feat: migrate to nix2container/skopeo and prebuild docker tools (#44)

[dbarrosop]

PR Type

Enhancement

---

Description

• Add dummyContainer package for CI prebuild

• Update devShells configuration

• Include dummyContainer in CI shell for Linux

---

Changes walkthrough 📝

	Relevant files
Enhancement	flake.nix Add dummyContainer and update devShells configuration        flake.nix Added dummyContainer package using dockerTools.buildLayeredImage Updated devShells.default formatting Added dummyContainer to devShells.ci for Linux platforms +20/-4

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Container Security The dummyContainer package is created with minimal contents. Ensure this is sufficient for its intended use in CI and doesn't introduce potential security risks. dummyContainer = pkgs.dockerTools.buildLayeredImage { name = "dummy-container"; tag = "latest"; created = "now"; contents = with pkgs;[ cacert ]; }; CI Configuration The dummyContainer is only added to the CI shell for Linux platforms. Verify if this is intentional and if it might affect CI processes on other platforms. ] ++ pkgs.lib.optionals (pkgs.stdenv.hostPlatform.isLinux) [ self.packages.${system}.dummyContainer

[github-actions]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Use specific timestamp for reproducibility Consider using a specific timestamp for the 'created' field instead of "now". This ensures reproducibility and consistency across builds. You can use a fixed date or derive it from a version number or commit hash. flake.nix [42-50] dummyContainer = pkgs.dockerTools.buildLayeredImage { name = "dummy-container"; tag = "latest"; - created = "now"; + created = "1970-01-01T00:00:01Z"; contents = with pkgs;[ cacert ]; }; Suggestion importance[1-10]: 7 __ Why: Using a specific timestamp instead of "now" enhances reproducibility of builds. This change improves consistency across different environments and build times, which is important for container images.	Medium
	Avoid 'with' for better clarity The 'with' statement is generally discouraged in Nix as it can lead to naming conflicts and reduce code clarity. Consider explicitly prefixing package names with 'pkgs.' for better readability and maintainability. flake.nix [55-59] -buildInputs = with pkgs; - [ - gh - gnused - ]; +buildInputs = [ + pkgs.gh + pkgs.gnused +]; Suggestion importance[1-10]: 6 __ Why: Removing the with pkgs; statement and explicitly prefixing package names with pkgs. improves code clarity and reduces potential naming conflicts. This change enhances maintainability and readability of the Nix configuration.	Low