From 92d7381826982f7193145e9fa786eb0f0b1420a2 Mon Sep 17 00:00:00 2001 From: Seth Flynn Date: Fri, 3 Oct 2025 02:01:03 -0400 Subject: [PATCH] ci: allow for using the latest build of the experimental installer Until these repos are potentially merged, this is good for dogfooding alongside the experimental installer. It also uses the more official `artifacts.nixos.org` endpoint to install stable releases now More immediately though, we need a patch for the experimental installer to really work in CI at all, and that hasn't landed in a tag yet. So, this lets us use it right from `main`! --- .../actions/install-nix-action/action.yaml | 49 +++++++++++++------ 1 file changed, 35 insertions(+), 14 deletions(-) diff --git a/.github/actions/install-nix-action/action.yaml b/.github/actions/install-nix-action/action.yaml index b9861131d..46abea179 100644 --- a/.github/actions/install-nix-action/action.yaml +++ b/.github/actions/install-nix-action/action.yaml @@ -7,6 +7,10 @@ inputs: experimental-installer: description: "Whether to use the experimental installer to install Nix" default: false + experimental-installer-version: + description: "Version of the experimental installer to use. If `latest`, the newest artifact from the default branch is used." + # TODO: This should probably be pinned to a release after https://github.com/NixOS/experimental-nix-installer/pull/49 lands in one + default: "latest" extra_nix_config: description: "Gets appended to `/etc/nix/nix.conf` if passed." install_url: @@ -50,36 +54,51 @@ runs: env: GH_TOKEN: ${{ inputs.github_token }} DOGFOOD_REPO: "NixOS/nix" - - name: "Download experimental installer" + - name: "Gather system info for experimental installer" shell: bash - id: download-experimental-nix-installer if: ${{ inputs.experimental-installer == 'true' }} run: | + echo "::notice Using experimental installer from $EXPERIMENTAL_INSTALLER_REPO (https://github.com/$EXPERIMENTAL_INSTALLER_REPO)" + if [ "$RUNNER_OS" == "Linux" ]; then - INSTALLER_OS="linux" + EXPERIMENTAL_INSTALLER_SYSTEM="linux" + echo "EXPERIMENTAL_INSTALLER_SYSTEM=$EXPERIMENTAL_INSTALLER_SYSTEM" >> "$GITHUB_ENV" elif [ "$RUNNER_OS" == "macOS" ]; then - INSTALLER_OS="darwin" + EXPERIMENTAL_INSTALLER_SYSTEM="darwin" + echo "EXPERIMENTAL_INSTALLER_SYSTEM=$EXPERIMENTAL_INSTALLER_SYSTEM" >> "$GITHUB_ENV" else echo "::error ::Unsupported RUNNER_OS: $RUNNER_OS" + exit 1 fi if [ "$RUNNER_ARCH" == "X64" ]; then - INSTALLER_ARCH="x86_64" + EXPERIMENTAL_INSTALLER_ARCH=x86_64 + echo "EXPERIMENTAL_INSTALLER_ARCH=$EXPERIMENTAL_INSTALLER_ARCH" >> "$GITHUB_ENV" elif [ "$RUNNER_ARCH" == "ARM64" ]; then - INSTALLER_ARCH="aarch64" + EXPERIMENTAL_INSTALLER_ARCH=aarch64 + echo "EXPERIMENTAL_INSTALLER_ARCH=$EXPERIMENTAL_INSTALLER_ARCH" >> "$GITHUB_ENV" else echo "::error ::Unsupported RUNNER_ARCH: $RUNNER_ARCH" + exit 1 fi - EXPERIMENTAL_INSTALLER_ARTIFACT="nix-installer-$INSTALLER_ARCH-$INSTALLER_OS" - EXPERIMENTAL_INSTALLER_PATH="$GITHUB_WORKSPACE/$EXPERIMENTAL_INSTALLER_ARTIFACT" - # TODO: This uses the latest release. It should probably be pinned, or dogfood the experimental repo's default branch - similar to the above - gh release download -R "$EXPERIMENTAL_INSTALLER_REPO" -D "$EXPERIMENTAL_INSTALLER_PATH" -p "nix-installer.sh" -p "$EXPERIMENTAL_INSTALLER_ARTIFACT" - chmod +x "$EXPERIMENTAL_INSTALLER_PATH/$EXPERIMENTAL_INSTALLER_ARTIFACT" + echo "EXPERIMENTAL_INSTALLER_ARTIFACT=nix-installer-$EXPERIMENTAL_INSTALLER_ARCH-$EXPERIMENTAL_INSTALLER_SYSTEM" >> "$GITHUB_ENV" + env: + EXPERIMENTAL_INSTALLER_REPO: "NixOS/experimental-nix-installer" + - name: "Download latest experimental installer" + shell: bash + id: download-latest-experimental-installer + if: ${{ inputs.experimental-installer == 'true' && inputs.experimental-installer-version == 'latest' }} + run: | + RUN_ID=$(gh run list --repo "$EXPERIMENTAL_INSTALLER_REPO" --workflow ci.yml --branch main --status success --json databaseId --jq ".[0].databaseId") - echo "installer-path=$EXPERIMENTAL_INSTALLER_PATH" >> "$GITHUB_OUTPUT" + EXPERIMENTAL_INSTALLER_DOWNLOAD_DIR="$GITHUB_WORKSPACE/$EXPERIMENTAL_INSTALLER_ARTIFACT" + mkdir -p "$EXPERIMENTAL_INSTALLER_DOWNLOAD_DIR" - echo "::notice Using experimental installer from $EXPERIMENTAL_INSTALLER_REPO (https://github.com/$EXPERIMENTAL_INSTALLER_REPO)" + gh run download "$RUN_ID" --repo "$EXPERIMENTAL_INSTALLER_REPO" -n "$EXPERIMENTAL_INSTALLER_ARTIFACT" -D "$EXPERIMENTAL_INSTALLER_DOWNLOAD_DIR" + # Executable permissions are lost in artifacts + find $EXPERIMENTAL_INSTALLER_DOWNLOAD_DIR -type f -exec chmod +x {} + + echo "installer-path=$EXPERIMENTAL_INSTALLER_DOWNLOAD_DIR" >> "$GITHUB_OUTPUT" env: GH_TOKEN: ${{ inputs.github_token }} EXPERIMENTAL_INSTALLER_REPO: "NixOS/experimental-nix-installer" @@ -94,6 +113,8 @@ runs: if: ${{ inputs.experimental-installer == 'true' }} with: diagnostic-endpoint: "" - local-root: ${{ steps.download-experimental-nix-installer.outputs.installer-path }} + # TODO: It'd be nice to use `artifacts.nixos.org` for both of these, maybe through an `/experimental-installer/latest` endpoint? or `/commit/`? + local-root: ${{ inputs.experimental-installer-version == 'latest' && steps.download-latest-experimental-installer.outputs.installer-path || '' }} + source-url: ${{ inputs.experimental-installer-version != 'latest' && 'https://artifacts.nixos.org/experimental-installer/tag/${{ inputs.experimental-installer-version }}/${{ env.EXPERIMENTAL_INSTALLER_ARTIFACT }}' || '' }} nix-package-url: ${{ inputs.dogfood == 'true' && steps.download-nix-installer.outputs.tarball-path || (inputs.tarball_url || '') }} extra-conf: ${{ inputs.extra_nix_config }}