cachix
could not set permissions on '/nix/var/nix/profiles/per-user' to 755: Operation not permitted
Hi! I'm not sure if this is related to the install action, but I am getting this error after install and then trying to update:
I am running this in GitHub actions, specifically:
name: "Build and populate cache"
on:
pull_request:
push:
branches:
- main
schedule:
# rebuild everyday at 3:45
- cron: '45 3 * * *'
jobs:
tests:
strategy:
matrix:
# Set this to notify the global nur package registry that changes are
# available.
#
# The repo name as used in
# https://github.com/nix-community/NUR/blob/master/repos.json
nurRepo:
- rseops
# Set this to cache your build results in cachix for faster builds
# in CI and for everyone who uses your cache.
#
# Format: Your cachix cache host name without the ".cachix.org" suffix.
# Example: mycache (for mycache.cachix.org)
#
# For this to work, you also need to set the CACHIX_SIGNING_KEY or
# CACHIX_AUTH_TOKEN secret in your repository secrets settings in
# Github found at
# https://github.com/<your_githubname>/nur-packages/settings/secrets
cachixName:
- rseops
nixPath:
- nixpkgs=channel:nixos-unstable
- nixpkgs=channel:nixpkgs-unstable
- nixpkgs=channel:nixos-22.05
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install nix
uses: cachix/install-nix-action@v18
with:
nix_path: "${{ matrix.nixPath }}"
# nix 2.6 breaks restrict-eval, when using the NIX_PATH
# see https://github.com/NixOS/nix/issues/5980
install_url: https://releases.nixos.org/nix/nix-2.5.1/install
extra_nix_config: |
experimental-features = nix-command flakes
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Show nixpkgs version
run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
- name: Setup cachix
uses: cachix/cachix-action@v12
# Don't replace <YOUR_CACHIX_NAME> here!
if: ${{ matrix.cachixName != '<YOUR_CACHIX_NAME>' && github.event_name != 'pull_request' }}
with:
name: ${{ matrix.cachixName }}
# signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Check evaluation
run: |
nix-env -f . -qa \* --meta --xml \
--allowed-uris https://static.rust-lang.org \
--option restrict-eval true \
--option allow-import-from-derivation true \
--drv-path --show-trace \
-I nixpkgs=$(nix-instantiate --find-file nixpkgs) \
-I $PWD
- name: Build nix packages
run: nix shell -f '<nixpkgs>' nix-build-uncached -c nix-build-uncached ci.nix -A cacheOutputs
- name: Trigger NUR update
# Don't replace <YOUR_REPO_NAME> here!
if: ${{ matrix.nurRepo != '<YOUR_REPO_NAME>' && github.event_name != 'pull_request' }}
run: curl -XPOST "https://nur-update.herokuapp.com/update?repo=${{ matrix.nurRepo }}"
This is a Nix User Repository, if that is important to know! It was working before yesterday, and yesterday I added the cachix sections - those seemed to work for the PR builds and then merge into main, but now this morning a commit to main has this failure. Any help you could provide would be greatly appreciated!
okay I might have found a fix? I removed:
install_url: https://releases.nixos.org/nix/nix-2.5.1/install
and that seemed to build - hopefully it's not ephemeral!
I'm having the same issue with https://releases.nixos.org/nix/nix-2.3.16/install. Will try without that in a second.
Edit: works without pinning the Nix installation but now my build fails as it depends on an older version of Nix :|
oh no!!
For provenance, the issue (to pin in the first place) was:
# nix 2.6 breaks restrict-eval, when using the NIX_PATH
# see https://github.com/NixOS/nix/issues/5980
https://github.com/NixOS/nix/issues/5980
I suspect this is due to https://github.blog/changelog/2022-12-01-github-actions-larger-runners-using-ubuntu-latest-label-will-now-use-ubuntu-22-04/ ?
This is weird as it's fixed by restarting the nix-daemon, which is done by the installer.
