From 4d66c1f3084aef687d26c5dcf2c974d3dbf16373 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 11 Apr 2024 18:10:56 +0200 Subject: [PATCH] Move the post-build hook script to the Nix store In self-hosted GHA runners on NixOS, the runner has a different /tmp than the Nix daemon, so the daemon would get "file not found" trying to execute the post-build hook. As a workaround, move the script to the Nix store so we can be sure that the daemon can access it. --- magic-nix-cache/src/main.rs | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index 9d8756e..3601399 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -32,6 +32,7 @@ use anyhow::{anyhow, Context, Result}; use axum::{extract::Extension, routing::get, Router}; use clap::Parser; use tempfile::NamedTempFile; +use tokio::process::Command; use tokio::sync::{oneshot, Mutex, RwLock}; use tracing_subscriber::filter::EnvFilter; @@ -269,13 +270,34 @@ async fn main_cli() -> Result<()> { .as_bytes(), ) .with_context(|| "Writing the post-build hook")?; - file.keep() + let path = file + .keep() .with_context(|| "Keeping the post-build hook")? - .1 - }; + .1; - fs::set_permissions(&post_build_hook_script, fs::Permissions::from_mode(0o755)) - .with_context(|| "Setting permissions on the post-build hook")?; + fs::set_permissions(&path, fs::Permissions::from_mode(0o755)) + .with_context(|| "Setting permissions on the post-build hook")?; + + /* Copy the script to the Nix store so we know for sure that + * it's accessible to the Nix daemon, which might have a + * different /tmp from us. */ + let res = Command::new("nix") + .args([ + "--extra-experimental-features", + "nix-command", + "store", + "add-path", + &path.display().to_string(), + ]) + .output() + .await?; + if res.status.success() { + tokio::fs::remove_file(path).await?; + PathBuf::from(String::from_utf8_lossy(&res.stdout).trim()) + } else { + path + } + }; /* Update nix.conf. */ nix_conf