dockerTools: Test buildLayeredImage with symlinks
This exercises layer creation in face of store path symlinks, ensuring they are not dereferenced, which can lead to broken layer tarballs
This commit is contained in:
parent
08b0d02944
commit
ffe5ff6009
@ -247,5 +247,12 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||||||
).strip()
|
).strip()
|
||||||
== "${if pkgs.system == "aarch64-linux" then "amd64" else "arm64"}"
|
== "${if pkgs.system == "aarch64-linux" then "amd64" else "arm64"}"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
with subtest("buildLayeredImage doesn't dereference /nix/store symlink layers"):
|
||||||
|
docker.succeed(
|
||||||
|
"docker load --input='${examples.layeredStoreSymlink}'",
|
||||||
|
"docker run --rm ${examples.layeredStoreSymlink.imageName} bash -c 'test -L ${examples.layeredStoreSymlink.passthru.symlink}'",
|
||||||
|
"docker rmi ${examples.layeredStoreSymlink.imageName}",
|
||||||
|
)
|
||||||
'';
|
'';
|
||||||
})
|
})
|
||||||
|
@ -416,4 +416,15 @@ rec {
|
|||||||
contents = crossPkgs.hello;
|
contents = crossPkgs.hello;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# layered image where a store path is itself a symlink
|
||||||
|
layeredStoreSymlink =
|
||||||
|
let
|
||||||
|
target = pkgs.writeTextDir "dir/target" "Content doesn't matter.";
|
||||||
|
symlink = pkgs.runCommandNoCC "symlink" {} "ln -s ${target} $out";
|
||||||
|
in
|
||||||
|
pkgs.dockerTools.buildLayeredImage {
|
||||||
|
name = "layeredstoresymlink";
|
||||||
|
tag = "latest";
|
||||||
|
contents = [ pkgs.bash symlink ];
|
||||||
|
} // { passthru = { inherit symlink; }; };
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user