tjh.dev
nixpkgs mirror (for testing)
github.com/NixOS/nixpkgs
nix
1{
2 lib,
3 stdenv,
4 rustPlatform,
5 fetchFromGitHub,
6 asciidoctor,
7 buildah,
8 buildah-unwrapped,
9 cargo,
10 libiconv,
11 libkrun,
12 makeWrapper,
13 rustc,
14 sigtool,
15}:
16
17stdenv.mkDerivation rec {
18 pname = "krunvm";
19 version = "0.2.3";
20
21 src = fetchFromGitHub {
22 owner = "containers";
23 repo = pname;
24 rev = "v${version}";
25 hash = "sha256-IXofYsOmbrjq8Zq9+a6pvBYsvZFcKzN5IvCuHaxwazI=";
26 };
27
28 cargoDeps = rustPlatform.fetchCargoVendor {
29 inherit src;
30 hash = "sha256-Vmb5IgGyKGekuL018/Xiz9QroWIwTIUxVB57fb0X7Kw=";
31 };
32
33 nativeBuildInputs = [
34 rustPlatform.cargoSetupHook
35 cargo
36 rustc
37 asciidoctor
38 makeWrapper
39 ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ sigtool ];
40
41 buildInputs =
42 [ libkrun ]
43 ++ lib.optionals stdenv.hostPlatform.isDarwin [
44 libiconv
45 ];
46
47 makeFlags = [ "PREFIX=${placeholder "out"}" ];
48
49 postPatch = ''
50 # do not pollute etc
51 substituteInPlace src/utils.rs \
52 --replace "etc/containers" "share/krunvm/containers"
53 '';
54
55 postInstall = ''
56 mkdir -p $out/share/krunvm/containers
57 install -D -m755 ${buildah-unwrapped.src}/docs/samples/registries.conf $out/share/krunvm/containers/registries.conf
58 install -D -m755 ${buildah-unwrapped.src}/tests/policy.json $out/share/krunvm/containers/policy.json
59 '';
60
61 # It attaches entitlements with codesign and strip removes those,
62 # voiding the entitlements and making it non-operational.
63 dontStrip = stdenv.hostPlatform.isDarwin;
64
65 postFixup = ''
66 wrapProgram $out/bin/krunvm \
67 --prefix PATH : ${lib.makeBinPath [ buildah ]} \
68 '';
69
70 meta = with lib; {
71 description = "CLI-based utility for creating microVMs from OCI images";
72 homepage = "https://github.com/containers/krunvm";
73 license = licenses.asl20;
74 maintainers = with maintainers; [ nickcao ];
75 platforms = libkrun.meta.platforms;
76 mainProgram = "krunvm";
77 };
78}