Nix + Github Actions + Aarch64?

rmcgibbo · January 18, 2021, 12:04am

Has anyone been able to make a github actions workflow that builds a project for aarch64 and then uploads the build artifact to a cache? If so, I’d love a link.

For x86_64, I’ve had a great experience with @domenkozar’s cachix/install-nix-action and cachix/cachix-action components, which are extremely simple to use. But with respect to cross-compiling and/or running nix inside some kind of QEMU container (?) so that it’d be aarch64, I’m a newbie.

The end goal would be to have my project compiled for aarch64 in a github action workflow and uploaded to cachix such that workers running on AWS Gravitron2-based instances can then download from the cachix cache.

573 · January 18, 2021, 7:26am

For the build part I used srid’s neuron github actions to add an aarch64 branch. The build runs but I never made it run through as free minutes in gh ran out. To have the binaries copied to a cache you’d probably have to add something like this to your build defintion.

nix-store -qR --include-outputs $(nix-instantiate shell.nix) | cachix push project

domenkozar · January 18, 2021, 12:32pm

Probably the easiest way to do that today is to run your own github actions agent on aarch64 machine.

There are existing templates that allow you to auto-scale the runners for example using GitHub - philips-labs/terraform-aws-github-runner: Terraform module for scalable GitHub action runners on AWS

rmcgibbo · January 18, 2021, 6:32pm

@573: That worked perfectly!

Here’s my configuration, for anyone who encounters this post in the future

jobs:
  aarch64:
    runs-on: ubuntu-20.04
    steps:
    - uses: actions/checkout@v2.3.4
    - uses: cachix/install-nix-action@v12
      with:
        nix_path: nixpkgs=channel:nixos-20.09
    - run: |
         DEBIAN_FRONTEND=noninteractive
         sudo apt-get update -q -y && sudo apt-get install -q -y qemu-system-aarch64 qemu-efi binfmt-support qemu-user-static
         mkdir -p ~/.config/nix
         sudo bash -c "echo system-features = aarch64-linux arm-linux >> /etc/nix/nix.conf"
    - uses: cachix/cachix-action@v8
      with:
        name: nixpkgs-review-bot
        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
    - name: Build
      timeout-minutes: 3000
      run: |
        nix-build -j4 --option system aarch64-linux --option sandbox false --extra-platforms aarch64-linux
        nix show-derivation ./result

Niols · May 28, 2023, 1:01pm

Sorry for bumping an old thread, but it came out first in my Google results, so I thought I’d add my two cents. Thank you so much for the sample, @rmcgibbo; that helped a lot! The Nix options can now be declared in cachix/install-nix-action with an extra_nix_config input, so one can avoid written themselves to /etc/nix/nix.conf or passing arguments to the Nix commands. The following minimal example works like a charm for my use case (building a NixOS configuration for an ARM machine):

jobs:
  aarch64:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: sudo apt-get install -y qemu-user-static
      - uses: cachix/install-nix-action@v21
        with:
          extra_nix_config: |
            system = aarch64-linux
      - name: Build
        run: nix build .#nixosConfigurations.<hostname>.config.system.build.toplevel