Hi! I’m having an issue with nix build
on GitHub Actions for a Go project.
I’m using Nix Flake on my GitHub repo for a Go app. My GitHub Actions workflow then uses nix build
to build binaries from the flake.
This repository contains 2 Go modules:
-
Root module, at root of the project
-
Extension module, which is at
/soyweb
. This module imports the root module usingreplace github.com/foo/rootmod => ./..
directive.
Both modules put their main programs in their own respective ./cmd/
directories (Go convention is to place the main programs in cmd
directory).
Within the flake, there’re 2 outputs that involves buildGoModule
:
-
output
.#ssg-go
builds executables in the root module in/cmd/
-
output
.#soyweb
builds executables in/soyweb/cmd/
Both of the outputs use buildGoModule
to build the executables in cmd
. On my local machine (NixOS), both outputs can be built just fine.
But on GitHub Actions, nix build .#soyweb
fails, complaining about vendor hash mismatch. My observation is that these actual hash changes every time I correct the vendor hash for .#soyweb
in the flake.
I assumed it was because the GitHub runner clutters the root of the projects with its files, and thus changing the digest hash of the root module. - i.e. I assume that if the root directory changes, so does the vendor hash for .#soyweb
.
So I did an experiment and build .#soyweb
locally with tainted new files in root module, but the build also succeeded, so my theory went out the window. I also logged the files in GitHub Action runner’s $pwd
, yet it seems there’s no cluttering new files, only .git
dir whose hash might differ from .git
on my own local machine.
Now I’m lost and really not sure what to look for. Can anyone help or shine some light on this? Thanks!