From 886c92332c8c9ecf62de9ab12789a6c4ee5207fc Mon Sep 17 00:00:00 2001 From: Alex Biehl Date: Sat, 23 May 2020 22:31:34 +0200 Subject: dockerTools: Properly add /nix/ and /nix/store/ first to layer.tar In https://github.com/NixOS/nixpkgs/pull/58431 the authors ensured that the resulting layer.tar would always list /nix/ /nix/store/ first to fully comply to the tar spec. Various refactorings later it is only ensured to create /nix/ but NOT /nix/store anymore. Instead tar transformed them to /nix/nix and /nix/nix/store. --- pkgs/build-support/docker/store-path-to-layer.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'pkgs/build-support/docker') diff --git a/pkgs/build-support/docker/store-path-to-layer.sh b/pkgs/build-support/docker/store-path-to-layer.sh index d834716e4b21..7437da51cc4a 100755 --- a/pkgs/build-support/docker/store-path-to-layer.sh +++ b/pkgs/build-support/docker/store-path-to-layer.sh @@ -30,12 +30,13 @@ mkdir -p nix/store # store path to the absolute store path. tarhash=$( basename -a "$@" | - tar -cp nix \ - -C /nix/store --verbatim-files-from --files-from - \ + tar --create --preserve-permissions --absolute-names nix \ + --directory /nix/store --verbatim-files-from --files-from - \ --hard-dereference --sort=name \ --mtime="@$SOURCE_DATE_EPOCH" \ --owner=0 --group=0 \ - --transform 's,^nix(/|$),/nix/,' \ + --transform 's,^nix$,/\0,' \ + --transform 's,^nix/store$,/\0,' \ --transform 's,^[^/],/nix/store/\0,rS' | tee "$layerPath/layer.tar" | tarsum -- cgit 1.4.1 From 365d07cea0446cbdc3d2c89502ce62c1f283989b Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Mon, 25 May 2020 14:29:54 +1000 Subject: dockerTools: fix skopeo commands --- pkgs/build-support/docker/nix-prefetch-docker | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'pkgs/build-support/docker') diff --git a/pkgs/build-support/docker/nix-prefetch-docker b/pkgs/build-support/docker/nix-prefetch-docker index bf01384ccdb4..1b6785189c28 100755 --- a/pkgs/build-support/docker/nix-prefetch-docker +++ b/pkgs/build-support/docker/nix-prefetch-docker @@ -12,7 +12,6 @@ finalImageTag= hashType=$NIX_HASH_ALGO hashFormat=$hashFormat format=nix -skopeoCmd="skopeo --insecure-policy --tmpdir=$TMPDIR" usage(){ echo >&2 "syntax: nix-prefetch-docker [options] [IMAGE_NAME [IMAGE_TAG|IMAGE_DIGEST]] @@ -39,7 +38,7 @@ get_image_digest(){ imageTag="latest" fi - "$skopeoCmd" inspect "docker://$imageName:$imageTag" | jq '.Digest' -r + skopeo --insecure-policy --tmpdir=$TMPDIR inspect "docker://$imageName:$imageTag" | jq '.Digest' -r } get_name() { @@ -128,9 +127,9 @@ trap "rm -rf \"$tmpPath\"" EXIT tmpFile="$tmpPath/$(get_name $finalImageName $finalImageTag)" if test -z "$QUIET"; then - "$skopeoCmd" --override-os ${os} --override-arch ${arch} copy "$sourceUrl" "docker-archive://$tmpFile:$finalImageName:$finalImageTag" + skopeo --insecure-policy --tmpdir=$TMPDIR --override-os ${os} --override-arch ${arch} copy "$sourceUrl" "docker-archive://$tmpFile:$finalImageName:$finalImageTag" else - "$skopeoCmd" --override-os ${os} --override-arch ${arch} copy "$sourceUrl" "docker-archive://$tmpFile:$finalImageName:$finalImageTag" > /dev/null + skopeo --insecure-policy --tmpdir=$TMPDIR --override-os ${os} --override-arch ${arch} copy "$sourceUrl" "docker-archive://$tmpFile:$finalImageName:$finalImageTag" > /dev/null fi # Compute the hash. -- cgit 1.4.1