Multi-layer image with static assets and binary

* Construct layer with the wst-poc binary * Construct second layer with static html assets * Currently second layer contains bash, etc for interaction. Can be removed to further shrink the container
input-output-hk · Jan 7, 2025 · 3cdd007 · 3cdd007
1 parent df86da6
commit 3cdd007
Show file tree

Hide file tree

Showing 4 changed files with 139 additions and 9 deletions.
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -33,6 +33,11 @@
     plutarch = {
       url = "github:colll78/plutarch-plutus/b2379767c7f1c70acf28206bf922f128adc02f28";
     };
+
+    n2c = {
+      url = "github:nlewo/nix2container";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = inputs: inputs.iogx.lib.mkFlake {

diff --git a/generated/html/index.html b/generated/html/index.html
@@ -0,0 +1,10 @@
+<!doctype html>
+<html>
+  <head>
+    <title>Placeholder title!</title>
+  </head>
+  <body>
+    <p>Placeholder for generated/html/index.html</p>
+  </body>
+</html>
+
diff --git a/nix/containers.nix b/nix/containers.nix
@@ -1,18 +1,78 @@
-{ repoRoot, inputs, pkgs, lib, system }:
-{
+{ repoRoot, inputs, pkgs, lib, system }: let
+
+staticFilesDerivation = pkgs.stdenv.mkDerivation {
+  name = "staticFiles";
+  src = ../generated;
+  unpackPhase = "true";
+  installPhase = ''
+    ls -alh "$src"
+    mkdir -p "$out"
+    cp -r $src/html $out
+    ls -alh $out
+  '';
+};
+
+staticFiles = pkgs.buildEnv {
+  name = "staticFiles";
+  paths = [
+    # the actual payload we want
+    staticFilesDerivation
+    # allow interactivity with the image
+    pkgs.bashInteractive
+    pkgs.coreutils
+  ];
+  pathsToLink = [ "/html" "/bin" ];
+  extraOutputsToInstall = [ "/html" ];
+};
+
+in rec {
 
   # Builds a docker container for the cabal executable given as input. First we
   # build the container json itself. Note the explicit architecture.
   #
-  # $ nix build .#containers.x86_64-linux.wst
+  # NOTE: The following commands produce a nice test environment for the container
+  # Build via nix first
+  #
+  #$ nix build --accept-flake-config .#containers.x86_64-linux.wst.copyTo
+  #
+  # Instead of generating a container, generate into a directory
+  #
+  #$ ./result/bin/copy-to dir:./tmp
+  #
+  # Now we can run the container (the tx is just some random I copied from the explorer)
+  #$ podman run --publish 8080:8080 --env WST_BLOCKFROST_TOKEN=REPLACE_ME_APIKEY dir:./tmp manage 76e2cfb0b087873ef50a3f709fa6ab3df21bdd5b67c1254837cc353613524251.0 start --static-files /html
+  #
+  # NOTE: To build the oci container image run:
   #
-  wst = lib.iogx.mkContainerFromCabalExe {
-    exe = inputs.self.packages.wst-poc-cli;
-    name = "wst-poc";
-    description = "WST Proof of Concept";
-    packages = [ ];
-    sourceUrl = "https://github.com/input-output-hk/wsc-poc";
+  #$ ./result/bin/copy-to oci-archive:oci.tar
+  #
+  wst = inputs.n2c.packages.nix2container.buildImage {
+    name = "wst";
+    config = {
+      Entrypoint = lib.singleton (lib.getExe inputs.self.packages.wst-poc-cli);
+    };
+    layers = [
+      (inputs.n2c.packages.nix2container.buildLayer {
+        copyToRoot = [staticFiles];
+      })
+    ];
   };
 
+  # NOTE: I don't think iogx.mkContainerFromCabalExe enables linking in the base image correctly. Hence the more manual construction above.
+  # TODO: Consider patching iogx if that is the case?
+
+  # Builds a docker container for the cabal executable given as input. First we
+  # build the container json itself. Note the explicit architecture.
+  #
+  # $ nix build .#containers.x86_64-linux.wstBinary
+  #
+  # wstBinary = lib.iogx.mkContainerFromCabalExe {
+  #   exe = inputs.self.packages.wst-poc-cli;
+  #   name = "wst-poc";
+  #   description = "WST Proof of Concept";
+  #   # packages = [ staticFiles staticFilesDerivation ];
+  #   sourceUrl = "https://github.com/input-output-hk/wsc-poc";
+  # };
+
 }