guix-docker-images/Dockerfile

# syntax = docker/dockerfile:1.1-experimental

#
#	MetaCall Guix by Parra Studios
#	Docker image for using GuixSD in a CI/CD environment.
#
#	Copyright (C) 2016 - 2020 Vicente Eduardo Ferrer Garcia <vic798@gmail.com>
#
#	Licensed under the Apache License, Version 2.0 (the "License");
#	you may not use this file except in compliance with the License.
#	You may obtain a copy of the License at
#
#		http://www.apache.org/licenses/LICENSE-2.0
#
#	Unless required by applicable law or agreed to in writing, software
#	distributed under the License is distributed on an "AS IS" BASIS,
#	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#	See the License for the specific language governing permissions and
#	limitations under the License.
#

FROM alpine:3.9 AS guix

# Image descriptor
LABEL copyright.name="Vicente Eduardo Ferrer Garcia" \
	copyright.address="vic798@gmail.com" \
	maintainer.name="Vicente Eduardo Ferrer Garcia" \
	maintainer.address="vic798@gmail.com" \
	vendor="MetaCall Inc." \
	version="0.1"

ARG METACALL_GUIX_VERSION
ARG METACALL_GUIX_ARCH

ENV GUIX_PROFILE="/root/.config/guix/current" \
	GUIX_LOCPATH="/root/.guix-profile/lib/locale/" \
	SSL_CERT_DIR="/root/.guix-profile/etc/ssl/certs" \
	SSL_CERT_FILE="/root/.guix-profile/etc/ssl/certs/ca-certificates.crt" \
	GIT_SSL_FILE="$SSL_CERT_FILE" \
	GIT_SSL_CAINFO="$SSL_CERT_FILE" \
	CURL_CA_BUNDLE="$SSL_CERT_FILE"

# Copy entry point
COPY scripts/entry-point.sh /entry-point.sh

# Install Guix
RUN mkdir -p /gnu/store \
	&& addgroup guixbuild \
	&& addgroup guix-builder \
	&& chgrp guix-builder -R /gnu/store \
	&& chmod 1777 /gnu/store \
	&& for i in `seq -w 1 10`; do \
			adduser -G guixbuild -h /var/empty -s `which nologin` -S guixbuilder$i; \
		done \
	&& wget -O - https://ftp.gnu.org/gnu/guix/guix-binary-${METACALL_GUIX_VERSION}.${METACALL_GUIX_ARCH}-linux.tar.xz | tar -xJv -C / \
	&& mkdir -p /root/.config/guix \
	&& ln -sf /var/guix/profiles/per-user/root/current-guix /root/.config/guix/current \
	&& mkdir -p /usr/local/bin \
	&& ln -s /var/guix/profiles/per-user/root/current-guix/bin/guix /usr/local/bin/ \
	&& mkdir -p /usr/local/share/info \
	&& for i in /var/guix/profiles/per-user/root/current-guix/share/info/*; do \
			ln -s $i /usr/local/share/info/; \
		done \
	&& chmod +x /entry-point.sh \
	&& source $GUIX_PROFILE/etc/profile \
	&& guix archive --authorize < /root/.config/guix/current/share/guix/ci.guix.gnu.org.pub

# Run pull (https://github.com/docker/buildx/blob/master/README.md#--allowentitlement)
RUN --security=insecure /entry-point.sh guix pull

# Restart with latest version of the daemon
RUN --security=insecure /entry-point.sh guix gc --optimize \
	&& guix gc \
	&& guix package --fallback -i \
		nss-certs

# Clean the profile (avoids: https://www.mail-archive.com/help-guix@gnu.org/msg04836.html)
RUN rm -rf /var/guix/profiles/per-user/root/*

ENTRYPOINT ["/entry-point.sh"]
CMD ["sh"]
Add buildx again. 2019-09-18 09:15:13 +02:00			`# syntax = docker/dockerfile:1.1-experimental`
Add different way of installing buildx. 2019-09-18 08:35:17 +02:00
Initial commit. 2019-09-18 07:16:43 +02:00			`#`
Change licenses with proper description. 2019-09-18 07:21:43 +02:00			`# MetaCall Guix by Parra Studios`
			`# Docker image for using GuixSD in a CI/CD environment.`
Initial commit. 2019-09-18 07:16:43 +02:00			`#`
Update copyright to 2020. 2020-01-03 01:15:37 +01:00			`# Copyright (C) 2016 - 2020 Vicente Eduardo Ferrer Garcia <vic798@gmail.com>`
Initial commit. 2019-09-18 07:16:43 +02:00			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
			`#`

Fixed alpine version. 2019-11-27 13:10:03 +01:00			`FROM alpine:3.9 AS guix`
Initial commit. 2019-09-18 07:16:43 +02:00
			`# Image descriptor`
			`LABEL copyright.name="Vicente Eduardo Ferrer Garcia" \`
			`copyright.address="vic798@gmail.com" \`
			`maintainer.name="Vicente Eduardo Ferrer Garcia" \`
			`maintainer.address="vic798@gmail.com" \`
			`vendor="MetaCall Inc." \`
			`version="0.1"`

Merge layers of the Dockerfile. 2019-09-19 09:30:12 +02:00			`ARG METACALL_GUIX_VERSION`
			`ARG METACALL_GUIX_ARCH`

Restore build in two separated commands. 2019-09-19 21:45:11 +02:00			`ENV GUIX_PROFILE="/root/.config/guix/current" \`
Add environment variables. 2019-09-20 15:42:20 +02:00			`GUIX_LOCPATH="/root/.guix-profile/lib/locale/" \`
			`SSL_CERT_DIR="/root/.guix-profile/etc/ssl/certs" \`
Add nss certs again. 2019-12-14 05:59:15 +01:00			`SSL_CERT_FILE="/root/.guix-profile/etc/ssl/certs/ca-certificates.crt" \`
			`GIT_SSL_FILE="$SSL_CERT_FILE" \`
			`GIT_SSL_CAINFO="$SSL_CERT_FILE" \`
			`CURL_CA_BUNDLE="$SSL_CERT_FILE"`
Initial commit. 2019-09-18 07:16:43 +02:00
Merge layers of the Dockerfile. 2019-09-19 09:30:12 +02:00			`# Copy entry point`
			`COPY scripts/entry-point.sh /entry-point.sh`

Restore build in two separated commands. 2019-09-19 21:45:11 +02:00			`# Install Guix`
Add locale again. 2019-11-27 01:53:16 +01:00			`RUN mkdir -p /gnu/store \`
Initial commit. 2019-09-18 07:16:43 +02:00			`&& addgroup guixbuild \`
			`&& addgroup guix-builder \`
			`&& chgrp guix-builder -R /gnu/store \`
Add full permissions to /gnu/store. 2019-12-05 17:22:57 +01:00			`&& chmod 1777 /gnu/store \`
Initial commit. 2019-09-18 07:16:43 +02:00			&& for i in `seq -w 1 10`; do \
Trying to solve locale and tls bug. 2019-11-27 01:29:32 +01:00			adduser -G guixbuild -h /var/empty -s `which nologin` -S guixbuilder$i; \
Initial commit. 2019-09-18 07:16:43 +02:00			`done \`
Merge layers of the Dockerfile. 2019-09-19 09:30:12 +02:00			`&& wget -O - https://ftp.gnu.org/gnu/guix/guix-binary-${METACALL_GUIX_VERSION}.${METACALL_GUIX_ARCH}-linux.tar.xz \| tar -xJv -C / \`
Add environment variables. 2019-09-20 15:42:20 +02:00			`&& mkdir -p /root/.config/guix \`
			`&& ln -sf /var/guix/profiles/per-user/root/current-guix /root/.config/guix/current \`
Initial commit. 2019-09-18 07:16:43 +02:00			`&& mkdir -p /usr/local/bin \`
			`&& ln -s /var/guix/profiles/per-user/root/current-guix/bin/guix /usr/local/bin/ \`
			`&& mkdir -p /usr/local/share/info \`
			`&& for i in /var/guix/profiles/per-user/root/current-guix/share/info/*; do \`
			`ln -s $i /usr/local/share/info/; \`
			`done \`
Add locale again. 2019-11-27 01:53:16 +01:00			`&& chmod +x /entry-point.sh \`
			`&& source $GUIX_PROFILE/etc/profile \`
Separate guix archive into another command. 2019-11-27 01:34:45 +01:00			`&& guix archive --authorize < /root/.config/guix/current/share/guix/ci.guix.gnu.org.pub`

Restore build in two separated commands. 2019-09-19 21:45:11 +02:00			`# Run pull (https://github.com/docker/buildx/blob/master/README.md#--allowentitlement)`
Add garbage collector step (thanks to @rockandska). 2019-12-05 14:11:18 +01:00			`RUN --security=insecure /entry-point.sh guix pull`

			`# Restart with latest version of the daemon`
Remove delete generations. 2019-12-05 18:21:25 +01:00			`RUN --security=insecure /entry-point.sh guix gc --optimize \`
Add nss certs again. 2019-12-14 05:59:15 +01:00			`&& guix gc \`
Add fallback fo nss-certs install in case of network error. 2019-12-14 06:05:52 +01:00			`&& guix package --fallback -i \`
Add nss certs again. 2019-12-14 05:59:15 +01:00			`nss-certs`
Add nss certs in a new instruction. 2019-09-19 19:46:33 +02:00
Solve minor bug for migrations. 2020-04-05 21:18:08 +02:00			`# Clean the profile (avoids: https://www.mail-archive.com/help-guix@gnu.org/msg04836.html)`
			`RUN rm -rf /var/guix/profiles/per-user/root/*`

Initial commit. 2019-09-18 07:16:43 +02:00			`ENTRYPOINT ["/entry-point.sh"]`
			`CMD ["sh"]`