diff options
author | Tim Steinbach <NeQuissimus@users.noreply.github.com> | 2017-09-22 08:17:51 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-22 08:17:51 -0400 |
commit | 38f65be5c324474f35da14d4594f508a84c7ad1d (patch) | |
tree | 96a791f14f82c0418ac114bd5957c24e3ba3d708 | |
parent | a2444a2831a45de67df6107b62440d4bcc035135 (diff) | |
parent | cb6fc52f998f8f3106a1506c052cffae752e8b7c (diff) | |
download | nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.tar nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.tar.gz nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.tar.bz2 nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.tar.lz nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.tar.xz nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.tar.zst nixlib-38f65be5c324474f35da14d4594f508a84c7ad1d.zip |
Merge pull request #28561 from nlewo/dockerTools-load-nix-db
dockerTools: populate the nix database of the container nix store
-rw-r--r-- | pkgs/build-support/docker/default.nix | 50 | ||||
-rw-r--r-- | pkgs/build-support/docker/examples.nix | 17 |
2 files changed, 64 insertions, 3 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 8a7b362bd5ed..267a2812a2a5 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -10,6 +10,8 @@ lib, pkgs, pigz, + nixUnstable, + perl, runCommand, rsync, shadow, @@ -27,7 +29,7 @@ rec { examples = import ./examples.nix { - inherit pkgs buildImage pullImage shadowSetup; + inherit pkgs buildImage pullImage shadowSetup buildImageWithNixDb; }; pullImage = @@ -239,6 +241,19 @@ rec { ${text} ''; + nixRegistration = contents: runCommand "nix-registration" { + buildInputs = [ nixUnstable perl ]; + # For obtaining the closure of `contents'. + exportReferencesGraph = + let contentsList = if builtins.isList contents then contents else [ contents ]; + in map (x: [("closure-" + baseNameOf x) x]) contentsList; + } + '' + mkdir $out + printRegistration=1 perl ${pkgs.pathsFromGraph} closure-* > $out/db.dump + perl ${pkgs.pathsFromGraph} closure-* > $out/storePaths + ''; + # Create a "layer" (set of files). mkPureLayer = { # Name of the layer @@ -544,4 +559,37 @@ rec { in result; + + # Build an image and populate its nix database with the provided + # contents. The main purpose is to be able to use nix commands in + # the container. + # Be careful since this doesn't work well with multilayer. + buildImageWithNixDb = args@{ contents ? null, extraCommands ? "", ... }: + buildImage (args // { + extraCommands = '' + echo "Generating the nix database..." + echo "Warning: only the database of the deepest Nix layer is loaded." + echo " If you want to use nix commands in the container, it would" + echo " be better to only have one layer that contains a nix store." + # This requires Nix 1.12 or higher + export NIX_REMOTE=local?root=$PWD + ${nixUnstable}/bin/nix-store --load-db < ${nixRegistration contents}/db.dump + + # We fill the store in order to run the 'verify' command that + # generates hash and size of output paths. + # Note when Nix 1.12 is be the stable one, the database dump + # generated by the exportReferencesGraph function will + # contains sha and size. See + # https://github.com/NixOS/nix/commit/c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a + storePaths=$(cat ${nixRegistration contents}/storePaths) + echo "Copying everything to /nix/store (will take a while)..." + cp -prd $storePaths nix/store/ + ${nixUnstable}/bin/nix-store --verify --check-contents + + mkdir -p nix/var/nix/gcroots/docker/ + for i in ${lib.concatStringsSep " " contents}; do + ln -s $i nix/var/nix/gcroots/docker/$(basename $i) + done; + '' + extraCommands; + }); } diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix index aead53f6f7d1..1a8b9c7f8ed4 100644 --- a/pkgs/build-support/docker/examples.nix +++ b/pkgs/build-support/docker/examples.nix @@ -7,7 +7,7 @@ # $ nix-build '<nixpkgs>' -A dockerTools.examples.redis # $ docker load < result -{ pkgs, buildImage, pullImage, shadowSetup }: +{ pkgs, buildImage, pullImage, shadowSetup, buildImageWithNixDb }: rec { # 1. basic example @@ -83,7 +83,7 @@ rec { }; # 4. example of pulling an image. could be used as a base for other images - nix = pullImage { + nixFromDockerHub = pullImage { imageName = "nixos/nix"; imageTag = "1.11"; # this hash will need change if the tag is updated at docker hub @@ -101,4 +101,17 @@ rec { pkgs.nano ]; }; + + # 5. nix example to play with the container nix store + # docker run -it --rm nix nix-store -qR $(nix-build '<nixpkgs>' -A nix) + nix = buildImageWithNixDb { + name = "nix"; + contents = [ + # nix-store -qR uses the 'more' program which is not included in + # the pkgs.nix dependencies. We then have to manually get it + # from the 'eject' package:/ + pkgs.eject + pkgs.nix + ]; + }; } |