macOS self-hosted runner: unable to find `security`

Question

macOS self-hosted runner: unable to find `security`

yannham opened this issue 3 months ago · 3 comments

Hello,

I'm trying to move the CI of the Nickel to use our self-hosted runners, which should be faster and keep store paths around, improving caching. We are running build machinse with Nix installed, so we removed the install-nix-action step.

After fixing cachix not being in the path as well, the Linux runner works fine, but the macOS one fails with:

Cachix: checking version
  ##[debug]Setup done
  /nix/store/yfwziwccd0jiqbkp43pkryhli1xnlb8j-cachix-1.7.4-bin/bin/cachix --version
  cachix: security: createProcess: posix_spawnp: does not exist (No such file or directory)

A quick search seems to indicate that this is likely caused by cachix calling to security, but it is nowhere to be found. You can find the draft PR to move to self(-hosted runners here (pretty short): tweag/nickel#2037. The macOS logs are here.

As the build machines' environment should be rather standard (macOS with Nix installed, runners aren't sandboxed to the best of my knowledge), I wonder if there was any known gotchas here that could be responsible for this in the environment of the cachix action?

Answer 1 · 2024-09-13T16:56:56.000Z

This is due to a underlying Haskell package doing that call, I thought we fixed that in nixpkgs, maybe you need to bump nixpkgs?

Answer 2 · 2024-09-16T08:40:10.000Z

Thanks Domen. I don't have the rights to do this directly but will ask the version and to get it bumped if needed, and I'll report back here.

Answer 3 · 2024-09-16T14:00:16.000Z

Updating to latest nixpkgs fixed the Cachix issue. Sorry for the noise