github.com/anchore/syft@v1.38.2/syft/pkg/cataloger/nix/test-fixtures/image-nixos-jq-pkg-store/Dockerfile

github.com/anchore/syft@v1.38.2/syft/pkg/cataloger/nix/test-fixtures/image-nixos-jq-pkg-store/Dockerfile (about)

     1  FROM --platform=linux/amd64 nixos/nix:2.28.2@sha256:4215204b5f65c7b756b26a6dd47a6af77f1d906e5edf62b184c95420a7dfa08f AS builder
     2  
     3  # cross-platform builds cannot use bpf features
     4  RUN mkdir -p /etc/nix && \
     5      echo 'filter-syscalls = false' > /etc/nix/nix.conf && \
     6      echo 'experimental-features = nix-command flakes' >> /etc/nix/nix.conf
     7  
     8  # pin Nixpkgs to a specific commit (2023.11.17)
     9  RUN mkdir -p /root/nix && \
    10      echo 'import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/46688f8eb5.tar.gz") {}' > /root/nix/pinned-nixpkgs.nix
    11  
    12  # install jq using the pinned Nixpkgs
    13  RUN nix-env -f /root/nix/pinned-nixpkgs.nix -iA jq
    14  
    15  # create a directory with only the required dependencies + any derivations
    16  RUN mkdir -p /nix-minimal && \
    17      for dep in $(nix-store -q --requisites $(which jq)); do \
    18          mkdir -p /nix-minimal$(dirname $dep) && \
    19          cp -a $dep /nix-minimal$dep; \
    20      done
    21  
    22  # now add all the drv files from the store
    23  RUN for drv in $(find /nix/store -name "*.drv"); do \
    24          mkdir -p /nix-minimal$(dirname $drv) && \
    25          cp -a $drv /nix-minimal$drv; \
    26      done
    27  
    28  FROM scratch
    29  
    30  COPY --from=builder /nix-minimal/nix/store /nix/store