tazjin
commented
3 years ago Discussed with flokli on IRC, and tested locally. Behaves as expected!
Closed tazjin closed 3 years ago
tazjin
commented
3 years ago Discussed with flokli on IRC, and tested locally. Behaves as expected!
flokli
commented
3 years ago Hmmh, that wasn't exactly what we concluded.
I think we should define what comes with nixery-built containers by default.
We also already add cacert and iana-etc from nixpkgs into every image (see builder/builder.go).
Maybe we also should add dockerTools.{binSh,fakeNss,usrBinEnv} too.
This will of course introduce some minimal nixpkgs commit requirement, or require to bundle nixery with some nixpkgs, but IMHO it's worth the code deduplication and more unified behaviour across all nix-built images.
tazjin
commented
3 years ago I think we should define what comes with nixery-built containers by default.
I think that's for a separate issue and discussion, not related to this particular problem (which breaks people's scripts, see the issue). It's fine to look at that once all of those things are in a stable NixOS channel.
flokli
commented
3 years ago This is not a regression, it has been like this all the time.
~Anyways, can you open an issue for this?~ nvm, opened https://github.com/google/nixery/issues/133.
This is required by common patterns in shell scripts.
There are some caveats around this. Adding logic to filter whether coreutils is included in an image would slow down the Nix evaluation, so the link is currently created even in cases where it doesn't point to anything.
Fixes #109