[nix-440] add determinate-nix-config option#266
Conversation
📝 WalkthroughWalkthroughAdds a new optional action input, ChangesDeterminate Nix Config Support
Estimated code review effort: 3 (Moderate) | ~20 minutes Sequence Diagram(s)sequenceDiagram
participant Action as NixInstallerAction
participant Config as writeDeterminateNixConfig()
participant FS as /etc/determinate/config.json
participant Installer as Nix Installer
Action->>Action: read determinate-nix-config input
Action->>Config: install() calls writeDeterminateNixConfig()
Config->>Config: validate JSON (throw if invalid)
Config->>FS: check for existing config.json (warn if present)
Config->>FS: create /etc/determinate directory
Config->>FS: write JSON via sudo or direct exec
Config-->>Action: return
Action->>Installer: fetch and run installer binary
Related PRs: None identified. Suggested labels: enhancement, documentation Suggested reviewers: None identified. Poem: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@README.md`:
- Around line 109-110: The documented default for the github-server-url input is
incorrect in the README and should match the action definition. Update the
github-server-url entry in the README so its default uses the same value
declared in action.yml, and verify the surrounding
github-token/github.server_url wording stays consistent with the action’s actual
input default.
In `@src/index.ts`:
- Around line 486-489: The writeDeterminateNixConfig method only checks
determinateNixConfig for presence, so it can still write Determinate-specific
config even when determinate is false. Update writeDeterminateNixConfig in the
Determinate installer flow to also guard on the determinate flag before writing
/etc/determinate/config.json, and make sure any caller paths that install
upstream Nix skip this config write when Determinate Nix was not selected.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: bfe10f7b-8ee6-4065-b2d8-9cd5d20976e7
⛔ Files ignored due to path filters (1)
dist/index.jsis excluded by!**/dist/**
📒 Files selected for processing (3)
README.mdaction.ymlsrc/index.ts
| | `github-token` | A [GitHub token] for making authenticated requests (which have a higher rate-limit quota than unauthenticated requests) | string | `${{ github.token }}` | | ||
| | `github-server-url` | The URL for the GitHub server, to use with the `github-token` token. Defaults to the current GitHub server, supporting GitHub Enterprise Server automatically. Only change this value if the provided `github-token` is for a different GitHub server than the current server. | string | `${{ github.server }}` | |
There was a problem hiding this comment.
📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
Fix the documented default for github-server-url.
Line 110 shows ${{ github.server }}, but action.yml declares ${{ github.server_url }}. Copying the current README value into a workflow will not match the action’s actual default.
🧰 Tools
🪛 LanguageTool
[uncategorized] ~109-~109: The official name of this software platform is spelled with a capital “H”.
Context: ...g | ${{ github.token }} ...
(GITHUB)
[uncategorized] ~110-~110: The official name of this software platform is spelled with a capital “H”.
Context: ...g | ${{ github.server }} ...
(GITHUB)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@README.md` around lines 109 - 110, The documented default for the
github-server-url input is incorrect in the README and should match the action
definition. Update the github-server-url entry in the README so its default uses
the same value declared in action.yml, and verify the surrounding
github-token/github.server_url wording stays consistent with the action’s actual
input default.
| async writeDeterminateNixConfig(): Promise<void> { | ||
| if (this.determinateNixConfig === null) { | ||
| return; | ||
| } |
There was a problem hiding this comment.
🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win
Reject determinate-nix-config when determinate is false.
This method only checks whether the input is present, so a workflow that installs upstream Nix can still write /etc/determinate/config.json. That leaves Determinate-specific state behind even though the run opted out of Determinate Nix.
Possible fix
async writeDeterminateNixConfig(): Promise<void> {
if (this.determinateNixConfig === null) {
return;
}
+ if (!this.determinate) {
+ throw new Error(
+ "`determinate-nix-config` requires `determinate: true`",
+ );
+ }
const configDir = "/etc/determinate";📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| async writeDeterminateNixConfig(): Promise<void> { | |
| if (this.determinateNixConfig === null) { | |
| return; | |
| } | |
| async writeDeterminateNixConfig(): Promise<void> { | |
| if (this.determinateNixConfig === null) { | |
| return; | |
| } | |
| if (!this.determinate) { | |
| throw new Error( | |
| "`determinate-nix-config` requires `determinate: true`", | |
| ); | |
| } |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@src/index.ts` around lines 486 - 489, The writeDeterminateNixConfig method
only checks determinateNixConfig for presence, so it can still write
Determinate-specific config even when determinate is false. Update
writeDeterminateNixConfig in the Determinate installer flow to also guard on the
determinate flag before writing /etc/determinate/config.json, and make sure any
caller paths that install upstream Nix skip this config write when Determinate
Nix was not selected.
Description
NOTE: I would like feedback:
Checklist
Summary by CodeRabbit
New Features
Documentation