diff --git a/doc/functions/dockertools.xml b/doc/functions/dockertools.xml
index 75db0bd3918c..8330b9774047 100644
--- a/doc/functions/dockertools.xml
+++ b/doc/functions/dockertools.xml
@@ -436,18 +436,7 @@ pullImage {
imageDigest specifies the digest of the image to be
- downloaded. Skopeo can be used to get the digest of an image, with its
- inspect subcommand. Since a given
- imageName may transparently refer to a manifest list of
- images which support multiple architectures and/or operating systems,
- supply the `--override-os` and `--override-arch` arguments to specify
- exactly which image you want. By default it will match the OS and
- architecture of the host the command is run on.
-
-$ nix-shell --packages skopeo jq --command "skopeo --override-os linux --override-arch x86_64 inspect docker://docker.io/nixos/nix:1.11 | jq -r '.Digest'"
-sha256:20d9485b25ecfd89204e843a962c1bd70e9cc6858d65d7f5fadc340246e2116b
-
- This argument is required.
+ downloaded. This argument is required.
@@ -477,6 +466,34 @@ sha256:20d9485b25ecfd89204e843a962c1bd70e9cc6858d65d7f5fadc340246e2116b
+
+
+ nix-prefetch-docker command can be used to get required
+ image parameters:
+
+
+$ nix run nixpkgs.nix-prefetch-docker -c nix-prefetch-docker --image-name mysql --image-tag 5
+
+
+ Since a given imageName may transparently refer to a
+ manifest list of images which support multiple architectures and/or
+ operating systems, you can supply the and
+ arguments to specify exactly which image you want.
+ By default it will match the OS and architecture of the host the command is
+ run on.
+
+
+$ nix-prefetch-docker --image-name mysql --image-tag 5 --arch x86_64 --os linux
+
+
+ Desired image name and tag can be set using
+ and
+ arguments:
+
+
+$ nix-prefetch-docker --image-name mysql --image-tag 5 --final-image-name eu.gcr.io/my-project/mysql --final-image-tag prod
+
+
diff --git a/pkgs/build-support/docker/nix-prefetch-docker b/pkgs/build-support/docker/nix-prefetch-docker
new file mode 100755
index 000000000000..839dc87487a0
--- /dev/null
+++ b/pkgs/build-support/docker/nix-prefetch-docker
@@ -0,0 +1,173 @@
+#! /usr/bin/env bash
+
+set -e -o pipefail
+
+os=
+arch=
+imageName=
+imageTag=
+imageDigest=
+finalImageName=
+finalImageTag=
+hashType=$NIX_HASH_ALGO
+hashFormat=$hashFormat
+format=nix
+
+usage(){
+ echo >&2 "syntax: nix-prefetch-docker [options] [IMAGE_NAME [IMAGE_TAG|IMAGE_DIGEST]]
+
+Options:
+ --os os OS to fetch image for
+ --arch linux Arch to fetch image for
+ --image-name name Name of the image to fetch
+ --image-tag tag Image tag
+ --image-digest digest Image digest
+ --final-image-name name Desired name of the image
+ --final-image-tag tag Desired image tag
+ --json Output result in json format instead of nix
+ --quiet Only print the final result
+"
+ exit 1
+}
+
+get_image_digest(){
+ local imageName=$1
+ local imageTag=$2
+
+ if test -z "$imageTag"; then
+ imageTag="latest"
+ fi
+
+ skopeo inspect "docker://$imageName:$imageTag" | jq '.Digest' -r
+}
+
+get_name() {
+ local imageName=$1
+ local imageTag=$2
+
+ echo "docker-image-$(echo "$imageName:$imageTag" | tr '/:' '-').tar"
+}
+
+argi=0
+argfun=""
+for arg; do
+ if test -z "$argfun"; then
+ case $arg in
+ --os) argfun=set_os;;
+ --arch) argfun=set_arch;;
+ --image-name) argfun=set_imageName;;
+ --image-tag) argfun=set_imageTag;;
+ --image-digest) argfun=set_imageDigest;;
+ --final-image-name) argfun=set_finalImageName;;
+ --final-image-tag) argfun=set_finalImageTag;;
+ --quiet) QUIET=true;;
+ --json) format=json;;
+ --help) usage; exit;;
+ *)
+ : $((++argi))
+ case $argi in
+ 1) imageName=$arg;;
+ 2) [[ $arg == *"sha256"* ]] && imageDigest=$arg || imageTag=$arg;;
+ *) exit 1;;
+ esac
+ ;;
+ esac
+ else
+ case $argfun in
+ set_*)
+ var=${argfun#set_}
+ eval $var=$arg
+ ;;
+ esac
+ argfun=""
+ fi
+done
+
+if test -z "$imageName"; then
+ usage
+fi
+
+if test -z "$os"; then
+ os=linux
+fi
+
+if test -z "$arch"; then
+ arch=amd64
+fi
+
+if test -z "$hashType"; then
+ hashType=sha256
+fi
+
+if test -z "$hashFormat"; then
+ hashFormat=base32
+fi
+
+if test -z "$finalImageName"; then
+ finalImageName="$imageName"
+fi
+
+if test -z "$finalImageTag"; then
+ if test -z "$imageTag"; then
+ finalImageTag="latest"
+ else
+ finalImageTag="$imageTag"
+ fi
+fi
+
+if test -z "$imageDigest"; then
+ imageDigest=$(get_image_digest $imageName $imageTag)
+fi
+
+sourceUrl="docker://$imageName@$imageDigest"
+
+tmpPath="$(mktemp -d "${TMPDIR:-/tmp}/skopeo-copy-tmp-XXXXXXXX")"
+trap "rm -rf \"$tmpPath\"" EXIT
+
+tmpFile="$tmpPath/$(get_name $finalImageName $finalImageTag)"
+
+if test -z "$QUIET"; then
+ skopeo --override-os ${os} --override-arch ${arch} copy "$sourceUrl" "docker-archive://$tmpFile:$finalImageName:$finalImageTag"
+else
+ skopeo --override-os ${os} --override-arch ${arch} copy "$sourceUrl" "docker-archive://$tmpFile:$finalImageName:$finalImageTag" > /dev/null
+fi
+
+# Compute the hash.
+imageHash=$(nix-hash --flat --type $hashType --base32 "$tmpFile")
+
+# Add the downloaded file to Nix store.
+finalPath=$(nix-store --add-fixed "$hashType" "$tmpFile")
+
+if test -z "$QUIET"; then
+ echo "-> ImageName: $imageName"
+ echo "-> ImageDigest: $imageDigest"
+ echo "-> FinalImageName: $finalImageName"
+ echo "-> FinalImageTag: $finalImageTag"
+ echo "-> ImagePath: $finalPath"
+ echo "-> ImageHash: $imageHash"
+fi
+
+if [ "$format" == "nix" ]; then
+cat <