diff options
Diffstat (limited to 'pkgs/applications/networking/cluster/k3s')
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_24/default.nix | 3 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_25/default.nix | 3 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix | 8 | ||||
-rwxr-xr-x | pkgs/applications/networking/cluster/k3s/1_26/update.sh | 123 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_26/versions.nix | 14 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_27/chart-versions.nix | 8 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/1_27/versions.nix | 20 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/builder.nix | 79 | ||||
-rw-r--r-- | pkgs/applications/networking/cluster/k3s/default.nix | 26 | ||||
-rwxr-xr-x | pkgs/applications/networking/cluster/k3s/update-script.sh (renamed from pkgs/applications/networking/cluster/k3s/1_27/update.sh) | 34 |
10 files changed, 114 insertions, 204 deletions
diff --git a/pkgs/applications/networking/cluster/k3s/1_24/default.nix b/pkgs/applications/networking/cluster/k3s/1_24/default.nix index 8ead6e5fc82a..6f7644dd543b 100644 --- a/pkgs/applications/networking/cluster/k3s/1_24/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_24/default.nix @@ -313,6 +313,9 @@ buildGoModule rec { wrapProgram $out/bin/k3s \ --prefix PATH : ${lib.makeBinPath k3sRuntimeDeps} \ --prefix PATH : "$out/bin" + ln -s $out/bin/k3s $out/bin/kubectl + ln -s $out/bin/k3s $out/bin/crictl + ln -s $out/bin/k3s $out/bin/ctr ''; doInstallCheck = true; diff --git a/pkgs/applications/networking/cluster/k3s/1_25/default.nix b/pkgs/applications/networking/cluster/k3s/1_25/default.nix index 25234f1d4423..47c3b5886c59 100644 --- a/pkgs/applications/networking/cluster/k3s/1_25/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_25/default.nix @@ -317,6 +317,9 @@ buildGoModule rec { wrapProgram $out/bin/k3s \ --prefix PATH : ${lib.makeBinPath k3sRuntimeDeps} \ --prefix PATH : "$out/bin" + ln -s $out/bin/k3s $out/bin/kubectl + ln -s $out/bin/k3s $out/bin/crictl + ln -s $out/bin/k3s $out/bin/ctr ''; doInstallCheck = true; diff --git a/pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix b/pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix index 8c40604d0f1c..d3ff99358af2 100644 --- a/pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix @@ -1,10 +1,10 @@ { traefik-crd = { - url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-20.3.1+up20.3.0.tgz"; - sha256 = "1775vjldvqvhzdbzanxhbaqbmkih09yb91im651q8bc7z5sb9ckn"; + url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-21.2.1+up21.2.0.tgz"; + sha256 = "05j3vyikb7g2z2i07rij9h4ki5lb2hb2rynpiqfd4l1y5qm0qhw9"; }; traefik = { - url = "https://k3s.io/k3s-charts/assets/traefik/traefik-20.3.1+up20.3.0.tgz"; - sha256 = "1rj0f0n0vgjcbzfwzhqmsd501i2f6vw145w9plbp8gwdyzmg2nc6"; + url = "https://k3s.io/k3s-charts/assets/traefik/traefik-21.2.1+up21.2.0.tgz"; + sha256 = "0gvz0yzph2893scd0q10b938yc7f36b3zqs57pkjgqqpl1d0nwhg"; }; } diff --git a/pkgs/applications/networking/cluster/k3s/1_26/update.sh b/pkgs/applications/networking/cluster/k3s/1_26/update.sh deleted file mode 100755 index 651d54adc1d5..000000000000 --- a/pkgs/applications/networking/cluster/k3s/1_26/update.sh +++ /dev/null @@ -1,123 +0,0 @@ -#!/usr/bin/env nix-shell -#!nix-shell -i bash -p curl gnugrep gnused jq yq-go nix-prefetch - -set -x -eu -o pipefail - -WORKDIR=$(mktemp -d) -trap "rm -rf ${WORKDIR}" EXIT - -NIXPKGS_ROOT="$(git rev-parse --show-toplevel)"/ -NIXPKGS_K3S_PATH=$(cd $(dirname ${BASH_SOURCE[0]}); pwd -P)/ -cd ${NIXPKGS_K3S_PATH} - -LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json -curl --silent -f ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} \ - https://api.github.com/repos/k3s-io/k3s/releases > ${LATEST_TAG_RAWFILE} - -LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | \ - grep -v -e rc -e engine | tail -n +2 | head -n -1 | sed 's|[", ]||g' | sort -rV | head -n1) - -K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//') - -K3S_COMMIT=$(curl --silent -f ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} \ - https://api.github.com/repos/k3s-io/k3s/tags \ - | jq -r "map(select(.name == \"${LATEST_TAG_NAME}\")) | .[0] | .commit.sha") - -K3S_REPO_SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/k3s-io/k3s/archive/refs/tags/${LATEST_TAG_NAME}.tar.gz) - -FILE_SCRIPTS_DOWNLOAD=${WORKDIR}/scripts-download -curl --silent -f https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/download > $FILE_SCRIPTS_DOWNLOAD - -FILE_SCRIPTS_VERSION=${WORKDIR}/scripts-version.sh -curl --silent -f https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/version.sh > $FILE_SCRIPTS_VERSION - -FILE_TRAEFIK_MANIFEST=${WORKDIR}/traefik.yml -curl --silent -f -o "$FILE_TRAEFIK_MANIFEST" https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/manifests/traefik.yaml - -CHART_FILES=( $(yq eval --no-doc .spec.chart "$FILE_TRAEFIK_MANIFEST" | xargs -n1 basename) ) -# These files are: -# 1. traefik-crd-20.3.1+up20.3.0.tgz -# 2. traefik-20.3.1+up20.3.0.tgz -# at the time of writing - -if [[ "${#CHART_FILES[@]}" != "2" ]]; then - echo "New manifest charts added, the packaging scripts will need to be updated: ${CHART_FILES}" - exit 1 -fi - -CHARTS_URL=https://k3s.io/k3s-charts/assets -# Get metadata for both files -rm -f chart-versions.nix.update -cat > chart-versions.nix.update <<EOF -{ - traefik-crd = { - url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}"; - sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")"; - }; - traefik = { - url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}"; - sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")"; - }; -} -EOF -mv chart-versions.nix.update chart-versions.nix - -FILE_GO_MOD=${WORKDIR}/go.mod -curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/go.mod > $FILE_GO_MOD - - -K3S_ROOT_VERSION=$(grep 'VERSION_ROOT=' ${FILE_SCRIPTS_VERSION} \ - | cut -d'=' -f2 | sed -e 's/"//g' -e 's/^v//') -K3S_ROOT_SHA256=$(nix-prefetch-url --quiet --unpack \ - "https://github.com/k3s-io/k3s-root/releases/download/v${K3S_ROOT_VERSION}/k3s-root-amd64.tar") - -CNIPLUGINS_VERSION=$(grep 'VERSION_CNIPLUGINS=' ${FILE_SCRIPTS_VERSION} \ - | cut -d'=' -f2 | sed -e 's/"//g' -e 's/^v//') -CNIPLUGINS_SHA256=$(nix-prefetch-url --quiet --unpack \ - "https://github.com/rancher/plugins/archive/refs/tags/v${CNIPLUGINS_VERSION}.tar.gz") - -CONTAINERD_VERSION=$(grep 'VERSION_CONTAINERD=' ${FILE_SCRIPTS_VERSION} \ - | cut -d'=' -f2 | sed -e 's/"//g' -e 's/^v//') -CONTAINERD_SHA256=$(nix-prefetch-url --quiet --unpack \ - "https://github.com/k3s-io/containerd/archive/refs/tags/v${CONTAINERD_VERSION}.tar.gz") - -CRI_CTL_VERSION=$(grep github.com/kubernetes-sigs/cri-tools ${FILE_GO_MOD} \ - | head -n1 | awk '{print $4}' | sed -e 's/"//g' -e 's/^v//') - -setKV () { - sed -i "s|$1 = \".*\"|$1 = \"${2:-}\"|" ${NIXPKGS_K3S_PATH}default.nix -} - -setKV k3sVersion ${K3S_VERSION} -setKV k3sCommit ${K3S_COMMIT} -setKV k3sRepoSha256 ${K3S_REPO_SHA256} - -setKV k3sRootVersion ${K3S_ROOT_VERSION} -setKV k3sRootSha256 ${K3S_ROOT_SHA256} - -setKV k3sCNIVersion ${CNIPLUGINS_VERSION} -setKV k3sCNISha256 ${CNIPLUGINS_SHA256} - -setKV containerdVersion ${CONTAINERD_VERSION} -setKV containerdSha256 ${CONTAINERD_SHA256} - -setKV criCtlVersion ${CRI_CTL_VERSION} - -set +e -K3S_VENDOR_SHA256=$(nix-prefetch -I nixpkgs=${NIXPKGS_ROOT} "{ sha256 }: (import ${NIXPKGS_ROOT}. {}).k3s.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })") -set -e - -if [ -n "${K3S_VENDOR_SHA256:-}" ]; then - setKV k3sVendorSha256 ${K3S_VENDOR_SHA256} -else - echo "Update failed. K3S_VENDOR_SHA256 is empty." - exit 1 -fi - -# `git` flag here is to be used by local maintainers to speed up the bump process -if [ $# -eq 1 ] && [ "$1" = "git" ]; then - OLD_VERSION="$(nix-instantiate --eval -E "with import $NIXPKGS_ROOT. {}; k3s.version or (builtins.parseDrvName k3s.name).version" | tr -d '"')" - git switch -c "package-k3s-${K3S_VERSION}" - git add "$NIXPKGS_K3S_PATH"/default.nix - git commit -m "k3s: ${OLD_VERSION} -> ${K3S_VERSION}" -fi diff --git a/pkgs/applications/networking/cluster/k3s/1_26/versions.nix b/pkgs/applications/networking/cluster/k3s/1_26/versions.nix new file mode 100644 index 000000000000..330afe6b092f --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/1_26/versions.nix @@ -0,0 +1,14 @@ +{ + k3sVersion = "1.26.5+k3s1"; + k3sCommit = "7cefebeaac7dbdd0bfec131ea7a43a45cb125354"; + k3sRepoSha256 = "0iz8w24lhb3mgwnks79ky4nypdqbjn91zm4nrj1ar3abkb5i8bg3"; + k3sVendorSha256 = "sha256-yPzpt9OZfW7qY9gFgrRVgmk2l9OSMMF85OY79MDCKTs="; + chartVersions = import ./chart-versions.nix; + k3sRootVersion = "0.12.2"; + k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k"; + k3sCNIVersion = "1.2.0-k3s1"; + k3sCNISha256 = "0hzcap4vbl94zsiqc66dlwjgql50gw5g6f0adag0p8yqwcy6vaw2"; + containerdVersion = "1.7.1-k3s1"; + containerdSha256 = "00k7nkclfxwbzcgnn8s7rkrxyn0zpk57nyy18icf23wsj352gfrn"; + criCtlVersion = "1.26.0-rc.0-k3s1"; +} diff --git a/pkgs/applications/networking/cluster/k3s/1_27/chart-versions.nix b/pkgs/applications/networking/cluster/k3s/1_27/chart-versions.nix index 8c40604d0f1c..d3ff99358af2 100644 --- a/pkgs/applications/networking/cluster/k3s/1_27/chart-versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_27/chart-versions.nix @@ -1,10 +1,10 @@ { traefik-crd = { - url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-20.3.1+up20.3.0.tgz"; - sha256 = "1775vjldvqvhzdbzanxhbaqbmkih09yb91im651q8bc7z5sb9ckn"; + url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-21.2.1+up21.2.0.tgz"; + sha256 = "05j3vyikb7g2z2i07rij9h4ki5lb2hb2rynpiqfd4l1y5qm0qhw9"; }; traefik = { - url = "https://k3s.io/k3s-charts/assets/traefik/traefik-20.3.1+up20.3.0.tgz"; - sha256 = "1rj0f0n0vgjcbzfwzhqmsd501i2f6vw145w9plbp8gwdyzmg2nc6"; + url = "https://k3s.io/k3s-charts/assets/traefik/traefik-21.2.1+up21.2.0.tgz"; + sha256 = "0gvz0yzph2893scd0q10b938yc7f36b3zqs57pkjgqqpl1d0nwhg"; }; } diff --git a/pkgs/applications/networking/cluster/k3s/1_27/versions.nix b/pkgs/applications/networking/cluster/k3s/1_27/versions.nix index b06e30ba5c96..722f0f6b73f9 100644 --- a/pkgs/applications/networking/cluster/k3s/1_27/versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_27/versions.nix @@ -1,14 +1,14 @@ { - k3sVersion = "1.27.1+k3s1"; - k3sCommit = "bc5b42c27908ab430101eff0db0a0b22f870bd7a"; - k3sRepoSha256 = "1xj3blfayrsfbcsljjdaswy49hhz8yiwf1d85arnsgbn8fidswpm"; - k3sVendorSha256 = "sha256-+sM2fjS88kxMQzra2t+jU1IaKCoJpW7p3w7lCOv5mMU="; + k3sVersion = "1.27.3+k3s1"; + k3sCommit = "fe9604cac119216e67f8bd5f14eb5608e3bcd3cf"; + k3sRepoSha256 = "09j940fcyg34ip04jjiwh5sv2l802jgvkpvlbnz4g6hdi7gipd8g"; + k3sVendorSha256 = "sha256-kodrl6fEsKPkxpOCfwzEONU2zhCHwg/xdyd+ajP26jc="; chartVersions = import ./chart-versions.nix; - k3sRootVersion = "0.12.1"; - k3sRootSha256 = "0724yx3zk89m2239fmdgwzf9w672pik71xqrvgb7pdmknmmdn9f4"; - k3sCNIVersion = "1.1.1-k3s1"; - k3sCNISha256 = "14mb3zsqibj1sn338gjmsyksbm0mxv9p016dij7zidccx2rzn6nl"; - containerdVersion = "1.6.19-k3s1"; - containerdSha256 = "12dwqh77wplg30kdi73d90qni23agw2cwxjd2p5lchq86mpmmwwr"; + k3sRootVersion = "0.12.2"; + k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k"; + k3sCNIVersion = "1.2.0-k3s1"; + k3sCNISha256 = "0hzcap4vbl94zsiqc66dlwjgql50gw5g6f0adag0p8yqwcy6vaw2"; + containerdVersion = "1.7.1-k3s1"; + containerdSha256 = "00k7nkclfxwbzcgnn8s7rkrxyn0zpk57nyy18icf23wsj352gfrn"; criCtlVersion = "1.26.0-rc.0-k3s1"; } diff --git a/pkgs/applications/networking/cluster/k3s/builder.nix b/pkgs/applications/networking/cluster/k3s/builder.nix index 0d3d127e4844..9605ff9f9476 100644 --- a/pkgs/applications/networking/cluster/k3s/builder.nix +++ b/pkgs/applications/networking/cluster/k3s/builder.nix @@ -1,3 +1,28 @@ +lib: +{ + # git tag + k3sVersion, + # commit hash + k3sCommit, + k3sRepoSha256 ? lib.fakeHash, + k3sVendorSha256 ? lib.fakeHash, + # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47 + k3sRootVersion, + k3sRootSha256 ? lib.fakeHash, + # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/scripts/download#L29-L32 + # see also https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/manifests/traefik.yaml#L8 + chartVersions, + # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45 + k3sCNIVersion, + k3sCNISha256 ? lib.fakeHash, + # taken from ./scripts/version.sh VERSION_CONTAINERD + containerdVersion, + containerdSha256 ? lib.fakeHash, + # run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag + criCtlVersion, + updateScript ? null, +}: + # builder.nix contains a "builder" expression that, given k3s version and hash # variables, creates a package for that version. # Due to variance in k3s's build process, this builder only works for k3s 1.26+ @@ -32,30 +57,6 @@ , pkgsBuildBuild }: -{ - # git tag - k3sVersion, - # commit hash - k3sCommit, - k3sRepoSha256 ? lib.fakeHash, - k3sVendorSha256 ? lib.fakeHash, - # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47 - k3sRootVersion, - k3sRootSha256 ? lib.fakeHash, - # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/scripts/download#L29-L32 - # see also https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/manifests/traefik.yaml#L8 - chartVersions, - # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45 - k3sCNIVersion, - k3sCNISha256 ? lib.fakeHash, - # taken from ./scripts/version.sh VERSION_CONTAINERD - containerdVersion, - containerdSha256 ? lib.fakeHash, - # run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag - criCtlVersion, - updateScript ? null, -}: - # k3s is a kinda weird derivation. One of the main points of k3s is the # simplicity of it being one binary that can perform several tasks. # However, when you have a good package manager (like nix), that doesn't @@ -83,6 +84,10 @@ let homepage = "https://k3s.io"; maintainers = with maintainers; [ euank mic92 yajo ]; platforms = platforms.linux; + + # resolves collisions with other installations of kubectl, crictl, ctr + # prefer non-k3s versions + priority = 5; }; # https://github.com/k3s-io/k3s/blob/5fb370e53e0014dc96183b8ecb2c25a61e891e76/scripts/build#L19-L40 @@ -185,21 +190,24 @@ let subPackages = [ "cmd/server" ]; ldflags = versionldflags; - tags = [ "libsqlite3" "linux" ]; + tags = [ "ctrd" "libsqlite3" "linux" ]; # create the multicall symlinks for k3s postInstall = '' mv $out/bin/server $out/bin/k3s pushd $out # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113 + ln -s k3s ./bin/containerd + ln -s k3s ./bin/crictl + ln -s k3s ./bin/ctr ln -s k3s ./bin/k3s-agent - ln -s k3s ./bin/k3s-server + ln -s k3s ./bin/k3s-certificate + ln -s k3s ./bin/k3s-completion ln -s k3s ./bin/k3s-etcd-snapshot ln -s k3s ./bin/k3s-secrets-encrypt - ln -s k3s ./bin/k3s-certificate + ln -s k3s ./bin/k3s-server + ln -s k3s ./bin/k3s-token ln -s k3s ./bin/kubectl - ln -s k3s ./bin/crictl - ln -s k3s ./bin/ctr popd ''; @@ -207,6 +215,8 @@ let description = "The various binaries that get packaged into the final k3s binary"; }; }; + # Only used for the shim since + # https://github.com/k3s-io/k3s/blob/v1.27.2%2Bk3s1/scripts/build#L153 k3sContainerd = buildGoModule { pname = "k3s-containerd"; version = containerdVersion; @@ -218,7 +228,7 @@ let }; vendorSha256 = null; buildInputs = [ btrfs-progs ]; - subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ]; + subPackages = [ "cmd/containerd-shim-runc-v2" ]; ldflags = versionldflags; }; in @@ -226,6 +236,7 @@ buildGoModule rec { pname = "k3s"; version = k3sVersion; + tags = [ "libsqlite3" "linux" "ctrd" ]; src = k3sRepo; vendorSha256 = k3sVendorSha256; @@ -262,6 +273,7 @@ buildGoModule rec { ethtool util-linux # kubelet wants 'nsenter' from util-linux: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-705994388 conntrack-tools + runc ]; buildInputs = k3sRuntimeDeps; @@ -278,7 +290,6 @@ buildGoModule rec { k3sCNIPlugins k3sContainerd k3sServer - runc ]; # We override most of buildPhase due to peculiarities in k3s's build. @@ -292,9 +303,8 @@ buildGoModule rec { # copy needed 'go generate' inputs into place mkdir -p ./bin/aux rsync -a --no-perms ${k3sServer}/bin/ ./bin/ - ln -vsf ${runc}/bin/runc ./bin/runc ln -vsf ${k3sCNIPlugins}/bin/cni ./bin/cni - ln -vsf ${k3sContainerd}/bin/* ./bin/ + ln -vsf ${k3sContainerd}/bin/containerd-shim-runc-v2 ./bin rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/ mkdir -p ./build/static/charts @@ -319,6 +329,9 @@ buildGoModule rec { wrapProgram $out/bin/k3s \ --prefix PATH : ${lib.makeBinPath k3sRuntimeDeps} \ --prefix PATH : "$out/bin" + ln -s $out/bin/k3s $out/bin/kubectl + ln -s $out/bin/k3s $out/bin/crictl + ln -s $out/bin/k3s $out/bin/ctr ''; doInstallCheck = true; diff --git a/pkgs/applications/networking/cluster/k3s/default.nix b/pkgs/applications/networking/cluster/k3s/default.nix index d8ecd79b5cae..503a4ff0c0d1 100644 --- a/pkgs/applications/networking/cluster/k3s/default.nix +++ b/pkgs/applications/networking/cluster/k3s/default.nix @@ -1,26 +1,16 @@ { lib, stdenv, callPackage }: let - k3s_builder = import ./builder.nix; + k3s_builder = import ./builder.nix lib; + common = opts: callPackage (k3s_builder opts); in { - k3s_1_26 = (callPackage k3s_builder { }) { - k3sVersion = "1.26.4+k3s1"; - k3sCommit = "8d0255af07e95b841952563253d27b0d10bd72f0"; - k3sRepoSha256 = "0qlszdnlsvj3hzx2p0wl3zhaw908w8a62z6vlf2g69a3c75f55cs"; - k3sVendorSha256 = "sha256-JXTsZYtTspu/pWMRSS2BcegktawBJ6BK7YEKbz1J/ao="; - chartVersions = import ./1_26/chart-versions.nix; - k3sRootVersion = "0.12.1"; - k3sRootSha256 = "0724yx3zk89m2239fmdgwzf9w672pik71xqrvgb7pdmknmmdn9f4"; - k3sCNIVersion = "1.1.1-k3s1"; - k3sCNISha256 = "14mb3zsqibj1sn338gjmsyksbm0mxv9p016dij7zidccx2rzn6nl"; - containerdVersion = "1.6.19-k3s1"; - containerdSha256 = "12dwqh77wplg30kdi73d90qni23agw2cwxjd2p5lchq86mpmmwwr"; - criCtlVersion = "1.26.0-rc.0-k3s1"; - }; + k3s_1_26 = common ((import ./1_26/versions.nix) // { + updateScript = [ ./update-script.sh "26" ]; + }) { }; # 1_27 can be built with the same builder as 1_26 - k3s_1_27 = (callPackage k3s_builder { }) (import ./1_27/versions.nix) // { - updateScript = ./1_27/update-script.sh; - }; + k3s_1_27 = common ((import ./1_27/versions.nix) // { + updateScript = [ ./update-script.sh "27" ]; + }) { }; } diff --git a/pkgs/applications/networking/cluster/k3s/1_27/update.sh b/pkgs/applications/networking/cluster/k3s/update-script.sh index 427e2a33d9c9..3d10acb83c10 100755 --- a/pkgs/applications/networking/cluster/k3s/1_27/update.sh +++ b/pkgs/applications/networking/cluster/k3s/update-script.sh @@ -3,6 +3,8 @@ set -x -eu -o pipefail +MINOR_VERSION="${1:?Must provide a minor version number, like '26', as the only argument}" + WORKDIR=$(mktemp -d) trap "rm -rf ${WORKDIR}" EXIT @@ -10,12 +12,15 @@ NIXPKGS_ROOT="$(git rev-parse --show-toplevel)"/ NIXPKGS_K3S_PATH=$(cd $(dirname ${BASH_SOURCE[0]}); pwd -P)/ cd ${NIXPKGS_K3S_PATH} +cd 1_${MINOR_VERSION} + + LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json curl --silent -f ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} \ https://api.github.com/repos/k3s-io/k3s/releases > ${LATEST_TAG_RAWFILE} LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | \ - grep -v -e rc -e engine | tail -n +2 | head -n -1 | sed 's|[", ]||g' | sort -rV | head -n1) + grep -v -e rc -e engine | tail -n +2 | head -n -1 | sed 's|[", ]||g' | sort -rV | grep -E "^v1\.${MINOR_VERSION}\." | head -n1) K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//') @@ -76,8 +81,9 @@ CNIPLUGINS_VERSION=$(grep 'VERSION_CNIPLUGINS=' ${FILE_SCRIPTS_VERSION} \ CNIPLUGINS_SHA256=$(nix-prefetch-url --quiet --unpack \ "https://github.com/rancher/plugins/archive/refs/tags/v${CNIPLUGINS_VERSION}.tar.gz") -CONTAINERD_VERSION=$(grep 'VERSION_CONTAINERD=' ${FILE_SCRIPTS_VERSION} \ - | cut -d'=' -f2 | sed -e 's/"//g' -e 's/^v//') +# mimics https://github.com/k3s-io/k3s/blob/v1.26.5%2Bk3s1/scripts/version.sh#L25 +CONTAINERD_VERSION=$(grep github.com/containerd/containerd ${FILE_GO_MOD} \ + | head -n1 | awk '{print $4}' | sed -e 's/^v//') CONTAINERD_SHA256=$(nix-prefetch-url --quiet --unpack \ "https://github.com/k3s-io/containerd/archive/refs/tags/v${CONTAINERD_VERSION}.tar.gz") @@ -108,20 +114,24 @@ cat >versions.nix <<EOF EOF set +e -K3S_VENDOR_SHA256=$(nix-prefetch -I nixpkgs=${NIXPKGS_ROOT} "{ sha256 }: (import ${NIXPKGS_ROOT}. {}).k3s.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })") +K3S_VENDOR_SHA256=$(nix-prefetch -I nixpkgs=${NIXPKGS_ROOT} "{ sha256 }: (import ${NIXPKGS_ROOT}. {}).k3s_1_${MINOR_VERSION}.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })") set -e if [ -n "${K3S_VENDOR_SHA256:-}" ]; then - sed "s|${FAKE_HASH}|${K3S_VENDOR_SHA256}|g" ./versions.nix + sed -i "s|${FAKE_HASH}|${K3S_VENDOR_SHA256}|g" ./versions.nix else echo "Update failed. K3S_VENDOR_SHA256 is empty." exit 1 fi -# `git` flag here is to be used by local maintainers to speed up the bump process -if [ $# -eq 1 ] && [ "$1" = "git" ]; then - OLD_VERSION="$(nix-instantiate --eval -E "with import $NIXPKGS_ROOT. {}; k3s.version or (builtins.parseDrvName k3s.name).version" | tr -d '"')" - git switch -c "package-k3s-${K3S_VERSION}" - git add "$NIXPKGS_K3S_PATH"/default.nix - git commit -m "k3s: ${OLD_VERSION} -> ${K3S_VERSION}" -fi +# Implement commit +# See https://nixos.org/manual/nixpkgs/stable/#var-passthru-updateScript-commit +OLD_VERSION="$(nix-instantiate --eval -E "with import $NIXPKGS_ROOT. {}; k3s.version or (builtins.parseDrvName k3s.name).version" | tr -d '"')" +cat <<EOF +[{ + "attrPath": "k3s_1_${MINOR_VERSION}", + "oldVersion": "$OLD_VERSION", + "newVersion": "$K3S_VERSION", + "files": ["$PWD/versions.nix","$PWD/chart-versions.nix"] +}] +EOF |