08/12: docker: Build images in a reproducible fashion.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

08/12: docker: Build images in a reproducible fashion.

From:	Ludovic Court�s
Subject:	08/12: docker: Build images in a reproducible fashion.
Date:	Thu, 16 Mar 2017 18:04:24 -0400 (EDT)

civodul pushed a commit to branch master
in repository guix.

commit 54241dc8e62c8616dcd72effe816e6e570607055
Author: Ludovic Courtès <address@hidden>
Date:   Thu Mar 16 21:56:10 2017 +0100

    docker: Build images in a reproducible fashion.
    
    * guix/docker.scm (%tar-determinism-options): New variable.
    (build-docker-image): Use it on the two 'tar' invocations.
---
 guix/docker.scm | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/guix/docker.scm b/guix/docker.scm
index 5614ab2..9b7a28f 100644
--- a/guix/docker.scm
+++ b/guix/docker.scm
@@ -84,6 +84,11 @@
     (rootfs . ((type . "layers")
                (diff_ids . (,(layer-diff-id layer)))))))
 
+(define %tar-determinism-options
+  ;; GNU tar options to produce archives deterministically.
+  '("--sort=name" "address@hidden"
+    "--owner=root:0" "--group=root:0"))
+
 (define* (build-docker-image image path
                              #:key closure compressor
                              (creation-time (current-time time-utc)))
@@ -119,7 +124,8 @@ creation time in metadata."
              (let ((items (call-with-input-file closure
                             read-reference-graph)))
                (and (zero? (apply system* "tar" "-cf" "layer.tar"
-                                  (cons "../bin" items)))
+                                  (append %tar-determinism-options
+                                          (cons "../bin" items))))
                     (delete-file "../bin"))))
 
            (with-output-to-file "config.json"
@@ -134,7 +140,8 @@ creation time in metadata."
                (scm->json (repositories path id)))))
 
          (and (zero? (apply system* "tar" "-C" directory "-cf" image
-                            `(,@(if compressor
+                            `(,@%tar-determinism-options
+                              ,@(if compressor
                                     (list "-I" (string-join compressor))
                                     '())
                               ".")))

[Prev in Thread]

Current Thread

[Next in Thread]

02/12: gexp: Add '=>' syntax to import computed modules., (continued)
- 02/12: gexp: Add '=>' syntax to import computed modules., Ludovic Court�s, 2017/03/16
- 03/12: services: connman: Rework service., Ludovic Court�s, 2017/03/16
- 04/12: memoization: Micro-optimize code produced by 'define-cache-procedure'., Ludovic Court�s, 2017/03/16
- 07/12: pack: Use a fixed timestamp in Docker images., Ludovic Court�s, 2017/03/16
- 01/12: utils: Move base16 procedures to (guix base16)., Ludovic Court�s, 2017/03/16
- 09/12: pack: Honor symlinks in the Docker back-end., Ludovic Court�s, 2017/03/16
- 11/12: doc: Mention 'guix pack' reproducibility., Ludovic Court�s, 2017/03/16
- 10/12: pack: Allow for "-S /opt/foo="., Ludovic Court�s, 2017/03/16
- 12/12: doc: Reorganize categories., Ludovic Court�s, 2017/03/16
- 06/12: pack: Add '--format' option and Docker output support., Ludovic Court�s, 2017/03/16
- 08/12: docker: Build images in a reproducible fashion., Ludovic Court�s <=

Prev by Date: 06/12: pack: Add '--format' option and Docker output support.
Next by Date: branch master updated (ad172c4 -> 49ac6db)
Previous by thread: 06/12: pack: Add '--format' option and Docker output support.
Next by thread: branch master updated (ad172c4 -> 49ac6db)
Index(es):
- Date
- Thread