Compare commits
18 Commits
v1
...
multi-user
| Author | SHA1 | Date | |
|---|---|---|---|
| c9b9c77f3b | |||
| 16107722cd | |||
| 9420096b1d | |||
| 15adaed2d7 | |||
| addc7fa7a2 | |||
| b8c38b583f | |||
| d1407282e6 | |||
| 9130accbad | |||
| 9c08345130 | |||
| 4ad20b153f | |||
| 65ed8d8b59 | |||
| e3eb20c3db | |||
| 2b219c86f3 | |||
| ba979b5e7d | |||
| 67bd092214 | |||
| f104d5a8aa | |||
| d266f22fdb | |||
| 7f8f39bf55 |
8
.github/workflows/test.yml
vendored
8
.github/workflows/test.yml
vendored
@ -6,13 +6,19 @@ jobs:
|
|||||||
tests:
|
tests:
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
os: [ubuntu-18.04, macos]
|
os: [ubuntu-18.04, macos-latest]
|
||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v1
|
- uses: actions/checkout@v1
|
||||||
- run: yarn install --frozen-lockfile
|
- run: yarn install --frozen-lockfile
|
||||||
- run: yarn build
|
- run: yarn build
|
||||||
|
# TODO: just commit it using github
|
||||||
|
- run: git diff --exit-code
|
||||||
- run: yarn test
|
- run: yarn test
|
||||||
- name: Install Nix
|
- name: Install Nix
|
||||||
uses: ./
|
uses: ./
|
||||||
|
- run: nix-env -iA cachix -f https://github.com/NixOS/nixpkgs/tarball/ab5863afada3c1b50fc43bf774b75ea71b287cde
|
||||||
|
- run: cat /etc/nix/nix.conf
|
||||||
|
# cachix should be available and be able to configure a cache
|
||||||
|
- run: cachix use cachix
|
||||||
- run: nix-build test.nix
|
- run: nix-build test.nix
|
||||||
@ -18,10 +18,13 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v1
|
- uses: actions/checkout@v1
|
||||||
- uses: cachix/install-nix-action@v1
|
- uses: cachix/install-nix-action@v3
|
||||||
- run: nix-build
|
- run: nix-build
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
See [action.yml](action.yml) for all options.
|
||||||
|
|
||||||
See also [cachix-action](https://github.com/cachix/cachix-action) for
|
See also [cachix-action](https://github.com/cachix/cachix-action) for
|
||||||
simple binary cache setup to speed up your builds and share binaries
|
simple binary cache setup to speed up your builds and share binaries
|
||||||
with developers.
|
with developers.
|
||||||
|
|||||||
51
lib/main.js
51
lib/main.js
@ -20,23 +20,52 @@ const core = __importStar(require("@actions/core"));
|
|||||||
const exec = __importStar(require("@actions/exec"));
|
const exec = __importStar(require("@actions/exec"));
|
||||||
const tc = __importStar(require("@actions/tool-cache"));
|
const tc = __importStar(require("@actions/tool-cache"));
|
||||||
const os_1 = require("os");
|
const os_1 = require("os");
|
||||||
const fs_1 = require("fs");
|
function nixConf() {
|
||||||
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
|
// Workaround a segfault: https://github.com/NixOS/nix/issues/2733
|
||||||
|
yield exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
|
||||||
|
yield exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
|
||||||
|
// Set jobs to number of cores
|
||||||
|
yield exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
|
||||||
|
// Allow binary caches for runner user
|
||||||
|
yield exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]);
|
||||||
|
});
|
||||||
|
}
|
||||||
function run() {
|
function run() {
|
||||||
return __awaiter(this, void 0, void 0, function* () {
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
try {
|
try {
|
||||||
// rest of the constants
|
|
||||||
const home = os_1.homedir();
|
|
||||||
const { username } = os_1.userInfo();
|
|
||||||
const PATH = process.env.PATH;
|
const PATH = process.env.PATH;
|
||||||
const CERTS_PATH = home + '/.nix-profile/etc/ssl/certs/ca-bundle.crt';
|
const INSTALL_PATH = '/opt/nix';
|
||||||
|
yield nixConf();
|
||||||
|
// Catalina workaround https://github.com/NixOS/nix/issues/2925
|
||||||
|
if (os_1.type() == "Darwin") {
|
||||||
|
yield exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\" >> /etc/synthetic.conf`]);
|
||||||
|
yield exec.exec("sudo", ["sh", "-c", `mkdir -m 0755 ${INSTALL_PATH} && chown runner ${INSTALL_PATH}`]);
|
||||||
|
yield exec.exec("/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util", ["-B"]);
|
||||||
|
// Needed for sudo to pass NIX_IGNORE_SYMLINK_STORE
|
||||||
|
yield exec.exec("sudo", ["sh", "-c", "echo 'Defaults env_keep += NIX_IGNORE_SYMLINK_STORE' >> /etc/sudoers"]);
|
||||||
|
core.exportVariable('NIX_IGNORE_SYMLINK_STORE', "1");
|
||||||
|
// Needed for nix-daemon installation
|
||||||
|
yield exec.exec("sudo", ["launchctl", "setenv", "NIX_IGNORE_SYMLINK_STORE", "1"]);
|
||||||
|
}
|
||||||
|
// Needed due to multi-user being too defensive
|
||||||
|
core.exportVariable('ALLOW_PREEXISTING_INSTALLATION', "1");
|
||||||
// TODO: retry due to all the things that go wrong
|
// TODO: retry due to all the things that go wrong
|
||||||
const nixInstall = yield tc.downloadTool('https://nixos.org/nix/install');
|
const nixInstall = yield tc.downloadTool('https://nixos.org/nix/install');
|
||||||
yield exec.exec("sh", [nixInstall]);
|
yield exec.exec("sh", [nixInstall, "--daemon"]);
|
||||||
core.exportVariable('PATH', `${PATH}:${home}/.nix-profile/bin`);
|
// write nix.conf again as installation overwrites it, reload the daemon to pick up changes
|
||||||
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/${username}/channels`);
|
yield nixConf();
|
||||||
// macOS needs certificates hints
|
yield exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]);
|
||||||
if (fs_1.existsSync(CERTS_PATH)) {
|
// setup env
|
||||||
core.exportVariable('NIX_SSL_CERT_FILE', CERTS_PATH);
|
core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`);
|
||||||
|
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`);
|
||||||
|
if (os_1.type() == "Darwin") {
|
||||||
|
// macOS needs certificates hints
|
||||||
|
core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt');
|
||||||
|
// TODO: nc doesn't work correctly on macOS :(
|
||||||
|
//await exec.exec("sh", ["-c", "while ! nc -zU /nix/var/nix/daemon-socket/socket; do sleep 0.5; done"]);
|
||||||
|
// macOS needs time to reload the daemon :(
|
||||||
|
yield exec.exec("sleep", ["10"]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (error) {
|
catch (error) {
|
||||||
|
|||||||
8
shell.nix
Normal file
8
shell.nix
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
{ pkgs ? import <nixpkgs> {}
|
||||||
|
}:
|
||||||
|
|
||||||
|
pkgs.mkShell {
|
||||||
|
name = "install-nix-action-shell";
|
||||||
|
|
||||||
|
buildInputs = [ pkgs.yarn ];
|
||||||
|
}
|
||||||
62
src/main.ts
62
src/main.ts
@ -1,30 +1,64 @@
|
|||||||
import * as core from '@actions/core';
|
import * as core from '@actions/core';
|
||||||
import * as exec from '@actions/exec';
|
import * as exec from '@actions/exec';
|
||||||
import * as tc from '@actions/tool-cache';
|
import * as tc from '@actions/tool-cache';
|
||||||
import {homedir, userInfo} from 'os';
|
import {type} from 'os';
|
||||||
import {existsSync} from 'fs';
|
|
||||||
|
async function nixConf() {
|
||||||
|
// Workaround a segfault: https://github.com/NixOS/nix/issues/2733
|
||||||
|
await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
|
||||||
|
await exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
|
||||||
|
|
||||||
|
// Set jobs to number of cores
|
||||||
|
await exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
|
||||||
|
|
||||||
|
// Allow binary caches for runner user
|
||||||
|
await exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]);
|
||||||
|
}
|
||||||
|
|
||||||
async function run() {
|
async function run() {
|
||||||
try {
|
try {
|
||||||
const home = homedir();
|
|
||||||
const {username} = userInfo();
|
|
||||||
const PATH = process.env.PATH;
|
const PATH = process.env.PATH;
|
||||||
const CERTS_PATH = home + '/.nix-profile/etc/ssl/certs/ca-bundle.crt';
|
const INSTALL_PATH = '/opt/nix';
|
||||||
|
|
||||||
// Workaround a segfault: https://github.com/NixOS/nix/issues/2733
|
await nixConf();
|
||||||
await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
|
|
||||||
await exec.exec("sudo", ["echo", "http2 = false", ">>", "/etc/nix/nix.conf"]);
|
// Catalina workaround https://github.com/NixOS/nix/issues/2925
|
||||||
|
if (type() == "Darwin") {
|
||||||
|
await exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\" >> /etc/synthetic.conf`]);
|
||||||
|
await exec.exec("sudo", ["sh", "-c", `mkdir -m 0755 ${INSTALL_PATH} && chown runner ${INSTALL_PATH}`]);
|
||||||
|
await exec.exec("/System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util", ["-B"]);
|
||||||
|
|
||||||
|
// Needed for sudo to pass NIX_IGNORE_SYMLINK_STORE
|
||||||
|
await exec.exec("sudo", ["sh", "-c", "echo 'Defaults env_keep += NIX_IGNORE_SYMLINK_STORE' >> /etc/sudoers"]);
|
||||||
|
core.exportVariable('NIX_IGNORE_SYMLINK_STORE', "1");
|
||||||
|
// Needed for nix-daemon installation
|
||||||
|
await exec.exec("sudo", ["launchctl", "setenv", "NIX_IGNORE_SYMLINK_STORE", "1"]);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Needed due to multi-user being too defensive
|
||||||
|
core.exportVariable('ALLOW_PREEXISTING_INSTALLATION', "1");
|
||||||
|
|
||||||
// TODO: retry due to all the things that go wrong
|
// TODO: retry due to all the things that go wrong
|
||||||
const nixInstall = await tc.downloadTool('https://nixos.org/nix/install');
|
const nixInstall = await tc.downloadTool('https://nixos.org/nix/install');
|
||||||
await exec.exec("sh", [nixInstall]);
|
await exec.exec("sh", [nixInstall, "--daemon"]);
|
||||||
core.exportVariable('PATH', `${PATH}:${home}/.nix-profile/bin`)
|
|
||||||
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/${username}/channels`)
|
|
||||||
|
|
||||||
// macOS needs certificates hints
|
// write nix.conf again as installation overwrites it, reload the daemon to pick up changes
|
||||||
if (existsSync(CERTS_PATH)) {
|
await nixConf();
|
||||||
core.exportVariable('NIX_SSL_CERT_FILE', CERTS_PATH);
|
await exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]);
|
||||||
|
|
||||||
|
// setup env
|
||||||
|
core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`)
|
||||||
|
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`)
|
||||||
|
if (type() == "Darwin") {
|
||||||
|
// macOS needs certificates hints
|
||||||
|
core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt');
|
||||||
|
|
||||||
|
// TODO: nc doesn't work correctly on macOS :(
|
||||||
|
//await exec.exec("sh", ["-c", "while ! nc -zU /nix/var/nix/daemon-socket/socket; do sleep 0.5; done"]);
|
||||||
|
// macOS needs time to reload the daemon :(
|
||||||
|
await exec.exec("sleep", ["10"]);
|
||||||
}
|
}
|
||||||
|
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
core.setFailed(`Action failed with error: ${error}`);
|
core.setFailed(`Action failed with error: ${error}`);
|
||||||
throw(error);
|
throw(error);
|
||||||
|
|||||||
Reference in New Issue
Block a user