diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e7146af..1d0b79d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -346,6 +346,8 @@ jobs: log-directives: nix_installer=trace backtrace: full github-token: ${{ secrets.GITHUB_TOKEN }} + extra-conf: | + trusted-users = root runner - name: Initial uninstall (without a `nix run` first) run: sudo -E /nix/nix-installer uninstall env: @@ -361,6 +363,7 @@ jobs: log-directives: nix_installer=trace backtrace: full github-token: ${{ secrets.GITHUB_TOKEN }} + extra-conf: trusted-users = root runner - name: echo $PATH run: echo $PATH - name: Test `nix` with `$GITHUB_PATH` diff --git a/action.yml b/action.yml index 4370ddf..6ade7e1 100644 --- a/action.yml +++ b/action.yml @@ -115,19 +115,17 @@ runs: echo "Set NIX_INSTALLER_NIX_PACKAGE_URL=$NIX_INSTALLER_NIX_PACKAGE_URL" fi + export NIX_INSTALLER_EXTRA_CONF_FILE=/tmp/extra-nix-config + touch $NIX_INSTALLER_EXTRA_CONF_FILE if [ -n "${{ inputs.extra-conf }}" ]; then - if [ -n "${{ inputs.github-token }}" ]; then - export NIX_INSTALLER_EXTRA_CONF="${{ inputs.extra-conf }}access-tokens = github.com=${{ inputs.github-token }}" - else - export NIX_INSTALLER_EXTRA_CONF="${{ inputs.extra-conf }}" - fi - echo "Set NIX_INSTALLER_EXTRA_CONF=$NIX_INSTALLER_EXTRA_CONF" - else - if [ -n "${{ inputs.github-token }}" ]; then - export NIX_INSTALLER_EXTRA_CONF="access-tokens = github.com=${{ inputs.github-token }}" - echo "Set NIX_INSTALLER_EXTRA_CONF=$NIX_INSTALLER_EXTRA_CONF" - fi + echo "${{ inputs.extra-conf }}" >> $NIX_INSTALLER_EXTRA_CONF_FILE fi + if [ -n "${{ inputs.github-token }}" ]; then + echo "access-tokens = github.com=${{ inputs.github-token }}" >> $NIX_INSTALLER_EXTRA_CONF_FILE + fi + + export NIX_INSTALLER_EXTRA_CONF="$(cat $NIX_INSTALLER_EXTRA_CONF_FILE)" + echo "Set NIX_INSTALLER_EXTRA_CONF=$NIX_INSTALLER_EXTRA_CONF" if [ -n "${{ inputs.mac-encrypt }}" ]; then export NIX_INSTALLER_ENCRYPT=${{ inputs.mac-encrypt }}