diff options
author | Daiderd Jordan <daiderd@gmail.com> | 2017-07-01 13:23:12 +0200 |
---|---|---|
committer | Daiderd Jordan <daiderd@gmail.com> | 2017-07-01 17:08:48 +0200 |
commit | dde58651401cf6ab4d63cdec043d677607af0924 (patch) | |
tree | d3dc129511b9e8b46fc8b9e077b2aef9f806936c /pkgs/build-support | |
parent | 1add3519dffca4fa40e539904c3c9522582167f7 (diff) | |
download | nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.gz nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.bz2 nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.lz nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.xz nixlib-dde58651401cf6ab4d63cdec043d677607af0924.tar.zst nixlib-dde58651401cf6ab4d63cdec043d677607af0924.zip |
docker-tools: set group/owner when creating a pure layer
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/docker/default.nix | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 4ebe3c0615d3..004816a0b392 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -234,11 +234,10 @@ rec { # Files to add to the layer. contents ? null, # Additional commands to run on the layer before it is tar'd up. - extraCommands ? "" + extraCommands ? "", uid ? 0, gid ? 0 }: runCommand "docker-layer-${name}" { inherit baseJson contents extraCommands; - buildInputs = [ jshon rsync ]; } '' @@ -260,7 +259,7 @@ rec { # Tar up the layer and throw it into 'layer.tar'. echo "Packing layer..." mkdir $out - tar -C layer --mtime="@$SOURCE_DATE_EPOCH" -cf $out/layer.tar . + tar -C layer --mtime="@$SOURCE_DATE_EPOCH" --owner=${toString uid} --group=${toString gid} -cf $out/layer.tar . # Compute a checksum of the tarball. echo "Computing layer checksum..." @@ -297,7 +296,7 @@ rec { # How much disk to allocate for the temporary virtual machine. diskSize ? 1024, # Commands (bash) to run on the layer; these do not require sudo. - extraCommands ? "" + extraCommands ? "", uid ? 0, gid ? 0 }: # Generate an executable script from the `runAsRoot` text. let runAsRootScript = shellScript "run-as-root.sh" runAsRoot; @@ -375,7 +374,7 @@ rec { # Docker config; e.g. what command to run on the container. config ? null, # Optional bash script to run on the files prior to fixturizing the layer. - extraCommands ? "", + extraCommands ? "", uid ? 0, gid ? 0, # Optional bash script to run as root on the image when provisioning. runAsRoot ? null, # Size of the virtual machine disk to provision when building the image. @@ -398,7 +397,7 @@ rec { if runAsRoot == null then mkPureLayer { name = baseName; - inherit baseJson contents extraCommands; + inherit baseJson contents extraCommands uid gid; } else mkRootLayer { name = baseName; inherit baseJson fromImage fromImageName fromImageTag @@ -498,7 +497,7 @@ rec { chmod -R a-w image echo "Cooking the image..." - tar -C image --mtime="@$SOURCE_DATE_EPOCH" -c . | pigz -nT > $out + tar -C image --mtime="@$SOURCE_DATE_EPOCH" --owner=0 --group=0 -c . | pigz -nT > $out echo "Finished." ''; |