Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: f86e253b280f
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 4aeb38e5b961
Choose a head ref
  • 4 commits
  • 6 files changed
  • 1 contributor

Commits on Sep 28, 2017

  1. Revert "dockerTools.pullImage: release note regarding sha256 argument… 

    … value"

This reverts commit ea6d37c.
    @globin
    globin committed Sep 28, 2017
    Copy the full SHA
    69344de View commit details

  2. Revert "dockerTools.pullImage: use skopeo to pull the image" 

    This reverts commit 01174c5.

See #29302 (comment)
for more information. This broke image format compatibility and
therefore amongst others mesos.
    @globin
    globin committed Sep 28, 2017
    Copy the full SHA
    5c6dc71 View commit details

  3. dockerTools: fix hash to accomodate the pullImage revert

    @globin
    globin committed Sep 28, 2017
    Copy the full SHA
    20677fc View commit details

  4. Revert "kubernetes: fix hashes after dockerTools change" 

    This reverts commit 9ba024f.
    @globin
    globin committed Sep 28, 2017
    Copy the full SHA
    4aeb38e View commit details
10 changes: 1 addition & 9 deletions nixos/doc/manual/release-notes/rl-1709.xml
View file
Original file line number Diff line number Diff line change
@@ -273,15 +273,7 @@ FLUSH PRIVILEGES;
</programlisting>
</para>
</listitem>
<listitem>
<para>
<literal>sha256</literal> argument value of
<literal>dockerTools.pullImage</literal> expression must be
updated since the mechanism to download the image has been
changed. Skopeo is now used to pull the image instead of the
Docker daemon.
</para>
</listitem>

<listitem>
<para>
Templated systemd services e.g <literal>container@name</literal> are
2 changes: 1 addition & 1 deletion nixos/modules/services/cluster/kubernetes/dashboard.nix
View file
Original file line number Diff line number Diff line change
@@ -11,7 +11,7 @@ let
image = pkgs.dockerTools.pullImage {
imageName = name;
imageTag = version;
sha256 = "0b5v7xa3s91yi9yfsw2b8wijiprnicbb02f5kqa579h4yndb3gfz";
sha256 = "1sf54d96nkgic9hir9c6p14gw24ns1k5d5a0r1sg414kjrvic0b4";
};
in {
options.services.kubernetes.addons.dashboard = {
6 changes: 3 additions & 3 deletions nixos/modules/services/cluster/kubernetes/dns.nix
View file
Original file line number Diff line number Diff line change
@@ -8,19 +8,19 @@ let
k8s-dns-kube-dns = pkgs.dockerTools.pullImage {
imageName = "gcr.io/google_containers/k8s-dns-kube-dns-amd64";
imageTag = version;
sha256 = "0g64jc2076ng28xl4w3w9svf7hc6s9h8rq9mhvvwpfy2p6lgj6gy";
sha256 = "0q97xfqrigrfjl2a9cxl5in619py0zv44gch09jm8gqjkxl80imp";
};

k8s-dns-dnsmasq-nanny = pkgs.dockerTools.pullImage {
imageName = "gcr.io/google_containers/k8s-dns-dnsmasq-nanny-amd64";
imageTag = version;
sha256 = "0sdpsbj1vismihy7ass1cn96nwmav6sf3r5h6i4k2dxha0y0jsh5";
sha256 = "051w5ca4qb88mwva4hbnh9xzlsvv7k1mbk3wz50lmig2mqrqqx6c";
};

k8s-dns-sidecar = pkgs.dockerTools.pullImage {
imageName = "gcr.io/google_containers/k8s-dns-sidecar-amd64";
imageTag = version;
sha256 = "01zpi189hpy2z62awl38fap908s8rrhc3v5gb6m90y2pycl4ad6q";
sha256 = "1z0d129bcm8i2cqq36x5jhnrv9hirj8c6kjrmdav8vgf7py78vsm";
};

cfg = config.services.kubernetes.addons.dns;
15 changes: 1 addition & 14 deletions pkgs/build-support/docker/default.nix
View file
Original file line number Diff line number Diff line change
@@ -32,20 +32,7 @@ rec {
inherit pkgs buildImage pullImage shadowSetup buildImageWithNixDb;
};

pullImage =
let
nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
in
# For simplicity we only support sha256.
{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
runCommand name {
impureEnvVars=pkgs.stdenv.lib.fetchers.proxyImpureEnvVars;
outputHashMode="flat";
outputHashAlgo="sha256";
outputHash=sha256;
}
"${pkgs.skopeo}/bin/skopeo copy docker://${imageId} docker-archive://$out:${imageId}";
pullImage = callPackage ./pull.nix {};

# We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash.
# And we cannot untar it, because then we cannot preserve permissions ecc.
2 changes: 1 addition & 1 deletion pkgs/build-support/docker/examples.nix
View file
Original file line number Diff line number Diff line change
@@ -87,7 +87,7 @@ rec {
imageName = "nixos/nix";
imageTag = "1.11";
# this hash will need change if the tag is updated at docker hub
sha256 = "18xvcnl0yvj9kfi5bkimrhhjaa8xhm3jhshh2xd7c0sbfrmfqzvi";
sha256 = "0nncn9pn5miygan51w34c2p9qssi96jgsaqv44dxxdprc8pg0g83";
};

# 5. example of multiple contents, emacs and vi happily coexisting
32 changes: 32 additions & 0 deletions pkgs/build-support/docker/pull.nix
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }:
let
nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
in
# For simplicity we only support sha256.
{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
let
pullImage = vmTools.runInLinuxVM (
stdenv.mkDerivation {
inherit name imageId;

certs = "${cacert}/etc/ssl/certs/ca-bundle.crt";

builder = ./pull.sh;

buildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ];

outputHashAlgo = "sha256";
outputHash = sha256;

impureEnvVars = lib.fetchers.proxyImpureEnvVars;

preVM = vmTools.createEmptyImage {
size = 2048;
fullName = "${name}-disk";
};

QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0";
});
in
pullImage