Merge pull request #14 from cachix/multi-user-fixes

Multi user fixes
This commit is contained in:
Domen Kožar 2019-11-19 17:47:10 +01:00 committed by GitHub
commit cd5893b2c6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 52 additions and 16 deletions

View file

@ -17,4 +17,8 @@ jobs:
- run: yarn test - run: yarn test
- name: Install Nix - name: Install Nix
uses: ./ uses: ./
- run: nix-build test.nix - run: nix-env -iA cachix -f https://github.com/NixOS/nixpkgs/tarball/ab5863afada3c1b50fc43bf774b75ea71b287cde
- run: cat /etc/nix/nix.conf
# cachix should be available and be able to configure a cache
- run: cachix use cachix
- run: nix-build test.nix

View file

@ -20,16 +20,23 @@ const core = __importStar(require("@actions/core"));
const exec = __importStar(require("@actions/exec")); const exec = __importStar(require("@actions/exec"));
const tc = __importStar(require("@actions/tool-cache")); const tc = __importStar(require("@actions/tool-cache"));
const os_1 = require("os"); const os_1 = require("os");
function nixConf() {
return __awaiter(this, void 0, void 0, function* () {
// Workaround a segfault: https://github.com/NixOS/nix/issues/2733
yield exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
yield exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
// Set jobs to number of cores
yield exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
// Allow binary caches for runner user
yield exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]);
});
}
function run() { function run() {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
try { try {
const PATH = process.env.PATH; const PATH = process.env.PATH;
const INSTALL_PATH = '/opt/nix'; const INSTALL_PATH = '/opt/nix';
// Workaround a segfault: https://github.com/NixOS/nix/issues/2733 yield nixConf();
yield exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
yield exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
// Set jobs to number of cores
yield exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
// Catalina workaround https://github.com/NixOS/nix/issues/2925 // Catalina workaround https://github.com/NixOS/nix/issues/2925
if (os_1.type() == "Darwin") { if (os_1.type() == "Darwin") {
yield exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\" >> /etc/synthetic.conf`]); yield exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\" >> /etc/synthetic.conf`]);
@ -46,11 +53,19 @@ function run() {
// TODO: retry due to all the things that go wrong // TODO: retry due to all the things that go wrong
const nixInstall = yield tc.downloadTool('https://nixos.org/nix/install'); const nixInstall = yield tc.downloadTool('https://nixos.org/nix/install');
yield exec.exec("sh", [nixInstall, "--daemon"]); yield exec.exec("sh", [nixInstall, "--daemon"]);
core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin`); // write nix.conf again as installation overwrites it, reload the daemon to pick up changes
yield nixConf();
yield exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]);
// setup env
core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`);
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`); core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`);
if (os_1.type() == "Darwin") { if (os_1.type() == "Darwin") {
// macOS needs certificates hints // macOS needs certificates hints
core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt'); core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt');
// TODO: nc doesn't work correctly on macOS :(
//await exec.exec("sh", ["-c", "while ! nc -zU /nix/var/nix/daemon-socket/socket; do sleep 0.5; done"]);
// macOS needs time to reload the daemon :(
yield exec.exec("sleep", ["10"]);
} }
} }
catch (error) { catch (error) {

View file

@ -1,14 +1,9 @@
import * as core from '@actions/core'; import * as core from '@actions/core';
import * as exec from '@actions/exec'; import * as exec from '@actions/exec';
import * as tc from '@actions/tool-cache'; import * as tc from '@actions/tool-cache';
import {homedir, userInfo, type} from 'os'; import {type} from 'os';
import {existsSync} from 'fs';
async function run() {
try {
const PATH = process.env.PATH;
const INSTALL_PATH = '/opt/nix';
async function nixConf() {
// Workaround a segfault: https://github.com/NixOS/nix/issues/2733 // Workaround a segfault: https://github.com/NixOS/nix/issues/2733
await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]); await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]);
await exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]); await exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]);
@ -16,6 +11,17 @@ async function run() {
// Set jobs to number of cores // Set jobs to number of cores
await exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]); await exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]);
// Allow binary caches for runner user
await exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]);
}
async function run() {
try {
const PATH = process.env.PATH;
const INSTALL_PATH = '/opt/nix';
await nixConf();
// Catalina workaround https://github.com/NixOS/nix/issues/2925 // Catalina workaround https://github.com/NixOS/nix/issues/2925
if (type() == "Darwin") { if (type() == "Darwin") {
await exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\" >> /etc/synthetic.conf`]); await exec.exec("sudo", ["sh", "-c", `echo \"nix\t${INSTALL_PATH}\" >> /etc/synthetic.conf`]);
@ -35,13 +41,24 @@ async function run() {
// TODO: retry due to all the things that go wrong // TODO: retry due to all the things that go wrong
const nixInstall = await tc.downloadTool('https://nixos.org/nix/install'); const nixInstall = await tc.downloadTool('https://nixos.org/nix/install');
await exec.exec("sh", [nixInstall, "--daemon"]); await exec.exec("sh", [nixInstall, "--daemon"]);
core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin`)
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`)
// write nix.conf again as installation overwrites it, reload the daemon to pick up changes
await nixConf();
await exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]);
// setup env
core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`)
core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`)
if (type() == "Darwin") { if (type() == "Darwin") {
// macOS needs certificates hints // macOS needs certificates hints
core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt'); core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt');
// TODO: nc doesn't work correctly on macOS :(
//await exec.exec("sh", ["-c", "while ! nc -zU /nix/var/nix/daemon-socket/socket; do sleep 0.5; done"]);
// macOS needs time to reload the daemon :(
await exec.exec("sleep", ["10"]);
} }
} catch (error) { } catch (error) {
core.setFailed(`Action failed with error: ${error}`); core.setFailed(`Action failed with error: ${error}`);
throw(error); throw(error);