[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
08/12: docker: Build images in a reproducible fashion.
From: |
Ludovic Courtès |
Subject: |
08/12: docker: Build images in a reproducible fashion. |
Date: |
Thu, 16 Mar 2017 18:04:24 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit 54241dc8e62c8616dcd72effe816e6e570607055
Author: Ludovic Courtès <address@hidden>
Date: Thu Mar 16 21:56:10 2017 +0100
docker: Build images in a reproducible fashion.
* guix/docker.scm (%tar-determinism-options): New variable.
(build-docker-image): Use it on the two 'tar' invocations.
---
guix/docker.scm | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/guix/docker.scm b/guix/docker.scm
index 5614ab2..9b7a28f 100644
--- a/guix/docker.scm
+++ b/guix/docker.scm
@@ -84,6 +84,11 @@
(rootfs . ((type . "layers")
(diff_ids . (,(layer-diff-id layer)))))))
+(define %tar-determinism-options
+ ;; GNU tar options to produce archives deterministically.
+ '("--sort=name" "address@hidden"
+ "--owner=root:0" "--group=root:0"))
+
(define* (build-docker-image image path
#:key closure compressor
(creation-time (current-time time-utc)))
@@ -119,7 +124,8 @@ creation time in metadata."
(let ((items (call-with-input-file closure
read-reference-graph)))
(and (zero? (apply system* "tar" "-cf" "layer.tar"
- (cons "../bin" items)))
+ (append %tar-determinism-options
+ (cons "../bin" items))))
(delete-file "../bin"))))
(with-output-to-file "config.json"
@@ -134,7 +140,8 @@ creation time in metadata."
(scm->json (repositories path id)))))
(and (zero? (apply system* "tar" "-C" directory "-cf" image
- `(,@(if compressor
+ `(,@%tar-determinism-options
+ ,@(if compressor
(list "-I" (string-join compressor))
'())
".")))
- 02/12: gexp: Add '=>' syntax to import computed modules., (continued)
- 02/12: gexp: Add '=>' syntax to import computed modules., Ludovic Courtès, 2017/03/16
- 03/12: services: connman: Rework service., Ludovic Courtès, 2017/03/16
- 04/12: memoization: Micro-optimize code produced by 'define-cache-procedure'., Ludovic Courtès, 2017/03/16
- 07/12: pack: Use a fixed timestamp in Docker images., Ludovic Courtès, 2017/03/16
- 01/12: utils: Move base16 procedures to (guix base16)., Ludovic Courtès, 2017/03/16
- 09/12: pack: Honor symlinks in the Docker back-end., Ludovic Courtès, 2017/03/16
- 11/12: doc: Mention 'guix pack' reproducibility., Ludovic Courtès, 2017/03/16
- 10/12: pack: Allow for "-S /opt/foo="., Ludovic Courtès, 2017/03/16
- 12/12: doc: Reorganize categories., Ludovic Courtès, 2017/03/16
- 06/12: pack: Add '--format' option and Docker output support., Ludovic Courtès, 2017/03/16
- 08/12: docker: Build images in a reproducible fashion.,
Ludovic Courtès <=