nixpkgs/pkgs/build-support/docker/pull.nix

33 lines
936 B
Nix

{ stdenv, lib, docker, vmTools, utillinux, curl, kmod, dhcp, cacert, e2fsprogs }:
let
nameReplace = name: builtins.replaceStrings ["/" ":"] ["-" "-"] name;
in
# For simplicity we only support sha256.
{ imageName, imageTag ? "latest", imageId ? "${imageName}:${imageTag}"
, sha256, name ? (nameReplace "docker-image-${imageName}-${imageTag}.tar") }:
let
pullImage = vmTools.runInLinuxVM (
stdenv.mkDerivation {
inherit name imageId;
certs = "${cacert}/etc/ssl/certs/ca-bundle.crt";
builder = ./pull.sh;
nativeBuildInputs = [ curl utillinux docker kmod dhcp cacert e2fsprogs ];
outputHashAlgo = "sha256";
outputHash = sha256;
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
preVM = vmTools.createEmptyImage {
size = 2048;
fullName = "${name}-disk";
};
QEMU_OPTS = "-netdev user,id=net0 -device virtio-net-pci,netdev=net0";
});
in
pullImage