feat(doc): fluidattacks#940 extending makes

- Add extending makes to new doc - Split it for better readability - Other minor changes Signed-off-by: Daniel Salazar <[email protected]>
dsalaza4 · Mar 9, 2023 · b6f58e8 · b6f58e8
1 parent 4db14ae
commit b6f58e8
Show file tree

Hide file tree

Showing 27 changed files with 2,345 additions and 24 deletions.
diff --git a/docs/mkdocs.yaml b/docs/mkdocs.yaml
@@ -11,22 +11,34 @@ nav:
   - configuring-ci-cd.md
   - versioning.md
   - API:
-      - makes.nix:
-          - api/makes.nix/index.md
-          - api/makes.nix/database.md
-          - api/makes.nix/deploy.md
-          - api/makes.nix/development.md
-          - api/makes.nix/environment.md
-          - api/makes.nix/examples.md
-          - api/makes.nix/format.md
-          - api/makes.nix/framework-configuration.md
-          - api/makes.nix/lint.md
-          - api/makes.nix/monitoring.md
-          - api/makes.nix/performance.md
-          - api/makes.nix/secrets.md
-          - api/makes.nix/security.md
-          - api/makes.nix/test.md
-          - api/makes.nix/utilities.md
+      - builtins:
+          - api/builtins/index.md
+          - api/builtins/database.md
+          - api/builtins/deploy.md
+          - api/builtins/development.md
+          - api/builtins/environment.md
+          - api/builtins/examples.md
+          - api/builtins/format.md
+          - api/builtins/framework-configuration.md
+          - api/builtins/lint.md
+          - api/builtins/monitoring.md
+          - api/builtins/performance.md
+          - api/builtins/secrets.md
+          - api/builtins/security.md
+          - api/builtins/test.md
+          - api/builtins/utilities.md
+      - extensions:
+          - api/extensions/index.md
+          - api/extensions/fundamentals.md
+          - api/extensions/containers.md
+          - api/extensions/fetchers.md
+          - api/extensions/format-conversion.md
+          - api/extensions/git.md
+          - api/extensions/node.js.md
+          - api/extensions/others.md
+          - api/extensions/patchers.md
+          - api/extensions/python.md
+          - api/extensions/ruby.md
   - architecture.md
   - contributing.md
   - governance.md

diff --git a/docs/src/api/makes.nix/database.md → docs/src/api/builtins/database.md b/docs/src/api/makes.nix/database.md → docs/src/api/builtins/database.md
diff --git a/docs/src/api/makes.nix/deploy.md → docs/src/api/builtins/deploy.md b/docs/src/api/makes.nix/deploy.md → docs/src/api/builtins/deploy.md
@@ -393,5 +393,5 @@ Example invocation: `$ m . /deployNomad/default/job1`
 
 Example invocation: `$ m . /deployNomad/staging/job2`
 
-- [makes_environment]: ./environment.md
-- [makes_secrets]: ./secrets.md
+[makes_environment]: ./environment.md
+[makes_secrets]: ./secrets.md
diff --git a/docs/src/api/makes.nix/development.md → docs/src/api/builtins/development.md b/docs/src/api/makes.nix/development.md → docs/src/api/builtins/development.md
diff --git a/docs/src/api/makes.nix/environment.md → docs/src/api/builtins/environment.md b/docs/src/api/makes.nix/environment.md → docs/src/api/builtins/environment.md
@@ -94,4 +94,4 @@ Example invocation: `$ m . /envVarsForTerraform/example`
 
 Example invocation: `$ m . /envVarsForTerraform/otherExample`
 
-- [makes_secrets]: ./secrets.md
+[makes_secrets]: ./secrets.md
diff --git a/docs/src/api/makes.nix/examples.md → docs/src/api/builtins/examples.md b/docs/src/api/makes.nix/examples.md → docs/src/api/builtins/examples.md
diff --git a/docs/src/api/makes.nix/format.md → docs/src/api/builtins/format.md b/docs/src/api/makes.nix/format.md → docs/src/api/builtins/format.md
diff --git a/.../api/makes.nix/framework-configuration.md → ...c/api/builtins/framework-configuration.md b/.../api/makes.nix/framework-configuration.md → ...c/api/builtins/framework-configuration.md
diff --git a/docs/src/api/makes.nix/index.md → docs/src/api/builtins/index.md b/docs/src/api/makes.nix/index.md → docs/src/api/builtins/index.md
@@ -40,6 +40,6 @@ In the next sections
 we document all configuration options
 you can tweak in a `makes.nix`.
 
-- [makes_environment]: #environment
-- [makes_secrets]: #secrets
-- [sops]: https://github.com/mozilla/sops
+[makes_environment]: #environment
+[makes_secrets]: #secrets
+[sops]: https://github.com/mozilla/sops
diff --git a/docs/src/api/makes.nix/lint.md → docs/src/api/builtins/lint.md b/docs/src/api/makes.nix/lint.md → docs/src/api/builtins/lint.md
diff --git a/docs/src/api/makes.nix/monitoring.md → docs/src/api/builtins/monitoring.md b/docs/src/api/makes.nix/monitoring.md → docs/src/api/builtins/monitoring.md
diff --git a/docs/src/api/makes.nix/performance.md → docs/src/api/builtins/performance.md b/docs/src/api/makes.nix/performance.md → docs/src/api/builtins/performance.md
diff --git a/docs/src/api/makes.nix/secrets.md → docs/src/api/builtins/secrets.md b/docs/src/api/makes.nix/secrets.md → docs/src/api/builtins/secrets.md
@@ -86,7 +86,7 @@ Example `makes.nix`:
 ## secretsForAwsFromGitlab
 
 Aquire an AWS session
-using [Gitlab CI OIDC](https://docs.gitlab.com/ee/ci/cloud_services/aws/index.html).
+using [GitLab CI OIDC](https://docs.gitlab.com/ee/ci/cloud_services/aws/index.html).
 
 Types:
 

diff --git a/docs/src/api/makes.nix/security.md → docs/src/api/builtins/security.md b/docs/src/api/makes.nix/security.md → docs/src/api/builtins/security.md
diff --git a/docs/src/api/makes.nix/test.md → docs/src/api/builtins/test.md b/docs/src/api/makes.nix/test.md → docs/src/api/builtins/test.md
diff --git a/docs/src/api/makes.nix/utilities.md → docs/src/api/builtins/utilities.md b/docs/src/api/makes.nix/utilities.md → docs/src/api/builtins/utilities.md
@@ -64,7 +64,7 @@ m github:fluidattacks/[email protected] /utils/makeRubyLock \
 
 - Supported `ruby_version`s are: `2.7`, `3.0` and `3.1`.
 - `dependencies_yaml` is the **absolute path** to a YAML file
-  mapping [RubyGems](https://rubygems.org/gems/slim) gems to version constraints.
+  mapping [RubyGems](https://rubygems.org/) gems to version constraints.
 
 Example:
 

diff --git a/docs/src/api/extensions/containers.md b/docs/src/api/extensions/containers.md
@@ -0,0 +1,119 @@
+## makeContainerImage
+
+Build a container image
+in [OCI Format](https://github.com/opencontainers/image-spec).
+
+A container image is composed of:
+
+- 0 or more layers (binary blobs).
+  - Each layer contains a snapshot of the root file system (`/`),
+    they represent portions of it.
+  - When the container is executed
+    all layers are squashed together
+    to compose the root
+    of the file system (`/`).
+- A JSON manifest (metadata)
+  that describes important aspects of the container,
+  for instance its layers, environment variables, entrypoint, etc.
+
+Resources:
+
+- https://grahamc.com/blog/nix-and-layered-docker-images
+
+Types:
+
+- makeContainerImage (`function { ... } -> package`):
+  - layers (`listOf package`): Optional.
+    Layers of the container.
+    Defaults to `[ ]`.
+  - maxLayers (`ints.positive`): Optional.
+    Maximum number of layers the container can have.
+    Defaults to `65`.
+  - config (`attrsOf anything`): Optional.
+    Configuration manifest as described in
+    [OCI Runtime Configuration Manifest](https://github.com/moby/moby/blob/master/image/spec/v1.2.)
+    Defaults to `{ }`.
+
+Example:
+
+```nix
+# /path/to/my/project/makes/example/main.nix
+{ inputs
+, makeContainerImage
+, makeDerivation
+, ...
+}:
+makeContainerImage {
+  config = {
+    Env = [
+      # Do not use this for sensitive values, it's not safe.
+      "EXAMPLE_ENV_VAR=example-value"
+    ];
+    WorkingDir = "/working-dir";
+  };
+  layers = [
+    inputs.nixpkgs.coreutils # ls, cat, etc
+    (makeDerivation {
+      name = "custom-layer";
+      builder = ''
+        # $out represents the final container root file system: /
+        #
+        # The following commands are equivalent in Docker to:
+        #   RUN mkdir /working-dir
+        #   RUN echo my-file-contents > /working-dir/my-file
+        #
+        mkdir -p $out/working-dir
+        echo my-file-contents > $out/working-dir/my-file
+      '';
+    })
+  ];
+}
+```
+
+```bash
+$ m . /example
+
+    Creating layer 1 from paths: ['/nix/store/zqaqyidzsqc7z03g4ajgizy2lz1m19xz-libunistring-0.9.10']
+    Creating layer 2 from paths: ['/nix/store/xjjdyb66g3cxd5880zspazsp5f16lbxz-libidn2-2.3.1']
+    Creating layer 3 from paths: ['/nix/store/wvgyhnd3rn6dhxzbr5r71gx2q9mhgshj-glibc-2.32-48']
+    Creating layer 4 from paths: ['/nix/store/ip0pxdd49l1v3cmxsvw8ziwmqhyzg5pf-attr-2.4.48']
+    Creating layer 5 from paths: ['/nix/store/26vpasbj38nhj462kqclwp2i6s3hhdba-acl-2.3.1']
+    Creating layer 6 from paths: ['/nix/store/937f5738d2frws07ixcpg5ip176pfss1-coreutils-8.32']
+    Creating layer 7 from paths: ['/nix/store/fc24830z8lqa657grb3snvjjv9vxs7ql-custom-layer']
+    Creating layer 8 with customisation...
+    Adding manifests...
+    Done.
+
+    /nix/store/dvif4xy1l0qsjblxvzzcr6map1hg22w5-container-image.tar.gz
+
+$ docker load < /nix/store/dvif4xy1l0qsjblxvzzcr6map1hg22w5-container-image.tar.gz
+
+    b5507f5bda26: Loading layer  133.1kB/133.1kB
+    da2b3a66ea19: Loading layer  1.894MB/1.894MB
+    eb4c566a2922: Loading layer  10.24kB/10.24kB
+    19b7be559bbc: Loading layer  61.44kB/61.44kB
+    Loaded image: container-image:latest
+
+$ docker run container-image:latest pwd
+
+    /working-dir
+
+$ docker run container-image:latest ls .
+
+    my-file
+
+$ docker run container-image:latest cat my-file
+
+    my-file-contents
+
+$ docker run container-image:latest ls /
+
+    bin
+    dev
+    etc
+    libexec
+    nix
+    proc
+    sys
+    working-dir
+```
Original file line number	Diff line number	Diff line change
Expand Up		@@ -94,4 +94,4 @@ Example invocation: `$ m . /envVarsForTerraform/example`

		Example invocation: `$ m . /envVarsForTerraform/otherExample`

		- [makes_secrets]: ./secrets.md
		[makes_secrets]: ./secrets.md