diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 72d0a61887e6..ae3d93ff3db3 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -1,37 +1,41 @@ { - symlinkJoin, + cacert, + callPackage, + closureInfo, coreutils, docker, e2fsprogs, findutils, go, - jshon, jq, + jshon, lib, - pkgs, - pigz, + moreutils, nix, - runCommand, + pigz, + referencesByPopularity, rsync, + runCommand, + runtimeShell, shadow, + skopeo, + stdenv, storeDir ? builtins.storeDir, + substituteAll, + symlinkJoin, utillinux, vmTools, writeReferencesToFile, - referencesByPopularity, writeScript, writeText, - closureInfo, - substituteAll, - runtimeShell }: # WARNING: this API is unstable and may be subject to backwards-incompatible changes in the future. rec { - examples = import ./examples.nix { - inherit pkgs buildImage pullImage shadowSetup buildImageWithNixDb; + examples = callPackage ./examples.nix { + inherit buildImage pullImage shadowSetup buildImageWithNixDb; }; pullImage = let @@ -57,13 +61,13 @@ rec { inherit imageDigest; imageName = finalImageName; imageTag = finalImageTag; - impureEnvVars = pkgs.stdenv.lib.fetchers.proxyImpureEnvVars; + impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars; outputHashMode = "flat"; outputHashAlgo = "sha256"; outputHash = sha256; - nativeBuildInputs = lib.singleton (pkgs.skopeo); - SSL_CERT_FILE = "${pkgs.cacert.out}/etc/ssl/certs/ca-bundle.crt"; + nativeBuildInputs = lib.singleton skopeo; + SSL_CERT_FILE = "${cacert.out}/etc/ssl/certs/ca-bundle.crt"; sourceURL = "docker://${imageName}@${imageDigest}"; destNameTag = "${finalImageName}:${finalImageTag}"; @@ -156,7 +160,8 @@ rec { postMount ? "", postUmount ? "" }: - vmTools.runInLinuxVM ( + let + result = vmTools.runInLinuxVM ( runCommand name { preVM = vmTools.createEmptyImage { size = diskSize; @@ -166,8 +171,6 @@ rec { nativeBuildInputs = [ utillinux e2fsprogs jshon rsync jq ]; } '' - rm -rf $out - mkdir disk mkfs /dev/${vmTools.hd} mount /dev/${vmTools.hd} disk @@ -250,6 +253,12 @@ rec { ${postUmount} ''); + in + runCommand name {} '' + mkdir -p $out + cd ${result} + cp layer.tar json VERSION $out + ''; exportImage = { name ? fromImage.name, fromImage, fromImageName ? null, fromImageTag ? null, diskSize ? 1024 }: runWithOverlay { @@ -489,7 +498,7 @@ rec { (cd layer; ${extraCommandsScript}) echo "Packing layer..." - mkdir $out + mkdir -p $out tar -C layer --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" -cf $out/layer.tar . # Compute the tar checksum and add it to the output json. @@ -670,7 +679,7 @@ rec { extraCommands; }; result = runCommand "docker-image-${baseName}.tar.gz" { - nativeBuildInputs = [ jshon pigz coreutils findutils jq ]; + nativeBuildInputs = [ jshon pigz coreutils findutils jq moreutils ]; # Image name and tag must be lowercase imageName = lib.toLower name; imageTag = if tag == null then "" else lib.toLower tag; @@ -784,7 +793,7 @@ rec { # originally this used `sed -i "1i$layerID" layer-list`, but # would fail if layer-list was completely empty. echo "$layerID/layer.tar" - ) | ${pkgs.moreutils}/bin/sponge layer-list + ) | sponge layer-list # Create image json and image manifest imageJson=$(cat ${baseJson} | jq ". + {\"rootfs\": {\"diff_ids\": [], \"type\": \"layers\"}}")