nix: merge nix.settings.trusted-users
by default
#2183
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Test" | |
on: | |
pull_request: | |
push: | |
branches: | |
- master | |
env: | |
CURRENT_STABLE_CHANNEL: nixpkgs-24.11-darwin | |
jobs: | |
test-stable: | |
runs-on: macos-13 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nix corresponding to latest stable channel | |
uses: cachix/install-nix-action@v30 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-2.18.8/install | |
- run: nix flake check --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
test-unstable: | |
runs-on: macos-13 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nix from current unstable channel | |
uses: cachix/install-nix-action@v30 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-2.24.9/install | |
- run: nix flake check --override-input nixpkgs nixpkgs/nixpkgs-unstable | |
install-against-stable: | |
runs-on: macos-13 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nix corresponding to latest stable channel | |
uses: cachix/install-nix-action@v30 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-2.18.8/install | |
nix_path: nixpkgs=channel:${{ env.CURRENT_STABLE_CHANNEL }} | |
- name: Install channels | |
run: | | |
nix-channel --add https://github.com/LnL7/nix-darwin/archive/master.tar.gz darwin | |
nix-channel --add https://nixos.org/channels/${{ env.CURRENT_STABLE_CHANNEL }} nixpkgs | |
nix-channel --update | |
- name: Install nix-darwin | |
run: | | |
export NIX_PATH=$HOME/.nix-defexpr/channels | |
mkdir -p ~/.config/nix-darwin | |
cp modules/examples/simple.nix ~/.config/nix-darwin/configuration.nix | |
nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) | |
/usr/bin/sed -i.bak \ | |
"s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ | |
~/.config/nix-darwin/configuration.nix | |
nix run .#darwin-rebuild \ | |
-- switch \ | |
-I darwin-config=$HOME/.config/nix-darwin/configuration.nix | |
- name: Switch to new configuration | |
run: | | |
. /etc/bashrc | |
/usr/bin/sed -i.bak \ | |
"s/pkgs.vim/pkgs.hello/" \ | |
~/.config/nix-darwin/configuration.nix | |
darwin-rebuild switch -I darwin=. | |
hello | |
- name: Test uninstallation of nix-darwin | |
run: | | |
# We need to specify `--extra-experimental-features` because `experimental-features` is set by | |
# `cachix/install-nix-action` but not by our default config above | |
nix run .#darwin-uninstaller \ | |
--extra-experimental-features "nix-command flakes" \ | |
--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
nix run .#darwin-uninstaller.tests.uninstaller \ | |
--extra-experimental-features "nix-command flakes" \ | |
--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
install-against-unstable: | |
runs-on: macos-13 | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nix from current unstable channel | |
uses: cachix/install-nix-action@v30 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-2.24.9/install | |
nix_path: nixpkgs=channel:nixpkgs-unstable | |
- name: Install channels | |
run: | | |
nix-channel --add https://github.com/LnL7/nix-darwin/archive/master.tar.gz darwin | |
nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs | |
nix-channel --update | |
- name: Install nix-darwin | |
run: | | |
export NIX_PATH=$HOME/.nix-defexpr/channels | |
mkdir -p ~/.config/nix-darwin | |
cp modules/examples/simple.nix ~/.config/nix-darwin/configuration.nix | |
nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) | |
/usr/bin/sed -i.bak \ | |
"s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ | |
~/.config/nix-darwin/configuration.nix | |
nix run .#darwin-rebuild \ | |
-- switch \ | |
-I darwin-config=$HOME/.config/nix-darwin/configuration.nix | |
- name: Switch to new configuration | |
run: | | |
. /etc/bashrc | |
/usr/bin/sed -i.bak \ | |
"s/pkgs.vim/pkgs.hello/" \ | |
~/.config/nix-darwin/configuration.nix | |
darwin-rebuild switch -I darwin=. | |
hello | |
- name: Test uninstallation of nix-darwin | |
run: | | |
# We need to specify `--extra-experimental-features` because `experimental-features` is set by | |
# `cachix/install-nix-action` but not by our default config above | |
nix run .#darwin-uninstaller \ | |
--extra-experimental-features "nix-command flakes" \ | |
--override-input nixpkgs nixpkgs/nixpkgs-unstable | |
nix run .#darwin-uninstaller.tests.uninstaller \ | |
--extra-experimental-features "nix-command flakes" \ | |
--override-input nixpkgs nixpkgs/nixpkgs-unstable | |
install-flake-against-stable: | |
runs-on: macos-13 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nix version corresponding to latest stable channel | |
uses: cachix/install-nix-action@v30 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-2.18.8/install | |
- name: Install nix-darwin | |
run: | | |
mkdir -p ~/.config/nix-darwin | |
darwin=$(pwd) | |
pushd ~/.config/nix-darwin | |
nix flake init -t $darwin | |
nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) | |
/usr/bin/sed -i.bak \ | |
"s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ | |
flake.nix | |
/usr/bin/sed -i.bak \ | |
's/nixpkgs.hostPlatform = "aarch64-darwin";/nixpkgs.hostPlatform = "'$(nix eval --expr builtins.currentSystem --impure --raw)'";/' \ | |
flake.nix | |
popd | |
nix run .#darwin-rebuild -- \ | |
switch --flake ~/.config/nix-darwin#simple \ | |
--override-input nix-darwin . \ | |
--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
- name: Switch to new configuration | |
run: | | |
. /etc/bashrc | |
/usr/bin/sed -i.bak \ | |
"s/pkgs.vim/pkgs.hello/" \ | |
~/.config/nix-darwin/flake.nix | |
darwin-rebuild switch --flake ~/.config/nix-darwin#simple \ | |
--override-input nix-darwin . \ | |
--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
hello | |
- name: Test uninstallation of nix-darwin | |
run: | | |
nix run .#darwin-uninstaller --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
nix run .#darwin-uninstaller.tests.uninstaller --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} | |
install-flake-against-unstable: | |
runs-on: macos-13 | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nix from current unstable channel | |
uses: cachix/install-nix-action@v30 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-2.24.9/install | |
- name: Install nix-darwin | |
run: | | |
mkdir -p ~/.config/nix-darwin | |
darwin=$(pwd) | |
pushd ~/.config/nix-darwin | |
nix flake init -t $darwin | |
nixConfHash=$(shasum -a 256 /etc/nix/nix.conf | cut -d ' ' -f 1) | |
/usr/bin/sed -i.bak \ | |
"s/# programs.fish.enable = true;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \ | |
flake.nix | |
/usr/bin/sed -i.bak \ | |
's/nixpkgs.hostPlatform = "aarch64-darwin";/nixpkgs.hostPlatform = "'$(nix eval --expr builtins.currentSystem --impure --raw)'";/' \ | |
flake.nix | |
popd | |
nix run .#darwin-rebuild -- \ | |
switch --flake ~/.config/nix-darwin#simple \ | |
--override-input nix-darwin . \ | |
--override-input nixpkgs nixpkgs/nixpkgs-unstable | |
- name: Switch to new configuration | |
run: | | |
. /etc/bashrc | |
/usr/bin/sed -i.bak \ | |
"s/pkgs.vim/pkgs.hello/" \ | |
~/.config/nix-darwin/flake.nix | |
darwin-rebuild switch --flake ~/.config/nix-darwin#simple \ | |
--override-input nix-darwin . \ | |
--override-input nixpkgs nixpkgs/nixpkgs-unstable | |
hello | |
- name: Test uninstallation of nix-darwin | |
run: | | |
nix run .#darwin-uninstaller --override-input nixpkgs nixpkgs/nixpkgs-unstable | |
nix run .#darwin-uninstaller.tests.uninstaller --override-input nixpkgs nixpkgs/nixpkgs-unstable |