3eb7a24508
Document how to pass env vars to modern nix commands |
||
---|---|---|
.github | ||
.gitignore | ||
action.yml | ||
install-nix.sh | ||
LICENSE | ||
README.md | ||
test.nix |
install-nix-action
Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.
By default it has no nixpkgs configured, you have to set nix_path
by picking a channel
or pin nixpkgs yourself
(see also pinning tutorial).
Features
- Quick installation (~4s on Linux, ~20s on macOS)
- Multi-User installation (with sandboxing enabled only on Linux)
- Self-hosted GitHub runner support
- Allows specifying Nix installation URL via
install_url
(the oldest supported Nix version is 2.3.5) - Allows specifying extra Nix configuration options via
extra_nix_config
- Allows specifying
$NIX_PATH
and channels vianix_path
- Share
/nix/store
between builds using cachix-action for simple binary cache setup to speed up your builds and share binaries with your team - Enables
flakes
andnix-command
experimental features by default (to disable, setexperimental-features
viaextra_nix_config
)
Usage
Create .github/workflows/test.yml
in your repo with the following contents:
name: "Test"
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v20
with:
nix_path: nixpkgs=channel:nixos-unstable
- run: nix-build
Usage with Flakes
name: "Test"
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v20
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- run: nix build
- run: nix flake check
To install Nix from any commit, go to the corresponding installer_test action and click on "Run cachix/install-nix-action@XX" step and expand the first line.
Inputs (specify using with:
)
-
extra_nix_config
: append to/etc/nix/nix.conf
-
github_access_token
: configure Nix to pull from GitHub using the given GitHub token. This helps work around rate limit issues. Has no effect whenaccess-tokens
is also specified inextra_nix_config
. -
install_url
: specify URL to install Nix from (useful for testing non-stable releases or pinning Nix, for example https://releases.nixos.org/nix/nix-2.3.7/install) -
install_options
: additional installer flags passed to the installer script. -
nix_path
: setNIX_PATH
environment variable, for examplenixpkgs=channel:nixos-unstable
FAQ
How do I print nixpkgs version I have configured?
- name: Print nixpkgs version
run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
How do I run NixOS tests?
With the following inputs:
- uses: cachix/install-nix-action@vXX
with:
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
Note that there's no hardware acceleration on GitHub Actions..
How do I install packages via nix-env from the specified nix_path
?
nix-env -i mypackage -f '<nixpkgs>'
How do I add a binary cache?
If the binary cache you want to add is hosted on Cachix and you are
using cachix-action, you
should use their extraPullNames
input like this:
- uses: cachix/cachix-action@vXX
with:
name: mycache
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
extraPullNames: nix-community
Otherwise, you can add any binary cache to nix.conf using
install-nix-action's own extra_nix_config
input:
- uses: cachix/install-nix-action@v20
with:
extra_nix_config: |
trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://hydra.iohk.io https://cache.nixos.org/
How do I pass environment variables to commands run with nix develop
or nix shell
?
Nix runs commands in a restricted environment by default, called pure mode
.
In pure mode, environment variables are not passed through to improve the reproducibility of the shell.
You can use the --keep / -k
flag to keep certain environment variables:
- name: Run a command with nix develop
run: nix develop --ignore-environment --keep MY_ENV_VAR --command echo $MY_ENV_VAR
env:
MY_ENV_VAR: "hello world"
Or you can disable pure mode entirely with the --impure
flag:
nix develop --impure