Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.
By default it has no nixpkgs configured, you have to set nix_path
by picking a channel
or pin nixpkgs yourself
(see also pinning tutorial).
- Quick installation (~4s on Linux, ~20s on macOS)
- Multi-User installation (with sandboxing enabled only on Linux)
- Self-hosted GitHub runner support
- Allows specifying Nix installation URL via
install_url
(the oldest supported Nix version is 2.3.5) - Allows specifying extra Nix configuration options via
extra_nix_config
- Allows specifying
$NIX_PATH
and channels vianix_path
- Share
/nix/store
between builds using cachix-action for simple binary cache setup to speed up your builds and share binaries with your team - Enables
flakes
andnix-command
experimental features by default (to disable, setexperimental-features
viaextra_nix_config
)
Create .github/workflows/test.yml
in your repo with the following contents:
name: "Test"
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- run: nix-build
name: "Test"
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v25
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- run: nix build
- run: nix flake check
To install Nix from any commit, go to the corresponding installer_test action and click on "Run cachix/install-nix-action@XX" step and expand the first line.
-
extra_nix_config
: append to/etc/nix/nix.conf
-
github_access_token
: configure Nix to pull from GitHub using the given GitHub token. This helps work around rate limit issues. Has no effect whenaccess-tokens
is also specified inextra_nix_config
. -
install_url
: specify URL to install Nix from (useful for testing non-stable releases or pinning Nix, for example https://releases.nixos.org/nix/nix-2.3.7/install) -
install_options
: additional installer flags passed to the installer script. -
nix_path
: setNIX_PATH
environment variable, for examplenixpkgs=channel:nixos-unstable
-
enable_kvm
: whether to enable KVM for hardware-accelerated virtualization on Linux. Enabled by default if available.
- name: Print nixpkgs version
run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
With the following inputs:
- uses: cachix/install-nix-action@vXX
with:
extra_nix_config: "system-features = nixos-test benchmark big-parallel kvm"
Note that there's no hardware acceleration on GitHub Actions..
nix-env -i mypackage -f '<nixpkgs>'
If the binary cache you want to add is hosted on Cachix and you are
using cachix-action, you
should use their extraPullNames
input like this:
- uses: cachix/cachix-action@vXX
with:
name: mycache
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
extraPullNames: nix-community
Otherwise, you can add any binary cache to nix.conf using
install-nix-action's own extra_nix_config
input:
- uses: cachix/install-nix-action@v25
with:
extra_nix_config: |
trusted-public-keys = hydra.iohk.io:f/Ea s dFdN 3Y/G FDgSq a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://hydra.iohk.io https://cache.nixos.org/
Nix runs commands in a restricted environment by default, called pure mode
.
In pure mode, environment variables are not passed through to improve the reproducibility of the shell.
You can use the --keep / -k
flag to keep certain environment variables:
- name: Run a command with nix develop
run: nix develop --ignore-environment --keep MY_ENV_VAR --command echo $MY_ENV_VAR
env:
MY_ENV_VAR: "hello world"
Or you can disable pure mode entirely with the --impure
flag:
nix develop --impure