Warning
nixci has been superceded by omnix; you should use om ci
instead.
nixci
builds all outputs in a flake, or optionally its sub-flakes, which can in turn be used either in CI or locally. Using devour-flake it will automatically build the following outputs:
Type | Output Key |
---|---|
Standard flake outputs | packages , apps , checks , devShells |
NixOS | nixosConfigurations.* |
nix-darwin | darwinConfigurations.* |
home-manager | legacyPackages.${system}.homeConfigurations.* |
The stdout of nixci
will be a list of store paths built.
nixpkgs
contains version 0.5.0 of nixci that you can install using nix profile install nixpkgs#nixci
or run using nix run nixpkgs#nixci
.
To install, run nix profile install github:srid/nixci
. You can also use use nix run github:srid/nixci
to run nixci
directly off this repo without installing it.
nixci
accepts any valid flake URL or a Github PR URL.
# Run nixci on current directory flake
$ nixci # Or `nixci build` or `nixci build .`
# Run nixci on a local flake (default is $PWD)
$ nixci build ~/code/myproject
# Run nixci on a github repo
$ nixci build github:hercules-ci/hercules-ci-agent
# Run nixci on a github PR
$ nixci build https://github.com/srid/emanote/pull/451
# Run only the selected sub-flake
$ git clone https://github.com/srid/haskell-flake && cd haskell-flake
$ nixci build .#default.dev
Add the following to your workflow file,
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main
with:
extra-conf: |
trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://cache.garnix.io?priority=41 https://cache.nixos.org/
- uses: yaxitech/nix-install-pkgs-action@v3
with:
packages: "github:srid/nixci"
- run: nixci build
Note
This currently requires an explicit nixci configuration in your flake, viz.: nixci.default.root.dir = ".";
.
jobs:
configure:
runs-on: self-hosted
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- id: set-matrix
run: echo "matrix=$(nixci gh-matrix --systems=aarch64-linux,aarch64-darwin | jq -c .)" >> $GITHUB_OUTPUT
nix:
runs-on: self-hosted
needs: configure
strategy:
matrix: ${{ fromJson(needs.configure.outputs.matrix) }}
fail-fast: false
steps:
- uses: actions/checkout@v4
- run: nixci build --systems "github:nix-systems/${{ matrix.system }}" ".#default.${{ matrix.subflake }}"
Tip
If your builds fail due to GitHub's rate limiting, consider passing --extra-access-tokens
(see an example PR). If you get rate limits when accessing github:nix-systems
, use this workaround.
By default, nixci
will build the top-level flake, but you can tell it to build sub-flakes by adding the following output to your top-level flake:
# myproject/flake.nix
{
nixci.default = {
dir1 = {
dir = "dir1";
};
dir2 = {
dir = "dir2";
overrideInputs.myproject = ./.;
};
}
}
You can have more than one nixci configuration. For eg., nixci .#foo
will run the configuration from nixci.foo
flake output.
Some real-world examples of how nixci is used with specific configurations:
- services-flake
- nixos-flake
- haskell-flake
- Here's a blog post that talks about how it is used in haskell-flake
- Optionally, accept a flake config (
nixci.default
) to indicate sub-flakes to build, along with their input overrides - Preliminary checks
- Check that
flake.lock
is in sync - Check that the Nix version is not tool old (using nix-health)
- Check that
- Use devour-flake to build all flake outputs1
- Print the built store paths to stdout
For discussion of nixci, please post in our Zulip.
- github-nix-ci - A simple NixOS & nix-darwin module for self-hosting GitHub runners (includes
nixci
by default) - jenkins-nix-ci - Jenkins NixOS module that supports
nixci
as a Groovy function
Footnotes
-
Support for flake-schemas is planned ↩