GitHub Action
use-nix-shell-action
This action applies the environment of a nix shell to your GitHub Actions job.
This action works like workflow/nix-shell-action
with one crucial difference: rather than only "applying" the provided shell to a script passed to the action's step, the shell is "applied" to the rest of the job.
This allows you to use nix
to provide binaries that other GitHub Actions require and also allows you to run your action's steps in a nix shell without needing to wrap every step in a nix-shell
action or bundle all your commands under one step.
Note If
nix
isn't found, this action will handle installingnix
for you usingcachix/install-nix-action
.However it's recommended that you run this action yourself.
name: "Test"
on: [push]
jobs:
example:
runs-on: ubuntu-latest
steps:
- uses: cachix/install-nix-action@v18
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Print env, before
run: env
# To make the environment in your flake's devShell available to future
# steps:
- uses: rrbutani/use-nix-shell-action@v1
with:
devShell: .#default # this is the default
- name: Print env, after
run: env
- name: Run hello
run: hello
- name: Print env var
run: echo $SOME_ENV_VAR
# Alternatively you can also run a script directly in the shell; choosing
# whether to preserve the environment outside the shell or not:
- uses: rrbutani/use-nix-shell-action@v1
with:
devShell: .#
exportEnv: false
interpreter: python3
clearEnvForScript: true # `SOME_ENV_VAR` will not be visible; nor will
# `hello` be on `$PATH`
script: |
import os
print(os.sys.version)
print(os.environ['PATH'])
These options describe the shell that use-nix-shell-action
should use.
Note You can only specify one of these options.
packages
: Comma-separated list of packages to install in your shell.- i.e.
packages: bash,python3,python3Packages.numpy
- spaces will be stripped so
bash, python3, python3Packages.numpy
works too
- spaces will be stripped so
- these packages are sourced from
<nixpkgs>
; seecachix/install-nix-action
for easy ways to influence this channel or consider using flakes
- i.e.
flakes
: Comma-separated list of flake references to install in your shell.- i.e.
nixpkgs#hello, github:edolstra/nix-serve, .#myPackage
- i.e.
devShell
: Flake reference to a devShell output. (default)- i.e.
.#
orgithub:NixOS/nix
orsome/path#someShell
or.#devShells.x86_64-linux.someSpecialShell
- i.e.
file
: Path to a nix file producing a shell.- i.e.
shell.nix
- i.e.
exportEnv
: Boolean specifying whetheruse-nix-shell-action
should export the shell given to your environment.- defaults to true
preserveDefaultPath
: Boolean controlling whether the shell's environment overrides$PATH
in the job (false
) or appends to it (true
).Warning Be careful with this option; if your shell doesn't include
bash
,node
,docker
, etc. those tools will not be on thePATH
after this step; this can break other actions.- note: things added to
$GITHUB_PATH
(i.e. by other actions) will be preserved regardless - defaults to true
- note: things added to
use-nix-shell-action
can also, optionally, run a script of your choosing under your nix shell. This is the functionality provided by workflow/nix-shell-action
but with some small mechanical differences; this action provides ways to run scripts under flake dev shells, for example.
script
: A script to run under the nix shell specified.- note: this runs after the environment is exported
- if you wish to have your script affect the environment you'll need to update
$GITHUB_ENV
yourself
- if you wish to have your script affect the environment you'll need to update
- note: this runs after the environment is exported
interpreter
: The interpreter under which to runscript
.- this should be present in your shell's
$PATH
- defaults to bash
- this should be present in your shell's
clearEnvForScript
: Boolean specifying whether to preserve existing env vars when running the provided script.- note: this does not influence the environment that's exported and cannot be used to provide a "pure" shell for future steps in your action
- defaults to true
extraNixOptions
: Escape hatch that you can use to specify extra flags to be passed to the command producing the shell.- for example
--impure
or extra--option
s - see the options for
nix print-dev-env
andnix shell
- for example
Yes!
Nope, sorry. Just regular (non-array) env vars. Anything that env
prints out.
Note that this also does not preserve the readonly
property of env vars.
Essentially just constructs a nix shell, one way or another, and then dumps the contents of env
into $GITHUB_ENV
.
We reuse this logic from nix-direnv
.
When should I use script
instead of just exporting the env and running the script in a separate step?
i.e. this:
- uses: rrbutani/use-nix-shell-action@v1
with:
script: ./foo.sh
verus this:
- uses: rrbutani/use-nix-shell-action@v1
- run: ./foo.sh
The key difference here is "purity" (i.e. of the environment that foo.sh
is run in). The former is run in the GitHub Actions environment (with the nix shell's environment layered on) while the latter is run with nix develop --ignore-environment
(unless clearEnvForScript
is set to false
).