Continuous Integration with GitHub Actions
This tutorial guides you through a few short steps to start using GitHub Actions as your CI for commits and pull requests.
Caching builds using Cachix
One nice benefit of Nix is that CI can build and cache developer environments for every project on every branch using binary caches.
Another important aspect of CI is the feedback loop of how many minutes does the build take to finish.
Using Cachix you’ll never have to waste building any derivation twice and you’ll share built derivations with all your developers.
After each job, just built derivations are pushed to your binary cache.
Before each job, derivations to be built are first substituted (if they exist) from your binary cache.
1. Creating your first binary cache
It’s recommended to have different binary caches per team, depending who will have write/read access to it.
Fill out the form on create binary cache page.
On your freshly created binary cache, generate signing keypair via Push binaries tab instructions.
2. Setting up secrets
On your GitHub repository or organization (for use across all repositories):
Click on
Settings
Click on
Secrets
.Add your (previously generated) signing key under name
CACHIX_SIGNING_KEY
.
Setting up GitHub Actions
Create .github/workflows/test.yml
with:
name: "Test"
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.1
- uses: cachix/install-nix-action@v10
- uses: cachix/cachix-action@v6
with:
name: mycache
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
# Only needed for private caches
#authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: nix-build
- run: nix-shell --run "echo OK"
Once you commit and push to your GitHub repository, you should see status checks appearing on commits and PRs.
Going forward
To quickly setup a Nix project read through Getting started Nix template.