diff options
Diffstat (limited to 'pkgs/applications/networking/cluster/k3s/1_24/default.nix')
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_24/default.nix | 52 |
1 files changed, 24 insertions, 28 deletions
diff --git a/pkgs/applications/networking/cluster/k3s/1_24/default.nix b/pkgs/applications/networking/cluster/k3s/1_24/default.nix index 9ebac6b7448e..2ff642f35111 100644 --- a/pkgs/applications/networking/cluster/k3s/1_24/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_24/default.nix @@ -47,30 +47,32 @@ # Those pieces of software we entirely ignore upstream's handling of, and just # make sure they're in the path if desired. let - k3sVersion = "1.24.4+k3s1"; # k3s git tag - k3sCommit = "c3f830e9b9ed8a4d9d0e2aa663b4591b923a296e"; # k3s git commit at the above version - k3sRepoSha256 = "00ns6n7jxnacah8ahndhgdb160prgsqhswbb5809kkgvig7k8b27"; - k3sVendorSha256 = "sha256-ReZvJCgxqffG2H39JlynGPUBSV5ngPkRtAoZ++OQZZI="; + k3sVersion = "1.24.10+k3s1"; # k3s git tag + k3sCommit = "546a94e9ae1c3be6f9c0dcde32a6e6672b035bc8"; # k3s git commit at the above version + k3sRepoSha256 = "sha256-HfkGb3GtR2wQkVIze26aFh6A6W0fegr8ovpSel7oujQ="; + k3sVendorSha256 = "sha256-YAerisDr/knlKPaO2fVMZA4FUpwshFmkpi3mJAmLqKM="; - # taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9 - # The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know. - traefikChartVersion = "10.19.3"; - traefikChartSha256 = "04zg5li957svgscdmkzmzjkwljaljyav68rzxmhakkwgav6q9058"; + # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/scripts/download#L29-L32 + # see also https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/manifests/traefik.yaml#L8-L16 + # At the time of writing, there are two traefik charts, and that's it + charts = import ./chart-versions.nix; - # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47 - k3sRootVersion = "0.11.0"; - k3sRootSha256 = "016n56vi09xkvjph7wgzb2m86mhd5x65fs4d11pmh20hl249r620"; + # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/scripts/version.sh#L56 + k3sRootVersion = "0.12.1"; + k3sRootSha256 = "sha256-xCXbarWztnvW2xn3cGa84hie3OevVZeGEDWh+Uf3RBw="; - # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45 + # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/scripts/version.sh#L49 k3sCNIVersion = "1.1.1-k3s1"; k3sCNISha256 = "14mb3zsqibj1sn338gjmsyksbm0mxv9p016dij7zidccx2rzn6nl"; # taken from go.mod, the 'github.com/containerd/containerd' line # run `grep github.com/containerd/containerd go.mod | head -n1 | awk '{print $4}'` - containerdVersion = "1.5.13-k3s1"; - containerdSha256 = "09bj4ghwbsj9whkv1d5icqs52k64m449j8b73dmak2wz62fbzbvp"; + # https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/go.mod#L10 + containerdVersion = "1.5.16-k3s1"; + containerdSha256 = "sha256-dxC44qE1A20Hd2j77Ir9Sla8xncttswWIuGGM/5FWi8="; # run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag + # https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/go.mod#L18 criCtlVersion = "1.24.0-k3s1"; baseMeta = k3s.meta; @@ -93,10 +95,9 @@ let ]; # bundled into the k3s binary - traefikChart = fetchurl { - url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz"; - sha256 = traefikChartSha256; - }; + traefikChart = fetchurl charts.traefik; + traefik-crdChart = fetchurl charts.traefik-crd; + # so, k3s is a complicated thing to package # This derivation attempts to avoid including any random binaries from the # internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which @@ -180,12 +181,13 @@ let postInstall = '' mv $out/bin/server $out/bin/k3s pushd $out - # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113 + # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/scripts/build#L123-L131 ln -s k3s ./bin/k3s-agent ln -s k3s ./bin/k3s-server ln -s k3s ./bin/k3s-etcd-snapshot ln -s k3s ./bin/k3s-secrets-encrypt ln -s k3s ./bin/k3s-certificate + ln -s k3s ./bin/k3s-completion ln -s k3s ./bin/kubectl ln -s k3s ./bin/crictl ln -s k3s ./bin/ctr @@ -218,10 +220,6 @@ buildGoModule rec { src = k3sRepo; vendorSha256 = k3sVendorSha256; - patches = [ - ./0001-script-download-strip-downloading-just-package-CRD.patch - ]; - postPatch = '' # Nix prefers dynamically linked binaries over static binary. @@ -290,11 +288,9 @@ buildGoModule rec { ln -vsf ${k3sContainerd}/bin/* ./bin/ rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/ mkdir -p ./build/static/charts - # Note, upstream's chart has a 00 suffix. This seems to not matter though, so we're ignoring that naming detail. - export TRAEFIK_CHART_FILE=${traefikChart} - # place the traefik chart using their code since it's complicated - # We trim the actual download, see patches - ./scripts/download + + cp ${traefikChart} ./build/static/charts + cp ${traefik-crdChart} ./build/static/charts export ARCH=$GOARCH export DRONE_TAG="v${k3sVersion}" |