Robert Hensing
cbb1f39264
nixosTests.docker-tools: Add image-with-certs
2022-09-21 01:00:04 +01:00
Ross Light
f140b54916
dockerTools: add missing mkdir to caCertificates derivation
2022-09-20 08:07:23 -07:00
Robert Hensing
62b25a28fe
Merge pull request #170906 from Sohalt/dockerTools.ca-certificates.crt
...
dockerTools ca-certificates.crt helper
2022-08-31 14:08:02 +02:00
Alex James
c9af898255
dockerTools.buildImage: make VM memSize configurable
...
Fixes #186752 . This adds buildVMMemorySize (defaults to 512 MiB) to
buildImage, which is passed to vm.runInLinuxVM. This is needed for
larger base images, which may otherwise cause container build failures
due to OOM in the VM.
2022-08-16 21:47:29 -05:00
olaf
5a6853b3bf
use consistently user alice for examples
2022-08-05 13:13:24 +02:00
zowoq
0c98db7b91
dockerTools: use list of strings for configureFlags
2022-07-15 10:23:07 +10:00
Robert Hensing
e007eb480c
dockerTools.buildImage: Add copyToRoot to replace contents, explain usage
2022-07-06 07:30:24 +02:00
Robert Hensing
44522c1d59
dockerTools.examples.etc: Make it a reliable test
...
/etc/hosts is generally also provided by the container runtime.
2022-05-30 14:32:14 +02:00
Robert Hensing
116832edbf
dockerTools: Add example of using NixOS' etc
...
(cherry picked from commit 9b2af8673b
)
2022-05-30 14:26:52 +02:00
Robert Hensing
c071530ca5
testers.invalidateFetcherByDrvHash: Move from top-level
2022-05-05 12:08:50 +02:00
sohalt
f238aa9833
dockerTools: add caCertificates helper
...
Various tools (e.g. wget) expect the ca bundle to be available at
/etc/ssl/certs/ca-certificates.crt
2022-05-03 11:57:25 +02:00
Ben Siraphob
259fa13d53
treewide: remove nativeBuildInputs that are in stdenv
2022-04-16 21:46:46 +03:00
zowoq
e65aba25f8
dockerTools: misc fixes
...
- add nixosTests to `dockerTools.tests`
- don't use `pkgs` or `lib.singleton`
2022-04-05 17:04:59 +10:00
zowoq
76636e0099
dockerTools: pkgs.system -> pkgs.stdenv.hostPlatform.system
...
`pkgs.system` is an alias
2022-04-05 10:19:40 +10:00
Florian Klink
76d05dfa62
fakeNss: move to toplevel
...
Make this reachable from pkgs.fakeNss. This is useful outside docker
contexts, too.
https://github.com/NixOS/nixpkgs/pull/164943#discussion_r833220769
2022-03-24 18:47:30 +01:00
Vincent Ambo
af9f248926
streamLayeredImage: pass through passthru attributes
...
This is useful for a use-case we have with a Nix-based CI system that
specifies things like deploy steps as passthru attributes[0].
Previously the only way to do this would have been to concatenate
attributes onto the resulting derivation, but passing them in and
actually treating them as proper passthru attributes is cleaner.
[0]: https://cs.tvl.fyi/depot@f7d7da6aceb407b719cf4683a75878fd3aca319e/-/blob/nix/buildkite/default.nix?L222-226
2022-01-31 10:10:10 +03:00
Andrew Brooks
57718902e3
nixos/tests/docker-tools: add test for pre-runAsRoot layer unpack order
2021-12-17 19:26:53 -06:00
Andrew Brooks
69ffb0004a
dockerTools.buildImage: unpack base image layers in correct order
2021-12-17 18:28:10 -06:00
Robert Hensing
ddda5f28e1
dockerTools: Keep fakechroot disabled by default
...
Avoid risk of breaking existing images by making it opt-in.
2021-12-04 13:49:10 +00:00
Robert Hensing
0e9bc9ffd1
dockerTools: Add fakechroot to fakeRootCommands
2021-12-04 13:49:10 +00:00
Robert Hensing
66c19d856b
Merge pull request #148341 from hercules-ci/add-dockerTools-customization-layer-dependencies
...
dockerTools: Add store dependencies of the customization layer
2021-12-03 00:20:44 +01:00
Robert Hensing
d0bcc212de
nixosTests.docker-tools: Use unique binary in test case
2021-12-02 22:26:05 +00:00
Ryan Burns
f67d4dd9c1
Merge pull request #142616 from r-burns/toplevel-system
...
treewide: remove toplevel `system` attr
2021-10-27 10:03:24 -07:00
Robert Hensing
8ecfaf3543
dockerTools: Fix test
2021-10-25 12:25:01 +02:00
Ryan Burns
aed6bb336e
build-support/docker: remove toplevel system attr
2021-10-22 14:04:05 -07:00
Robert Hensing
3b9d05e114
dockerTools: Fix and test #118722 path in contents
2021-10-18 12:41:51 +02:00
Robert Hensing
48cfdc8ca5
dockerTools: Add store dependencies of the customization layer
2021-10-06 22:45:04 +02:00
Robert Hensing
286c71a230
Merge pull request #139892 from hercules-ci/dockerTools-test-pullImage
...
dockerTools: test pullImage
2021-09-29 15:27:49 +02:00
Robert Hensing
16a4da9127
dockerTools: Test pullImage fetcher whenever its implementation changes
2021-09-29 14:41:08 +02:00
Robert Hensing
1a0edf135a
dockerTools.exportImage: Make $out a tarball again
2021-09-29 09:34:45 +02:00
Robert Hensing
63bf4539b9
dockerTools.runWithOverlay: Avoid cluttering $out and copying
2021-09-29 09:34:06 +02:00
Justin Bedo
fa0cc611ff
dockerTools: fix export
2021-09-29 15:35:25 +10:00
Justin Bedo
0319228a45
docker-tools: add example for exportImage functionality and test
2021-09-29 15:35:21 +10:00
divanorama
b012fe5e7e
use --verbatim-files-from in dockerTools
...
https://www.gnu.org/software/tar/manual/html_node/files.html
files starting with - can be treated as command line options, which isn't desirable here
2021-09-10 19:12:32 +02:00
Florian Klink
14b61efa87
dockerTools.usrBinEnv: add
...
This provides a /usr/bin/env, for shell scripts using the
"/usr/bin/env executable" shebang.
2021-08-25 16:08:39 +02:00
Florian Klink
f8031c60b7
dockerTools.fakeNss: add /etc/nsswitch.conf ( #134958 )
...
Apparently, a non-existent nsswitch.conf causes a very misleading host
resolution, differing from the defaults people are used to.
According to
https://github.com/golang/go/issues/22846#issuecomment-346377144 , glibc
says the default is "dns [!UNAVAIL=return] files".
This means, `/etc/hosts` isn't really honored, causing all sorts of
unexpected behaviour.
Let's prevent this, and first ask `/etc/hosts` before querying DNS, like
we do on NixOS too.
2021-08-20 19:44:17 +02:00
Robert Hensing
fbafeb7ad5
treewide: runCommandNoCC -> runCommand
...
This has been synonymous for ~5y.
2021-08-15 17:36:41 +02:00
Luke Granger-Brown
dbe9bf9848
dockerTools.pullImage: fix for skopeo 1.4.x
...
skopeo 1.4.x doesn't accept --src-tls-verify as a flag to the *program*,
only as a flag to copy; we must pass it after the "copy" verb, or it
will fail with:
> FATA[0000] unknown flag: --src-tls-verify
2021-08-14 21:21:26 +00:00
Sandro Jäckel
ceb417aaf1
docker: format
2021-08-10 10:32:46 +02:00
Robert Hensing
1c4b1018a3
Merge pull request #132626 from zowoq/tarsum
...
tarsum: init
2021-08-05 12:14:35 +02:00
zowoq
5dde5ea73e
tarsum: init
...
- move from dockerTools.tarsum
- remove go from runtime closure
2021-08-05 08:54:41 +10:00
Robert Hensing
641bac80e5
dockerTools.buildImage: Allow build on darwin ( #132640 )
...
Indeed Docker can not run darwin exes, but darwin can build
Docker images, as some users already do with buildLayeredImage.
2021-08-04 06:06:06 -04:00
zowoq
05fe220746
dockerTools.tarsum: use current go
2021-07-08 16:31:33 +10:00
Luke Granger-Brown
48c23a086b
dockerTools.pullImage: force disable skopeo's progress bar
...
skopeo will disable the progress bar if it detects that stdout isn't a
TTY - in order to make it think that stdout _isn't_ a TTY and therefore
avoid it printing a lot of "…" on separate lines, we pipe the output
through cat.
This changes the output from:
…
…
…
…
…
…
to the eminently more useful and less spammy:
Getting image source signatures
Copying blob sha256:[snip]
Copying blob sha256:[snip]
Copying blob sha256:[snip]
Copying config sha256:[snip]
Writing manifest to image destination
Storing signatures
2021-07-03 01:40:38 +00:00
Robert Hensing
76f53eef48
Merge pull request #125223 from hercules-ci/fix-dockerTools-example-fetch-sha
...
nixosTests.docker-tools: Fix nixFromDockerHub example sha
2021-06-10 10:10:18 +02:00
Robert Hensing
1834bc8711
Merge pull request #125216 from hercules-ci/follow-up-115491
...
dockerTools: Fix passthru image tag
2021-06-02 16:58:49 +02:00
Robert Hensing
d155b8c438
nixosTests.docker-tools: Fix nixFromDockerHub example sha
...
For https://github.com/NixOS/nixpkgs/pull/125211 I tried to test
the fetcher with
nix-build -A dockerTools.examples.nixFromDockerHub --option substitute false
But it failed. I haven't figured out the cause, but the outputs
match, so it's probably the hashing method (flat/recursive) that
changed at some point. (The names did match.)
2021-06-01 15:13:03 +02:00
Robert Hensing
7f6a395070
Merge pull request #125211 from edwtjo/docker-fetch-wotls
...
build-support/docker: pass tlsVerify to support http registries
2021-06-01 15:07:48 +02:00
Robert Hensing
ff55c41fac
dockerTools: Fix passthru image tag
...
It should match the actual image tag.
This fixes the problem introduced in 00996b5e03
https://github.com/NixOS/nixpkgs/pull/115491#pullrequestreview-672789901
2021-06-01 14:42:21 +02:00
Edward Tjörnhammar
ab4649e9d1
build-support/docker: pass tlsVerify to support http registries
2021-06-01 14:34:24 +02:00