actions/determinate-nix-action
2
0
Fork 0
mirror of https://github.com/DeterminateSystems/determinate-nix-action.git synced 2026-02-25 07:07:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #7 from DeterminateSystems/permissions-note

Browse source 
Add note about permissions block
This commit is contained in:
Graham Christensen 2025-05-15 16:21:29 -04:00 committed by GitHub
commit 5ad07f9ef8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 24 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
README.md
View file

@ -36,6 +36,8 @@ Based on the [Determinate Nix Installer](https://github.com/DeterminateSystems/n
## ️🔧 Usage ## ️🔧 Usage
Here's an example Actions workflow configuration that uses `determinate-nix-action`:
```yaml ```yaml
on: on:
pull_request: pull_request:
@ -43,18 +45,21 @@ on:
branches: [main] branches: [main]
jobs: jobs:
lints: build-pkg:
name: Build name: Build Nix package
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions: permissions:
id-token: "write" id-token: write
contents: "read" contents: read
steps: steps:
- uses: actions/checkout@v4.2.2 - uses: actions/checkout@v4.2.2
- uses: DeterminateSystems/determinate-nix-action@main # or v3.5.2 to pin to a release - uses: DeterminateSystems/determinate-nix-action@main # or v3.5.2 to pin to a release
- run: nix build . - run: nix build .
``` ```
> [!IMPORTANT]
> If you use [FlakeHub], you need to add a `permissions` block like the one in the example above or else Determinate Nix can't authenticate with FlakeHub or [FlakeHub Cache][cache].
## 📌 Version Pinning: Lock It Down! ## 📌 Version Pinning: Lock It Down!
### Why Pin Your Action? ### Why Pin Your Action?
@ -124,3 +129,6 @@ We're committed to making your experience with Determinate Nix as smooth as poss
- 📧 **Need direct support?** Email us at [support@determinate.systems](mailto:support@determinate.systems) - 📧 **Need direct support?** Email us at [support@determinate.systems](mailto:support@determinate.systems)
🤝 **Looking for enterprise support?** We offer dedicated support contracts and shared Slack channels for organizations requiring priority assistance. [Contact us](mailto:support@determinate.systems) to learn more. 🤝 **Looking for enterprise support?** We offer dedicated support contracts and shared Slack channels for organizations requiring priority assistance. [Contact us](mailto:support@determinate.systems) to learn more.
[cache]: https://flakehub.com/cache
[flakehub]: https//flakehub.com

16
tools/README.template.md
View file

@ -36,6 +36,8 @@ Based on the [Determinate Nix Installer](https://github.com/DeterminateSystems/n
## ️🔧 Usage ## ️🔧 Usage
Here's an example Actions workflow configuration that uses `determinate-nix-action`:
```yaml ```yaml
on: on:
pull_request: pull_request:
@ -43,18 +45,21 @@ on:
branches: [main] branches: [main]
jobs: jobs:
lints: build-pkg:
name: Build name: Build Nix package
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions: permissions:
id-token: "write" id-token: write
contents: "read" contents: read
steps: steps:
- uses: actions/checkout@<!-- checkout_action_tag --> - uses: actions/checkout@<!-- checkout_action_tag -->
- uses: DeterminateSystems/determinate-nix-action@main # or <!-- version --> to pin to a release - uses: DeterminateSystems/determinate-nix-action@main # or <!-- version --> to pin to a release
- run: nix build . - run: nix build .
``` ```
> [!IMPORTANT]
> If you use [FlakeHub], you need to add a `permissions` block like the one in the example above or else Determinate Nix can't authenticate with FlakeHub or [FlakeHub Cache][cache].
## 📌 Version Pinning: Lock It Down! ## 📌 Version Pinning: Lock It Down!
### Why Pin Your Action? ### Why Pin Your Action?
@ -102,3 +107,6 @@ We're committed to making your experience with Determinate Nix as smooth as poss
- 📧 **Need direct support?** Email us at [support@determinate.systems](mailto:support@determinate.systems) - 📧 **Need direct support?** Email us at [support@determinate.systems](mailto:support@determinate.systems)
🤝 **Looking for enterprise support?** We offer dedicated support contracts and shared Slack channels for organizations requiring priority assistance. [Contact us](mailto:support@determinate.systems) to learn more. 🤝 **Looking for enterprise support?** We offer dedicated support contracts and shared Slack channels for organizations requiring priority assistance. [Contact us](mailto:support@determinate.systems) to learn more.
[cache]: https://flakehub.com/cache
[flakehub]: https//flakehub.com