3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

69 commits

Author SHA1 Message Date
Andrew Brooks 298c543e55 dockerTools: Specify 'latest' tag for repeated layer test image 2023-02-06 12:18:23 -06:00
Andrew Brooks c66cabe33e
dockerTools: use more familiar terminology to describe test image
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-02-06 11:15:33 -06:00
Andrew Brooks eb38ad04ef
dockerTools: ensure runAsRoot script not optimized away in test
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-02-06 11:05:13 -06:00
Andrew Brooks 6f63865cf4 dockerTools: Add minimal test case for #214434 2023-02-03 17:49:39 -06:00
Robert Hensing cf7b358d69 nixosTests.docker-tools: Fix syntax
This may be unnecessary, but I'm not waiting for the tests again.
2022-12-08 22:29:38 +01:00
Christian Kemper afe2d0bb8b fix docker inspect image reference 2022-12-08 20:29:10 +01:00
Christian Kemper f6ae4479ea dockerTools: allowing architecture to be specified
... for buildImage, buildLayeredImage and streamLayeredImage,
adding docs and tests.
2022-12-08 20:29:09 +01:00
Silvan Mosberger c36f929dee nixos/tests: Add tests for dockerTools.buildNixShellImage 2022-10-07 22:04:24 +02:00
Robert Hensing cbb1f39264 nixosTests.docker-tools: Add image-with-certs 2022-09-21 01:00:04 +01:00
olaf 5a6853b3bf use consistently user alice for examples 2022-08-05 13:13:24 +02:00
Robert Hensing 116832edbf dockerTools: Add example of using NixOS' etc
(cherry picked from commit 9b2af8673b)
2022-05-30 14:26:52 +02:00
zowoq 76636e0099 dockerTools: pkgs.system -> pkgs.stdenv.hostPlatform.system
`pkgs.system` is an alias
2022-04-05 10:19:40 +10:00
Andrew Brooks 57718902e3 nixos/tests/docker-tools: add test for pre-runAsRoot layer unpack order 2021-12-17 19:26:53 -06:00
Robert Hensing 0e9bc9ffd1 dockerTools: Add fakechroot to fakeRootCommands 2021-12-04 13:49:10 +00:00
Robert Hensing 66c19d856b
Merge pull request #148341 from hercules-ci/add-dockerTools-customization-layer-dependencies
dockerTools: Add store dependencies of the customization layer
2021-12-03 00:20:44 +01:00
Robert Hensing d0bcc212de nixosTests.docker-tools: Use unique binary in test case 2021-12-02 22:26:05 +00:00
Robert Hensing 3b9d05e114 dockerTools: Fix and test #118722 path in contents 2021-10-18 12:41:51 +02:00
Robert Hensing 48cfdc8ca5 dockerTools: Add store dependencies of the customization layer 2021-10-06 22:45:04 +02:00
Robert Hensing 286c71a230
Merge pull request #139892 from hercules-ci/dockerTools-test-pullImage
dockerTools: test pullImage
2021-09-29 15:27:49 +02:00
Robert Hensing 16a4da9127 dockerTools: Test pullImage fetcher whenever its implementation changes 2021-09-29 14:41:08 +02:00
Justin Bedo 020e88bf7a
nixos/tests/docker-tools: check explicitly for file in exportImage 2021-09-29 21:40:31 +10:00
Justin Bedo 0319228a45
docker-tools: add example for exportImage functionality and test 2021-09-29 15:35:21 +10:00
talyz b7749c7671
nixos/test-driver: Run commands with error handling
Bash's standard behavior of not propagating non-zero exit codes
through a pipeline is unexpected and almost universally
unwanted. Default to setting `pipefail` for the command being run;
it can still be turned off by prefixing the pipeline with
`set +o pipefail` if needed.

Also, set `errexit` and `nonunset` options to make the first command
of consecutive commands separated by `;` fail, and disallow
dereferencing unset variables respectively.
2021-06-05 18:44:42 +02:00
Robert Hensing 5259d66b74 dockerTools: Allow omitting all store paths
Adds includeStorePaths, allowing the omission of the store paths.
You generally want to leave it on, but tooling may disable this
to insert the store paths more efficiently via other means, such
as bind mounting the host store.
2021-05-26 15:11:42 +02:00
Robert Hensing 8c868f47a8 Revert "nixos/tests/docker-tools*: remove useless formatter"
Annoyed with the interference of the python formatting of
generated code (see #72964), I took matters into my own hands
as maintainer of dockerTools.

Afterwards, I've created a PR, hoping to unstuck the discussion.

@aszlig took notice and thanks to his python ecosystem knowledge,
the testing efforts of @blaggacao and @Ma27, and a sense of
shared suffering and comraderie we were able to change the
situation for the better in #122201.

Now, we have a proper linter that actually helps contributors,
so it's time to turn it back on again.

I'm glad we could make it happen this quickly!

Thanks!

This reverts commit 4035049af3.
2021-05-09 02:57:17 +02:00
Robert Hensing 4035049af3 nixos/tests/docker-tools*: remove useless formatter 2021-05-08 15:03:20 +02:00
Robert Hensing a67c97a5eb nixos/tests/docker-tools*: Add myself as maintainer where missing
I should have done this when I became maintainer for dockerTools,
but it's the PR reviews that matter.
2021-05-08 15:00:19 +02:00
Viktor Kronvall 10019ab879 dockerTools: test that mergeImages preserves owner 2021-04-08 00:22:59 +09:00
Viktor Kronvall bcc3f8eab5 dockerTools: test mergeImages 2021-04-08 00:22:59 +09:00
Robert Hensing 58b21dea78
Merge pull request #116749 from vroad/docker-layered-image-fakeroot
dockerTools.streamLayeredImage: add fakeRootCommands option
2021-04-07 15:02:24 +02:00
vroad 63e7c4186f dockerTools.streamLayeredImage: Add test for fakeRootCommands 2021-04-07 18:11:02 +09:00
Louis Blin b3f68289df dockerTools.streamLayeredImage: resolve duplicate env vars
For images running on Kubernetes, there is no guarantee on how duplicate
environment variables in the image config will be handled. This seems
to be different from Docker, where the last environment variable value
is consistently selected.

The current code for `streamLayeredImage` was exploiting that assumption
to easily propagate environment variables from the base image, leaving
duplicates unchecked. It should rather resolve these duplicates to
ensure consistent behavior on Docker and Kubernetes.
2021-03-25 23:29:54 +00:00
Louis Blin aae8588182 dockerTools.buildLayeredImage: support fromImage
It is now possible to pass a `fromImage` to `buildLayeredImage` and
`streamLayeredImage`, similar to what `buildImage` currently supports.

This will prepend the layers of the given base image to the resulting
image, while ensuring that at most `maxLayers` are used. It will also
ensure that environment variables from the base image are propagated
to the final image.
2021-03-23 14:50:42 +00:00
Louis Blin 419a4fa596 dockerTools.buildLayeredImage: image names with registry/ prefix
When using `buildLayeredImage`, it is not possible to specify an image
name of the form `<registry>/my/image`, although it is a valid name.

This is due to derivations under `buildLayeredImage` using that image
name as their derivation name, but slashes are not permitted in that
context.

A while ago, #13099 fixed that exact same problem in `buildImage` by
using `baseNameOf name` in derivation names instead of `name`. This
change does the same thing for `buildLayeredImage`.
2021-03-10 17:44:24 +00:00
Mark Vainomaa f53cf9a65c
Revert "nixos/tests/docker: wait for docker service"
This reverts commit c14bafd6c7.
2021-01-15 15:53:43 +02:00
Milan f634c149e4
nixos/tests/docker: wait for docker service (#109418)
Previously the Docker daemon was started by systemd socket activation.
Thus, the Docker test waited for the sockets.target unit.
But when the docker module was changed to start the Docker daemon at
boot instead of by socket activation, the test was left untouched.
With the Docker 20.10 update this lead to a timing issue, where the
docker command is run before the Docker daemon has started and hangs.

Fixes #109416
2021-01-15 03:38:15 +01:00
Dominik Xaver Hörl 25bef2d8f9 treewide: simplify pkgs.stdenv.lib -> pkgs.lib
The library does not depend on stdenv, that `stdenv` exposes `lib` is
an artifact of the ancient origins of nixpkgs.
2021-01-10 20:12:06 +01:00
Sarah Brofeldt ffe5ff6009 dockerTools: Test buildLayeredImage with symlinks
This exercises layer creation in face of store path symlinks, ensuring
they are not dereferenced, which can lead to broken layer tarballs
2021-01-04 21:44:47 +01:00
Terin Stock 8f66dc94a7 dockerTools: normalize arch to GOARCH
Docker (via containerd) and the the OCI Image Configuration imply and
suggest, respectfully, that the architecture set in images matches those
of GOARCH in the Go Language document.

This changeset updates the implimentation of getArch in dockerTools to
return GOARCH values, to satisfy Docker.

Fixes: #106695
2020-12-15 02:14:01 -08:00
Sarah Brofeldt 67650f71cd nixos/tests/docker-tools.nix: Fix format 2020-12-02 08:03:38 +01:00
adisbladis b7b22c5814
dockerTools: Always cross compile for another arch in the cross example
The example fails to build on aarch64, so lets cross build for gnu64.
2020-11-20 12:57:58 +01:00
adisbladis 11367b2db1
dockerTools: Add cross compilation test 2020-11-19 18:13:22 +01:00
Scott Worley c25ccf6b4b nixos/tests/docker-tools: Use curl --fail 2020-10-25 11:01:31 +01:00
Utku Demir ae82f81bfa
dockerTools.streamLayeredImage: Store the customisation layer as a tarball
This fixes as issue described here[1], where permissions set by 'extraCommands'
were ignored by Nix.

[1] https://github.com/NixOS/nixpkgs/pull/91084#issuecomment-669834938
2020-09-04 16:53:23 +12:00
Johan Thomsen f5db415e2f nixos/tests/dockerTools: add test for running non-root containers with buildLayeredImage
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2020-07-31 10:14:07 +02:00
Robert Hensing 8c0459f611 dockerTools: Always set imageTag attribute
The image tag can be specified or generated from the output hash.
Previously, a generated tag could be recovered from the evaluated
image with some string operations.

However, with the introduction of streamLayeredImage, it's not
feasible to compute the generated tag yourself.

With this change, the imageTag attribute is set unconditionally,
for the buildImage, buildLayeredImage, streamLayeredImage functions.
2020-07-11 16:58:25 +02:00
Jos van Bakel 66737168a4
dockerTools.buildLayeredImage: fix created=now 2020-07-09 09:34:18 +02:00
Utku Demir 06db331922
dockerTools: Verify nix-store contents on buildLayeredImage test 2020-07-06 16:59:58 +12:00
Utku Demir cc46362929
dockerTools: Support files directly under /nix/store
Also makes sure that the files inside a layer added in a sorted order
to make the results more deterministic.
2020-07-04 22:00:57 +12:00
Robert Hensing caf47063b4 dockerTools: test that tar keeps nix binary symlinks intact 2020-06-19 10:08:34 +02:00