From 116832edbf8da93dedaca69384083e57b7c9f9a0 Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Fri, 3 Dec 2021 12:23:23 +0000
Subject: [PATCH 1/2] dockerTools: Add example of using NixOS' etc

(cherry picked from commit 9b2af8673be82d48ce76c8c152de85ad921d26ba)
---
 nixos/tests/docker-tools.nix           |  5 ++++
 pkgs/build-support/docker/examples.nix | 41 ++++++++++++++++++++++++++
 2 files changed, 46 insertions(+)

diff --git a/nixos/tests/docker-tools.nix b/nixos/tests/docker-tools.nix
index 80859ac7a96e..99a968f17af2 100644
--- a/nixos/tests/docker-tools.nix
+++ b/nixos/tests/docker-tools.nix
@@ -419,5 +419,10 @@ import ./make-test-python.nix ({ pkgs, ... }: {
             "docker rmi layered-image-with-path",
         )
 
+    with subtest("etc"):
+        docker.succeed("${examples.etc} | docker load")
+        docker.succeed("docker run --rm etc | grep localhost")
+        docker.succeed("docker image rm etc:latest")
+
   '';
 })
diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix
index 9b9a21a1469c..a1be3a111fb3 100644
--- a/pkgs/build-support/docker/examples.nix
+++ b/pkgs/build-support/docker/examples.nix
@@ -9,6 +9,16 @@
 
 { pkgs, buildImage, buildLayeredImage, fakeNss, pullImage, shadowSetup, buildImageWithNixDb, pkgsCross }:
 
+let
+  nixosLib = import ../../../nixos/lib {
+    # Experimental features need testing too, but there's no point in warning
+    # about it, so we enable the feature flag.
+    featureFlags.minimalModules = {};
+  };
+  evalMinimalConfig = module: nixosLib.evalModules { modules = [ module ]; };
+
+in
+
 rec {
   # 1. basic example
   bash = buildImage {
@@ -582,6 +592,37 @@ rec {
     includeStorePaths = false;
   };
 
+  etc =
+    let
+      inherit (pkgs) lib;
+      nixosCore = (evalMinimalConfig ({ config, ... }: {
+        imports = [
+          pkgs.pkgsModule
+          ../../../nixos/modules/system/etc/etc.nix
+        ];
+        environment.etc."hosts" = {
+          text = ''
+            127.0.0.1 localhost
+            ::1 localhost
+          '';
+          # For executables:
+          # mode = "0755";
+        };
+      }));
+    in pkgs.dockerTools.streamLayeredImage {
+      name = "etc";
+      tag = "latest";
+      enableFakechroot = true;
+      fakeRootCommands = ''
+        mkdir -p /etc
+        ${nixosCore.config.system.build.etcActivationCommands}
+      '';
+      config.Cmd = pkgs.writeScript "etc-cmd" ''
+        #!${pkgs.busybox}/bin/sh
+        ${pkgs.busybox}/bin/cat /etc/hosts
+      '';
+    };
+
   # Example export of the bash image
   exportBash = pkgs.dockerTools.exportImage { fromImage = bash; };
 

From 44522c1d5996ac1a16a2f7672b7306d557bd5a26 Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Mon, 30 May 2022 14:32:14 +0200
Subject: [PATCH 2/2] dockerTools.examples.etc: Make it a reliable test

/etc/hosts is generally also provided by the container runtime.
---
 pkgs/build-support/docker/examples.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/build-support/docker/examples.nix b/pkgs/build-support/docker/examples.nix
index a1be3a111fb3..f0535f59dfcc 100644
--- a/pkgs/build-support/docker/examples.nix
+++ b/pkgs/build-support/docker/examples.nix
@@ -600,7 +600,7 @@ rec {
           pkgs.pkgsModule
           ../../../nixos/modules/system/etc/etc.nix
         ];
-        environment.etc."hosts" = {
+        environment.etc."some-config-file" = {
           text = ''
             127.0.0.1 localhost
             ::1 localhost
@@ -619,7 +619,7 @@ rec {
       '';
       config.Cmd = pkgs.writeScript "etc-cmd" ''
         #!${pkgs.busybox}/bin/sh
-        ${pkgs.busybox}/bin/cat /etc/hosts
+        ${pkgs.busybox}/bin/cat /etc/some-config-file
       '';
     };