Update README.md and action.yml for v3.21.2

This commit is contained in:
github-actions[bot] 2026-06-19 17:52:04 +00:00 committed by GitHub
parent 86b3fcc068
commit e6ea8edc0c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 47 additions and 30 deletions

View file

@ -52,8 +52,8 @@ jobs:
id-token: write
contents: read
steps:
- uses: actions/checkout@v6.0.3
- uses: DeterminateSystems/determinate-nix-action@main # or v3.21.1 to pin to a release
- uses: actions/checkout@v7.0.0
- uses: DeterminateSystems/determinate-nix-action@main # or v3.21.2 to pin to a release
- run: nix build .
```
@ -67,10 +67,10 @@ jobs:
Unlike `DeterminateSystems/nix-installer-action`, we fully support explicit version pinning for maximum consistency.
This Action is **automatically tagged** for every Determinate Nix release, giving you complete control over your CI environment:
📍 Pinning to `DeterminateSystems/determinate-nix-action@v3.21.1` guarantees:
📍 Pinning to `DeterminateSystems/determinate-nix-action@v3.21.2` guarantees:
- Same `nix-installer-action` revision every time
- Consistent Determinate Nix v3.21.1 installation
- Consistent Determinate Nix v3.21.2 installation
- Reproducible CI workflows, even years later
✨ Using `@main` instead? You'll:
@ -96,30 +96,37 @@ updates:
## ️⚙️ Configuration
| Parameter | Description | Required | Default |
|-------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|----------------------------|
| `extra-conf` | Extra configuration lines for `/etc/nix/nix.conf` (includes `access-tokens` with `secrets.GITHUB_TOKEN` automatically if `github-token` is set) | | |
| `github-server-url` | The URL for the GitHub server, to use with the `github-token` token. Defaults to the current GitHub server, supporting GitHub Enterprise Server automatically. Only change this value if the provided `github-token` is for a different GitHub server than the current server. | | `${{ github.server_url }}` |
| `github-token` | A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) | | `${{ github.token }}` |
| `trust-runner-user` | Whether to make the runner user trusted by the Nix daemon | | `true` |
| `summarize` | Whether to add a build summary and timeline chart to the GitHub job summary | | `true` |
| `force-no-systemd` | Force using other methods than systemd to launch the daemon. This setting is automatically enabled when necessary. | | `false` |
| `init` | The init system to configure, requires `planner: linux-multi` (allowing the choice between `none` or `systemd`) | | |
| `kvm` | Automatically configure the GitHub Actions Runner for NixOS test supports, if the host supports it. | | `true` |
| `planner` | A planner to use | | |
| `proxy` | The proxy to use (if any), valid proxy bases are `https://$URL`, `http://$URL` and `socks5://$URL` | | |
| `reinstall` | Force a reinstall if an existing installation is detected (consider backing up `/nix/store`) | | `false` |
| `source-binary` | Run a version of the nix-installer binary from somewhere already on disk. Conflicts with all other `source-*` options. Intended only for testing this Action. | | |
| `source-branch` | The branch of `nix-installer` to use (conflicts with `source-tag`, `source-revision`, `source-pr`) | | |
| `source-pr` | The PR of `nix-installer` to use (conflicts with `source-tag`, `source-revision`, `source-branch`) | | |
| `source-revision` | The revision of `nix-installer` to use (conflicts with `source-tag`, `source-branch`, `source-pr`) | | |
| `source-tag` | The tag of `nix-installer` to use (conflicts with `source-revision`, `source-branch`, `source-pr`) | | `v3.21.1` |
| `source-url` | A URL pointing to a `nix-installer` executable | | |
| `backtrace` | The setting for `RUST_BACKTRACE` (see https://doc.rust-lang.org/std/backtrace/index.html#environment-variables) | | |
| `diagnostic-endpoint` | Diagnostic endpoint url where the installer sends data to. To disable set this to an empty string. | | `-` |
| `log-directives` | A list of Tracing directives, comma separated, `-`s replaced with `_` (eg. `nix_installer=trace`, see https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives) | | |
| `logger` | The logger to use for install (eg. `pretty`, `json`, `full`, `compact`) | | |
| `_internal-strict-mode` | Whether to fail when any errors are thrown. Used only to test the Action; do not set this in your own workflows. | | `false` |
| Parameter | Description | Required | Default |
|---------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|----------------------------|
| `extra-conf` | Extra configuration lines for `/etc/nix/nix.conf` (includes `access-tokens` with `secrets.GITHUB_TOKEN` automatically if `github-token` is set) | | |
| `github-server-url` | The URL for the GitHub server, to use with the `github-token` token. Defaults to the current GitHub server, supporting GitHub Enterprise Server automatically. Only change this value if the provided `github-token` is for a different GitHub server than the current server. | | `${{ github.server_url }}` |
| `github-token` | A GitHub token for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) | | `${{ github.token }}` |
| `trust-runner-user` | Whether to make the runner user trusted by the Nix daemon | | `true` |
| `summarize` | Whether to add a build summary and timeline chart to the GitHub job summary | | `true` |
| `force-no-systemd` | Force using other methods than systemd to launch the daemon. This setting is automatically enabled when necessary. | | `false` |
| `init` | The init system to configure, requires `planner: linux-multi` (allowing the choice between `none` or `systemd`) | | |
| `kvm` | Automatically configure the GitHub Actions Runner for NixOS test supports, if the host supports it. | | `true` |
| `planner` | A planner to use | | |
| `proxy` | The proxy to use (if any), valid proxy bases are `https://$URL`, `http://$URL` and `socks5://$URL` | | |
| `reinstall` | Force a reinstall if an existing installation is detected (consider backing up `/nix/store`) | | `false` |
| `source-binary` | Run a version of the nix-installer binary from somewhere already on disk. Conflicts with all other `source-*` options. Intended only for testing this Action. | | |
| `source-branch` | The branch of `nix-installer` to use (conflicts with `source-tag`, `source-revision`, `source-pr`) | | |
| `source-pr` | The PR of `nix-installer` to use (conflicts with `source-tag`, `source-revision`, `source-branch`) | | |
| `source-revision` | The revision of `nix-installer` to use (conflicts with `source-tag`, `source-branch`, `source-pr`) | | |
| `source-tag` | The tag of `nix-installer` to use (conflicts with `source-revision`, `source-branch`, `source-pr`) | | `v3.21.2` |
| `source-url` | A URL pointing to a `nix-installer` executable | | |
| `source-checksums-url` | URL of a `shasum`-format checksums file listing the SHA-256 of each
`nix-installer-<arch>-<os>` artifact. Used together with
`source-checksums-sha256` to verify the downloaded installer.
| | |
| `source-checksums-sha256` | Pinned SHA-256 (hex) of the file served at `source-checksums-url`. Must
be set together with `source-checksums-url`.
| | |
| `backtrace` | The setting for `RUST_BACKTRACE` (see https://doc.rust-lang.org/std/backtrace/index.html#environment-variables) | | |
| `diagnostic-endpoint` | Diagnostic endpoint url where the installer sends data to. To disable set this to an empty string. | | `-` |
| `log-directives` | A list of Tracing directives, comma separated, `-`s replaced with `_` (eg. `nix_installer=trace`, see https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives) | | |
| `logger` | The logger to use for install (eg. `pretty`, `json`, `full`, `compact`) | | |
| `_internal-strict-mode` | Whether to fail when any errors are thrown. Used only to test the Action; do not set this in your own workflows. | | `false` |
## 🛟 Need help? We're here for you!

View file

@ -72,12 +72,20 @@
"source-tag": {
"description": "The tag of `nix-installer` to use (conflicts with `source-revision`, `source-branch`, `source-pr`)",
"required": false,
"default": "v3.21.1"
"default": "v3.21.2"
},
"source-url": {
"description": "A URL pointing to a `nix-installer` executable",
"required": false
},
"source-checksums-url": {
"description": "URL of a `shasum`-format checksums file listing the SHA-256 of each\n`nix-installer-<arch>-<os>` artifact. Used together with\n`source-checksums-sha256` to verify the downloaded installer.\n",
"required": false
},
"source-checksums-sha256": {
"description": "Pinned SHA-256 (hex) of the file served at `source-checksums-url`. Must\nbe set together with `source-checksums-url`.\n",
"required": false
},
"backtrace": {
"description": "The setting for `RUST_BACKTRACE` (see https://doc.rust-lang.org/std/backtrace/index.html#environment-variables)",
"required": false
@ -105,7 +113,7 @@
"using": "composite",
"steps": [
{
"uses": "DeterminateSystems/nix-installer-action@1d87d45818068401a10cf16bdc5f00b24994a83f",
"uses": "DeterminateSystems/nix-installer-action@a7ad9c4f0c65208097f4d34f3cfa1913b80cce5c",
"with": {
"extra-conf": "${{ inputs.extra-conf }}",
"github-server-url": "${{ inputs.github-server-url }}",
@ -124,6 +132,8 @@
"source-revision": "${{ inputs.source-revision }}",
"source-tag": "${{ inputs.source-tag }}",
"source-url": "${{ inputs.source-url }}",
"source-checksums-url": "${{ inputs.source-checksums-url }}",
"source-checksums-sha256": "${{ inputs.source-checksums-sha256 }}",
"backtrace": "${{ inputs.backtrace }}",
"diagnostic-endpoint": "${{ inputs.diagnostic-endpoint }}",
"log-directives": "${{ inputs.log-directives }}",