DeterminateSystems/magic-nix-cache DeterminateSystems/magic-nix-cache

  • Stars
    star
    231
  • Rank 173,434 (Top 4 %)
  • Language
    Rust
  • License
    Apache License 2.0
  • Created over 1 year ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
DeterminateSystems/magic-nix-cache
github

DeterminateSystems

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.

Magic Nix Cache

Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.

Add our GitHub Action after installing Nix, in your workflow, like this:

- uses: DeterminateSystems/magic-nix-cache-action@main

See Usage for a detailed example.

Why use the Magic Nix Cache?

Magic Nix Cache uses the GitHub Actions built-in cache to share builds between Workflow runs, and has many advantages over alternatives.

  1. Totally free: backed by GitHub Actions' cache, there is no additional service to pay for.
  2. Zero configuration: add our action to your workflow. That's it. Everything built in your workflow will be cached.
  3. No secrets: Forks and pull requests benefit from the cache, too.
  4. Secure: Magic Nix Cache follows the same semantics as the GitHub Actions cache, and malicious pull requests cannot pollute your project.
  5. Private: The cache is stored in the GitHub Actions cache, not with an additional third party.

Note: the Magic Nix Cache doesn't offer a publicly available cache. This means the cache is only usable in CI. Zero to Nix has an article on binary caching if you want to share Nix builds with users outside of CI.

Usage

Add it to your Linux and macOS GitHub Actions workflows, like this:

name: CI

on:
  push:
  pull_request:

jobs:
  check:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v3
      - uses: DeterminateSystems/nix-installer-action@main
      - uses: DeterminateSystems/magic-nix-cache-action@main
      - run: nix flake check

That's it. Everything built in your workflow will be cached.

Usage Notes

The GitHub Actions Cache has a rate limit on reads and writes. Occasionally, large projects or large rebuilds may exceed those rate-limits, and you'll see evidence of that in your logs. The error looks like this:

error: unable to download 'http://127.0.0.1:37515/<...>': HTTP error 418
       response body:
       GitHub API error: API error (429 Too Many Requests): StructuredApiError { message: "Request was blocked due to exceeding usage of resource 'Count' in namespace ''." }

The caching daemon and Nix both handle this gracefully, and won't cause your CI to fail. When the rate limit is exceeded while pulling dependencies, your workflow may perform more builds than usual. When the rate limit is exceeded while uploading to the cache, the remainder of those store paths will be uploaded on the next run of the workflow.

Development

This project depends on the GitHub Actions Cache API. For local development, see gha-cache/README.md for more details on how to obtain the required tokens.

cargo run -- -c creds.json --upstream https://cache.nixos.org
cargo build --release --target x86_64-unknown-linux-musl
cargo build --release --target aarch64-unknown-linux-musl
nix copy --to 'http://127.0.0.1:3000' $(which bash)
nix-store --store $PWD/test-root --extra-substituters 'http://localhost:3000' --option require-sigs false -r $(which bash)

Acknowledgement

Magic Nix Cache is a collaboration with Zhaofeng Li. Zhaofeng is a major contributor to the Nix community, having authored Attic and Colmena. We'd like to express our deep gratitude to Zhaofeng for his tremendous work on this project.

Telemetry

The goal of Magic Nix Cache is to help teams save time in CI. The cache daemon collects a little bit of telemetry information to help us make that true.

Here is a table of the telemetry data we collect:

Field Use
distinct_id An opaque string that represents your project, anonymized by sha256 hashing repository and organization details.
version The version of Magic Nix Cache.
is_ci Whether the Magic Nix Cache is being used in CI (i.e.: GitHub Actions).
elapsed_seconds How long the cache daemon was running.
narinfos_served Number of narinfos served from the cache daemon.
narinfos_sent_upstream Number of narinfo requests forwarded to the upstream cache.
narinfos_negative_cache_hits Effectiveness of an internal data structure which minimizes cache requests.
narinfos_negative_cache_misses Effectiveness of an internal data structure which minimizes cache requests.
narinfos_uploaded Number of new narinfo files cached during this run.
nars_served Number of nars served from the cache daemon.
nars_sent_upstream Number of nar requests forwarded to the upstream cache.
nars_uploaded Number of nars uploaded during this run.
num_original_paths Number of store paths that existed on startup.
num_final_paths Number of store paths that existed on shutdown.
num_new_paths The difference between num_original_paths and num_final_paths.

To disable diagnostic reporting, set the diagnostics URL to an empty string by passing --diagnostic-endpoint="".

You can read the full privacy policy for Determinate Systems, the creators of this tool and the Determinate Nix Installer, here.

More Repositories

1

nix-installer

Install Nix and flakes with the fast and reliable Determinate Nix Installer, with over 2 million installs.
Rust
1,919
star
2

zero-to-nix

Zero to Nix is your guide to learning Nix and flakes. Created by Determinate Systems.
MDX
890
star
3

riff

Riff automatically provides external dependencies for Rust projects, with support for other languages coming soon.
Rust
487
star
4

magic-nix-cache-action

Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.
TypeScript
354
star
5

update-flake-lock

Automatically refresh your Nix Flakes.
TypeScript
226
star
6

nuenv

A Nushell environment for Nix
Nushell
196
star
7

nix-netboot-serve

Make any NixOS system netbootable with 10s cycle times.
Rust
196
star
8

flake-checker

Health checks for your Nix flakes
Rust
160
star
9

nix-installer-action

The Github Action for the Determinate Nix Installer
TypeScript
150
star
10

fh

The official CLI for FlakeHub: search for flakes, and add new inputs to your Nix flake.
Rust
110
star
11

bootspec-secureboot

Rust
88
star
12

nix-to-kubernetes

An example of deploying Nix-built Docker images to Kubernetes.Not act
Nix
78
star
13

flake-schemas

Schemas for common flake output types
Nix
77
star
14

macos-ephemeral

Scripts and instructions for making ephemeral macOS machines with Mosyle MDM support.
Shell
76
star
15

flake-checker-action

A GitHub Action that performs health checks for your Nix flake.lock files
TypeScript
45
star
16

nixos-vault-service

Nix
43
star
17

terraform-provider-hydra

Declaratively configure your Hydra server with Terraform.
Go
43
star
18

nix-github-actions

An example project showing how to use Nix to replace third-party GitHub Actions
Nix
43
star
19

nix-policy

Experiments with Nix and Open Policy Agent
Nix
27
star
20

bonk

Erase macOS machines over Tailscale.
Go
26
star
21

flakehub-push

Release your Nix flake to FlakeHub.com.
Rust
26
star
22

bootspec

Implementation of RFC-0125's datatype and synthesis tooling.
Rust
23
star
23

nix-wasm-example

Nix
19
star
24

nix-copy-deploy

An example project for the nix copy utility
Shell
13
star
25

zpool-auto-expand-partitions

Rust
12
star
26

hydra-github-jobsets-generator

Generate declarative jobsets for a project's GitHub repository.
Rust
12
star
27

dhcpv6macd

A DHCPv6 service which assigns IPv6 addresses strictly on MAC address only. Potentially violates RFCs and specs.
Nix
11
star
28

nixos-example-openstack

An example of building and pushing images for Openstack.
Nix
10
star
29

apple-sdks.nix

Experimental extraction of Apple SDKs.
Nix
9
star
30

nix-cpio-generator

Rust
9
star
31

hydra-examples

Example files for Hydra.
Nix
8
star
32

cpiotools

Tools for examining CPIOs.
Rust
7
star
33

prometheus-weather-gov

An example Nix project using Python, with a NixOS Module, NixOS test, and Docker image.
Python
7
star
34

hydra-nixos-org-configuration

A mirror of the project and jobset configurations on hydra.nixos.org.
HCL
6
star
35

nix

Tracks the fallback paths for Nix, to allow upgrades on our schedule.
Nix
6
star
36

nix-config-parser

Rust
6
star
37

asset-tagger

Print asset tags.
Shell
4
star
38

inspect

Inspect a flake's outputs with flake schemas.
Nix
4
star
39

search-detsys-dev

Python
4
star
40

flakehub-mirror

TypeScript
4
star
41

templates

Ready-made flake templates to get started with Nix
Nix
3
star
42

export

Export arbitrary bytes from Rust to various shells and interpreters.
Rust
3
star
43

elixir-nix

Nix
2
star
44

coldsnap.nix

Nix
2
star
45

hydra-scale-equinix-metal

Scale Equinix Metal builders based on Hydra usage.
Rust
2
star
46

scanoss-nix

Packages for the ScanOSS tool set.
Nix
2
star
47

detsys-ts

TypeScript
2
star
48

hydra-runcommand-logs

Experiments logging to the journal from RunCommand.
Nix
2
star
49

ci

Determinate CI is the one-stop shop for effortless Nix CI in GitHub Actions.
2
star
50

flakehub-docs

FlakeHub documentation
MDX
2
star
51

install-riff-action

A GitHub Action for installing Riff
Shell
1
star
52

homebrew-riff

A Homebrew formula for Riff
Ruby
1
star
53

karonte-nix

Python
1
star
54

github-actions-oidc-claims

Rust
1
star
55

nix-installer-example

Nix
1
star
56

linear-import-nix

Nix
1
star
57

pickup.nix

Nix
1
star
58

hydra-github-jobsets-example-project

1
star
59

hydra-test-migrate-to-s3

Test migrating a Hydra instance from a local cache to an S3-backed cache.
Nix
1
star
60

buildkite-install-nix-macos

A Buildkite workflow to install Nix on macOS
Shell
1
star
61

update-flake-lock-test-template

A template repository for testing changes to https://github.com/DeterminateSystems/update-flake-lock/
Nix
1
star
62

marp-nix

Nix
1
star
63

fh-init-example-project

Python
1
star
64

.github

Determinate Systems
1
star
65

ipxe-boot-lab

Local lab for testing iPXE boot in user network namespaces.
Rust
1
star
66

mlnx-workspace

Nix
1
star
67

store-paths

Nix
1
star