diff options
| author | Alyssa Ross <hi@alyssa.is> | 2020-01-11 23:37:02 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2020-01-11 23:41:30 +0000 |
| commit | 6c557e3f1c28cf87e9fba232811d6875dd1399c1 (patch) | |
| tree | 035a071d5d8980df6de0fa42e2ef8fc0cce7055e /nixpkgs/pkgs/build-support/docker | |
| parent | da7500bc026e937ac7fce7b50f67a0e1765737a7 (diff) | |
| parent | e4134747f5666bcab8680aff67fa3b63384f9a0f (diff) | |
| download | nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.gz nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.bz2 nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.lz nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.xz nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.tar.zst nixlib-6c557e3f1c28cf87e9fba232811d6875dd1399c1.zip | |
Merge commit 'e4134747f5666bcab8680aff67fa3b63384f9a0f'
Diffstat (limited to 'nixpkgs/pkgs/build-support/docker')
| -rw-r--r-- | nixpkgs/pkgs/build-support/docker/default.nix | 43 | ||||
| -rw-r--r-- | nixpkgs/pkgs/build-support/docker/examples.nix | 8 |
2 files changed, 37 insertions, 14 deletions
diff --git a/nixpkgs/pkgs/build-support/docker/default.nix b/nixpkgs/pkgs/build-support/docker/default.nix index 37b25232b961..e10ff269950d 100644 --- a/nixpkgs/pkgs/build-support/docker/default.nix +++ b/nixpkgs/pkgs/build-support/docker/default.nix @@ -287,10 +287,16 @@ rec { # unless there are more paths than $maxLayers. In that case, create # $maxLayers-1 for the most popular layers, and smush the remainaing # store paths in to one final layer. + # + # NOTE: the `closures` parameter is a list of closures to include. + # The TOP LEVEL store paths themselves will never be present in the + # resulting image. At this time (2019-12-16) none of these layers + # are appropriate to include, as they are all created as + # implementation details of dockerTools. mkManyPureLayers = { name, # Files to add to the layer. - closure, + closures, configJson, # Docker has a 125-layer maximum, we pick 100 to ensure there is # plenty of room for extension. @@ -303,10 +309,12 @@ rec { isExecutable = true; src = ./store-path-to-layer.sh; }; + + overallClosure = writeText "closure" (lib.concatStringsSep " " closures); in runCommand "${name}-granular-docker-layers" { inherit maxLayers; - paths = referencesByPopularity closure; + paths = referencesByPopularity overallClosure; nativeBuildInputs = [ jshon rsync tarsum ]; enableParallelBuilding = true; } @@ -317,15 +325,20 @@ rec { | jshon -d config \ | jshon -s "1970-01-01T00:00:01Z" -i created > generic.json + # WARNING! # The following code is fiddly w.r.t. ensuring every layer is # created, and that no paths are missed. If you change the # following head and tail call lines, double-check that your # code behaves properly when the number of layers equals: # maxLayers-1, maxLayers, and maxLayers+1 - head -n $((maxLayers - 1)) $paths | cat -n | xargs -P$NIX_BUILD_CORES -n2 ${storePathToLayer} - if [ $(cat $paths | wc -l) -ge $maxLayers ]; then - tail -n+$maxLayers $paths | xargs ${storePathToLayer} $maxLayers + paths() { + cat $paths ${lib.concatMapStringsSep " " (path: "| grep -v ${path}") (closures ++ [ overallClosure ])} + } + + paths | head -n $((maxLayers - 1)) | cat -n | xargs -P$NIX_BUILD_CORES -n2 ${storePathToLayer} + if [ $(paths | wc -l) -ge $maxLayers ]; then + paths | tail -n+$maxLayers | xargs ${storePathToLayer} $maxLayers fi echo "Finished building layer '$name'" @@ -528,15 +541,18 @@ rec { created ? "1970-01-01T00:00:01Z", # Optional bash script to run on the files prior to fixturizing the layer. extraCommands ? "", uid ? 0, gid ? 0, - # Docker's lowest maximum layer limit is 42-layers for an old - # version of the AUFS graph driver. We pick 24 to ensure there is - # plenty of room for extension. I believe the actual maximum is - # 128. - maxLayers ? 24 + # We pick 100 to ensure there is plenty of room for extension. I + # believe the actual maximum is 128. + maxLayers ? 100 }: let baseName = baseNameOf name; - contentsEnv = symlinkJoin { name = "bulk-layers"; paths = (if builtins.isList contents then contents else [ contents ]); }; + contentsEnv = symlinkJoin { + name = "bulk-layers"; + paths = if builtins.isList contents + then contents + else [ contents ]; + }; configJson = let pure = writeText "${baseName}-config.json" (builtins.toJSON { @@ -553,7 +569,7 @@ rec { bulkLayers = mkManyPureLayers { name = baseName; - closure = writeText "closure" "${contentsEnv} ${configJson}"; + closures = [ contentsEnv configJson ]; # One layer will be taken up by the customisationLayer, so # take up one less. maxLayers = maxLayers - 1; @@ -845,6 +861,9 @@ rec { echo " be better to only have one layer that contains a nix store." export NIX_REMOTE=local?root=$PWD + # A user is required by nix + # https://github.com/NixOS/nix/blob/9348f9291e5d9e4ba3c4347ea1b235640f54fd79/src/libutil/util.cc#L478 + export USER=nobody ${nix}/bin/nix-store --load-db < ${closureInfo {rootPaths = contentsList;}}/registration mkdir -p nix/var/nix/gcroots/docker/ diff --git a/nixpkgs/pkgs/build-support/docker/examples.nix b/nixpkgs/pkgs/build-support/docker/examples.nix index 29eea33a7e18..d7d1a6933100 100644 --- a/nixpkgs/pkgs/build-support/docker/examples.nix +++ b/nixpkgs/pkgs/build-support/docker/examples.nix @@ -117,7 +117,12 @@ rec { pkgs.nix ]; config = { - Env = [ "NIX_PAGER=cat" ]; + Env = [ + "NIX_PAGER=cat" + # A user is required by nix + # https://github.com/NixOS/nix/blob/9348f9291e5d9e4ba3c4347ea1b235640f54fd79/src/libutil/util.cc#L478 + "USER=nobody" + ]; }; }; @@ -231,7 +236,6 @@ rec { name = "another-layered-image"; tag = "latest"; config.Cmd = [ "${pkgs.hello}/bin/hello" ]; - contents = [ pkgs.hello ]; }; } |