New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dockerTools.streamLayeredImage: expose conf / streamScript in passthru #116119
dockerTools.streamLayeredImage: expose conf / streamScript in passthru #116119
Conversation
This is useful to create wrappers around `streamLayeredImage` and tweak `conf` after it has been generated. Specifically, we want to update the image tag (`repo_tag` in `conf`) with a unique suffix based on the short hash of the `streamLayeredImage` derivation.
@GrahamcOfBorg test docker-tools |
I don't think we should expose those implementation details. The format of this "conf" file is likely to change, for example when new layering solutions become available (#48462) or when other changes are made, for example to support all |
I can understand how exposing internals is not ideal but I didn't find another way of solving my problem. Maybe you will have an idea though... Here's my problem: similar to how each derivation maps to a unique hash in the store, I would like to ensure that an image tag uniquely identifies an image build. If that property holds, it implies that images can be immutable on our docker registry, as you would never have a valid reason for overwriting an image tag on the registry. Indeed if the image tag you want to push is already on the registry, you have the guarantee that it is the same as your local one. To implement this, we expose Would you see another way of implementing this without exposing the internals of |
We could probably bake your solution into |
I wasn't sure how reusable it could be, but happy to send a PR with the feature if you think it is. |
Actually this sounds a lot like the default
It's currently based only on the These changes can be made without increasing the interface surface area too much, they're testable and seem quite useful. Do you need something else? |
I marked this as stale due to inactivity. → More info |
No answer in months. Will reopen if answered. |
Motivation for this change
This is useful to create wrappers around
streamLayeredImage
and tweakconf
after it has been generated.Specifically, we want to update the image tag (
repo_tag
inconf
)with a unique suffix based on the short hash of the
streamLayeredImage
derivation.Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)