Building container images with nix2container

[Antoine Eiche]

Hello Guix,

Two years ago, i released nix2container [1], a Go library and binary to
build container images from Nix expressions.
However, this Go code is not tightly coupled with Nix and has been
designed to potentially work with Guix [2]!

nix2container offers the following main features:
- It uses a layering algorithm to group storepaths into layers [3]
- It avoids writing an image tarball in your Guix store (reduce IOs and storage)

Basically, to build a container image, nix2container relies on two steps:
1. The nix2container Go binary takes the reference graph [4]
   of the container image closure to generates a JSON file describing
   the image configuration and the layers.
2. This JSON file can then be consumed by a patched Skopeo version[5] to
   build or push an image [8].

In case you would like to try nix2container with Guix, in theory, you
would need to add the support of another input reference graph format
[6] and a write simple Guix derivations [7] calling the nix2container
binary.

Hoping it could be useful,
lewo.

[1] https://github.com/nlewo/nix2container
[2] 
https://github.com/nlewo/containers-image-nix/blob/e342762cf7274dd7449343f3488723898da63f00/nix/utils.go#L55
[3] https://grahamc.com/blog/nix-and-layered-docker-images/
[4] 
https://nixos.org/manual/nix/stable/language/advanced-attributes.html?highlight=exportReferencesGraph#adv-attr-exportReferencesGraph
[5] 
https://github.com/nlewo/containers-image-nix/blob/9d7f33ef0058f4df4c0912025f43c758a3289d76/default.nix#L31
[6] 
https://github.com/nlewo/containers-image-nix/blob/9d7f33ef0058f4df4c0912025f43c758a3289d76/data/closure-graph.json#L1
[7] 
https://github.com/nlewo/containers-image-nix/blob/9d7f33ef0058f4df4c0912025f43c758a3289d76/default.nix#L305
[8] 
https://github.com/nlewo/containers-image-nix/blob/9d7f33ef0058f4df4c0912025f43c758a3289d76/default.nix#L47