diff options
author | pigeon <fnoegip@gmail.com> | 2024-02-18 21:15:26 +0100 |
---|---|---|
committer | Jonas Fierlings <fnoegip@gmail.com> | 2024-02-18 21:16:35 +0100 |
commit | 2cea1dce6d9782a735101117dca35909aeabde70 (patch) | |
tree | a84c7d601705ca5eb33776a01790c96c4145bafc /pkgs/build-support | |
parent | 0e289490f5b9789fe7cc6856633ee4ec01191e79 (diff) |
nixos/dockerTools: make buildImageWithNixDb reproducible
The loaded database contains timestamps of when the nix paths were registered. Depending on the host store, these can differ between runs. Resetting them to a well known values ensures that the produced image is reproducible.
Diffstat (limited to 'pkgs/build-support')
-rw-r--r-- | pkgs/build-support/docker/default.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index 3f61ecdb2a461..7af7c7e3ff23e 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -62,6 +62,8 @@ let # https://github.com/NixOS/nix/blob/9348f9291e5d9e4ba3c4347ea1b235640f54fd79/src/libutil/util.cc#L478 export USER=nobody ${buildPackages.nix}/bin/nix-store --load-db < ${closureInfo {rootPaths = contentsList;}}/registration + # Reset registration times to make the image reproducible + ${buildPackages.sqlite}/bin/sqlite3 nix/var/nix/db/db.sqlite "UPDATE ValidPaths SET registrationTime = ''${SOURCE_DATE_EPOCH}" mkdir -p nix/var/nix/gcroots/docker/ for i in ${lib.concatStringsSep " " contentsList}; do |