diff --git a/lib/install-nix.sh b/lib/install-nix.sh new file mode 100755 index 0000000..399222b --- /dev/null +++ b/lib/install-nix.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash +set -euo pipefail + +export here=$(dirname "${BASH_SOURCE[0]}") + +nixConf() { + sudo mkdir -p /etc/nix + # Workaround a segfault: https://github.com/NixOS/nix/issues/2733 + sudo sh -c 'echo http2 = false >> /etc/nix/nix.conf' + # Set jobs to number of cores + sudo sh -c 'echo max-jobs = auto >> /etc/nix/nix.conf' + # Allow binary caches for runner user + sudo sh -c 'echo trusted-users = root runner >> /etc/nix/nix.conf' +} + +if [[ $OSTYPE =~ darwin ]]; then + # Catalina workaround https://github.com/NixOS/nix/issues/2925 + $here/create-darwin-volume.sh + + # Disable spotlight indexing of /nix to speed up performance + sudo mdutil -i off /nix +fi + +nixConf + +# Needed due to multi-user being too defensive +export ALLOW_PREEXISTING_INSTALLATION=1 + +sh <(curl https://nixos.org/nix/install) --daemon + +# write nix.conf again as installation overwrites it +nixConf + +# macOS needs certificates hints +if [[ $OSTYPE =~ darwin ]]; then + cert_file=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt + echo "::set-env name=NIX_SSL_CERT_FILE::$cert_file" + export NIX_SSL_CERT_FILE=$cert_file + sudo launchctl setenv NIX_SSL_CERT_FILE "$cert_file" +fi + +# Reload the daemon to pick up changes +sudo pkill -HUP nix-daemon + +# Set paths +echo "::add-path::/nix/var/nix/profiles/per-user/runner/profile/bin" +echo "::add-path::/nix/var/nix/profiles/default/bin" +echo "::set-env name=NIX_PATH::/nix/var/nix/profiles/per-user/root/channels" \ No newline at end of file diff --git a/lib/main.js b/lib/main.js index 5afb8a3..abb019e 100644 --- a/lib/main.js +++ b/lib/main.js @@ -8,67 +8,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k]; - result["default"] = mod; - return result; -}; Object.defineProperty(exports, "__esModule", { value: true }); -const core = __importStar(require("@actions/core")); -const exec = __importStar(require("@actions/exec")); -const tc = __importStar(require("@actions/tool-cache")); const child_process_1 = require("child_process"); -const os_1 = require("os"); const process_1 = require("process"); const net_1 = require("net"); -function nixConf() { - return __awaiter(this, void 0, void 0, function* () { - // Workaround a segfault: https://github.com/NixOS/nix/issues/2733 - yield exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]); - yield exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]); - // Set jobs to number of cores - yield exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]); - // Allow binary caches for runner user - yield exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]); - }); -} -function run() { - return __awaiter(this, void 0, void 0, function* () { - try { - const PATH = process.env.PATH; - yield nixConf(); - // Catalina workaround https://github.com/NixOS/nix/issues/2925 - if (os_1.type() == "Darwin") { - child_process_1.execFileSync(`${__dirname}/create-darwin-volume.sh`, { stdio: 'inherit' }); - // Disable spotlight indexing of /nix to speed up performance - yield exec.exec("sudo", ["mdutil", "-i", "off", "/nix"]); - } - // Needed due to multi-user being too defensive - core.exportVariable('ALLOW_PREEXISTING_INSTALLATION', "1"); - // TODO: retry due to all the things that can go wrong - const nixInstall = yield tc.downloadTool('https://nixos.org/nix/install'); - yield exec.exec("sh", [nixInstall, "--daemon"]); - // write nix.conf again as installation overwrites it, reload the daemon to pick up changes - yield nixConf(); - yield exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]); - // setup env - core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`); - core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`); - if (os_1.type() == "Darwin") { - // macOS needs certificates hints - core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt'); - // TODO: nc doesn't work correctly on macOS :( - yield awaitSocket(); - } - } - catch (error) { - core.setFailed(`Action failed with error: ${error}`); - throw (error); - } - }); -} function awaitSocket() { return __awaiter(this, void 0, void 0, function* () { const daemonSocket = net_1.createConnection({ path: '/nix/var/nix/daemon-socket/socket' }); @@ -82,4 +25,6 @@ function awaitSocket() { }); }); } -run(); +child_process_1.execFileSync(`${__dirname}/install-nix.sh`, { stdio: 'inherit' }); +// nc doesn't work correctly on macOS :( +awaitSocket(); diff --git a/lib/utils.js b/lib/utils.js deleted file mode 100644 index 6dbeef2..0000000 --- a/lib/utils.js +++ /dev/null @@ -1,8 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -function extrasperse(elem, array) { - const init = []; - return array.reduce((r, a) => r.concat(elem, a), init); -} -exports.extrasperse = extrasperse; -; diff --git a/src/main.ts b/src/main.ts index 565186b..07313e3 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,63 +1,6 @@ -import * as core from '@actions/core'; -import * as exec from '@actions/exec'; -import * as tc from '@actions/tool-cache'; -import {execFileSync} from 'child_process'; -import {type} from 'os'; -import {exit} from 'process'; -import {createConnection} from 'net'; - -async function nixConf() { - // Workaround a segfault: https://github.com/NixOS/nix/issues/2733 - await exec.exec("sudo", ["mkdir", "-p", "/etc/nix"]); - await exec.exec("sudo", ["sh", "-c", "echo http2 = false >> /etc/nix/nix.conf"]); - - // Set jobs to number of cores - await exec.exec("sudo", ["sh", "-c", "echo max-jobs = auto >> /etc/nix/nix.conf"]); - - // Allow binary caches for runner user - await exec.exec("sudo", ["sh", "-c", "echo trusted-users = root runner >> /etc/nix/nix.conf"]); -} - -async function run() { - try { - const PATH = process.env.PATH; - - await nixConf(); - - // Catalina workaround https://github.com/NixOS/nix/issues/2925 - if (type() == "Darwin") { - execFileSync(`${__dirname}/create-darwin-volume.sh`, { stdio: 'inherit' }); - - // Disable spotlight indexing of /nix to speed up performance - await exec.exec("sudo", ["mdutil", "-i", "off", "/nix"]); - } - - // Needed due to multi-user being too defensive - core.exportVariable('ALLOW_PREEXISTING_INSTALLATION', "1"); - - // TODO: retry due to all the things that can go wrong - const nixInstall = await tc.downloadTool('https://nixos.org/nix/install'); - await exec.exec("sh", [nixInstall, "--daemon"]); - - // write nix.conf again as installation overwrites it, reload the daemon to pick up changes - await nixConf(); - await exec.exec("sudo", ["pkill", "-HUP", "nix-daemon"]); - - // setup env - core.exportVariable('PATH', `${PATH}:/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/per-user/runner/profile/bin`) - core.exportVariable('NIX_PATH', `/nix/var/nix/profiles/per-user/root/channels`) - if (type() == "Darwin") { - // macOS needs certificates hints - core.exportVariable('NIX_SSL_CERT_FILE', '/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt'); - - // TODO: nc doesn't work correctly on macOS :( - await awaitSocket(); - } - } catch (error) { - core.setFailed(`Action failed with error: ${error}`); - throw(error); - } -} +import { execFileSync } from 'child_process'; +import { exit } from 'process'; +import { createConnection } from 'net'; async function awaitSocket() { const daemonSocket = createConnection({ path: '/nix/var/nix/daemon-socket/socket' }); @@ -71,4 +14,7 @@ async function awaitSocket() { }); } -run(); +execFileSync(`${__dirname}/install-nix.sh`, { stdio: 'inherit' }); + +// nc doesn't work correctly on macOS :( +awaitSocket(); \ No newline at end of file