about summary refs log tree commit diff
path: root/pkgs/build-support/docker
diff options
context:
space:
mode:
authorDaiderd Jordan <daiderd@gmail.com>2017-07-01 13:23:12 +0200
committerDaiderd Jordan <daiderd@gmail.com>2017-07-01 17:08:48 +0200
commitdde58651401cf6ab4d63cdec043d677607af0924 (patch)
treed3dc129511b9e8b46fc8b9e077b2aef9f806936c /pkgs/build-support/docker
parent1add3519dffca4fa40e539904c3c9522582167f7 (diff)
downloadnixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar
nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.gz
nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.bz2
nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.lz
nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.xz
nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.zst
nixlib-dde58651401cf6ab4d63cdec043d677607af0924.zip
docker-tools: set group/owner when creating a pure layer
Diffstat (limited to 'pkgs/build-support/docker')
-rw-r--r--pkgs/build-support/docker/default.nix13


1 files changed, 6 insertions, 7 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 4ebe3c0615d3..004816a0b392 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -234,11 +234,10 @@ rec {
     # Files to add to the layer.
     contents ? null,
     # Additional commands to run on the layer before it is tar'd up.
-    extraCommands ? ""
+    extraCommands ? "", uid ? 0, gid ? 0
   }:
     runCommand "docker-layer-${name}" {
       inherit baseJson contents extraCommands;
-
       buildInputs = [ jshon rsync ];
     }
     ''
@@ -260,7 +259,7 @@ rec {
       # Tar up the layer and throw it into 'layer.tar'.
       echo "Packing layer..."
       mkdir $out
-      tar -C layer --mtime="@$SOURCE_DATE_EPOCH" -cf $out/layer.tar .
+      tar -C layer --mtime="@$SOURCE_DATE_EPOCH" --owner=${toString uid} --group=${toString gid} -cf $out/layer.tar .
 
       # Compute a checksum of the tarball.
       echo "Computing layer checksum..."
@@ -297,7 +296,7 @@ rec {
     # How much disk to allocate for the temporary virtual machine.
     diskSize ? 1024,
     # Commands (bash) to run on the layer; these do not require sudo.
-    extraCommands ? ""
+    extraCommands ? "", uid ? 0, gid ? 0
   }:
     # Generate an executable script from the `runAsRoot` text.
     let runAsRootScript = shellScript "run-as-root.sh" runAsRoot;
@@ -375,7 +374,7 @@ rec {
     # Docker config; e.g. what command to run on the container.
     config ? null,
     # Optional bash script to run on the files prior to fixturizing the layer.
-    extraCommands ? "",
+    extraCommands ? "", uid ? 0, gid ? 0,
     # Optional bash script to run as root on the image when provisioning.
     runAsRoot ? null,
     # Size of the virtual machine disk to provision when building the image.
@@ -398,7 +397,7 @@ rec {
         if runAsRoot == null
         then mkPureLayer {
           name = baseName;
-          inherit baseJson contents extraCommands;
+          inherit baseJson contents extraCommands uid gid;
         } else mkRootLayer {
           name = baseName;
           inherit baseJson fromImage fromImageName fromImageTag
@@ -498,7 +497,7 @@ rec {
         chmod -R a-w image
 
         echo "Cooking the image..."
-        tar -C image --mtime="@$SOURCE_DATE_EPOCH" -c . | pigz -nT > $out
+        tar -C image --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 -c . | pigz -nT > $out
 
         echo "Finished."
       '';

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-25 16:01:24 +0000