Installing Nix on Github Actions

justinw · August 23, 2019, 10:05pm

I’ve been using Nix on GitHub Actions like so:


name: My Workflow
on: [push]

jobs:
  my_job:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - name: nix
        run: |
          curl https://nixos.org/nix/install | sh

However, almost every third or fourth run on GitHub Actions has led to a segfault in the installation.

Are there some alternatives that I should know about for installing Nix in GitHub Actions?

Please, no Docker/container-related suggestions, unless to show an existing, working setup using the NEW Actions workflow.

samueldr · August 24, 2019, 12:05am

Hi, I was in the initial beta of GitHub Actions. I don’t know if this will be of use, but here’s what I initially did:

Though, the action-nix-build action isn’t that useful compared to just using the standard Docker image from Nixos.

The only benefit is how it auto-calls release.nix or default.nix by default (unless given a command to run) and then copies the contents of the result link.

Since you cannot (or could not at that moment in time) overlay mount on top of the nix store, there’s quite a few limitations. You either need to rely on external caching like cachix, or have a simple enough build that outputs files only in result. Alternatively, it should be possible to do something with copy-closure, but I kinda lost interest since it wasn’t really meshing well with the other actions.

danieldk · August 24, 2019, 6:34am

Just a (perhaps) related data point – this also happens on Travis-CI. I encounter this quite regularly. Sometimes this happens during installation, but also during e.g. channel updates:

There’s also this issue:

github.com/NixOS/nixpkgs

Segmentation fault while installing NixOS on travis

opened 10:59AM - 01 Aug 19 UTC

closed 04:30PM - 01 Aug 19 UTC

vedhavyas

0.kind: bug

**Describe the bug** NixOS installation fails randomly with a seg fault ``` $… bash <(curl https://nixos.org/nix/install) downloading Nix 2.2.2 binary tarball for x86_64-linux from 'https://nixos.org/releases/nix/nix-2.2.2/nix-2.2.2-x86_64-linux.tar.bz2' to '/tmp/nix-binary-tarball-unpack.EKUWFTKp9k'... performing a single-user installation of Nix... directory /nix does not exist; creating it by running 'mkdir -m 0755 /nix && chown travis /nix' using sudo copying Nix to /nix/store................................. initialising Nix database... Nix: creating /home/travis/.nix-profile installing 'nix-2.2.2' building '/nix/store/2c4l83wkdfrj7ra9k07l0aqvym1d5z20-user-environment.drv'... created 6 symlinks in user environment Segmentation fault (core dumped) ``` **To Reproduce** fails randomly **Expected behavior** Installation should not fail **Screenshots** If applicable, add screenshots to help explain your problem. **Additional context** We observed this on TravisCI **Metadata** Please run `nix run nixpkgs.nix-info -c nix-info -m` and paste the result. Maintainer information: ```yaml # a list of nixpkgs attributes affected by the problem attribute: # a list of nixos modules affected by the problem module: ```

But the reporter does not seem to have filed an issue in the Nix repo.

gleber · August 28, 2019, 10:55am

If the problem is only in the installation step, have you considered using the statically compiled Nix from Static Nix: a command-line swiss army knife ?

zimbatm · August 28, 2019, 2:36pm

I wasn’t able to reproduce the issue with docker. Any idea how it could be done in a more fully-fledged VM?

Dockerfile:

FROM debian:latest

RUN apt update -q
RUN apt install -qy bzip2 curl vim sudo

# create a default user
RUN yes | adduser -q zimbatm
RUN echo "zimbatm ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/zimbatm

# switch to user, set USER to make the nix install script happy
ENV USER=zimbatm
USER zimbatm

i=0; id=$(docker build .); while docker run -ti --rm --privileged 4a0f74255254  sh -c "curl https://nixos.org/nix/install | sh && . /home/zimbatm/.nix-profile/etc/profile.d/nix.sh && NIX_PATH=nixpkgs=channel:nixos-unstable nix-channel --update"; do ((i++)); echo "************** $i *****************"; done