Skip to content

dockerTools: use closureInfo to load hashes and closure sizes into the Nix DB #46592

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dingxiangfei2009 wants to merge 3 commits into from
Closed

dockerTools: use closureInfo to load hashes and closure sizes into the Nix DB #46592

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
926327e
use closureInfo
dingxiangfei2009 Sep 12, 2018
c21a9f3
Merge branch 'master' of https://github.com/nixos/nixpkgs into closur…
dingxiangfei2009 Sep 13, 2018
82cc7fc
Merge remote-tracking branch 'upstream/master' into HEAD
dingxiangfei2009 Oct 29, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 11 additions & 14 deletions pkgs/build-support/docker/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
referencesByPopularity,
writeScript,
writeText,
closureInfo,
}:

# WARNING: this API is unstable and may be subject to backwards-incompatible changes in the future.
Expand Down Expand Up @@ -261,18 +262,11 @@ rec {
${text}
'';

nixRegistration = contents: runCommand "nix-registration" {
buildInputs = [ nix perl ];
# For obtaining the closure of `contents'.
exportReferencesGraph =
let contentsList = if builtins.isList contents then contents else [ contents ];
in map (x: [("closure-" + baseNameOf x) x]) contentsList;
}
''
mkdir $out
printRegistration=1 perl ${pkgs.pathsFromGraph} closure-* > $out/db.dump
perl ${pkgs.pathsFromGraph} closure-* > $out/storePaths
'';
nixRegistration = contents:
let
rootPaths = if builtins.isList contents then contents else [ contents ];
in
closureInfo { inherit rootPaths; };

# Create $maxLayers worth of Docker Layers, one layer per store path
# unless there are more paths than $maxLayers. In that case, create
Expand Down Expand Up @@ -795,6 +789,9 @@ rec {
# the container.
# Be careful since this doesn't work well with multilayer.
buildImageWithNixDb = args@{ contents ? null, extraCommands ? "", ... }:
let
registrationInfo = nixRegistration contents;
in
buildImage (args // {
extraCommands = ''
echo "Generating the nix database..."
Expand All @@ -803,15 +800,15 @@ rec {
echo " be better to only have one layer that contains a nix store."
# This requires Nix 1.12 or higher
export NIX_REMOTE=local?root=$PWD
${nix}/bin/nix-store --load-db < ${nixRegistration contents}/db.dump
${nix}/bin/nix-store --load-db < ${registrationInfo}/registration

# We fill the store in order to run the 'verify' command that
# generates hash and size of output paths.
# Note when Nix 1.12 is be the stable one, the database dump
# generated by the exportReferencesGraph function will
# contains sha and size. See
# https://github.com/NixOS/nix/commit/c2b0d8749f7e77afc1c4b3e8dd36b7ee9720af4a
storePaths=$(cat ${nixRegistration contents}/storePaths)
storePaths=$(cat ${registrationInfo}/store-paths)
echo "Copying everything to /nix/store (will take a while)..."
cp -prd $storePaths nix/store/
${nix}/bin/nix-store --verify --check-contents
Expand Down