Merge pull request #17 from hercules-ci/fix-other-linux-bin-sh
Replace /bin/sh, /usr/bin/env mounts by symlinks
This commit is contained in:
commit
2324223360
6 changed files with 16 additions and 3 deletions
|
@ -11,6 +11,7 @@ stdenv.mkDerivation {
|
||||||
mkdir -p $out/bin $out/share/arion
|
mkdir -p $out/bin $out/share/arion
|
||||||
cp -a nix $out/share/arion/
|
cp -a nix $out/share/arion/
|
||||||
cp -a arion-image $out/share/arion/
|
cp -a arion-image $out/share/arion/
|
||||||
|
tar -czf $out/share/arion/arion-image/tarball.tar.gz -C arion-image/tarball .
|
||||||
substitute arion $out/bin/arion \
|
substitute arion $out/bin/arion \
|
||||||
--subst-var-by path ${lib.makeBinPath [jq coreutils docker_compose]} \
|
--subst-var-by path ${lib.makeBinPath [jq coreutils docker_compose]} \
|
||||||
--subst-var-by nix_dir $out/share/arion/nix \
|
--subst-var-by nix_dir $out/share/arion/nix \
|
||||||
|
|
|
@ -1,2 +1,3 @@
|
||||||
FROM scratch
|
FROM scratch
|
||||||
COPY passwd /etc/passwd
|
COPY passwd /etc/passwd
|
||||||
|
ADD tarball.tar.gz /
|
||||||
|
|
1
src/arion-image/tarball/bin/sh
Symbolic link
1
src/arion-image/tarball/bin/sh
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
/run/system/bin/sh
|
1
src/arion-image/tarball/usr/bin/env
Symbolic link
1
src/arion-image/tarball/usr/bin/env
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
/run/system/usr/bin/env
|
|
@ -4,7 +4,7 @@
|
||||||
when the service.useHostStore option is set to true.
|
when the service.useHostStore option is set to true.
|
||||||
|
|
||||||
*/
|
*/
|
||||||
{ lib, config, ... }:
|
{ lib, config, pkgs, ... }:
|
||||||
let
|
let
|
||||||
inherit (lib) mkOption types mkIf;
|
inherit (lib) mkOption types mkIf;
|
||||||
in
|
in
|
||||||
|
@ -21,8 +21,7 @@ in
|
||||||
service.build.context = "${../arion-image}";
|
service.build.context = "${../arion-image}";
|
||||||
service.volumes = [
|
service.volumes = [
|
||||||
"/nix/store:/nix/store"
|
"/nix/store:/nix/store"
|
||||||
"/bin/sh:/bin/sh"
|
"${pkgs.buildEnv { name = "container-system-env"; paths = [ pkgs.bashInteractive pkgs.coreutils ]; }}:/run/system"
|
||||||
"/usr/bin/env:/usr/bin/env"
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,11 +18,21 @@ in
|
||||||
|
|
||||||
# no caches, because no internet
|
# no caches, because no internet
|
||||||
nix.binaryCaches = lib.mkForce [];
|
nix.binaryCaches = lib.mkForce [];
|
||||||
|
|
||||||
|
# FIXME: Sandbox seems broken with current version of NixOS test
|
||||||
|
# w/ writable store. Error:
|
||||||
|
# machine# error: linking '/nix/store/7r8z2zvhwda85pgpdn5hzzz6hs1njklc-stdenv-linux.drv.chroot/nix/store/6v3y7s4q4wd16hsw393gjpxvcf9159bv-patch-shebangs.sh' to '/nix/store/6v3y7s4q4wd16hsw393gjpxvcf9159bv-patch-shebangs.sh': Operation not permitted
|
||||||
|
#
|
||||||
|
# There should be no reason why arion can't run without
|
||||||
|
# sandboxing, so please re-enable.
|
||||||
|
nix.useSandbox = false;
|
||||||
|
|
||||||
virtualisation.writableStore = true;
|
virtualisation.writableStore = true;
|
||||||
virtualisation.pathsInNixDB = [
|
virtualisation.pathsInNixDB = [
|
||||||
# Pre-build the image because we don't want to build the world
|
# Pre-build the image because we don't want to build the world
|
||||||
# in the vm.
|
# in the vm.
|
||||||
preEval.config.build.dockerComposeYaml
|
preEval.config.build.dockerComposeYaml
|
||||||
|
pkgs.stdenv
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
testScript = ''
|
testScript = ''
|
||||||
|
|
Loading…
Reference in a new issue