Merge pull request #191988 from zombiezen/fix-docker-ca-certificates
dockerTools: add missing mkdir to caCertificates derivation
This commit is contained in:
commit
97f6e8b3e6
3 changed files with 25 additions and 0 deletions
|
@ -424,5 +424,12 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
docker.succeed("docker run --rm etc | grep localhost")
|
||||
docker.succeed("docker image rm etc:latest")
|
||||
|
||||
with subtest("image-with-certs"):
|
||||
docker.succeed("<${examples.image-with-certs} docker load")
|
||||
docker.succeed("docker run --rm image-with-certs:latest test -r /etc/ssl/certs/ca-bundle.crt")
|
||||
docker.succeed("docker run --rm image-with-certs:latest test -r /etc/ssl/certs/ca-certificates.crt")
|
||||
docker.succeed("docker run --rm image-with-certs:latest test -r /etc/pki/tls/certs/ca-bundle.crt")
|
||||
docker.succeed("docker image rm image-with-certs:latest")
|
||||
|
||||
'';
|
||||
})
|
||||
|
|
|
@ -794,6 +794,7 @@ rec {
|
|||
|
||||
# This provides the ca bundle in common locations
|
||||
caCertificates = runCommand "ca-certificates" { } ''
|
||||
mkdir -p $out/etc/ssl/certs $out/etc/pki/tls/certs
|
||||
# Old NixOS compatibility.
|
||||
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/etc/ssl/certs/ca-bundle.crt
|
||||
# NixOS canonical location + Debian/Ubuntu/Arch/Gentoo compatibility.
|
||||
|
|
|
@ -698,4 +698,21 @@ rec {
|
|||
tag = "latest";
|
||||
contents = [ pkgs.bashInteractive ./test-dummy ];
|
||||
};
|
||||
|
||||
# ensure that caCertificates builds
|
||||
image-with-certs = buildImage {
|
||||
name = "image-with-certs";
|
||||
tag = "latest";
|
||||
|
||||
copyToRoot = pkgs.buildEnv {
|
||||
name = "image-with-certs-root";
|
||||
paths = [
|
||||
pkgs.coreutils
|
||||
pkgs.dockerTools.caCertificates
|
||||
];
|
||||
};
|
||||
|
||||
config = {
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue