diff options
| author | Vincent Ambo <tazjin@google.com> | 2019-08-12T18·02+0100 |
|---|---|---|
| committer | Vincent Ambo <github@tazj.in> | 2019-08-13T23·02+0100 |
| commit | 7214d0aa4f05d1de25911ec6b99d3feb3dcbd1b5 (patch) | |
| tree | 690c35cec1d6c9ee4c003155add192710b5c1804 /tools/nixery/build-image/build-image.nix | |
| parent | f60f702274191f87b23dab5393420b27a50952fc (diff) | |
feat(build-image): Introduce a terrifying hack to build group-layers
The issue is described in detail in a comment in `build-image/default.nix`, please read it.
Diffstat (limited to 'tools/nixery/build-image/build-image.nix')
| -rw-r--r-- | tools/nixery/build-image/build-image.nix | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/tools/nixery/build-image/build-image.nix b/tools/nixery/build-image/build-image.nix index 37156905fa38..e5b195a63d11 100644 --- a/tools/nixery/build-image/build-image.nix +++ b/tools/nixery/build-image/build-image.nix @@ -22,6 +22,8 @@ name, # Image tag, the Nix's output hash will be used if null tag ? null, + # Tool used to determine layer grouping + groupLayers, # Files to put on the image (a nix store path or list of paths). contents ? [], # Packages to install by name (which must refer to top-level attributes of @@ -48,7 +50,8 @@ # '!' was chosen as the separator because `builtins.split` does not # support regex escapes and there are few other candidates. It # doesn't matter much because this is invoked by the server. - pkgSource ? "nixpkgs!nixos-19.03" + pkgSource ? "nixpkgs!nixos-19.03", + ... }: let @@ -165,6 +168,25 @@ let paths = allContents.contents; }; + # Before actually creating any image layers, the store paths that need to be + # included in the image must be sorted into the layers that they should go + # into. + # + # How contents are allocated to each layer is decided by the `group-layers.go` + # program. The mechanism used is described at the top of the program's source + # code, or alternatively in the layering design document: + # + # https://storage.googleapis.com/nixdoc/nixery-layers.html + # + # To invoke the program, a graph of all runtime references is created via + # Nix's exportReferencesGraph feature - the resulting layers are read back + # into Nix using import-from-derivation. + groupedLayers = runCommand "grouped-layers.json" { + buildInputs = [ groupLayers ]; + } '' + group-layers --fnorg + ''; + # The image build infrastructure expects to be outputting a slightly different # format than the one we serve over the registry protocol. To work around its # expectations we need to provide an empty JSON file that it can write some @@ -287,6 +309,6 @@ let pkgs = map (err: err.pkg) allContents.errors; }; in writeText "manifest-output.json" (if (length allContents.errors) == 0 - then toJSON manifestOutput + then toJSON groupedLayers # manifestOutput else toJSON errorOutput ) |