Support GitHub Enterprise Server in the github-token access token. (#58)

This commit is contained in:
Graham Christensen 2023-12-01 10:23:32 -05:00 committed by GitHub
parent 07b8bcba1b
commit 84fe9e450f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 52 additions and 40 deletions

View file

@ -11,8 +11,11 @@ The fast, friendly, and reliable GitHub Action to install Nix with Flakes.
* ✅ WSL2, x86_64 and aarch64 * ✅ WSL2, x86_64 and aarch64
* ✅ Containers * ✅ Containers
* ✅ Valve's SteamOS * ✅ Valve's SteamOS
* ✅ GitHub Enterprise Server
* ✅ GitHub Hosted, self-hosted, and long running Actions Runners * ✅ GitHub Hosted, self-hosted, and long running Actions Runners
## Usage ## Usage
```yaml ```yaml
@ -82,41 +85,42 @@ Differing from the upstream [Nix](https://github.com/NixOS/nix) installer script
## Configuration ## Configuration
| Parameter | Description | Type | Default | | Parameter | Description | Type | Default |
| :----------------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------- | :--------------------------------------------------- | | :----------------------- | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------- | :--------------------------------------------------- |
| `backtrace` | The setting for [`RUST_BACKTRACE`][backtrace] | string | | | `backtrace` | The setting for [`RUST_BACKTRACE`][backtrace] | string | |
| `extra-args` | Extra arguments to pass to the planner (prefer using structured `with:` arguments unless using a custom [planner]!) | string | | | `extra-args` | Extra arguments to pass to the planner (prefer using structured `with:` arguments unless using a custom [planner]!) | string | |
| `extra-conf` | Extra configuration lines for `/etc/nix/nix.conf` (includes `access-tokens` with `secrets.GITHUB_TOKEN` automatically if `github-token` is set) | string | | | `extra-conf` | Extra configuration lines for `/etc/nix/nix.conf` (includes `access-tokens` with `secrets.GITHUB_TOKEN` automatically if `github-token` is set) | string | |
| `flakehub` | Log in to FlakeHub to pull private flakes using the GitHub Actions [JSON Web Token](https://jwt.io) (JWT), which is bound to the `api.flakehub.com` audience. | Boolean | `false` | | `flakehub` | Log in to FlakeHub to pull private flakes using the GitHub Actions [JSON Web Token](https://jwt.io) (JWT), which is bound to the `api.flakehub.com` audience. | Boolean | `false` |
| `github-token` | A [GitHub token] for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) | string | `${{ github.token }}` | | `github-token` | A [GitHub token] for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) | string | `${{ github.token }}` |
| `init` | The init system to configure (requires `planner: linux-multi`) | enum (`none` or `systemd`) | | | `github-server-url` | The URL for the GitHub server, to use with the `github-token` token. Defaults to the current GitHub server, supporting GitHub Enterprise Server automatically. Only change this value if the provided `github-token` is for a different GitHub server than the current server. | string | `${{ github.server }}` |
| `kvm` | Automatically configure the GitHub Actions Runner for NixOS test support, if the host supports it. | Boolean | `true` | | `init` | The init system to configure (requires `planner: linux-multi`) | enum (`none` or `systemd`) | |
| `local-root` | A local `nix-installer` binary root. Overrides the `nix-installer-url` setting (a `nix-installer.sh` should exist, binaries should be named `nix-installer-$ARCH`, eg. `nix-installer-x86_64-linux`). | Boolean | `false` | | `kvm` | Automatically configure the GitHub Actions Runner for NixOS test support, if the host supports it. | Boolean | `true` |
| `log-directives` | A list of [tracing directives], comma separated with `-`s replaced with `_` (eg. `nix_installer=trace`) | string | | | `local-root` | A local `nix-installer` binary root. Overrides the `nix-installer-url` setting (a `nix-installer.sh` should exist, binaries should be named `nix-installer-$ARCH`, eg. `nix-installer-x86_64-linux`). | Boolean | `false` |
| `logger` | The logger to use during installation | enum (`pretty`, `json`, `full`, `compact`) | | | `log-directives` | A list of [tracing directives], comma separated with `-`s replaced with `_` (eg. `nix_installer=trace`) | string | |
| `mac-case-sensitive` | Use a case-sensitive volume (`planner: macos` only) | Boolean | `false` | | `logger` | The logger to use during installation | enum (`pretty`, `json`, `full`, `compact`) | |
| `mac-encrypt` | Force encryption on the volume (`planner: macos` only) | Boolean | `false` | | `mac-case-sensitive` | Use a case-sensitive volume (`planner: macos` only) | Boolean | `false` |
| `mac-root-disk` | The root disk of the target (`planner: macos` only) | string | | | `mac-encrypt` | Force encryption on the volume (`planner: macos` only) | Boolean | `false` |
| `mac-volume-label` | The label for the created [APFS] volume (`planner: macos` only) | string | | | `mac-root-disk` | The root disk of the target (`planner: macos` only) | string | |
| `modify-profile` | Modify the user [profile] to automatically load Nix | Boolean | `false` | | `mac-volume-label` | The label for the created [APFS] volume (`planner: macos` only) | string | |
| `nix-build-group-id` | The Nix build group GID | integer | | | `modify-profile` | Modify the user [profile] to automatically load Nix | Boolean | `false` |
| `nix-build-group-name` | The Nix build group name | string | | | `nix-build-group-id` | The Nix build group GID | integer | |
| `nix-build-user-base` | The Nix build user base UID (ascending) | integer | | | `nix-build-group-name` | The Nix build group name | string | |
| `nix-build-user-count` | The number of build users to create | integer | 32 | | `nix-build-user-base` | The Nix build user base UID (ascending) | integer | |
| `nix-build-user-prefix` | The Nix build user prefix (user numbers will be postfixed) | string | | | `nix-build-user-count` | The number of build users to create | integer | 32 |
| `nix-installer-branch` | The branch of `nix-installer` to use (conflicts with the `nix-installer-tag`, `nix-installer-revision`, and `nix-installer-branch`) | string | | | `nix-build-user-prefix` | The Nix build user prefix (user numbers will be postfixed) | string | |
| `nix-installer-pr` | The pull request of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-revision`, and `nix-installer-branch`) | integer | | | `nix-installer-branch` | The branch of `nix-installer` to use (conflicts with the `nix-installer-tag`, `nix-installer-revision`, and `nix-installer-branch`) | string | |
| `nix-installer-revision` | The revision of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-branch`, and `nix-installer-pr`) | string | | | `nix-installer-pr` | The pull request of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-revision`, and `nix-installer-branch`) | integer | |
| `nix-installer-tag` | The tag of `nix-installer` to use (conflicts with `nix-installer-revision`, `nix-installer-branch`, `nix-installer-pr`) | string | | | `nix-installer-revision` | The revision of `nix-installer` to use (conflicts with `nix-installer-tag`, `nix-installer-branch`, and `nix-installer-pr`) | string | |
| `nix-installer-url` | A URL pointing to a `nix-installer.sh` script | URL | `https://install.determinate.systems/nix` | | `nix-installer-tag` | The tag of `nix-installer` to use (conflicts with `nix-installer-revision`, `nix-installer-branch`, `nix-installer-pr`) | string | |
| `nix-package-url` | The Nix package URL | URL | | | `nix-installer-url` | A URL pointing to a `nix-installer.sh` script | URL | `https://install.determinate.systems/nix` |
| `planner` | The installation [planner] to use | enum (`linux` or `macos`) | | | `nix-package-url` | The Nix package URL | URL | |
| `reinstall` | Force a reinstall if an existing installation is detected (consider backing up `/nix/store`) | Boolean | `false` | | `planner` | The installation [planner] to use | enum (`linux` or `macos`) | |
| `start-daemon` | If the daemon should be started, requires `planner: linux-multi` | Boolean | `false` | | `reinstall` | Force a reinstall if an existing installation is detected (consider backing up `/nix/store`) | Boolean | `false` |
| `trust-runner-user` | Whether to make the runner user trusted by the Nix daemon | Boolean | `true` | | `start-daemon` | If the daemon should be started, requires `planner: linux-multi` | Boolean | `false` |
| `diagnostic-endpoint` | Diagnostic endpoint url where the installer sends install [diagnostic reports](https://github.com/DeterminateSystems/nix-installer#diagnostics) to, to disable set this to an empty string | string | `https://install.determinate.systems/nix/diagnostic` | | `trust-runner-user` | Whether to make the runner user trusted by the Nix daemon | Boolean | `true` |
| `proxy` | The proxy to use (if any), valid proxy bases are `https://$URL`, `http://$URL` and `socks5://$URL` | string | | | `diagnostic-endpoint` | Diagnostic endpoint url where the installer sends install [diagnostic reports](https://github.com/DeterminateSystems/nix-installer#diagnostics) to, to disable set this to an empty string | string | `https://install.determinate.systems/nix/diagnostic` |
| `ssl-cert-file` | An SSL cert to use (if any), used for fetching Nix and sets `NIX_SSL_CERT_FILE` for Nix | string | | | `proxy` | The proxy to use (if any), valid proxy bases are `https://$URL`, `http://$URL` and `socks5://$URL` | string | |
| `ssl-cert-file` | An SSL cert to use (if any), used for fetching Nix and sets `NIX_SSL_CERT_FILE` for Nix | string | |
[apfs]: https://en.wikipedia.org/wiki/Apple_File_System [apfs]: https://en.wikipedia.org/wiki/Apple_File_System
[backtrace]: https://doc.rust-lang.org/std/backtrace/index.html#environment-variables [backtrace]: https://doc.rust-lang.org/std/backtrace/index.html#environment-variables

View file

@ -20,6 +20,9 @@ inputs:
github-token: github-token:
description: A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) description: A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests)
default: ${{ github.token }} default: ${{ github.token }}
github-server-url:
description: The URL for the GitHub server, to use with the `github-token` token. Defaults to the current GitHub server, supporting GitHub Enterprise Server automatically. Only change this value if the provided `github-token` is for a different GitHub server than the current server.
default: ${{ github.server_url }}
init: init:
description: "The init system to configure, requires `planner: linux-multi` (allowing the choice between `none` or `systemd`)" description: "The init system to configure, requires `planner: linux-multi` (allowing the choice between `none` or `systemd`)"
required: false required: false

6
dist/index.js vendored
View file

@ -43,6 +43,7 @@ class NixInstallerAction {
this.flakehub = action_input_bool("flakehub"); this.flakehub = action_input_bool("flakehub");
this.kvm = action_input_bool("kvm"); this.kvm = action_input_bool("kvm");
this.github_token = action_input_string_or_null("github-token"); this.github_token = action_input_string_or_null("github-token");
this.github_server_url = action_input_string_or_null("github-server-url");
this.init = action_input_string_or_null("init"); this.init = action_input_string_or_null("init");
this.local_root = action_input_string_or_null("local-root"); this.local_root = action_input_string_or_null("local-root");
this.log_directives = action_input_string_or_null("log-directives"); this.log_directives = action_input_string_or_null("log-directives");
@ -159,8 +160,9 @@ class NixInstallerAction {
} }
} }
let extra_conf = ""; let extra_conf = "";
if (this.github_token !== null) { if (this.github_server_url !== null && this.github_token !== null) {
extra_conf += `access-tokens = github.com=${this.github_token}`; const server_url = this.github_server_url.replace("https://", "");
extra_conf += `access-tokens = ${server_url}=${this.github_token}`;
extra_conf += "\n"; extra_conf += "\n";
} }
if (this.trust_runner_user !== null) { if (this.trust_runner_user !== null) {

2
dist/index.js.map vendored

File diff suppressed because one or more lines are too long

View file

@ -16,6 +16,7 @@ class NixInstallerAction {
extra_conf: string[] | null; extra_conf: string[] | null;
flakehub: boolean; flakehub: boolean;
kvm: boolean; kvm: boolean;
github_server_url: string | null;
github_token: string | null; github_token: string | null;
// TODO: linux_init // TODO: linux_init
init: string | null; init: string | null;
@ -56,6 +57,7 @@ class NixInstallerAction {
this.flakehub = action_input_bool("flakehub"); this.flakehub = action_input_bool("flakehub");
this.kvm = action_input_bool("kvm"); this.kvm = action_input_bool("kvm");
this.github_token = action_input_string_or_null("github-token"); this.github_token = action_input_string_or_null("github-token");
this.github_server_url = action_input_string_or_null("github-server-url");
this.init = action_input_string_or_null("init"); this.init = action_input_string_or_null("init");
this.local_root = action_input_string_or_null("local-root"); this.local_root = action_input_string_or_null("local-root");
this.log_directives = action_input_string_or_null("log-directives"); this.log_directives = action_input_string_or_null("log-directives");
@ -210,8 +212,9 @@ class NixInstallerAction {
} }
let extra_conf = ""; let extra_conf = "";
if (this.github_token !== null) { if (this.github_server_url !== null && this.github_token !== null) {
extra_conf += `access-tokens = github.com=${this.github_token}`; const server_url = this.github_server_url.replace("https://", "");
extra_conf += `access-tokens = ${server_url}=${this.github_token}`;
extra_conf += "\n"; extra_conf += "\n";
} }
if (this.trust_runner_user !== null) { if (this.trust_runner_user !== null) {