Which Nix CI to use?

Hello everyone. I am currently trying to create my first derivation ! And it is … a web browser. I actually have made the derivation build, but it is taking way too much time for my little computer. I made the build run 2-3 hours and gave up … So now I’m looking for a CI to run the build there.
I already tried Travis CI which was pretty good, but the problem is that they stop the build after 50min. I’m actually needing a CI with unlimited build time, since I don’t really know how much time the build will take, and it already seems to be long.

The problem is, even if you manage to build it remotely via CI, and even if you manage to push to a service like cachix then to use it as a binary cache, you still might not be able to use it, as you are on a different version of your channels and have a slightly different set of inputs which invalidates the full build for you.

Your only option is probably to let the build happen overnight, or with only a single builder while you work on your machine.

I’d recommend using https://github.com/cachix/cachix-action to easily set it up, I’m planning to write a full tutorial in the coming weeks.

1 Like

Though how do I make sure that the GHA has the same set of buildInputs as my three workstations, which I already today fail to keep in sync, as I can’t properly pin home manager?

@NobbZ I don’t really care about that, it is just to be sure that it builds on latest nixpkgs to later make a pull request. And since I’m on nixos-unstable, I shouldn’t have too much problems anyway.

@domenkozar Interesting, I’m going to check.

I will wait a bit more to see if someone has another CI to propose.

I used to use travisci with Cachix to speed up the build. If the build failed at least some stuff would be sent to Cachix so restarting it would get further along. Now I switched to cachix-action which is a bit easier to use and more integrated into github.

It sounds to me like you’re looking for a remote builder, not an actual CI. In which case https://nixbuild.net/ is probably what you want. Not sure if and how usable that is yet, though. It’s probably not free, either. Maybe @rickynils can give us some insights on if it would be the right tool for the job.

2 Likes

Here’s what my travis.yml file looked like:

sudo: true
language: nix

script:
  - nix-env -iA cachix -f https://cachix.org/api/v1/install
  - cachix use nixpkgs-update
  - cachix push nixpkgs-update --watch-store&
  - nix-build

Here’s what my cachix-action GitHub one looks like (though I think there is a newer version of cachix-action that needs this to be tweaked):

name: "CI"
on:
  pull_request:
  push:
jobs:
  tests:
    strategy:
      matrix:
        os: [ubuntu-latest, macos]
    runs-on: ${{ matrix.os }}
    steps:
    - uses: actions/checkout@v2
    - uses: cachix/install-nix-action@v8
    - uses: cachix/cachix-action@v5
      with:
        name: nixpkgs-update
        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
2 Likes

@ryantm does Cachix allow unlimited builds ?
@ajs124 Yes, I’m looking for some builder, since a CI is some sort of builder which get triggered by some event (at least that’s how I see it). Nix build is actually paid, I’m looking for some free service if available.

Cachix does not do builds. It is a Nix store cache. I haven’t noticed a build limit with either GitHub or Travis.

with cachix/cachix-action@v6

you only append - run: nix-build as additional step.

It’s pretty good to upgrade since it will also push to cachix upon CI failure.

1 Like

@ryantm https://github.com/travis-ci/travis-ci/issues/2736 the max limit is 50min for jobs. And since my only job is building, 50min isn’t enough
@domenkozar Thank you, I’m going to try that.

I will mark this to solved in the meantime.

EDIT : I totally misunderstood, in fact cachix isn’t for building. So well, I’m still seeking for a remote builder

1 Like

GitHub Actions have a max runtime of six hours per job or 72 hours for a workflow, which might be enough for building your project. However if your program requires significant time and processing power to build you might be out of luck on free tiers and might have to invest in either setting up your own remote runner (which GitHub Actions support) or pay for a premium plan.

@sondr3 oh I didn’t know Github Actions builds your project, there’s so much I don’t know about Github … 72h is definitively enough, I will try it, thanks !

EDIT : I created my workflow and it seems to build, great ! Thank you all for your help !

1 Like

Even though this is marked as resolved I’ll add builds.sr.ht, which has a nixos image, a somewhat higher time limit, and a job submission form / api endpoint so you don’t have to tie jobs to a repo

1 Like

Here’s my updated CI for cachix-action v6. I also removed the macos builder because GitHub seemed to be having trouble with it:

name: "CI"
on:
  pull_request:
  push:
jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - uses: cachix/install-nix-action@v8
    - uses: cachix/cachix-action@v6
      with:
        name: nixpkgs-update
        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
    - run: nix-build

What kind of trouble did you observe?

Today the macOS builders seemed to be unavailable. They are probably harder to scale due to the Apple hardware requirement in the EULA.

1 Like

@domenkozar Zimbatm’s right, nothing wrong with Cachix.

I personally just use the default script from the cachix-actions github page, it perfectly fits my needs