refactor(server): Use wrapper script to avoid path dependency

Instead of requiring the server component to be made aware of the
location of the Nix builder via environment variables, this commit
introduces a wrapper script for the builder that can simply exist on
the builders $PATH.

This is one step towards a slightly nicer out-of-the-box experience
when using `nix-build -A nixery-bin`.

tools/nixery/build-image/build-image.nix

@@ -287,6 +287,6 @@ let
     pkgs = map (err: err.pkg) allContents.errors;
   };
 in writeText "manifest-output.json" (if (length allContents.errors) == 0
-  then toJSON (trace manifestOutput manifestOutput)
+  then toJSON manifestOutput
-  else toJSON (trace errorOutput errorOutput)
+  else toJSON errorOutput
 )

tools/nixery/build-image/default.nix

@@ -0,0 +1,40 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This file builds the tool used to calculate layer distribution and
+# moves the files needed to call the Nix builds at runtime in the
+# correct locations.
+
+{ buildGoPackage, lib, nix, writeShellScriptBin }:
+
+let
+  group-layers = buildGoPackage {
+    name = "group-layers";
+    goDeps = ./go-deps.nix;
+    src = ./.;
+
+    goPackagePath = "github.com/google/nixery/group-layers";
+
+    meta = {
+      description = "Tool to group a set of packages into container image layers";
+      license = lib.licenses.asl20;
+      maintainers = [ lib.maintainers.tazjin ];
+    };
+  };
+
+  # Wrapper script which is called by the Nixery server to trigger an
+  # actual image build.
+in writeShellScriptBin "nixery-build-image" ''
+  exec ${nix}/bin/nix-build --show-trace --no-out-link "$@" ${./build-image.nix}
+''

tools/nixery/build-image/go-deps.nix

@@ -0,0 +1,12 @@
+# This file was generated by https://github.com/kamilchm/go2nix v1.3.0
+[
+  {
+    goPackagePath = "gonum.org/v1/gonum";
+    fetch = {
+      type = "git";
+      url = "https://github.com/gonum/gonum";
+      rev = "ced62fe5104b907b6c16cb7e575c17b2e62ceddd";
+      sha256 = "1b7q6haabnp53igpmvr6a2414yralhbrldixx4kbxxg1apy8jdjg";
+    };
+  }
+]

tools/nixery/default.nix

@@ -25,6 +25,8 @@ rec {
   # data dependencies.
   nixery-server = callPackage ./server {};
 
+  # Implementation of the image building & layering logic
+  nixery-build-image = callPackage ./build-image {};
 
   # Use mdBook to build a static asset page which Nixery can then
   # serve. This is primarily used for the public instance at
@@ -37,7 +39,6 @@ rec {
   # In most cases, this will be the derivation a user wants if they
   # are installing Nixery directly.
   nixery-bin = writeShellScriptBin "nixery" ''
-    export NIX_BUILDER="${nixery-builder}"
     export WEB_DIR="${nixery-book}"
     exec ${nixery-server}/bin/nixery
   '';
@@ -84,6 +85,7 @@ rec {
       gnutar
       gzip
       nix
+      nixery-build-image
       nixery-launch-script
       openssh
     ];

tools/nixery/server/default.nix

@@ -1,3 +1,17 @@
+# Copyright 2019 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 { buildGoPackage, lib }:
 
 buildGoPackage {

tools/nixery/server/main.go

@@ -123,7 +123,6 @@ func signingOptsFromEnv() *storage.SignedURLOptions {
 type config struct {
 	bucket  string                    // GCS bucket to cache & serve layers
 	signing *storage.SignedURLOptions // Signing options to use for GCS URLs
-	builder string                    // Nix derivation for building images
 	port    string                    // Port on which to launch HTTP server
 	pkgs    *pkgSource                // Source for Nix package set
 }
@@ -208,16 +207,14 @@ func buildImage(ctx *context.Context, cfg *config, image *image, bucket *storage
 	}
 
 	args := []string{
-		"--no-out-link",
-		"--show-trace",
 		"--argstr", "name", image.name,
-		"--argstr", "packages", string(packages), cfg.builder,
+		"--argstr", "packages", string(packages),
 	}
 
 	if cfg.pkgs != nil {
 		args = append(args, "--argstr", "pkgSource", cfg.pkgs.renderSource(image.tag))
 	}
-	cmd := exec.Command("nix-build", args...)
+	cmd := exec.Command("nixery-build-image", args...)
 
 	outpipe, err := cmd.StdoutPipe()
 	if err != nil {
@@ -466,7 +463,6 @@ func getConfig(key, desc string) string {
 func main() {
 	cfg := &config{
 		bucket:  getConfig("BUCKET", "GCS bucket for layer storage"),
-		builder: getConfig("NIX_BUILDER", "Nix image builder code"),
 		port:    getConfig("PORT", "HTTP port"),
 		pkgs:    pkgSourceFromEnv(),
 		signing: signingOptsFromEnv(),