c88337c9ac
Docker images used to be, essentially, a linked list of layers. Each layer would have a tarball and a json document pointing to its parent, and the image pointed to the top layer: imageA ----> layerA | v layerB | v layerC The current image spec changed this format to where the Image defined the order and set of layers: imageA ---> layerA |--> layerB `--> layerC For backwards compatibility, docker produces images which follow both specs: layers point to parents, and images also point to the entire list: imageA ---> layerA | | | v |--> layerB | | | v `--> layerC This is nice for tooling which supported the older version and never updated to support the newer format. Our `buildImage` code only supported the old version, so in order for `buildImage` to properly generate an image based on another image with `fromImage`, the parent image's layers must fully support the old mechanism. This is not a problem in general, but is a problem with `buildLayeredImage`. `buildLayeredImage` creates images with newer image spec, because individual store paths don't have a guaranteed parent layer. Including a specific parent ID in the layer's json makes the output less likely to cache hit when published or pulled. This means until now, `buildLayeredImage` could not be the input to `buildImage`. The changes in this PR change `buildImage` to only use the layer's manifest when locating parent IDs. This does break buildImage on extremely old Docker images, though I do wonder how many of these exist. This work has been sponsored by Target.
70 lines
3.4 KiB
Nix
70 lines
3.4 KiB
Nix
# this test creates a simple GNU image with docker tools and sees if it executes
|
|
|
|
import ./make-test.nix ({ pkgs, ... }: {
|
|
name = "docker-tools";
|
|
meta = with pkgs.stdenv.lib.maintainers; {
|
|
maintainers = [ lnl7 ];
|
|
};
|
|
|
|
nodes = {
|
|
docker =
|
|
{ ... }: {
|
|
virtualisation = {
|
|
diskSize = 2048;
|
|
docker.enable = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript =
|
|
''
|
|
$docker->waitForUnit("sockets.target");
|
|
|
|
# Ensure Docker images use a stable date by default
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.bash}'");
|
|
$docker->succeed("[ '1970-01-01T00:00:01Z' = \"\$(docker inspect ${pkgs.dockerTools.examples.bash.imageName} | ${pkgs.jq}/bin/jq -r .[].Created)\" ]");
|
|
|
|
$docker->succeed("docker run --rm ${pkgs.dockerTools.examples.bash.imageName} bash --version");
|
|
$docker->succeed("docker rmi ${pkgs.dockerTools.examples.bash.imageName}");
|
|
|
|
# Check if the nix store is correctly initialized by listing dependencies of the installed Nix binary
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.nix}'");
|
|
$docker->succeed("docker run --rm ${pkgs.dockerTools.examples.nix.imageName} nix-store -qR ${pkgs.nix}");
|
|
$docker->succeed("docker rmi ${pkgs.dockerTools.examples.nix.imageName}");
|
|
|
|
# To test the pullImage tool
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.nixFromDockerHub}'");
|
|
$docker->succeed("docker run --rm nixos/nix:1.11 nix-store --version");
|
|
$docker->succeed("docker rmi nixos/nix:1.11");
|
|
|
|
# To test runAsRoot and entry point
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.nginx}'");
|
|
$docker->succeed("docker run --name nginx -d -p 8000:80 ${pkgs.dockerTools.examples.nginx.imageName}");
|
|
$docker->waitUntilSucceeds('curl http://localhost:8000/');
|
|
$docker->succeed("docker rm --force nginx");
|
|
$docker->succeed("docker rmi '${pkgs.dockerTools.examples.nginx.imageName}'");
|
|
|
|
# An pulled image can be used as base image
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.onTopOfPulledImage}'");
|
|
$docker->succeed("docker run --rm ontopofpulledimage hello");
|
|
$docker->succeed("docker rmi ontopofpulledimage");
|
|
|
|
# Regression test for issue #34779
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.runAsRootExtraCommands}'");
|
|
$docker->succeed("docker run --rm runasrootextracommands cat extraCommands");
|
|
$docker->succeed("docker run --rm runasrootextracommands cat runAsRoot");
|
|
$docker->succeed("docker rmi '${pkgs.dockerTools.examples.runAsRootExtraCommands.imageName}'");
|
|
|
|
# Ensure Docker images can use an unstable date
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.bash}'");
|
|
$docker->succeed("[ '1970-01-01T00:00:01Z' != \"\$(docker inspect ${pkgs.dockerTools.examples.unstableDate.imageName} | ${pkgs.jq}/bin/jq -r .[].Created)\" ]");
|
|
|
|
# Ensure Layered Docker images work
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.layered-image}'");
|
|
$docker->succeed("docker run --rm ${pkgs.dockerTools.examples.layered-image.imageName}");
|
|
|
|
# Ensure building an image on top of a layered Docker images work
|
|
$docker->succeed("docker load --input='${pkgs.dockerTools.examples.layered-on-top}'");
|
|
$docker->succeed("docker run --rm ${pkgs.dockerTools.examples.layered-on-top.imageName}");
|
|
'';
|
|
})
|