diff options
Diffstat (limited to 'pkgs/build-support/docker/pull.sh')
| -rw-r--r-- | pkgs/build-support/docker/pull.sh | 102 |
1 files changed, 26 insertions, 76 deletions
diff --git a/pkgs/build-support/docker/pull.sh b/pkgs/build-support/docker/pull.sh index 7ba146e9de09..0b1e9f310ee9 100644 --- a/pkgs/build-support/docker/pull.sh +++ b/pkgs/build-support/docker/pull.sh @@ -1,86 +1,36 @@ -# Reference: docker src contrib/download-frozen-image.sh - source $stdenv/setup -# Curl flags to handle redirects, not use EPSV, handle cookies for -# servers to need them during redirects, and work on SSL without a -# certificate (this isn't a security problem because we check the -# cryptographic hash of the output anyway). -curl=$(command -v curl) -curl() { - [[ -n ${token:-} ]] && set -- -H "Authorization: Token $token" "$@" - $curl \ - --location --max-redirs 20 \ - --retry 3 \ - --fail \ - --disable-epsv \ - --cookie-jar cookies \ - --insecure \ - $curlOpts \ - $NIX_CURL_FLAGS \ - "$@" -} - -fetchLayer() { - local url="$1" - local dest="$2" - local curlexit=18; - - # if we get error code 18, resume partial download - while [ $curlexit -eq 18 ]; do - # keep this inside an if statement, since on failure it doesn't abort the script - if curl -C - "$url" --output "$dest"; then - return 0 - else - curlexit=$?; - fi - done - - return $curlexit -} - -headers=$(curl -o /dev/null -D- -H 'X-Docker-Token: true' \ - "$indexUrl/$registryVersion/repositories/$imageName/images") +mkdir -p /var/lib/docker +mkfs.ext4 /dev/vda +mount -t ext4 /dev/vda /var/lib/docker -header() { - grep $1 <<< "$headers" | tr -d '\r' | cut -d ' ' -f 2 -} +modprobe virtio_net +dhclient eth0 -# this only takes the first endpoint, more may be provided -# https://docs.docker.com/v1.6/reference/api/docker-io_api/ -if ! registryUrl=$(header X-Docker-Endpoints); then - echo "error: index returned no endpoint" - exit 1 -fi -baseUrl="https://$registryUrl/$registryVersion" +mkdir -p /etc/ssl/certs/ +cp "$certs" "/etc/ssl/certs/" -token="$(header X-Docker-Token || true)"; - -if [ -z "$imageId" ]; then - imageId="$(curl "$baseUrl/repositories/$imageName/tags/$imageTag")" - imageId="${imageId//\"/}" - if [ -z "$imageId" ]; then - echo "error: no image ID found for ${imageName}:${imageTag}" - exit 1 +# from https://github.com/tianon/cgroupfs-mount/blob/master/cgroupfs-mount +mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup +cd /sys/fs/cgroup +for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do + mkdir -p $sys + if ! mountpoint -q $sys; then + if ! mount -n -t cgroup -o $sys cgroup $sys; then + rmdir $sys || true fi + fi +done - echo "found image ${imageName}:${imageTag}@$imageId" -fi - -mkdir -p $out +# run docker daemon +dockerd -H tcp://127.0.0.1:5555 -H unix:///var/run/docker.sock & -jshon -n object \ - -n object -s "$imageId" -i "$imageTag" \ - -i "$imageName" > $out/repositories +until docker ps 2>/dev/null; do + printf '.' + sleep 1 +done -curl "$baseUrl/images/$imageId/ancestry" -o ancestry.json +rm -r $out -layerIds=$(jshon -a -u < ancestry.json) -for layerId in $layerIds; do - echo "fetching layer $layerId" - - mkdir "$out/$layerId" - echo '1.0' > "$out/$layerId/VERSION" - curl "$baseUrl/images/$layerId/json" | python $detjson > "$out/$layerId/json" - fetchLayer "$baseUrl/images/$layerId/layer" "$out/$layerId/layer.tar" -done +docker pull ${imageId} +docker save ${imageId} > $out |