install-nix-action: Breaks on (at least some) self-hosted runners

We recently started using https://github.com/philips-labs/terraform-aws-github-runner. It creates ephemeral self-hosted runners in EC2. Most of the time, the instances are freshly-created, but they will stick around for a bit after finishing a workflow in case another workflow quickly becomes available, in which case you might get the same instance again.

When this happens, and both the previous workflow and the next workflow use this action, we get the following failure:

...
2021-10-01T00:45:54.7702575Z ---- let's talk about sudo -----------------------------------------------------
2021-10-01T00:45:54.7714295Z This script is going to call sudo a lot. Normally, it would show you
2021-10-01T00:45:54.7716361Z exactly what commands it is running and why. However, the script is
2021-10-01T00:45:54.7718730Z run in a headless fashion, like this:
2021-10-01T00:45:54.7719651Z 
2021-10-01T00:45:54.7720930Z   $ curl -L https://nixos.org/nix/install | sh
2021-10-01T00:45:54.7721756Z 
2021-10-01T00:45:54.7723160Z or maybe in a CI pipeline. Because of that, we're going to skip the
2021-10-01T00:45:54.7724515Z verbose output in the interest of brevity.
2021-10-01T00:45:54.7725249Z 
2021-10-01T00:45:54.7725953Z If you would like to
2021-10-01T00:45:54.7726840Z see the output, try like this:
2021-10-01T00:45:54.7727745Z 
2021-10-01T00:45:54.7729161Z   $ curl -L -o install-nix https://nixos.org/nix/install
2021-10-01T00:45:54.7730595Z   $ sh ./install-nix
2021-10-01T00:45:54.7731151Z 
2021-10-01T00:45:54.7747047Z 
2021-10-01T00:45:54.7748571Z ---- oh no! --------------------------------------------------------------------
2021-10-01T00:45:54.7787295Z When this script runs, it backs up the current /etc/bashrc to
2021-10-01T00:45:54.7788936Z /etc/bashrc.backup-before-nix. This backup file already exists, though.
2021-10-01T00:45:54.7789763Z 
2021-10-01T00:45:54.7790547Z Please follow these instructions to clean up the old backup file:
2021-10-01T00:45:54.7791475Z 
2021-10-01T00:45:54.7792633Z 1. Copy /etc/bashrc and /etc/bashrc.backup-before-nix to another place, just
2021-10-01T00:45:54.7793594Z in case.
2021-10-01T00:45:54.7794042Z 
2021-10-01T00:45:54.7795175Z 2. Take care to make sure that /etc/bashrc.backup-before-nix doesn't look like
2021-10-01T00:45:54.7796625Z it has anything nix-related in it. If it does, something is probably
2021-10-01T00:45:54.7797738Z quite wrong. Please open an issue or get in touch immediately.
2021-10-01T00:45:54.7801951Z 
2021-10-01T00:45:54.7817828Z We'd love to help if you need it.
2021-10-01T00:45:54.7818492Z 
2021-10-01T00:45:54.7819575Z You can open an issue at https://github.com/nixos/nix/issues
2021-10-01T00:45:54.7820828Z 
2021-10-01T00:45:54.7821661Z Or feel free to contact the team:
2021-10-01T00:45:54.7822900Z  - Matrix: #nix:nixos.org
2021-10-01T00:45:54.7824170Z  - IRC: in #nixos on irc.libera.chat
2021-10-01T00:45:54.7825429Z  - twitter: @nixos_org
2021-10-01T00:45:54.7826903Z  - forum: https://discourse.nixos.org
2021-10-01T00:45:54.8703411Z child_process.js:642
2021-10-01T00:45:54.8708857Z     throw err;
2021-10-01T00:45:54.8709521Z     ^
2021-10-01T00:45:54.8709947Z 
2021-10-01T00:45:54.8716836Z Error: Command failed: /home/ec2-user/actions-runner/_work/_actions/cachix/install-nix-action/v14/lib/install-nix.sh
2021-10-01T00:45:54.8718487Z     at checkExecSyncError (child_process.js:621:11)
2021-10-01T00:45:54.8719881Z     at Object.execFileSync (child_process.js:639:15)
2021-10-01T00:45:54.8721521Z     at Object.<anonymous> (/home/ec2-user/actions-runner/_work/_actions/cachix/install-nix-action/v14/lib/main.js:4:17)
2021-10-01T00:45:54.8722812Z     at Module._compile (internal/modules/cjs/loader.js:959:30)
2021-10-01T00:45:54.8723869Z     at Object.Module._extensions..js (internal/modules/cjs/loader.js:995:10)
2021-10-01T00:45:54.8724925Z     at Module.load (internal/modules/cjs/loader.js:815:32)
2021-10-01T00:45:54.8725913Z     at Function.Module._load (internal/modules/cjs/loader.js:727:14)
2021-10-01T00:45:54.8727036Z     at Function.Module.runMain (internal/modules/cjs/loader.js:1047:10)
2021-10-01T00:45:54.8728020Z     at internal/main/run_main_module.js:17:11 {
2021-10-01T00:45:54.8728629Z   status: 1,
2021-10-01T00:45:54.8729126Z   signal: null,
2021-10-01T00:45:54.8729704Z   output: [ null, null, null ],
2021-10-01T00:45:54.8730237Z   pid: 16656,
2021-10-01T00:45:54.8730725Z   stdout: null,
2021-10-01T00:45:54.8731242Z   stderr: null
2021-10-01T00:45:54.8731693Z }

I would have thought that this action checks for an existing /nix/store, and it appears that it used to, but that’s been removed: https://github.com/cachix/install-nix-action/commit/82ce26d8eb474a47d88aa946f4987bc4451b79ef

About this issue

  • Original URL
  • State: open
  • Created 3 years ago
  • Reactions: 2
  • Comments: 24 (12 by maintainers)

Commits related to this issue

Most upvoted comments

image

Could this be the reason? Bash with norc, so the runner could not pick up the nix binary in PATH. bash norc is the default shell for many self hosted runners. I think we should not rely on checking nix in the PATH to proceed with installation.

+1
sandangel on Nov 3, 2022
Read more comments on GitHub
← cachix-action: Should not run `nix-build` unconditionally
jupyter_environment_kernels: calling jupyter notebook outputs error →