Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dockerTools: align generated layer archives with docker's output #58431

Merged
merged 2 commits into from
Mar 27, 2019
Merged

dockerTools: align generated layer archives with docker's output #58431

merged 2 commits into from
Mar 27, 2019

Conversation

alexbiehl
Copy link
Contributor

@alexbiehl alexbiehl commented Mar 27, 2019
edited
Loading

Motivation for this change

This PR makes docker images created by nix to be exactly the same as images created by docker. We encountered proprietary software that doesn't implement the full tar spec.

@shlevy @grahamc

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

Alex Biehl added 2 commits March 27, 2019 11:35
Add /nix/store to each layer.tar
096e3cb 
To be totally consistent with the way Docker builds images we need to
include the /nix/store in the layer tarballs first.
Strip leading ./ in customization layer
1b1e230
@GrahamcOfBorg GrahamcOfBorg added 8.has: documentation 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Mar 27, 2019
@Mic92 Mic92 changed the title Alex/nix layers dockerTools: align generated layer archives with docker's output Mar 27, 2019
@nlewo
Copy link
Member

nlewo commented Mar 27, 2019
edited by grahamc
Loading

@GrahamcOfBorg test docker-tools

@grahamc grahamc merged commit 6af3176 into NixOS:master Mar 27, 2019
@alexbiehl alexbiehl deleted the alex/nix-layers branch March 27, 2019 21:21
shlevy pushed a commit that referenced this pull request Mar 27, 2019
@grahamc @shlevy
Merge pull request #58431 from alexbiehl/alex/nix-layers
dc15b7f 
dockerTools: align generated layer archives with docker's output
(cherry picked from commit 6af3176)
shlevy pushed a commit that referenced this pull request Mar 27, 2019
@grahamc @shlevy
Merge pull request #58431 from alexbiehl/alex/nix-layers
0000bf7 
dockerTools: align generated layer archives with docker's output
(cherry picked from commit 6af3176)
@danieldk danieldk mentioned this pull request Jun 5, 2019
Merged
10 tasks
danieldk added a commit to danieldk/nixpkgs that referenced this pull request Jun 6, 2019
@danieldk
dockerTools.buildLayeredImage: restore layer sharing
d7f3186 
PR NixOS#58431 added /nix/store to each layer.tar. However, the timestamp was
not explicitly set while adding /nix and /nix/store to the archive. This
resulted in different SHA256 hashes of layer.tar between image builds.

This change sets time and owner when tar'ing /nix/store.
nlewo pushed a commit that referenced this pull request Jun 6, 2019
@danieldk @nlewo
dockerTools.buildLayeredImage: restore layer sharing
09d1200 
PR #58431 added /nix/store to each layer.tar. However, the timestamp was
not explicitly set while adding /nix and /nix/store to the archive. This
resulted in different SHA256 hashes of layer.tar between image builds.

This change sets time and owner when tar'ing /nix/store.

(cherry picked from commit d7f3186)
@alexbiehl alexbiehl mentioned this pull request May 24, 2020
Merged
10 tasks
alexbiehl pushed a commit to alexbiehl/nixpkgs that referenced this pull request May 24, 2020
dockerTools: Properly add /nix/ and /nix/store/ first to layer.tar
886c923 
In NixOS#58431 the authors ensured that
the resulting layer.tar would always list

  /nix/
  /nix/store/

first to fully comply to the tar spec. Various refactorings later it is only
ensured to create /nix/ but NOT /nix/store anymore. Instead tar transformed
them to /nix/nix and /nix/nix/store.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nlewo nlewo nlewo approved these changes

Assignees
No one assigned
Labels
8.has: documentation 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@alexbiehl @nlewo @grahamc @GrahamcOfBorg