summary refs log tree commit diff
path: root/pkgs/build-support/docker
diff options
context:
space:
mode:
authorAntoine Eiche <lewo@abesis.fr>2017-09-13 09:44:07 +0200
committerDomen Kožar <domen@enlambda.com>2017-09-17 08:26:02 +0100
commit01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa (patch)
treeb6f3da90d4ee7439e2345951eb82165c52d7f854 /pkgs/build-support/docker
parent43b6116d7ffcc5b78e9e8c6dce5c38fcddc95b7e (diff)
downloadnixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar
nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.gz
nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.bz2
nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.lz
nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.xz
nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.tar.zst
nixlib-01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.zip
dockerTools.pullImage: use skopeo to pull the image
Before this patch, a VM was used to spawn docker that pulled the
VM. Now, the tool Skopeo does this job well so we can simplify our
dockerTools since we doesn't need Docker anymore:)

This also fixe the regression described in
https://github.com/NixOS/nixpkgs/issues/29271 : cntlm proxy doesn't
work in 17.09 while it worked in 17.03.

Note Skopeo doesn't produce the same output than docker pull so, we
have to update sha.
Diffstat (limited to 'pkgs/build-support/docker')
-rw-r--r--pkgs/build-support/docker/default.nix15
-rw-r--r--pkgs/build-support/docker/examples.nix2
-rw-r--r--pkgs/build-support/docker/pull.nix32
3 files changed, 15 insertions, 34 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 17d7f2da035c..8a7b362bd5ed 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -30,7 +30,20 @@ rec {
     inherit pkgs buildImage pullImage shadowSetup;
   };
 
-  pullImage = callPackage ./pull.nix {};
+  pullImage =
+    let
+      nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
+    in
+      # For simplicity we only support sha256.
+      { imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
+      , sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
+      runCommand name {
+        impureEnvVars=pkgs.stdenv.lib.fetchers.proxyImpureEnvVars;
+        outputHashMode="flat";
+        outputHashAlgo="sha256";
+        outputHash=sha256;
+      }
+      "${pkgs.skopeo}/bin/skopeo copy docker://${imageId} docker-archive://$out:${imageId}";
 
   # We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash.
   # And we cannot untar it, because then we cannot preserve permissions ecc.
diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix
index 49cbb7a98175..aead53f6f7d1 100644
--- a/pkgs/build-support/docker/examples.nix
+++ b/pkgs/build-support/docker/examples.nix
@@ -87,7 +87,7 @@ rec {
     imageName = "nixos/nix";
     imageTag = "1.11";
     # this hash will need change if the tag is updated at docker hub
-    sha256 = "1gk4bq05vl3rj3mh4mlbl4iicgndmimlv8jvkhdk4hrv0r44bwr3";
+    sha256 = "18xvcnl0yvj9kfi5bkimrhhjaa8xhm3jhshh2xd7c0sbfrmfqzvi";
   };
 
   # 5. example of multiple contents, emacs and vi happily coexisting
diff --git a/pkgs/build-support/docker/pull.nix b/pkgs/build-support/docker/pull.nix
deleted file mode 100644
index 5ccd0a41c5e4..000000000000
--- a/pkgs/build-support/docker/pull.nix
+++ /dev/null
@@ -1,32 +0,0 @@
-{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }:
-let
-  nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
-in
-# For simplicity we only support sha256.
-{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
-, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
-let
-  pullImage = vmTools.runInLinuxVM (
-    stdenv.mkDerivation {
-      inherit name imageId;
-
-      certs = "${cacert}/etc/ssl/certs/ca-bundle.crt";
-
-      builder = ./pull.sh;
-
-      buildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ];
-
-      outputHashAlgo = "sha256";
-      outputHash = sha256;
-
-      impureEnvVars = lib.fetchers.proxyImpureEnvVars;
-
-      preVM = vmTools.createEmptyImage {
-        size = 2048;
-        fullName = "${name}-disk";
-      };
-
-      QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0";
-    });
-in
-  pullImage
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-26 08:08:13 +0000