Commit graph

59 commits

Author SHA1 Message Date
Luc Perkins
0b690dedac
Update detsys-ts 2024-05-22 13:19:09 -03:00
Graham Christensen
75ffa7fc74
Disable docker under act ()
* Rename IN_GITHUB_ACTIONS to IN_ACT

* If the trusted runner user is truthy, setup the runner as a trusted user.

The boolean option is always set.

* Set HAS_SYSTEMD in more cases

* Unquote trust-runner-user in the action.yml

* Don't bother with the docker shim under act

* fmt

* Regenerate

* fixup
2024-05-18 18:46:09 -04:00
Graham Christensen
1e58ce3980
Revert "Fix ESM build" () 2024-05-15 20:45:00 +00:00
Luc Perkins
e4a38c246a
Regenerate dist 2024-05-15 17:17:12 -03:00
Luc Perkins
9243e9b760
Fix merge conflicts with main 2024-05-15 17:16:08 -03:00
Graham Christensen
8cdf194da9
Update dependencies ()
* Update dependencies

* Update deps again :)
2024-05-09 20:29:18 +00:00
Luc Perkins
51bc05e2ea
Fix method of finding docker shims 2024-05-02 17:19:07 -03:00
Luc Perkins
9ffa76fa74
Fix ESM build 2024-05-02 17:07:51 -03:00
Luc Perkins
337589f84d
Switch to tsup for building 2024-05-02 16:35:58 -03:00
Luc Perkins
ff707a0bf7
Fix merge conflict with main 2024-05-02 13:03:16 -03:00
Luc Perkins
57a6360160
Fix build issue due to detsys-ts update 2024-05-02 10:52:54 -03:00
Luc Perkins
a2856cdfd2
Prefer coalescing over or-ing 2024-04-24 11:13:40 -03:00
Luc Perkins
b87931b2dd
Add camelcase check 2024-04-24 11:09:55 -03:00
Cole Helbling
413ac98332 Gracefully handle FlakeHub login failure 2024-04-23 09:55:39 -07:00
Luc Perkins
c9a02f1141
Use bracket notation for env vars 2024-04-15 19:42:44 -03:00
Luc Perkins
413fb1beb4
Constify events and facts 2024-04-15 19:34:51 -03:00
Luc Perkins
8f4ca496eb
Enforce proper casing 2024-04-15 19:23:29 -03:00
Luc Perkins
c89881253c
Use detsys-ts functions for inputs 2024-04-15 19:09:42 -03:00
Graham Christensen
5c49fa4feb
Update detsys-ts () 2024-04-12 15:31:59 -04:00
Graham Christensen
5d2215c1e1
Rebase on top of detsys-ts for abstracting over install.determinate.systems ()
* Rebase on top of detsys-ts for abstracting over install.determinate.systems

* Support the legacy nix-installer-xxx source prefs

* Document source-* opts

* Update deps

* cut duration so it doesn't take forever

* Move the complete step into a finally block

* Test a busted run

* come on ...

* update to the main detsys-ts

* Switch to the delegated execution model

* throw an error to check behavior

* Fixup lint errors

* Drop the forced error
2024-04-11 11:58:56 -04:00
Graham Christensen
de22e16c47
DETERMINATE_NIX_KVM fixup, support Magic Nix Cache + FlakeHub Cache on Namespace runners ()
* Share /bin with nix for post-build-hooks

* test the magic nix cache

* wtf

* permissions

* Share /home and the network namespace too

* test the devshell

* Don't force-set kvm to 0 ... d'oh!

* dev shell support for aarch64-linux

* ?

* More testing /  debug

* Make it run anyway

* Bind /lib too so /bin/sh works ... sigh

* Disable gha-cache for tesing

* Kill the magic nix cache before reinstalling

* Don't set the extra environment variables extraniously

* Enable gha cache again
2024-03-11 19:53:25 -04:00
Ana Hobden
f4a0ffe230 Don't use docker shim if only using a mounted docker.sock instead of docker-in-docker 2024-01-10 11:45:04 -08:00
Ana Hobden
4126bb83b3 Merge branch 'main' into hoverbear/fh-160-action-should-work-under-nektosact-in-the-absence-of-systemd 2024-01-09 10:38:56 -08:00
Ana Hobden
81ee88fd4a Handle docker not existing 2024-01-09 10:36:54 -08:00
Ana Hobden
f576e90e2d Fix logic inversion 2024-01-08 13:29:15 -08:00
Ana Hobden
161c1f6904 Use uid not username 2024-01-08 13:06:51 -08:00
Ana Hobden
0e5b724979 No longer require sudo 2024-01-08 10:50:02 -08:00
Cole Mickens
21affdd5d3
action: post-run-job: try clean daemon container, warn on failure ()
* flake: add typescript LSP tool

* action: post-run-job: try clean daemon container, warn on failure
2023-12-19 11:01:56 -05:00
Graham Christensen
cd46bde16a
Support GitHub Enterprise Server using ARC ()
* Test nix-installer-action on Namespace.so

It is special in that it doesn't have systemd, and it'd be great to
support Namespace.so. It is also a good test case for a variety
of self-hosted GHA runner use cases.

* Make correlation more confident

* Borrow docker as a process supervisor on Linux GHA runners without systemd

This change introduces a Docker container shim which spawns the Nix
daemon after bind mounting all the relevant paths into the container.

The image is actually completely empty, other than metadata about what
to run.

This is a cheap and cheerful way to get decent process supervision in
environments that don't bring systemd, but do have docker ... which
is most everywhere in the GHA ecosystem.

* Ignore generated files

* Run on arm64 why not

* Load a pre-built image, don't build

* Check the userInfo.username instead of an env var

* Stop double-printing output to the console

* can't rm and restart

* what

* Clean up the container at the end

* Emit the fetch line in the 'installing nix' section

* tweak output

* delete what
2023-12-04 14:17:47 -05:00
Graham Christensen
84fe9e450f
Support GitHub Enterprise Server in the github-token access token. () 2023-12-01 10:23:32 -05:00
Graham Christensen
07b8bcba1b
KVM support out of the box, plus a refreshed README ()
* support kvm

* Refresh the readme

* Update README.md

Co-authored-by: Ana Hobden <operator@hoverbear.org>

* Update README.md

Co-authored-by: Luc Perkins <lucperkins@gmail.com>

* Update README.md

---------

Co-authored-by: Ana Hobden <operator@hoverbear.org>
Co-authored-by: Luc Perkins <lucperkins@gmail.com>
2023-11-21 19:06:06 +00:00
Ana Hobden
8b5f066806 Use Github Actions provided tool cache and exec 2023-11-02 10:48:10 -07:00
Hugo Santos
7fa8f59903
Detected whether we're running in a Namespace runner, and if so, set init: none. ()
Background: Namespace managed runners run each github job in a container, in a
separate micro-vm managed by Namespace. These VMs and containers do not rely on
systemd, and instead use Namespace's own init/process management.
2023-11-02 15:58:37 +00:00
Cole Mickens
bb22c86823
retries: autoClose, but open file with O_SYNC 2023-10-24 18:01:08 +02:00
Cole Mickens
d46d5b144a
retries: switch back to piping with non-web node streams 2023-10-24 17:45:43 +02:00
Cole Mickens
663467bee8
main.ts: installer use filehandle, make sure we fsync it before close 2023-10-24 17:35:04 +02:00
Cole Mickens
4e0fccbf7c
eslint/tsconfig: validate no floating Promises, adjust tsconfig 2023-10-24 10:40:08 +02:00
Cole Mickens
c906fbe810
regenerate dist after rebasing 2023-10-19 11:45:11 +02:00
Cole Mickens
5c1457fc8d
retries: interate on stream handling, remove downcast 2023-10-19 11:44:42 +02:00
Cole Mickens
58853de798
main.ts: use fetch-retry, add retry/backoff to fetching installer 2023-10-19 11:44:41 +02:00
Graham Christensen
07ebb8d274
Support private flakes on FlakeHub ()
Use the GitHub Actions-issued JWT to authenticate with FlakeHub.
The repository will be granted its due permissions on FlakeHub,
and be able to pull the user's private flakes.
2023-10-04 17:35:16 -04:00
Graham Christensen
d654f7b93a
Post run diagnostics () 2023-10-04 15:31:05 -04:00
Ana Hobden
c683402ad5 Tweak messaging when nix-installer makes GITHUB_PATH not action writable 2023-07-17 10:56:49 -07:00
Ana Hobden
d29c939172 Better messaging when we set GITHUB_PATH 2023-07-14 09:07:56 -07:00
Ana Hobden
bdec4311cf Fixup wording, test again against fixed pr 2023-07-14 08:57:09 -07:00
Ana Hobden
a5bdb5e70c Tweak the warning 2023-07-14 08:27:14 -07:00
Ana Hobden
15d6a6a814 More handling around old nix-installer versions 2023-07-14 08:03:38 -07:00
Ana Hobden
09be496fdd Add guardrail against old nix-installer versions that set GITHUB_PATH 2023-07-14 07:58:00 -07:00
Ana Hobden
d7dba96ff9 Run npm build... 2023-07-13 11:33:33 -07:00
Ana Hobden
3d54c0c487 More review feedback 2023-07-13 11:10:08 -07:00