darwin-rebuild: Don't prompt for sudo multiple times #1923

# to view logs

Workflow file for this run

	name: "Test"
	on:
	pull_request:
	push:
	branches:
	- master

	env:
	CURRENT_STABLE_CHANNEL: nixpkgs-24.05-darwin

	jobs:
	test-stable:
	runs-on: macos-13
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4
	- name: Install nix corresponding to latest stable channel
	uses: cachix/install-nix-action@v30
	with:
	install_url: https://releases.nixos.org/nix/nix-2.18.8/install
	- run: nix flake check --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}

	test-unstable:
	runs-on: macos-13
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4
	- name: Install nix from current unstable channel
	uses: cachix/install-nix-action@v30
	with:
	install_url: https://releases.nixos.org/nix/nix-2.24.9/install
	- run: nix flake check --override-input nixpkgs nixpkgs/nixpkgs-unstable

	install-against-stable:
	runs-on: macos-13
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4
	- name: Install nix corresponding to latest stable channel
	uses: cachix/install-nix-action@v30
	with:
	install_url: https://releases.nixos.org/nix/nix-2.18.8/install
	nix_path: nixpkgs=channel:${{ env.CURRENT_STABLE_CHANNEL }}
	- name: Install ${{ env.CURRENT_STABLE_CHANNEL }} channel
	run: \|
	nix-channel --add https://nixos.org/channels/${{ env.CURRENT_STABLE_CHANNEL }} nixpkgs
	nix-channel --update
	- name: Install nix-darwin and test
	run: \|
	export NIX_PATH=$HOME/.nix-defexpr/channels

	# We run nix-darwin twice to test that it can create darwin-configuration correctly for us
	# but we expect it to fail setting up /etc/nix/nix.conf
	nix-shell -A installer \|\| true

	nixConfHash=$(shasum -a 256 /etc/nix/nix.conf \| cut -d ' ' -f 1)
	/usr/bin/sed -i.bak \
	"s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
	~/.nixpkgs/darwin-configuration.nix

	nix-shell -A installer
	nix-shell -A installer.check
	- name: Build and activate default derivation
	run: \|
	. /etc/static/bashrc
	darwin-rebuild switch -I darwin=.
	- name: Test uninstallation of nix-darwin
	run: \|
	nix run .#darwin-uninstaller \
	--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} \
	--extra-experimental-features "nix-command flakes"
	nix run .#darwin-uninstaller.tests.uninstaller \
	--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }} \
	--extra-experimental-features "nix-command flakes"
	- name: Debugging tmate session
	if: ${{ failure() }}
	uses: mxschmitt/action-tmate@v3
	timeout-minutes: 15
	with:
	limit-access-to-actor: true

	install-against-unstable:
	runs-on: macos-13
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4
	- name: Install nix from current unstable channel
	uses: cachix/install-nix-action@v30
	with:
	install_url: https://releases.nixos.org/nix/nix-2.24.9/install
	nix_path: nixpkgs=channel:nixpkgs-unstable
	- name: Install nixpkgs-unstable channel
	run: \|
	nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs
	nix-channel --update
	- name: Install nix-darwin and test
	run: \|
	export NIX_PATH=$HOME/.nix-defexpr/channels

	# We run nix-darwin twice to test that it can create darwin-configuration correctly for us
	# but we expect it to fail setting up /etc/nix/nix.conf
	nix-shell -A installer \|\| true

	nixConfHash=$(shasum -a 256 /etc/nix/nix.conf \| cut -d ' ' -f 1)
	/usr/bin/sed -i.bak \
	"s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
	~/.nixpkgs/darwin-configuration.nix

	nix-shell -A installer
	nix-shell -A installer.check
	- name: Build and activate default derivation
	run: \|
	. /etc/static/bashrc
	darwin-rebuild switch -I darwin=.
	- name: Test uninstallation of nix-darwin
	run: \|
	# A regression in Nix 2.19 means we need to put `--extra-experimental-features` before `--override-input`
	nix run .#darwin-uninstaller \
	--extra-experimental-features "nix-command flakes" \
	--override-input nixpkgs nixpkgs/nixpkgs-unstable
	nix run .#darwin-uninstaller.tests.uninstaller \
	--extra-experimental-features "nix-command flakes" \
	--override-input nixpkgs nixpkgs/nixpkgs-unstable
	- name: Debugging tmate session
	if: ${{ failure() }}
	uses: mxschmitt/action-tmate@v3
	timeout-minutes: 15
	with:
	limit-access-to-actor: true

	install-flake-against-stable:
	runs-on: macos-13
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4
	- name: Install nix version corresponding to latest stable channel
	uses: cachix/install-nix-action@v30
	with:
	install_url: https://releases.nixos.org/nix/nix-2.18.8/install
	- name: Install nix-darwin
	run: \|
	mkdir -p ~/.config/nix-darwin
	darwin=$(pwd)
	pushd ~/.config/nix-darwin
	nix flake init -t $darwin
	nixConfHash=$(shasum -a 256 /etc/nix/nix.conf \| cut -d ' ' -f 1)
	/usr/bin/sed -i.bak \
	"s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
	flake.nix
	popd
	nix run .#darwin-rebuild -- \
	switch --flake ~/.config/nix-darwin#simple \
	--override-input nix-darwin . \
	--override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}
	- name: Rebuild and activate simple flake, but this time using nix-darwin's flake interface
	run: \|
	. /etc/static/bashrc
	darwin-rebuild build --flake ./modules/examples/flake#simple --override-input nix-darwin . --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}
	- name: Test uninstallation of nix-darwin
	run: \|
	nix run .#darwin-uninstaller --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}
	nix run .#darwin-uninstaller.tests.uninstaller --override-input nixpkgs nixpkgs/${{ env.CURRENT_STABLE_CHANNEL }}

	install-flake-against-unstable:
	runs-on: macos-13
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4
	- name: Install nix from current unstable channel
	uses: cachix/install-nix-action@v30
	with:
	install_url: https://releases.nixos.org/nix/nix-2.24.9/install
	- name: Install nix-darwin
	run: \|
	mkdir -p ~/.config/nix-darwin
	darwin=$(pwd)
	pushd ~/.config/nix-darwin
	nix flake init -t $darwin
	nixConfHash=$(shasum -a 256 /etc/nix/nix.conf \| cut -d ' ' -f 1)
	/usr/bin/sed -i.bak \
	"s/# nix.package = pkgs.nix;/nix.settings.access-tokens = [ \"github.com=\${{ secrets.GITHUB_TOKEN }}\" ]; environment.etc.\"nix\/nix.conf\".knownSha256Hashes = [ \"$nixConfHash\" ];/" \
	flake.nix
	popd
	nix run .#darwin-rebuild -- \
	switch --flake ~/.config/nix-darwin#simple \
	--override-input nix-darwin . \
	--override-input nixpkgs nixpkgs/nixpkgs-unstable
	- name: Rebuild and activate simple flake, but this time using nix-darwin's flake interface
	run: \|
	. /etc/static/bashrc
	darwin-rebuild build --flake ./modules/examples/flake#simple --override-input nix-darwin . --override-input nixpkgs nixpkgs/nixpkgs-unstable
	- name: Test uninstallation of nix-darwin
	run: \|
	nix run .#darwin-uninstaller --override-input nixpkgs nixpkgs/nixpkgs-unstable
	nix run .#darwin-uninstaller.tests.uninstaller --override-input nixpkgs nixpkgs/nixpkgs-unstable

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

darwin-rebuild: Don't prompt for sudo multiple times #1923

Workflow file

darwin-rebuild: Don't prompt for sudo multiple times #1923

Jobs

Run details

Workflow file for this run