New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dockerTools: allow to pass extraCommands, uid and gid to buildLayered image #52870

Merged
merged 1 commit into from Jan 10, 2019

Conversation

Projects
None yet
5 participants
@offlinehacker
Copy link
Contributor

offlinehacker commented Dec 25, 2018

I want to create additional files during build, and change permissions. This is an example:

pkgs.dockerTools.buildLayeredImage {
  name = "xtruder/kubepatcher";
  tag = "latest";

  contents = [ pkg pkgs.cacert passwd group ];

  extraCommands = ''
    mkdir tmp
    chmod 1777 tmp
  '';

  config = {
    Entrypoint = "${pkg}/bin/kubepatcher";
    Cmd = [ "--logtostderr" ];
    User = "app";
  };
}
Motivation for this change
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@offlinehacker offlinehacker changed the title dockerTools: allow to pass extraCommands, uid and gid to buildLayered… dockerTools: allow to pass extraCommands, uid and gid to buildLayered image Dec 25, 2018

@puffnfresh
Copy link
Contributor

puffnfresh left a comment

I wanted this functionality a few days ago 👍

@nlewo

This comment has been minimized.

Copy link
Member

nlewo commented Dec 26, 2018

@offlinehacker Could you add a test in docker-tools? For instance, load your example and check permissions are correct on Docker run.

@offlinehacker offlinehacker force-pushed the xtruder:pkgs/dockerTools/buildLayeredImage/extraCommands branch from 892e1c4 to 5b93cfa Jan 10, 2019

@offlinehacker

This comment has been minimized.

Copy link
Contributor Author

offlinehacker commented Jan 10, 2019

Ok, i updated test

@offlinehacker offlinehacker force-pushed the xtruder:pkgs/dockerTools/buildLayeredImage/extraCommands branch from 5b93cfa to 954cda5 Jan 10, 2019

@nlewo

This comment has been minimized.

Copy link
Member

nlewo commented Jan 10, 2019

@GrahamcOfBorg test docker-tools

@nlewo

nlewo approved these changes Jan 10, 2019

@nlewo

This comment has been minimized.

Copy link
Member

nlewo commented Jan 10, 2019

(tests passed locally)
Thanks!

@nlewo nlewo merged commit 7612a6a into NixOS:master Jan 10, 2019

9 checks passed

grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details

@offlinehacker offlinehacker deleted the xtruder:pkgs/dockerTools/buildLayeredImage/extraCommands branch Jan 12, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment