From 69de7cc12abfa1d0434750e5d346c299992a57ec Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Tue, 25 May 2021 15:03:49 +0200
Subject: [PATCH 1/4] dockerTools: Format

---
 pkgs/build-support/docker/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 54eb13d38ff3..5e66c81e4ff9 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -786,7 +786,7 @@ rec {
     fakeRootCommands ? "",
     # We pick 100 to ensure there is plenty of room for extension. I
     # believe the actual maximum is 128.
-    maxLayers ? 100
+    maxLayers ? 100,
   }:
     assert
       (lib.assertMsg (maxLayers > 1)

From 5259d66b7487b94233821e28aafb0683ae3f1df6 Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Tue, 25 May 2021 15:04:45 +0200
Subject: [PATCH 2/4] dockerTools: Allow omitting all store paths

Adds includeStorePaths, allowing the omission of the store paths.
You generally want to leave it on, but tooling may disable this
to insert the store paths more efficiently via other means, such
as bind mounting the host store.
---
 nixos/tests/docker-tools.nix           | 14 ++++++++++++++
 pkgs/build-support/docker/default.nix  | 12 +++++++++++-
 pkgs/build-support/docker/examples.nix | 25 +++++++++++++++++++++++++
 3 files changed, 50 insertions(+), 1 deletion(-)

diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix
index 39b97b4cb997..831ef2fb77ad 100644
--- a/nixos/tests/docker-tools.nix
+++ b/nixos/tests/docker-tools.nix
@@ -20,6 +20,20 @@ import ./make-test-python.nix ({ pkgs, ... }: {
 
     docker.wait_for_unit("sockets.target")
 
+    with subtest("includeStorePath"):
+        with subtest("assumption"):
+            docker.succeed("${examples.helloOnRoot} | docker load")
+            docker.succeed("set -euo pipefail; docker run --rm hello | grep -i hello")
+            docker.succeed("docker image rm hello:latest")
+        with subtest("includeStorePath = false; breaks example"):
+            docker.succeed("${examples.helloOnRootNoStore} | docker load")
+            docker.fail("set -euo pipefail; docker run --rm hello | grep -i hello")
+            docker.succeed("docker image rm hello:latest")
+        with subtest("includeStorePath = false; works with mounted store"):
+            docker.succeed("${examples.helloOnRootNoStore} | docker load")
+            docker.succeed("set -euo pipefail; docker run --rm --volume ${builtins.storeDir}:${builtins.storeDir}:ro hello | grep -i hello")
+            docker.succeed("docker image rm hello:latest")
+
     with subtest("Ensure Docker images use a stable date by default"):
         docker.succeed(
             "docker load --input='${examples.bash}'"
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 5e66c81e4ff9..5bbf1b63f2b0 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -37,6 +37,10 @@
 
 let
 
+  inherit (lib)
+    optionals
+    ;
+
   mkDbExtraCommand = contents: let
     contentsList = if builtins.isList contents then contents else [ contents ];
   in ''
@@ -787,6 +791,10 @@ rec {
     # We pick 100 to ensure there is plenty of room for extension. I
     # believe the actual maximum is 128.
     maxLayers ? 100,
+    # Whether to include store paths in the image. You generally want to leave
+    # this on, but tooling may disable this to insert the store paths more
+    # efficiently via other means, such as bind mounting the host store.
+    includeStorePaths ? true,
   }:
     assert
       (lib.assertMsg (maxLayers > 1)
@@ -834,7 +842,9 @@ rec {
         '';
       };
 
-      closureRoots = [ baseJson ] ++ contentsList;
+      closureRoots = optionals includeStorePaths /* normally true */ (
+        [ baseJson ] ++ contentsList
+      );
       overallClosure = writeText "closure" (lib.concatStringsSep " " closureRoots);
 
       # These derivations are only created as implementation details of docker-tools,
diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix
index 7dbee38feeb4..de90eab3ea1d 100644
--- a/pkgs/build-support/docker/examples.nix
+++ b/pkgs/build-support/docker/examples.nix
@@ -516,4 +516,29 @@ rec {
     bash
     layeredImageWithFakeRootCommands
   ];
+
+  helloOnRoot = pkgs.dockerTools.streamLayeredImage {
+    name = "hello";
+    tag = "latest";
+    contents = [
+      (pkgs.buildEnv {
+        name = "hello-root";
+        paths = [ pkgs.hello ];
+      })
+    ];
+    config.Cmd = [ "hello" ];
+  };
+
+  helloOnRootNoStore = pkgs.dockerTools.streamLayeredImage {
+    name = "hello";
+    tag = "latest";
+    contents = [
+      (pkgs.buildEnv {
+        name = "hello-root";
+        paths = [ pkgs.hello ];
+      })
+    ];
+    config.Cmd = [ "hello" ];
+    includeStorePaths = false;
+  };
 }

From 4f7e83d1cf55d181b9d824e2b01175688a866def Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Fri, 28 May 2021 00:55:16 +0000
Subject: [PATCH 3/4] apfel: 3.0.4 -> 3.0.5

---
 pkgs/development/libraries/physics/apfel/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/physics/apfel/default.nix b/pkgs/development/libraries/physics/apfel/default.nix
index e3fd0a26a7fd..b0fff0c92ba5 100644
--- a/pkgs/development/libraries/physics/apfel/default.nix
+++ b/pkgs/development/libraries/physics/apfel/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "apfel";
-  version = "3.0.4";
+  version = "3.0.5";
 
   src = fetchFromGitHub {
     owner = "scarrazza";
     repo = "apfel";
     rev = version;
-    sha256 = "13n5ygbqvskg3qq5n4sff1nbii0li0zf1vqissai7x0hynxgy7p6";
+    sha256 = "sha256-szEtSC/NouYlHSjVoX9Hoh7yQ0W82rVccYEF1L2tXoU=";
   };
 
   buildInputs = [ gfortran lhapdf python2 zlib ];

From 37802cc29a38584d503ba401c34a08049ec01359 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Fri, 28 May 2021 02:05:33 +0000
Subject: [PATCH 4/4] cargo-msrv: 0.5.0 -> 0.6.0

---
 pkgs/development/tools/rust/cargo-msrv/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/development/tools/rust/cargo-msrv/default.nix b/pkgs/development/tools/rust/cargo-msrv/default.nix
index c6a02a4dff21..74c2d9e680f0 100644
--- a/pkgs/development/tools/rust/cargo-msrv/default.nix
+++ b/pkgs/development/tools/rust/cargo-msrv/default.nix
@@ -11,16 +11,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "cargo-msrv";
-  version = "0.5.0";
+  version = "0.6.0";
 
   src = fetchFromGitHub {
     owner = "foresterre";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-7XOpK6+JVV/p+g/Lb/ORUC9msME0vtuDbmiCBmuOJ8w=";
+    sha256 = "sha256-DpgZrKy2rEKnI0/t4l3sDtNUhAwwFFSzq4CdRFqAkzY=";
   };
 
-  cargoSha256 = "sha256-KYITZHBcb5G+7PW8kwbHSsereVjH39cVLQjqNaCq2iU=";
+  cargoSha256 = "sha256-ny8EA3dkirxEiFYiSFRxHnjf3mVO2LCWVR8fPHX87Ek=";
 
   passthru = {
     updateScript = nix-update-script {