public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "dockerTools.pullImage: use skopeo to pull the image"

Browse Source 
This reverts commit 01174c5f4d7df0fd0928fbf8a2a8e633a9cf54aa.

See https://github.com/NixOS/nixpkgs/pull/29302#issuecomment-332809092
for more information. This broke image format compatibility and
therefore amongst others mesos.
This commit is contained in:
Robin Gloster 2017-09-28 13:24:56 +02:00
parent 69344de783
commit 5c6dc717a6
No known key found for this signature in database
GPG Key ID: D5C458DF6DD97EDF
3 changed files with 34 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
pkgs/build-support/docker/default.nix
View File

@ -32,20 +32,7 @@ rec {
inherit pkgs buildImage pullImage shadowSetup buildImageWithNixDb; inherit pkgs buildImage pullImage shadowSetup buildImageWithNixDb;
}; };
pullImage = pullImage = callPackage ./pull.nix {};
let
nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
in
# For simplicity we only support sha256.
{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
runCommand name {
impureEnvVars=pkgs.stdenv.lib.fetchers.proxyImpureEnvVars;
outputHashMode="flat";
outputHashAlgo="sha256";
outputHash=sha256;
}
"${pkgs.skopeo}/bin/skopeo copy docker://${imageId} docker-archive://$out:${imageId}";
# We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash. # We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash.
# And we cannot untar it, because then we cannot preserve permissions ecc. # And we cannot untar it, because then we cannot preserve permissions ecc.

2
pkgs/build-support/docker/examples.nix
View File

@ -87,7 +87,7 @@ rec {
imageName = "nixos/nix"; imageName = "nixos/nix";
imageTag = "1.11"; imageTag = "1.11";
# this hash will need change if the tag is updated at docker hub # this hash will need change if the tag is updated at docker hub
sha256 = "18xvcnl0yvj9kfi5bkimrhhjaa8xhm3jhshh2xd7c0sbfrmfqzvi"; sha256 = "1gk4bq05vl3rj3mh4mlbl4iicgndmimlv8jvkhdk4hrv0r44bwr3";
}; };
# 5. example of multiple contents, emacs and vi happily coexisting # 5. example of multiple contents, emacs and vi happily coexisting

32
pkgs/build-support/docker/pull.nix Normal file
View File

@ -0,0 +1,32 @@
{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }:
let
nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
in
# For simplicity we only support sha256.
{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
let
pullImage = vmTools.runInLinuxVM (
stdenv.mkDerivation {
inherit name imageId;
certs = "${cacert}/etc/ssl/certs/ca-bundle.crt";
builder = ./pull.sh;
buildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ];
outputHashAlgo = "sha256";
outputHash = sha256;
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
preVM = vmTools.createEmptyImage {
size = 2048;
fullName = "${name}-disk";
};
QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0";
});
in
pullImage