Setting the image creation timestamp in the image metadata to a
constant date can cause problems with self-hosted container
registries, that need to e.g. prune old images. This timestamp is
also useful for debugging.
However, it is almost never useful to set the filesystem timestamp to
a constant value. Doing so not only causes the image to possibly no
longer be reproducible, but also removes any possibility of
deduplicating layers with other images, causing unnecessary storage
space usage.
Therefore, this commit introduces "mtime", a new parameter to
streamLayeredImage, which allows specifying the filesystem timestamps
separately from "created". For backwards compatibility, "mtime"
defaults to the value of "created".
* doc: add stdenv passthru chapter
Broad strokes:
- create the chapter
- move existing stdenv passthru coverage into it
- move out-of-place coverage of passthru.tests from the stdenv meta chapter into it
- (try to) apply 1-sentence-per-line to text I've touched
- add legacy anchors for everything moved
- update existing links to the new anchors
- add tentative motivating text
- make nixpkgs-internal links relative/branchless
razor: if it is only ever needed by contributors, which is likely if links
refer to the latest revision of the source code, then it's for
the contributor guide
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
`snapTools.makeSnap` has produced broken snaps since at least Oct 2020,
as indicated by the following issue: https://github.com/NixOS/nixpkgs/issues/100618
No person has shown interest in maintaining it, and given that there is
no fix available, it's assumed that all attempts made to fix that
function have not succeeded.
Given that `snapTools` only contained `makeSnap`, it was removed
completely.
This commit adds support for swapping out the compression algorithm
used in all major docker-tools commands that generate images. The
default algorithm remains unchanged (gzip).
* Note on how to use shadowSetup with buildLayeredImage
* Update doc/build-helpers/images/dockertools.section.md
---------
Co-authored-by: Silvan Mosberger <github@infinisil.com>
The mkBinaryCache section now follows the convention of using one
line per sentence, as well as using admonitions for notes and
examples.
The example syntax was updated to define a fully-working nix package.
The following changes are made:
- Document how `wrapType2` and `wrapType1` are the same thing.
- Expand on how `wrapType2` works and additional arguments it uses.
- Document `extract` and show how it's used in combination with
`wrapType2`.
- Provide full working examples using the new admonition syntax.
