Ideally, I would replace channel:nixos-unstable with the exact version of nixpkgs which is pinned in the project. Currently the project pins nixpkgs in shell.nix like this
Rather than hacking together an ad-hoc parser, I thought I’d ask for suggestions on how to specify the pinning within the project in a way that would allow it to be reused easily and robustly in cachix/install-nix-action.
Sorry, I wasn’t clear enough about what my problem is: how should I copy that hash out of wherever my project specifies it, into the GHA’s nix_path: nixpks=..., in a robust and DRY way? I don’t want to burden a human with ensuring that it is synced between those two locations!
IOW, what’s the best way of getting a single source of information about the nixpkgs version being used by both the GHA action and shell.nix?
Sounds like a good use case to keep a flakes.lock file. I haven’t used it much so wont be of much help. Specifying the nixpkgs revision in any form to me is sufficient. It’s about being declerative and specific. Btw, sounds like you’re using multiple nixpkgs revision in single project? If so, I’d stop that and just declare it once root-level as per DRY. And also KISS (override packages individually if that’s needed).
There is one nixpkgs version for the whole project, and I’d simply like the GHA to download and install that version in the first place, rather than some random version being fetched, only for the pinned version to be grabbed immediately afterwards.
yes I misunderstood your question indeed. I use GHA, usually with cachix, I never noticed this behavior, but it could be present, that it first installs random nixpkgs (or the one specified inside the action itself) then the pinned one, being cached it’s usually super fast anyway.
I do put everything that I can in shell.nix, but I don’t see how the GitHub Action itself can be put in shell.nix and the Action fails on darwin if nix_path is not set explicitly for cachix/install-nix-action.
(override packages individually if that’s needed).