mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-22 13:08:39 +03:00
Merge pull request #124494 from hercules-ci/dockerTools-omit-store
dockerTools: Allow omitting all store paths
This commit is contained in:
commit
490aeb3cfa
@ -20,6 +20,20 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
|
||||
docker.wait_for_unit("sockets.target")
|
||||
|
||||
with subtest("includeStorePath"):
|
||||
with subtest("assumption"):
|
||||
docker.succeed("${examples.helloOnRoot} | docker load")
|
||||
docker.succeed("set -euo pipefail; docker run --rm hello | grep -i hello")
|
||||
docker.succeed("docker image rm hello:latest")
|
||||
with subtest("includeStorePath = false; breaks example"):
|
||||
docker.succeed("${examples.helloOnRootNoStore} | docker load")
|
||||
docker.fail("set -euo pipefail; docker run --rm hello | grep -i hello")
|
||||
docker.succeed("docker image rm hello:latest")
|
||||
with subtest("includeStorePath = false; works with mounted store"):
|
||||
docker.succeed("${examples.helloOnRootNoStore} | docker load")
|
||||
docker.succeed("set -euo pipefail; docker run --rm --volume ${builtins.storeDir}:${builtins.storeDir}:ro hello | grep -i hello")
|
||||
docker.succeed("docker image rm hello:latest")
|
||||
|
||||
with subtest("Ensure Docker images use a stable date by default"):
|
||||
docker.succeed(
|
||||
"docker load --input='${examples.bash}'"
|
||||
|
@ -37,6 +37,10 @@
|
||||
|
||||
let
|
||||
|
||||
inherit (lib)
|
||||
optionals
|
||||
;
|
||||
|
||||
mkDbExtraCommand = contents: let
|
||||
contentsList = if builtins.isList contents then contents else [ contents ];
|
||||
in ''
|
||||
@ -786,7 +790,11 @@ rec {
|
||||
fakeRootCommands ? "",
|
||||
# We pick 100 to ensure there is plenty of room for extension. I
|
||||
# believe the actual maximum is 128.
|
||||
maxLayers ? 100
|
||||
maxLayers ? 100,
|
||||
# Whether to include store paths in the image. You generally want to leave
|
||||
# this on, but tooling may disable this to insert the store paths more
|
||||
# efficiently via other means, such as bind mounting the host store.
|
||||
includeStorePaths ? true,
|
||||
}:
|
||||
assert
|
||||
(lib.assertMsg (maxLayers > 1)
|
||||
@ -834,7 +842,9 @@ rec {
|
||||
'';
|
||||
};
|
||||
|
||||
closureRoots = [ baseJson ] ++ contentsList;
|
||||
closureRoots = optionals includeStorePaths /* normally true */ (
|
||||
[ baseJson ] ++ contentsList
|
||||
);
|
||||
overallClosure = writeText "closure" (lib.concatStringsSep " " closureRoots);
|
||||
|
||||
# These derivations are only created as implementation details of docker-tools,
|
||||
|
@ -516,4 +516,29 @@ rec {
|
||||
bash
|
||||
layeredImageWithFakeRootCommands
|
||||
];
|
||||
|
||||
helloOnRoot = pkgs.dockerTools.streamLayeredImage {
|
||||
name = "hello";
|
||||
tag = "latest";
|
||||
contents = [
|
||||
(pkgs.buildEnv {
|
||||
name = "hello-root";
|
||||
paths = [ pkgs.hello ];
|
||||
})
|
||||
];
|
||||
config.Cmd = [ "hello" ];
|
||||
};
|
||||
|
||||
helloOnRootNoStore = pkgs.dockerTools.streamLayeredImage {
|
||||
name = "hello";
|
||||
tag = "latest";
|
||||
contents = [
|
||||
(pkgs.buildEnv {
|
||||
name = "hello-root";
|
||||
paths = [ pkgs.hello ];
|
||||
})
|
||||
];
|
||||
config.Cmd = [ "hello" ];
|
||||
includeStorePaths = false;
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user