dockerTools: use skopeo on the right platform

This commit is contained in:
Ding Xiang Fei 2019-06-28 02:15:42 +08:00
parent e8d00113e2
commit ceab72e21b
1 changed files with 29 additions and 20 deletions

View File

@ -1,37 +1,41 @@
{
symlinkJoin,
cacert,
callPackage,
closureInfo,
coreutils,
docker,
e2fsprogs,
findutils,
go,
jshon,
jq,
jshon,
lib,
pkgs,
pigz,
moreutils,
nix,
runCommand,
pigz,
referencesByPopularity,
rsync,
runCommand,
runtimeShell,
shadow,
skopeo,
stdenv,
storeDir ? builtins.storeDir,
substituteAll,
symlinkJoin,
utillinux,
vmTools,
writeReferencesToFile,
referencesByPopularity,
writeScript,
writeText,
closureInfo,
substituteAll,
runtimeShell
}:
# WARNING: this API is unstable and may be subject to backwards-incompatible changes in the future.
rec {
examples = import ./examples.nix {
inherit pkgs buildImage pullImage shadowSetup buildImageWithNixDb;
examples = callPackage ./examples.nix {
inherit buildImage pullImage shadowSetup buildImageWithNixDb;
};
pullImage = let
@ -57,13 +61,13 @@ rec {
inherit imageDigest;
imageName = finalImageName;
imageTag = finalImageTag;
impureEnvVars = pkgs.stdenv.lib.fetchers.proxyImpureEnvVars;
impureEnvVars = stdenv.lib.fetchers.proxyImpureEnvVars;
outputHashMode = "flat";
outputHashAlgo = "sha256";
outputHash = sha256;
nativeBuildInputs = lib.singleton (pkgs.skopeo);
SSL_CERT_FILE = "${pkgs.cacert.out}/etc/ssl/certs/ca-bundle.crt";
nativeBuildInputs = lib.singleton skopeo;
SSL_CERT_FILE = "${cacert.out}/etc/ssl/certs/ca-bundle.crt";
sourceURL = "docker://${imageName}@${imageDigest}";
destNameTag = "${finalImageName}:${finalImageTag}";
@ -156,7 +160,8 @@ rec {
postMount ? "",
postUmount ? ""
}:
vmTools.runInLinuxVM (
let
result = vmTools.runInLinuxVM (
runCommand name {
preVM = vmTools.createEmptyImage {
size = diskSize;
@ -166,8 +171,6 @@ rec {
nativeBuildInputs = [ utillinux e2fsprogs jshon rsync jq ];
} ''
rm -rf $out
mkdir disk
mkfs /dev/${vmTools.hd}
mount /dev/${vmTools.hd} disk
@ -250,6 +253,12 @@ rec {
${postUmount}
'');
in
runCommand name {} ''
mkdir -p $out
cd ${result}
cp layer.tar json VERSION $out
'';
exportImage = { name ? fromImage.name, fromImage, fromImageName ? null, fromImageTag ? null, diskSize ? 1024 }:
runWithOverlay {
@ -489,7 +498,7 @@ rec {
(cd layer; ${extraCommandsScript})
echo "Packing layer..."
mkdir $out
mkdir -p $out
tar -C layer --hard-dereference --sort=name --mtime="@$SOURCE_DATE_EPOCH" -cf $out/layer.tar .
# Compute the tar checksum and add it to the output json.
@ -670,7 +679,7 @@ rec {
extraCommands;
};
result = runCommand "docker-image-${baseName}.tar.gz" {
nativeBuildInputs = [ jshon pigz coreutils findutils jq ];
nativeBuildInputs = [ jshon pigz coreutils findutils jq moreutils ];
# Image name and tag must be lowercase
imageName = lib.toLower name;
imageTag = if tag == null then "" else lib.toLower tag;
@ -784,7 +793,7 @@ rec {
# originally this used `sed -i "1i$layerID" layer-list`, but
# would fail if layer-list was completely empty.
echo "$layerID/layer.tar"
) | ${pkgs.moreutils}/bin/sponge layer-list
) | sponge layer-list
# Create image json and image manifest
imageJson=$(cat ${baseJson} | jq ". + {\"rootfs\": {\"diff_ids\": [], \"type\": \"layers\"}}")