The Github Action for the Determinate Nix Installer
Go to file
Ana Hobden 721f94f7df
Merge pull request #47 from DeterminateSystems/colemickens/fix-stream-close
fix: end the FileStreamWriter for the installer file
2023-10-24 09:22:10 -07:00
.github npm options wrong post 2023-10-23 11:57:00 -07:00
dist retries: autoClose, but open file with O_SYNC 2023-10-24 18:01:08 +02:00
src retries: autoClose, but open file with O_SYNC 2023-10-24 18:01:08 +02:00
.envrc Support private flakes on FlakeHub (#38) 2023-10-04 17:35:16 -04:00
.eslintrc.json eslint/tsconfig: validate no floating Promises, adjust tsconfig 2023-10-24 10:40:08 +02:00
.gitignore Post run diagnostics (#39) 2023-10-04 15:31:05 -04:00
.prettierignore Typescript rewrite 2023-07-11 10:36:41 -07:00
.prettierrc.json Use less esoteric formatting settings 2023-07-13 10:11:00 -07:00
action.yml Update the action to use node20 (#41) 2023-10-12 11:19:09 -04:00
CONTRIBUTING.md Add check for dist folder 2023-10-23 11:50:08 -07:00
flake.lock Update the action to use node20 (#41) 2023-10-12 11:19:09 -04:00
flake.nix Update the action to use node20 (#41) 2023-10-12 11:19:09 -04:00
LICENSE Add LICENSE 2023-01-13 10:30:02 -08:00
package-lock.json package-lock.json: include node-fetch removal 2023-10-24 10:39:49 +02:00
package.json package.json: replace node-fetch with fetch-retry w/ native node fetch 2023-10-19 11:44:41 +02:00
README.md Support private flakes on FlakeHub (#38) 2023-10-04 17:35:16 -04:00
tsconfig.json eslint/tsconfig: validate no floating Promises, adjust tsconfig 2023-10-24 10:40:08 +02:00

Nix Installer Action

You can use nix-installer as a Github action like so:

on:
  pull_request:
  push:
    branches: [main]

jobs:
  lints:
    name: Build
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v3
      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@main
      - name: Run `nix build`
        run: nix build .

See .github/workflows/ci.yml for a full example.

To use private flakes from FlakeHub, use a configuration like this:

on:
  pull_request:
  push:
    branches: [main]

jobs:
  lints:
    name: Build
    runs-on: ubuntu-22.04
    permissions:
      id-token: "write"
      contents: "read"
    steps:
      - uses: actions/checkout@v3
      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@main
        with:
          flakehub: true
      - name: Run `nix build`
        run: nix build .

Configuration

Parameter Description Type Default
backtrace The setting for RUST_BACKTRACE string
extra-args Extra arguments to pass to the planner (prefer using structured with: arguments unless using a custom planner!) string
extra-conf Extra configuration lines for /etc/nix/nix.conf (includes access-tokens with secrets.GITHUB_TOKEN automatically if github-token is set) string
flakehub Log in to FlakeHub to pull private flakes using the GitHub Actions JSON Web Token (JWT), which is bound to the api.flakehub.com audience. Boolean false
github-token A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) string ${{ github.token }}
init The init system to configure (requires planner: linux-multi) enum (none or systemd)
local-root A local nix-installer binary root. Overrides the nix-installer-url setting (a nix-installer.sh should exist, binaries should be named nix-installer-$ARCH, eg. nix-installer-x86_64-linux). Boolean false
log-directives A list of tracing directives, comma separated with -s replaced with _ (eg. nix_installer=trace) string
logger The logger to use during installation enum (pretty, json, full, compact)
mac-case-sensitive Use a case-sensitive volume (planner: macos only) Boolean false
mac-encrypt Force encryption on the volume (planner: macos only) Boolean false
mac-root-disk The root disk of the target (planner: macos only) string
mac-volume-label The label for the created APFS volume (planner: macos only) string
modify-profile Modify the user profile to automatically load Nix Boolean false
nix-build-group-id The Nix build group GID integer
nix-build-group-name The Nix build group name string
nix-build-user-base The Nix build user base UID (ascending) integer
nix-build-user-count The number of build users to create integer 32
nix-build-user-prefix The Nix build user prefix (user numbers will be postfixed) string
nix-installer-branch The branch of nix-installer to use (conflicts with the nix-installer-tag, nix-installer-revision, and nix-installer-branch) string
nix-installer-pr The pull request of nix-installer to use (conflicts with nix-installer-tag, nix-installer-revision, and nix-installer-branch) integer
nix-installer-revision The revision of nix-installer to use (conflicts with nix-installer-tag, nix-installer-branch, and nix-installer-pr) string
nix-installer-tag The tag of nix-installer to use (conflicts with nix-installer-revision, nix-installer-branch, nix-installer-pr) string
nix-installer-url A URL pointing to a nix-installer.sh script URL https://install.determinate.systems/nix
nix-package-url The Nix package URL URL
planner The installation planner to use enum (linux or macos)
reinstall Force a reinstall if an existing installation is detected (consider backing up /nix/store) Boolean false
start-daemon If the daemon should be started, requires planner: linux-multi Boolean false
trust-runner-user Whether to make the runner user trusted by the Nix daemon Boolean true
diagnostic-endpoint Diagnostic endpoint url where the installer sends install diagnostic reports to, to disable set this to an empty string string https://install.determinate.systems/nix/diagnostic
proxy The proxy to use (if any), valid proxy bases are https://$URL, http://$URL and socks5://$URL string
ssl-cert-file An SSL cert to use (if any), used for fetching Nix and sets NIX_SSL_CERT_FILE for Nix string