Commit | Line | Data |
---|---|---|
03476a23 RW |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> | |
b1edfbc3 | 3 | ;;; Copyright © 2017 Ludovic Courtès <ludo@gnu.org> |
03476a23 RW |
4 | ;;; |
5 | ;;; This file is part of GNU Guix. | |
6 | ;;; | |
7 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
8 | ;;; under the terms of the GNU General Public License as published by | |
9 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
10 | ;;; your option) any later version. | |
11 | ;;; | |
12 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
13 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
15 | ;;; GNU General Public License for more details. | |
16 | ;;; | |
17 | ;;; You should have received a copy of the GNU General Public License | |
18 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
19 | ||
20 | (define-module (guix docker) | |
21 | #:use-module (guix hash) | |
4c0c4db0 | 22 | #:use-module (guix base16) |
03476a23 RW |
23 | #:use-module ((guix build utils) |
24 | #:select (delete-file-recursively | |
25 | with-directory-excursion)) | |
b1edfbc3 | 26 | #:use-module (guix build store-copy) |
84dda5a9 | 27 | #:use-module (srfi srfi-19) |
03476a23 RW |
28 | #:use-module (rnrs bytevectors) |
29 | #:use-module (ice-9 match) | |
30 | #:export (build-docker-image)) | |
31 | ||
b1edfbc3 LC |
32 | ;; Load Guile-JSON at run time to simplify the job of 'imported-modules' & co. |
33 | (module-use! (current-module) (resolve-interface '(json))) | |
34 | ||
03476a23 RW |
35 | ;; Generate a 256-bit identifier in hexadecimal encoding for the Docker image |
36 | ;; containing the closure at PATH. | |
37 | (define docker-id | |
38 | (compose bytevector->base16-string sha256 string->utf8)) | |
39 | ||
40 | (define (layer-diff-id layer) | |
41 | "Generate a layer DiffID for the given LAYER archive." | |
42 | (string-append "sha256:" (bytevector->base16-string (file-sha256 layer)))) | |
43 | ||
44 | ;; This is the semantic version of the JSON metadata schema according to | |
45 | ;; https://github.com/docker/docker/blob/master/image/spec/v1.2.md | |
46 | ;; It is NOT the version of the image specification. | |
47 | (define schema-version "1.0") | |
48 | ||
49 | (define (image-description id time) | |
50 | "Generate a simple image description." | |
51 | `((id . ,id) | |
52 | (created . ,time) | |
53 | (container_config . #nil))) | |
54 | ||
55 | (define (generate-tag path) | |
56 | "Generate an image tag for the given PATH." | |
57 | (match (string-split (basename path) #\-) | |
58 | ((hash name . rest) (string-append name ":" hash)))) | |
59 | ||
60 | (define (manifest path id) | |
61 | "Generate a simple image manifest." | |
62 | `(((Config . "config.json") | |
63 | (RepoTags . (,(generate-tag path))) | |
64 | (Layers . (,(string-append id "/layer.tar")))))) | |
65 | ||
66 | ;; According to the specifications this is required for backwards | |
67 | ;; compatibility. It duplicates information provided by the manifest. | |
68 | (define (repositories path id) | |
69 | "Generate a repositories file referencing PATH and the image ID." | |
70 | `((,(generate-tag path) . ((latest . ,id))))) | |
71 | ||
72 | ;; See https://github.com/opencontainers/image-spec/blob/master/config.md | |
73 | (define (config layer time arch) | |
74 | "Generate a minimal image configuration for the given LAYER file." | |
75 | ;; "architecture" must be values matching "platform.arch" in the | |
76 | ;; runtime-spec at | |
77 | ;; https://github.com/opencontainers/runtime-spec/blob/v1.0.0-rc2/config.md#platform | |
78 | `((architecture . ,arch) | |
79 | (comment . "Generated by GNU Guix") | |
80 | (created . ,time) | |
81 | (config . #nil) | |
82 | (container_config . #nil) | |
83 | (os . "linux") | |
84 | (rootfs . ((type . "layers") | |
85 | (diff_ids . (,(layer-diff-id layer))))))) | |
86 | ||
84dda5a9 LC |
87 | (define* (build-docker-image image path |
88 | #:key closure compressor | |
89 | (creation-time (current-time time-utc))) | |
b1edfbc3 LC |
90 | "Write to IMAGE a Docker image archive from the given store PATH. The image |
91 | contains the closure of PATH, as specified in CLOSURE (a file produced by | |
92 | #:references-graphs). Use COMPRESSOR, a command such as '(\"gzip\" \"-9n\"), | |
84dda5a9 LC |
93 | to compress IMAGE. Use CREATION-TIME, a SRFI-19 time-utc object, as the |
94 | creation time in metadata." | |
b1edfbc3 LC |
95 | (let ((directory "/tmp/docker-image") ;temporary working directory |
96 | (closure (canonicalize-path closure)) | |
97 | (id (docker-id path)) | |
84dda5a9 | 98 | (time (date->string (time-utc->date creation-time) "~4")) |
b1edfbc3 LC |
99 | (arch (match (utsname:machine (uname)) |
100 | ("x86_64" "amd64") | |
101 | ("i686" "386") | |
102 | ("armv7l" "arm") | |
103 | ("mips64" "mips64le")))) | |
104 | ;; Make sure we start with a fresh, empty working directory. | |
105 | (mkdir directory) | |
106 | ||
107 | (and (with-directory-excursion directory | |
108 | ;; Add symlink from /bin to /gnu/store/.../bin | |
109 | (symlink (string-append path "/bin") "bin") | |
110 | ||
111 | (mkdir id) | |
112 | (with-directory-excursion id | |
113 | (with-output-to-file "VERSION" | |
114 | (lambda () (display schema-version))) | |
115 | (with-output-to-file "json" | |
116 | (lambda () (scm->json (image-description id time)))) | |
117 | ||
118 | ;; Wrap it up | |
119 | (let ((items (call-with-input-file closure | |
120 | read-reference-graph))) | |
121 | (and (zero? (apply system* "tar" "-cf" "layer.tar" | |
122 | (cons "../bin" items))) | |
123 | (delete-file "../bin")))) | |
124 | ||
125 | (with-output-to-file "config.json" | |
126 | (lambda () | |
127 | (scm->json (config (string-append id "/layer.tar") | |
128 | time arch)))) | |
129 | (with-output-to-file "manifest.json" | |
130 | (lambda () | |
131 | (scm->json (manifest path id)))) | |
132 | (with-output-to-file "repositories" | |
133 | (lambda () | |
134 | (scm->json (repositories path id))))) | |
135 | ||
136 | (and (zero? (apply system* "tar" "-C" directory "-cf" image | |
137 | `(,@(if compressor | |
138 | (list "-I" (string-join compressor)) | |
139 | '()) | |
140 | "."))) | |
141 | (begin (delete-file-recursively directory) #t))))) |