BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #27017 from LnL7/docker-pure-layer

Browse source 
docker-tools: set user/group when creating a pure layer
This commit is contained in:
Daiderd Jordan 2017-07-15 12:22:53 +02:00 committed by GitHub
commit 90ff6b1d03
1 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
pkgs/build-support/docker/default.nix
View file

@ -234,11 +234,10 @@ rec {
# Files to add to the layer.
contents ? null,
# Additional commands to run on the layer before it is tar'd up.
extraCommands ? ""
extraCommands ? "", uid ? 0, gid ? 0
}:
runCommand "docker-layer-${name}" {
inherit baseJson contents extraCommands;
buildInputs = [ jshon rsync ];
}
''
@ -253,6 +252,8 @@ rec {
echo "No contents to add to layer."
fi
chmod ug+w layer
if [[ -n $extraCommands ]]; then
(cd layer; eval "$extraCommands")
fi
@ -260,7 +261,7 @@ rec {
# Tar up the layer and throw it into 'layer.tar'.
echo "Packing layer..."
mkdir $out
tar -C layer --mtime="@$SOURCE_DATE_EPOCH" -cf $out/layer.tar .
tar -C layer --mtime="@$SOURCE_DATE_EPOCH" --owner=${toString uid} --group=${toString gid} -cf $out/layer.tar .
# Compute a checksum of the tarball.
echo "Computing layer checksum..."
@ -312,6 +313,8 @@ rec {
echo "Adding $item..."
rsync -ak --chown=0:0 $item/ layer/
done
chmod ug+w layer
'';
postMount = ''
@ -375,7 +378,7 @@ rec {
# Docker config; e.g. what command to run on the container.
config ? null,
# Optional bash script to run on the files prior to fixturizing the layer.
extraCommands ? "",
extraCommands ? "", uid ? 0, gid ? 0,
# Optional bash script to run as root on the image when provisioning.
runAsRoot ? null,
# Size of the virtual machine disk to provision when building the image.
@ -398,7 +401,7 @@ rec {
if runAsRoot == null
then mkPureLayer {
name = baseName;
inherit baseJson contents extraCommands;
inherit baseJson contents extraCommands uid gid;
} else mkRootLayer {
name = baseName;
inherit baseJson fromImage fromImageName fromImageTag
@ -498,7 +501,7 @@ rec {
chmod -R a-w image
echo "Cooking the image..."
tar -C image --mtime="@$SOURCE_DATE_EPOCH" -c . | pigz -nT > $out
tar -C image --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 -c . | pigz -nT > $out
echo "Finished."
'';