diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 3e134c7544a5..0c06e3f44249 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -91,6 +91,7 @@ in docker-edge = handleTestOn ["x86_64-linux"] ./docker-edge.nix {}; docker-registry = handleTest ./docker-registry.nix {}; docker-tools = handleTestOn ["x86_64-linux"] ./docker-tools.nix {}; + docker-tools-cross = handleTestOn ["x86_64-linux" "aarch64-linux"] ./docker-tools-cross.nix {}; docker-tools-overlay = handleTestOn ["x86_64-linux"] ./docker-tools-overlay.nix {}; documize = handleTest ./documize.nix {}; dokuwiki = handleTest ./dokuwiki.nix {}; diff --git a/nixos/tests/docker-tools-cross.nix b/nixos/tests/docker-tools-cross.nix new file mode 100644 index 000000000000..d433b5508fc9 --- /dev/null +++ b/nixos/tests/docker-tools-cross.nix @@ -0,0 +1,76 @@ +# Not everyone has a suitable remote builder set up, so the cross-compilation +# tests that _include_ running the result are separate. That way, most people +# can run the majority of the test suite without the extra setup. + + +import ./make-test-python.nix ({ pkgs, ... }: +let + + remoteSystem = + if pkgs.system == "aarch64-linux" + then "x86_64-linux" + else "aarch64-linux"; + + remoteCrossPkgs = import ../.. /*nixpkgs*/ { + # NOTE: This is the machine that runs the build - local from the + # 'perspective' of the build script. + localSystem = remoteSystem; + + # NOTE: Since this file can't control where the test will be _run_ we don't + # cross-compile _to_ a different system but _from_ a different system + crossSystem = pkgs.system; + }; + + hello1 = remoteCrossPkgs.dockerTools.buildImage { + name = "hello1"; + tag = "latest"; + contents = remoteCrossPkgs.hello; + }; + + hello2 = remoteCrossPkgs.dockerTools.buildLayeredImage { + name = "hello2"; + tag = "latest"; + contents = remoteCrossPkgs.hello; + }; + +in { + name = "docker-tools"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ roberth ]; + }; + + nodes = { + docker = { ... }: { + virtualisation = { + diskSize = 2048; + docker.enable = true; + }; + }; + }; + + testScript = '' + docker.wait_for_unit("sockets.target") + + with subtest("Ensure cross compiled buildImage image can run."): + docker.succeed( + "docker load --input='${hello1}'" + ) + assert "Hello, world!" in docker.succeed( + "docker run --rm ${hello1.imageName} hello", + ) + docker.succeed( + "docker rmi ${hello1.imageName}", + ) + + with subtest("Ensure cross compiled buildLayeredImage image can run."): + docker.succeed( + "docker load --input='${hello2}'" + ) + assert "Hello, world!" in docker.succeed( + "docker run --rm ${hello2.imageName} hello", + ) + docker.succeed( + "docker rmi ${hello2.imageName}", + ) + ''; +}) diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix index 3d1e39a379c1..8402ba68b720 100644 --- a/nixos/tests/docker-tools.nix +++ b/nixos/tests/docker-tools.nix @@ -245,7 +245,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { "docker inspect ${pkgs.dockerTools.examples.cross.imageName} " + "| ${pkgs.jq}/bin/jq -r .[].Architecture" ).strip() - == "${if pkgs.system == "aarch64-linux" then "amd64" else "arm64v8"}" + == "${if pkgs.system == "aarch64-linux" then "amd64" else "arm64"}" ) ''; }) diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix index b30ac5c77655..276c7cd1bdb8 100644 --- a/pkgs/build-support/docker/default.nix +++ b/pkgs/build-support/docker/default.nix @@ -58,15 +58,12 @@ let done; ''; - # Map nixpkgs architecture to Docker notation - # Reference: https://github.com/docker-library/official-images#architectures-other-than-amd64 - getArch = nixSystem: { - aarch64-linux = "arm64v8"; - armv7l-linux = "arm32v7"; - x86_64-linux = "amd64"; - powerpc64le-linux = "ppc64le"; - i686-linux = "i386"; - }.${nixSystem} or "Can't map Nix system ${nixSystem} to Docker architecture notation. Please check that your input and your requested build are correct or update the mapping in Nixpkgs."; + # The OCI Image specification recommends that configurations use values listed + # in the Go Language document for GOARCH. + # Reference: https://github.com/opencontainers/image-spec/blob/master/config.md#properties + # For the mapping from Nixpkgs system parameters to GOARCH, we can reuse the + # mapping from the go package. + defaultArch = go.GOARCH; in rec { @@ -84,7 +81,7 @@ rec { , imageDigest , sha256 , os ? "linux" - , arch ? getArch system + , arch ? defaultArch # This is used to set name to the pulled image , finalImageName ? imageName @@ -500,7 +497,7 @@ rec { baseJson = let pure = writeText "${baseName}-config.json" (builtins.toJSON { inherit created config; - architecture = getArch system; + architecture = defaultArch; os = "linux"; }); impure = runCommand "${baseName}-config.json" @@ -754,7 +751,7 @@ rec { streamScript = writePython3 "stream" {} ./stream_layered_image.py; baseJson = writeText "${name}-base.json" (builtins.toJSON { inherit config; - architecture = getArch system; + architecture = defaultArch; os = "linux"; });