about summary refs log tree commit diff
path: root/tools/nixery
diff options
context:
space:
mode:
Diffstat (limited to 'tools/nixery')
-rw-r--r--tools/nixery/build-image/build-layers.nix47
-rw-r--r--tools/nixery/build-image/default.nix24
-rw-r--r--tools/nixery/default.nix7
3 files changed, 69 insertions, 9 deletions
diff --git a/tools/nixery/build-image/build-layers.nix b/tools/nixery/build-image/build-layers.nix
new file mode 100644
index 000000000000..8a8bfbe9edf1
--- /dev/null
+++ b/tools/nixery/build-image/build-layers.nix
@@ -0,0 +1,47 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{
+  # Description of the package set to be used (will be loaded by load-pkgs.nix)
+  srcType ? "nixpkgs",
+  srcArgs ? "nixos-19.03",
+  importArgs ? { },
+  # Path to load-pkgs.nix
+  loadPkgs ? ./load-pkgs.nix,
+  # Layers to assemble into tarballs
+  layers ? "{}"
+}:
+
+let
+  inherit (builtins) fromJSON mapAttrs toJSON;
+  inherit (pkgs) lib runCommand;
+
+  pkgs = import loadPkgs { inherit srcType srcArgs importArgs; };
+
+  # Given a list of store paths, create an image layer tarball with
+  # their contents.
+  pathsToLayer = paths: runCommand "layer.tar" {
+  } ''
+    tar --no-recursion -Prf "$out" \
+        --mtime="@$SOURCE_DATE_EPOCH" \
+        --owner=0 --group=0 /nix /nix/store
+
+    tar -Prpf "$out" --hard-dereference --sort=name \
+        --mtime="@$SOURCE_DATE_EPOCH" \
+        --owner=0 --group=0 ${lib.concatStringsSep " " paths}
+  '';
+
+
+  layerTarballs = mapAttrs (_: pathsToLayer ) (fromJSON layers);
+in writeText "layer-tarballs.json" (toJSON layerTarballs)
diff --git a/tools/nixery/build-image/default.nix b/tools/nixery/build-image/default.nix
index a61ac06bdd92..0800eb95987f 100644
--- a/tools/nixery/build-image/default.nix
+++ b/tools/nixery/build-image/default.nix
@@ -20,10 +20,20 @@
 
 { pkgs ? import <nixpkgs> {} }:
 
-pkgs.writeShellScriptBin "nixery-build-image" ''
-  exec ${pkgs.nix}/bin/nix-build \
-    --show-trace \
-    --no-out-link "$@" \
-    --argstr loadPkgs ${./load-pkgs.nix} \
-    ${./build-image.nix}
-''
+{
+  build-image = pkgs.writeShellScriptBin "nixery-build-image" ''
+    exec ${pkgs.nix}/bin/nix-build \
+      --show-trace \
+      --no-out-link "$@" \
+      --argstr loadPkgs ${./load-pkgs.nix} \
+      ${./build-image.nix}
+  '';
+
+  build-layers = pkgs.writeShellScriptBin "nixery-build-layers" ''
+    exec ${pkgs.nix}/bin/nix-build \
+      --show-trace \
+      --no-out-link "$@" \
+      --argstr loadPkgs ${./load-pkgs.nix} \
+      ${./build-layers.nix}
+  '';
+}
diff --git a/tools/nixery/default.nix b/tools/nixery/default.nix
index f321b07a9c7a..925edbf6dc84 100644
--- a/tools/nixery/default.nix
+++ b/tools/nixery/default.nix
@@ -11,13 +11,15 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+
 { pkgs ? import <nixpkgs> { }
 , preLaunch ? ""
 , extraPackages ? [] }:
 
 with pkgs;
 
-rec {
+let builders = import ./build-image { inherit pkgs; };
+in rec {
   # Go implementation of the Nixery server which implements the
   # container registry interface.
   #
@@ -27,7 +29,8 @@ rec {
   nixery-server = callPackage ./server { };
 
   # Implementation of the Nix image building logic
-  nixery-build-image = import ./build-image { inherit pkgs; };
+  nixery-build-image = builders.build-image;
+  nixery-build-layers = builders.build-layers;
 
   # Use mdBook to build a static asset page which Nixery can then
   # serve. This is primarily used for the public instance at