depot/third_party/nixpkgs/pkgs/applications/virtualization/podman/default.nix

154 lines
3.5 KiB
Nix
Raw Normal View History

{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, installShellFiles
, buildGoModule
, gpgme
, lvm2
, btrfs-progs
, libapparmor
, libseccomp
, libselinux
, systemd
, go-md2man
, nixosTests
, python3
, makeWrapper
, symlinkJoin
, extraPackages ? [ ]
, runc
, crun
, conmon
, slirp4netns
, fuse-overlayfs
, util-linux
, iptables
, iproute2
, catatonit
, gvproxy
, aardvark-dns
, netavark
, testers
, podman
}:
let
# do not add qemu to this wrapper, store paths get written to the podman vm config and break when GCed
binPath = lib.makeBinPath ([
] ++ lib.optionals stdenv.isLinux [
runc
crun
conmon
slirp4netns
fuse-overlayfs
util-linux
iptables
iproute2
] ++ extraPackages);
helpersBin = symlinkJoin {
name = "podman-helper-binary-wrapper";
# this only works for some binaries, others may need to be be added to `binPath` or in the modules
paths = [
gvproxy
] ++ lib.optionals stdenv.isLinux [
aardvark-dns
catatonit # added here for the pause image and also set in `containersConf` for `init_path`
netavark
];
};
in
buildGoModule rec {
pname = "podman";
version = "4.4.2";
src = fetchFromGitHub {
owner = "containers";
repo = "podman";
rev = "v${version}";
hash = "sha256-337PFsPGm7pUgnFeNJKwT+/7AdbWSfCx4kXyAvHyWJQ=";
};
patches = [
# we intentionally don't build and install the helper so we shouldn't display messages to users about it
./rm-podman-mac-helper-msg.patch
];
vendorHash = null;
doCheck = false;
outputs = [ "out" "man" ];
nativeBuildInputs = [ pkg-config go-md2man installShellFiles makeWrapper python3 ];
buildInputs = lib.optionals stdenv.isLinux [
btrfs-progs
gpgme
libapparmor
libseccomp
libselinux
lvm2
systemd
];
HELPER_BINARIES_DIR = "${PREFIX}/libexec/podman"; # used in buildPhase & installPhase
PREFIX = "${placeholder "out"}";
buildPhase = ''
runHook preBuild
patchShebangs .
${if stdenv.isDarwin then ''
make podman-remote # podman-mac-helper uses FHS paths
'' else ''
make bin/podman bin/rootlessport bin/quadlet
''}
make docs
runHook postBuild
'';
installPhase = ''
runHook preInstall
${if stdenv.isDarwin then ''
install bin/darwin/podman -Dt $out/bin
'' else ''
make install.bin install.systemd
''}
make install.completions install.man
mkdir -p ${HELPER_BINARIES_DIR}
ln -s ${helpersBin}/bin/* ${HELPER_BINARIES_DIR}
wrapProgram $out/bin/podman \
--prefix PATH : ${lib.escapeShellArg binPath}
runHook postInstall
'';
postFixup = lib.optionalString stdenv.isLinux ''
RPATH=$(patchelf --print-rpath $out/bin/.podman-wrapped)
patchelf --set-rpath "${lib.makeLibraryPath [ systemd ]}":$RPATH $out/bin/.podman-wrapped
'';
passthru.tests = {
version = testers.testVersion {
package = podman;
command = "HOME=$TMPDIR podman --version";
};
} // lib.optionalAttrs stdenv.isLinux {
inherit (nixosTests) podman;
# related modules
inherit (nixosTests)
podman-tls-ghostunnel
;
oci-containers-podman = nixosTests.oci-containers.podman;
};
meta = with lib; {
homepage = "https://podman.io/";
description = "A program for managing pods, containers and container images";
changelog = "https://github.com/containers/podman/blob/v${version}/RELEASE_NOTES.md";
license = licenses.asl20;
maintainers = with maintainers; [ marsam ] ++ teams.podman.members;
};
}