From c12f75649ed05815141cc208b3f2fa61e110917a Mon Sep 17 00:00:00 2001 From: Antoine Eiche Date: Mon, 30 Apr 2018 15:01:30 +0200 Subject: [PATCH] dockerTools.buildImageWithNixDb: simplifications and switch to closureInfo Since Nix 2 is now the stable Nix version, we can use closureInfo which simplifies the Nix database initialisation (size and hash are included in the "dump"). --- pkgs/build-support/docker/default.nix | 35 +++++---------------------- 1 file changed, 6 insertions(+), 29 deletions(-) diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 2d6d6c1fc91d..890f64a9d3b1 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -11,7 +11,6 @@ pkgs, pigz, nix, - perl, runCommand, rsync, shadow, @@ -23,6 +22,7 @@ referencesByPopularity, writeScript, writeText, + closureInfo }: # WARNING: this API is unstable and may be subject to backwards-incompatible changes in the future. @@ -261,19 +261,6 @@ rec { ${text} ''; - nixRegistration = contents: runCommand "nix-registration" { - buildInputs = [ nix perl ]; - # For obtaining the closure of `contents'. - exportReferencesGraph = - let contentsList = if builtins.isList contents then contents else [ contents ]; - in map (x: [("closure-" + baseNameOf x) x]) contentsList; - } - '' - mkdir $out - printRegistration=1 perl ${pkgs.pathsFromGraph} closure-* > $out/db.dump - perl ${pkgs.pathsFromGraph} closure-* > $out/storePaths - ''; - # Create $maxLayers worth of Docker Layers, one layer per store path # unless there are more paths than $maxLayers. In that case, create # $maxLayers-1 for the most popular layers, and smush the remainaing @@ -795,29 +782,19 @@ rec { # the container. # Be careful since this doesn't work well with multilayer. buildImageWithNixDb = args@{ contents ? null, extraCommands ? "", ... }: - buildImage (args // { + let contentsList = if builtins.isList contents then contents else [ contents ]; + in buildImage (args // { extraCommands = '' echo "Generating the nix database..." echo "Warning: only the database of the deepest Nix layer is loaded." echo " If you want to use nix commands in the container, it would" echo " be better to only have one layer that contains a nix store." - # This requires Nix 1.12 or higher - export NIX_REMOTE=local?root=$PWD - ${nix}/bin/nix-store --load-db < ${nixRegistration contents}/db.dump - # We fill the store in order to run the 'verify' command that - # generates hash and size of output paths. - # Note when Nix 1.12 is be the stable one, the database dump - # generated by the exportReferencesGraph function will - # contains sha and size. See - # https://github.com/NixOS/nix/commit/c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a - storePaths=$(cat ${nixRegistration contents}/storePaths) - echo "Copying everything to /nix/store (will take a while)..." - cp -prd $storePaths nix/store/ - ${nix}/bin/nix-store --verify --check-contents + export NIX_REMOTE=local?root=$PWD + ${nix}/bin/nix-store --load-db < ${closureInfo {rootPaths = contentsList;}}/registration mkdir -p nix/var/nix/gcroots/docker/ - for i in ${lib.concatStringsSep " " contents}; do + for i in ${lib.concatStringsSep " " contentsList}; do ln -s $i nix/var/nix/gcroots/docker/$(basename $i) done; '' + extraCommands;