DeterminateSystems/magic-nix-cache DeterminateSystems/magic-nix-cache

  • Stars
    star
    170
  • Rank 216,742 (Top 5 %)
  • Language
    Rust
  • License
    Apache License 2.0
  • Created about 1 year ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
DeterminateSystems/magic-nix-cache
github

DeterminateSystems

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.

Magic Nix Cache

Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.

Add our GitHub Action after installing Nix, in your workflow, like this:

- uses: DeterminateSystems/magic-nix-cache-action@main

See Usage for a detailed example.

Why use the Magic Nix Cache?

Magic Nix Cache uses the GitHub Actions built-in cache to share builds between Workflow runs, and has many advantages over alternatives.

  1. Totally free: backed by GitHub Actions' cache, there is no additional service to pay for.
  2. Zero configuration: add our action to your workflow. That's it. Everything built in your workflow will be cached.
  3. No secrets: Forks and pull requests benefit from the cache, too.
  4. Secure: Magic Nix Cache follows the same semantics as the GitHub Actions cache, and malicious pull requests cannot pollute your project.
  5. Private: The cache is stored in the GitHub Actions cache, not with an additional third party.

Note: the Magic Nix Cache doesn't offer a publicly available cache. This means the cache is only usable in CI. Zero to Nix has an article on binary caching if you want to share Nix builds with users outside of CI.

Usage

Add it to your Linux and macOS GitHub Actions workflows, like this:

name: CI

on:
  push:
  pull_request:

jobs:
  check:
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v3
      - uses: DeterminateSystems/nix-installer-action@main
      - uses: DeterminateSystems/magic-nix-cache-action@main
      - run: nix flake check

That's it. Everything built in your workflow will be cached.

Usage Notes

The GitHub Actions Cache has a rate limit on reads and writes. Occasionally, large projects or large rebuilds may exceed those rate-limits, and you'll see evidence of that in your logs. The error looks like this:

error: unable to download 'http://127.0.0.1:37515/<...>': HTTP error 418
       response body:
       GitHub API error: API error (429 Too Many Requests): StructuredApiError { message: "Request was blocked due to exceeding usage of resource 'Count' in namespace ''." }

The caching daemon and Nix both handle this gracefully, and won't cause your CI to fail. When the rate limit is exceeded while pulling dependencies, your workflow may perform more builds than usual. When the rate limit is exceeded while uploading to the cache, the remainder of those store paths will be uploaded on the next run of the workflow.

Development

This project depends on the GitHub Actions Cache API. For local development, see gha-cache/README.md for more details on how to obtain the required tokens.

cargo run -- -c creds.json --upstream https://cache.nixos.org
cargo build --release --target x86_64-unknown-linux-musl
cargo build --release --target aarch64-unknown-linux-musl
nix copy --to 'http://127.0.0.1:3000' $(which bash)
nix-store --store $PWD/test-root --extra-substituters 'http://localhost:3000' --option require-sigs false -r $(which bash)

Acknowledgement

Magic Nix Cache is a collaboration with Zhaofeng Li. Zhaofeng is a major contributor to the Nix community, having authored Attic and Colmena. We'd like to express our deep gratitude to Zhaofeng for his tremendous work on this project.

Telemetry

The goal of Magic Nix Cache is to help teams save time in CI. The cache daemon collects a little bit of telemetry information to help us make that true.

Here is a table of the telemetry data we collect:

Field Use
distinct_id An opaque string that represents your project, anonymized by sha256 hashing repository and organization details.
version The version of Magic Nix Cache.
is_ci Whether the Magic Nix Cache is being used in CI (i.e.: GitHub Actions).
elapsed_seconds How long the cache daemon was running.
narinfos_served Number of narinfos served from the cache daemon.
narinfos_sent_upstream Number of narinfo requests forwarded to the upstream cache.
narinfos_negative_cache_hits Effectiveness of an internal data structure which minimizes cache requests.
narinfos_negative_cache_misses Effectiveness of an internal data structure which minimizes cache requests.
narinfos_uploaded Number of new narinfo files cached during this run.
nars_served Number of nars served from the cache daemon.
nars_sent_upstream Number of nar requests forwarded to the upstream cache.
nars_uploaded Number of nars uploaded during this run.
num_original_paths Number of store paths that existed on startup.
num_final_paths Number of store paths that existed on shutdown.
num_new_paths The difference between num_original_paths and num_final_paths.

To disable diagnostic reporting, set the diagnostics URL to an empty string by passing --diagnostic-endpoint="".

You can read the full privacy policy for Determinate Systems, the creators of this tool and the Determinate Nix Installer, here.

More Repositories

1

nix-installer

Install Nix and flakes with the fast and reliable Determinate Nix Installer, with over 2 million installs.
Rust
1,389
star
2

zero-to-nix

Zero to Nix is your guide to learning Nix and flakes. Created by Determinate Systems.
MDX
781
star
3

riff

Riff automatically provides external dependencies for Rust projects, with support for other languages coming soon.
Rust
486
star
4

magic-nix-cache-action

Save 30-50%+ of CI time without any effort or cost. Use Magic Nix Cache, a totally free and zero-configuration binary cache for Nix on GitHub Actions.
TypeScript
288
star
5

update-flake-lock

Automatically refresh your Nix Flakes.
Nix
199
star
6

nix-netboot-serve

Make any NixOS system netbootable with 10s cycle times.
Rust
187
star
7

nuenv

A Nushell environment for Nix
Nushell
166
star
8

flake-checker

Health checks for your Nix flakes
Rust
120
star
9

nix-installer-action

The Github Action for the Determinate Nix Installer
TypeScript
114
star
10

bootspec-secureboot

Rust
92
star
11

fh

The official CLI for FlakeHub: search for flakes, and add new inputs to your Nix flake.
Rust
81
star
12

macos-ephemeral

Scripts and instructions for making ephemeral macOS machines with Mosyle MDM support.
Shell
73
star
13

nix-to-kubernetes

An example of deploying Nix-built Docker images to Kubernetes.Not act
Nix
63
star
14

flake-schemas

Schemas for common flake output types
Nix
56
star
15

terraform-provider-hydra

Declaratively configure your Hydra server with Terraform.
Go
41
star
16

nix-github-actions

An example project showing how to use Nix to replace third-party GitHub Actions
Nix
38
star
17

nixos-vault-service

Nix
36
star
18

flake-checker-action

A GitHub Action that performs health checks for your Nix flake.lock files
Nix
35
star
19

nix-policy

Experiments with Nix and Open Policy Agent
Nix
26
star
20

bonk

Erase macOS machines over Tailscale.
Go
25
star
21

bootspec

Implementation of RFC-0125's datatype and synthesis tooling.
Rust
21
star
22

flakehub-push

Release your Nix flake to FlakeHub.com.
Rust
20
star
23

nix-copy-deploy

An example project for the nix copy utility
Shell
12
star
24

zpool-auto-expand-partitions

Rust
12
star
25

hydra-github-jobsets-generator

Generate declarative jobsets for a project's GitHub repository.
Rust
11
star
26

nixos-example-openstack

An example of building and pushing images for Openstack.
Nix
11
star
27

dhcpv6macd

A DHCPv6 service which assigns IPv6 addresses strictly on MAC address only. Potentially violates RFCs and specs.
Nix
10
star
28

cpiotools

Tools for examining CPIOs.
Rust
8
star
29

hydra-examples

Example files for Hydra.
Nix
8
star
30

nix-cpio-generator

Rust
8
star
31

prometheus-weather-gov

An example Nix project using Python, with a NixOS Module, NixOS test, and Docker image.
Python
7
star
32

nix-wasm-example

Nix
7
star
33

hydra-nixos-org-configuration

A mirror of the project and jobset configurations on hydra.nixos.org.
HCL
6
star
34

nix-config-parser

Rust
6
star
35

asset-tagger

Print asset tags.
Shell
4
star
36

search-detsys-dev

Python
4
star
37

coldsnap.nix

Nix
3
star
38

flakehub-mirror

3
star
39

templates

Ready-made flake templates to get started with Nix
Nix
3
star
40

export

Export arbitrary bytes from Rust to various shells and interpreters.
Rust
3
star
41

hydra-runcommand-logs

Experiments logging to the journal from RunCommand.
Nix
3
star
42

elixir-nix

Nix
2
star
43

hydra-scale-equinix-metal

Scale Equinix Metal builders based on Hydra usage.
Rust
2
star
44

scanoss-nix

Packages for the ScanOSS tool set.
Nix
2
star
45

marp-nix

Nix
2
star
46

install-riff-action

A GitHub Action for installing Riff
Shell
1
star
47

homebrew-riff

A Homebrew formula for Riff
Ruby
1
star
48

karonte-nix

Python
1
star
49

github-actions-oidc-claims

Rust
1
star
50

linear-import-nix

Nix
1
star
51

nix-installer-example

Nix
1
star
52

pickup.nix

Nix
1
star
53

hydra-github-jobsets-example-project

1
star
54

hydra-test-migrate-to-s3

Test migrating a Hydra instance from a local cache to an S3-backed cache.
Nix
1
star
55

buildkite-install-nix-macos

A Buildkite workflow to install Nix on macOS
Shell
1
star
56

update-flake-lock-test-template

A template repository for testing changes to https://github.com/DeterminateSystems/update-flake-lock/
Nix
1
star
57

fh-init-example-project

Python
1
star
58

nix-upgrade

Tracks the fallback paths for Nix, to allow upgrades on our schedule.
Nix
1
star
59

.github

Determinate Systems
1
star
60

ipxe-boot-lab

Local lab for testing iPXE boot in user network namespaces.
Rust
1
star
61

mlnx-workspace

Nix
1
star