diff options
author | Antoine Eiche <lewo@abesis.fr> | 2017-09-13 09:44:07 +0200 |
---|---|---|
committer | Domen Kožar <domen@enlambda.com> | 2017-09-17 08:26:02 +0100 |
commit | 01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa (patch) | |
tree | b6f3da90d4ee7439e2345951eb82165c52d7f854 /pkgs/build-support/docker | |
parent | 43b6116d7ffcc5b78e9e8c6dce5c38fcddc95b7e (diff) | |
download | nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.gz nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.bz2 nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.lz nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.xz nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.zst nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.zip |
dockerTools.pullImage: use skopeo to pull the image
Before this patch, a VM was used to spawn docker that pulled the VM. Now, the tool Skopeo does this job well so we can simplify our dockerTools since we doesn't need Docker anymore:) This also fixe the regression described in https://github.com/NixOS/nixpkgs/issues/29271 : cntlm proxy doesn't work in 17.09 while it worked in 17.03. Note Skopeo doesn't produce the same output than docker pull so, we have to update sha.
Diffstat (limited to 'pkgs/build-support/docker')
-rw-r--r-- | pkgs/build-support/docker/default.nix | 15 | ||||
-rw-r--r-- | pkgs/build-support/docker/examples.nix | 2 | ||||
-rw-r--r-- | pkgs/build-support/docker/pull.nix | 32 |
3 files changed, 15 insertions, 34 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 17d7f2da035c..8a7b362bd5ed 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -30,7 +30,20 @@ rec { inherit pkgs buildImage pullImage shadowSetup; }; - pullImage = callPackage ./pull.nix {}; + pullImage = + let + nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name; + in + # For simplicity we only support sha256. + { imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}" + , sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }: + runCommand name { + impureEnvVars=pkgs.stdenv.lib.fetchers.proxyImpureEnvVars; + outputHashMode="flat"; + outputHashAlgo="sha256"; + outputHash=sha256; + } + "${pkgs.skopeo}/bin/skopeo copy docker://${imageId} docker-archive://$out:${imageId}"; # We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash. # And we cannot untar it, because then we cannot preserve permissions ecc. diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix index 49cbb7a98175..aead53f6f7d1 100644 --- a/pkgs/build-support/docker/examples.nix +++ b/pkgs/build-support/docker/examples.nix @@ -87,7 +87,7 @@ rec { imageName = "nixos/nix"; imageTag = "1.11"; # this hash will need change if the tag is updated at docker hub - sha256 = "1gk4bq05vl3rj3mh4mlbl4iicgndmimlv8jvkhdk4hrv0r44bwr3"; + sha256 = "18xvcnl0yvj9kfi5bkimrhhjaa8xhm3jhshh2xd7c0sbfrmfqzvi"; }; # 5. example of multiple contents, emacs and vi happily coexisting diff --git a/pkgs/build-support/docker/pull.nix b/pkgs/build-support/docker/pull.nix deleted file mode 100644 index 5ccd0a41c5e4..000000000000 --- a/pkgs/build-support/docker/pull.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }: -let - nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name; -in -# For simplicity we only support sha256. -{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}" -, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }: -let - pullImage = vmTools.runInLinuxVM ( - stdenv.mkDerivation { - inherit name imageId; - - certs = "${cacert}/etc/ssl/certs/ca-bundle.crt"; - - builder = ./pull.sh; - - buildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ]; - - outputHashAlgo = "sha256"; - outputHash = sha256; - - impureEnvVars = lib.fetchers.proxyImpureEnvVars; - - preVM = vmTools.createEmptyImage { - size = 2048; - fullName = "${name}-disk"; - }; - - QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0"; - }); -in - pullImage |