nixos/dockerTools: make buildImageWithNixDb reproducible

The loaded database contains timestamps of when the nix paths were
registered. Depending on the host store, these can differ between runs.
Resetting them to a well known values ensures that the produced image is
reproducible.

pkgs/build-support/docker/default.nix

@@ -62,6 +62,8 @@ let
       # https://github.com/NixOS/nix/blob/9348f9291e5d9e4ba3c4347ea1b235640f54fd79/src/libutil/util.cc#L478
       export USER=nobody
       ${buildPackages.nix}/bin/nix-store --load-db < ${closureInfo {rootPaths = contentsList;}}/registration
+      # Reset registration times to make the image reproducible
+      ${buildPackages.sqlite}/bin/sqlite3 nix/var/nix/db/db.sqlite "UPDATE ValidPaths SET registrationTime = ''${SOURCE_DATE_EPOCH}"
 
       mkdir -p nix/var/nix/gcroots/docker/
       for i in ${lib.concatStringsSep " " contentsList}; do