sudo mkdir -p /etc/nix
   sudo chmod 0755 /etc/nix
-  sudo cp $workdir/nix.conf /etc/nix/nix.conf
+  sudo cp "$workdir/nix.conf" /etc/nix/nix.conf
 fi
 
-if [[ $INPUT_INSTALL_OPTIONS != "" ]]; then
+if [[ -n "${INPUT_INSTALL_OPTIONS:-}" ]]; then
   IFS=' ' read -r -a extra_installer_options <<< "$INPUT_INSTALL_OPTIONS"
   installer_options=("${extra_installer_options[@]}" "${installer_options[@]}")
 fi
@@ -64,7 +69,7 @@ echo "installer options: ${installer_options[*]}"
 
 # There is --retry-on-errors, but only newer curl versions support that
 curl_retries=5
-while ! curl -sS -o "$workdir/install" -v --fail -L "${INPUT_INSTALL_URL:-https://nixos.org/nix/install}"
+while ! curl -sS -o "$workdir/install" -v --fail -L "${INPUT_INSTALL_URL:-https://releases.nixos.org/nix/nix-2.16.1/install}"
 do
   sleep 1
   ((curl_retries--))
@@ -76,19 +81,12 @@ done
 
 sh "$workdir/install" "${installer_options[@]}"
 
-if [[ $OSTYPE =~ darwin ]]; then
-  # macOS needs certificates hints
-  cert_file=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt
-  echo "NIX_SSL_CERT_FILE=$cert_file" >> "$GITHUB_ENV"
-  export NIX_SSL_CERT_FILE=$cert_file
-  sudo launchctl setenv NIX_SSL_CERT_FILE "$cert_file"
-fi
-
 # Set paths
 echo "/nix/var/nix/profiles/default/bin" >> "$GITHUB_PATH"
-echo "/nix/var/nix/profiles/per-user/$USER/profile/bin" >> "$GITHUB_PATH"
+# new path for nix 2.14
+echo "$HOME/.nix-profile/bin" >> "$GITHUB_PATH"
 
-if [[ $INPUT_NIX_PATH != "" ]]; then
+if [[ -n "${INPUT_NIX_PATH:-}" ]]; then
   echo "NIX_PATH=${INPUT_NIX_PATH}" >> "$GITHUB_ENV"
 fi