nixpkgs/pkgs/build-support/singularity-tools/default.nix
Jörg Thalheim dadc7eb329
treewide: use runtimeShell instead of stdenv.shell whenever possible
Whenever we create scripts that are installed to $out, we must use runtimeShell
in order to get the shell that can be executed on the machine we create the
package for. This is relevant for cross-compiling. The only use case for
stdenv.shell are scripts that are executed as part of the build system.
Usages in checkPhase are borderline however to decrease the likelyhood
of people copying the wrong examples, I decided to use runtimeShell as well.
2019-02-26 14:10:49 +00:00

103 lines
2.6 KiB
Nix

{ runCommand
, stdenv
, storeDir ? builtins.storeDir
, writeScript
, singularity
, writeReferencesToFile
, bash
, vmTools
, gawk
, utillinux
, runtimeShell
, e2fsprogs }:
rec {
shellScript = name: text:
writeScript name ''
#!${runtimeShell}
set -e
${text}
'';
mkLayer = {
name,
contents ? [],
}:
runCommand "singularity-layer-${name}" {
inherit contents;
} ''
mkdir $out
for f in $contents ; do
cp -ra $f $out/
done
'';
buildImage = {
name,
contents ? [],
diskSize ? 1024,
runScript ? "#!${stdenv.shell}\nexec /bin/sh",
runAsRoot ? null,
extraSpace ? 0
}:
let layer = mkLayer {
inherit name;
contents = contents ++ [ bash runScriptFile ];
};
runAsRootFile = shellScript "run-as-root.sh" runAsRoot;
runScriptFile = shellScript "run-script.sh" runScript;
result = vmTools.runInLinuxVM (
runCommand "singularity-image-${name}.img" {
buildInputs = [ singularity e2fsprogs utillinux gawk ];
layerClosure = writeReferencesToFile layer;
preVM = vmTools.createEmptyImage {
size = diskSize;
fullName = "singularity-run-disk";
};
}
''
rm -rf $out
mkdir disk
mkfs -t ext3 -b 4096 /dev/${vmTools.hd}
mount /dev/${vmTools.hd} disk
cd disk
mkdir proc sys dev
# Run root script
${stdenv.lib.optionalString (runAsRoot != null) ''
mkdir -p ./${storeDir}
mount --rbind ${storeDir} ./${storeDir}
unshare -imnpuf --mount-proc chroot ./ ${runAsRootFile}
umount -R ./${storeDir}
''}
# Build /bin and copy across closure
mkdir -p bin nix/store
for f in $(cat $layerClosure) ; do
cp -ar $f ./$f
done
for c in ${toString contents} ; do
for f in $c/bin/* ; do
if [ ! -e bin/$(basename $f) ] ; then
ln -s $f bin/
fi
done
done
# Create runScript
ln -s ${runScriptFile} singularity
# Fill out .singularity.d
mkdir -p .singularity.d/env
touch .singularity.d/env/94-appsbase.sh
cd ..
mkdir -p /var/singularity/mnt/{container,final,overlay,session,source}
echo "root:x:0:0:System administrator:/root:/bin/sh" > /etc/passwd
singularity build $out ./disk
'');
in result;
}