pyrox.dev
1{ stdenv, lib, curl, jshon, python, runCommand }:
2
3# Inspired and simplified version of fetchurl.
4# For simplicity we only support sha256.
5
6# Currently only registry v1 is supported, compatible with Docker Hub.
7
8{ imageName, imageTag ? "latest", imageId ? null
9, sha256, name ? "${imageName}-${imageTag}"
10, indexUrl ? "https://index.docker.io"
11, registryVersion ? "v1"
12, curlOpts ? "" }:
13
14assert registryVersion == "v1";
15
16let layer = stdenv.mkDerivation {
17 inherit name imageName imageTag imageId
18 indexUrl registryVersion curlOpts;
19
20 builder = ./pull.sh;
21 detjson = ./detjson.py;
22
23 buildInputs = [ curl jshon python ];
24
25 outputHashAlgo = "sha256";
26 outputHash = sha256;
27 outputHashMode = "recursive";
28
29 impureEnvVars = [
30 # We borrow these environment variables from the caller to allow
31 # easy proxy configuration. This is impure, but a fixed-output
32 # derivation like fetchurl is allowed to do so since its result is
33 # by definition pure.
34 "http_proxy" "https_proxy" "ftp_proxy" "all_proxy" "no_proxy"
35
36 # This variable allows the user to pass additional options to curl
37 "NIX_CURL_FLAGS"
38 ];
39
40 # Doing the download on a remote machine just duplicates network
41 # traffic, so don't do that.
42 preferLocalBuild = true;
43};
44
45in runCommand "${name}.tar.gz" {} ''
46 tar -C ${layer} -czf $out .
47''