Support GitHub Enterprise Server using ARC (#59)

* Test nix-installer-action on Namespace.so It is special in that it doesn't have systemd, and it'd be great to support Namespace.so. It is also a good test case for a variety of self-hosted GHA runner use cases. * Make correlation more confident * Borrow docker as a process supervisor on Linux GHA runners without systemd This change introduces a Docker container shim which spawns the Nix daemon after bind mounting all the relevant paths into the container. The image is actually completely empty, other than metadata about what to run. This is a cheap and cheerful way to get decent process supervision in environments that don't bring systemd, but do have docker ... which is most everywhere in the GHA ecosystem. * Ignore generated files * Run on arm64 why not * Load a pre-built image, don't build * Check the userInfo.username instead of an env var * Stop double-printing output to the console * can't rm and restart * what * Clean up the container at the end * Emit the fetch line in the 'installing nix' section * tweak output * delete what
DeterminateSystems · Dec 4, 2023 · cd46bde · cd46bde
1 parent 84fe9e4
commit cd46bde
Show file tree

Hide file tree

Showing 15 changed files with 525 additions and 558 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1,2 @@
+dist/* linguist-generated=true
+
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -18,7 +18,13 @@ jobs:
       - run: test $(git status --porcelain=v1 2>/dev/null | wc -l) -eq 0
   run-x86_64-linux:
     name: Run x86_64 Linux
-    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        runner:
+            - ubuntu-latest
+            - nscloud-ubuntu-22.04-amd64-4x16
+            - namespace-profile-default-arm64
+    runs-on: ${{ matrix.runner }}
     steps:
       - uses: actions/checkout@v3
       - name: Install Nix

diff --git a/README.md b/README.md
@@ -91,6 +91,7 @@ Differing from the upstream [Nix](https://github.com/NixOS/nix) installer script
 | `extra-args`             | Extra arguments to pass to the planner (prefer using structured `with:` arguments unless using a custom [planner]!)                                                                                                                                                            | string                                     |                                                      |
 | `extra-conf`             | Extra configuration lines for `/etc/nix/nix.conf` (includes `access-tokens` with `secrets.GITHUB_TOKEN` automatically if `github-token` is set)                                                                                                                                | string                                     |                                                      |
 | `flakehub`               | Log in to FlakeHub to pull private flakes using the GitHub Actions [JSON Web Token](https://jwt.io) (JWT), which is bound to the `api.flakehub.com` audience.                                                                                                                  | Boolean                                    | `false`                                              |
+| `force-docker-shim`      | Force the use of Docker as a process supervisor. This setting is automatically enabled when necessary.                                                                                                                                                                         | Boolean                                    | `false`                                              |
 | `github-token`           | A [GitHub token] for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests)                                                                                                                                                        | string                                     | `${{ github.token }}`                                |
 | `github-server-url`      | The URL for the GitHub server, to use with the `github-token` token. Defaults to the current GitHub server, supporting GitHub Enterprise Server automatically. Only change this value if the provided `github-token` is for a different GitHub server than the current server. | string                                     | `${{ github.server }}`                               |
 | `init`                   | The init system to configure (requires `planner: linux-multi`)                                                                                                                                                                                                                 | enum (`none` or `systemd`)                 |                                                      |

diff --git a/action.yml b/action.yml
@@ -17,6 +17,9 @@ inputs:
     description: Automatically log in to your [FlakeHub](https://flakehub.com) account, for accessing private flakes.
     required: false
     default: false
+  force-docker-shim:
+    description: Force the use of Docker as a process supervisor. This setting is automatically enabled when necessary.
+    default: false
   github-token:
     description: A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests)
     default: ${{ github.token }}