summary refs log tree commit diff
path: root/pkgs/build-support/docker/pull.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/build-support/docker/pull.nix')
-rw-r--r--pkgs/build-support/docker/pull.nix57
1 files changed, 24 insertions, 33 deletions
diff --git a/pkgs/build-support/docker/pull.nix b/pkgs/build-support/docker/pull.nix
index 0e1b147f6e18..5ccd0a41c5e4 100644
--- a/pkgs/build-support/docker/pull.nix
+++ b/pkgs/build-support/docker/pull.nix
@@ -1,41 +1,32 @@
-{ stdenv, lib, curl, jshon, python, runCommand }:
-
-# Inspired and simplified version of fetchurl.
+{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }:
+let
+  nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
+in
 # For simplicity we only support sha256.
+{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
+, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
+let
+  pullImage = vmTools.runInLinuxVM (
+    stdenv.mkDerivation {
+      inherit name imageId;
 
-# Currently only registry v1 is supported, compatible with Docker Hub.
-
-{ imageName, imageTag ? "latest", imageId ? null
-, sha256, name ? "${imageName}-${imageTag}"
-, indexUrl ? "https://index.docker.io"
-, registryVersion ? "v1"
-, curlOpts ? "" }:
-
-assert registryVersion == "v1";
-
-let layer = stdenv.mkDerivation {
-  inherit name imageName imageTag imageId
-          indexUrl registryVersion curlOpts;
+      certs = "${cacert}/etc/ssl/certs/ca-bundle.crt";
 
-  builder = ./pull.sh;
-  detjson = ./detjson.py;
+      builder = ./pull.sh;
 
-  buildInputs = [ curl jshon python ];
+      buildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ];
 
-  outputHashAlgo = "sha256";
-  outputHash = sha256;
-  outputHashMode = "recursive";
+      outputHashAlgo = "sha256";
+      outputHash = sha256;
 
-  impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [
-    # This variable allows the user to pass additional options to curl
-    "NIX_CURL_FLAGS"
-  ];
+      impureEnvVars = lib.fetchers.proxyImpureEnvVars;
 
-  # Doing the download on a remote machine just duplicates network
-  # traffic, so don't do that.
-  preferLocalBuild = true;
-};
+      preVM = vmTools.createEmptyImage {
+        size = 2048;
+        fullName = "${name}-disk";
+      };
 
-in runCommand "${name}.tar.gz" {} ''
-  tar -C ${layer} -czf $out .
-''
+      QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0";
+    });
+in
+  pullImage
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-17 16:40:47 +0000