From 39b887bb59ffe93d06d43050d296793b27e1a51c Mon Sep 17 00:00:00 2001 From: Jairo Llopis Date: Thu, 9 Feb 2023 09:04:20 +0000 Subject: [PATCH] k3s_1_23: 1.23.6+k3s1 -> 1.23.16+k3s1 - Update to latest upstream release. - Include some changes from 0f9165d8b6edc2c079e4f388be06c58d6683d23f to fix downloads. - Add myself as maintainer. @moduon MT-1718 --- maintainers/maintainer-list.nix | 6 ++ ...d-strip-downloading-just-package-CRD.patch | 41 -------------- .../cluster/k3s/1_23/chart-versions.nix | 10 ++++ .../networking/cluster/k3s/1_23/default.nix | 56 +++++++++---------- .../networking/cluster/k3s/1_26/default.nix | 2 +- 5 files changed, 43 insertions(+), 72 deletions(-) delete mode 100644 pkgs/applications/networking/cluster/k3s/1_23/0001-script-download-strip-downloading-just-package-CRD.patch create mode 100644 pkgs/applications/networking/cluster/k3s/1_23/chart-versions.nix diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 857679feb546..25f454596fdb 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -16108,6 +16108,12 @@ githubId = 2242427; name = "Yoann Ono"; }; + yajo = { + email = "yajo.sk8@gmail.com"; + github = "yajo"; + githubId = 973709; + name = "Jairo Llopis"; + }; yana = { email = "yana@riseup.net"; github = "yanalunaterra"; diff --git a/pkgs/applications/networking/cluster/k3s/1_23/0001-script-download-strip-downloading-just-package-CRD.patch b/pkgs/applications/networking/cluster/k3s/1_23/0001-script-download-strip-downloading-just-package-CRD.patch deleted file mode 100644 index 115fd6824772..000000000000 --- a/pkgs/applications/networking/cluster/k3s/1_23/0001-script-download-strip-downloading-just-package-CRD.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 6f53bd36a40da4c71486e3b79f6e32d53d6eea5d Mon Sep 17 00:00:00 2001 -From: Euan Kemp -Date: Thu, 3 Feb 2022 23:50:40 -0800 -Subject: [PATCH 2/2] scrips/download: strip downloading, just package CRD - -The CRD packaging is a complicated set of commands, so let's reuse it. ---- - scripts/download | 10 ++-------- - 1 file changed, 2 insertions(+), 8 deletions(-) - -diff --git a/scripts/download b/scripts/download -index 5effc0562a..82361803ee 100755 ---- a/scripts/download -+++ b/scripts/download -@@ -24,12 +24,6 @@ rm -rf ${CONTAINERD_DIR} - mkdir -p ${CHARTS_DIR} - mkdir -p ${DATA_DIR} - --curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${VERSION_ROOT}/k3s-root-${ARCH}.tar | tar xf - --exclude=bin/socat -- --git clone --single-branch --branch=${VERSION_RUNC} --depth=1 https://github.com/opencontainers/runc ${RUNC_DIR} -- --git clone --single-branch --branch=${VERSION_CONTAINERD} --depth=1 https://github.com/k3s-io/containerd ${CONTAINERD_DIR} -- - setup_tmp() { - TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR}) - cleanup() { -@@ -44,8 +38,8 @@ setup_tmp() { - - download_and_package_traefik () { - echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}" -- curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE} -- code=$? -+ # nixpkgs: copy in our known traefik chart instead -+ cp $TRAEFIK_CHART_FILE ${TMP_DIR}/${TRAEFIK_FILE} - - if [ $code -ne 0 ]; then - echo "Error: Failed to download Traefik Helm chart!" --- -2.34.1 - diff --git a/pkgs/applications/networking/cluster/k3s/1_23/chart-versions.nix b/pkgs/applications/networking/cluster/k3s/1_23/chart-versions.nix new file mode 100644 index 000000000000..8c40604d0f1c --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/1_23/chart-versions.nix @@ -0,0 +1,10 @@ +{ + traefik-crd = { + url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-20.3.1+up20.3.0.tgz"; + sha256 = "1775vjldvqvhzdbzanxhbaqbmkih09yb91im651q8bc7z5sb9ckn"; + }; + traefik = { + url = "https://k3s.io/k3s-charts/assets/traefik/traefik-20.3.1+up20.3.0.tgz"; + sha256 = "1rj0f0n0vgjcbzfwzhqmsd501i2f6vw145w9plbp8gwdyzmg2nc6"; + }; +} diff --git a/pkgs/applications/networking/cluster/k3s/1_23/default.nix b/pkgs/applications/networking/cluster/k3s/1_23/default.nix index 1fbe7687a006..3865cb0a06e1 100644 --- a/pkgs/applications/networking/cluster/k3s/1_23/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_23/default.nix @@ -48,30 +48,32 @@ with lib; # Those pieces of software we entirely ignore upstream's handling of, and just # make sure they're in the path if desired. let - k3sVersion = "1.23.6+k3s1"; # k3s git tag - k3sCommit = "418c3fa858b69b12b9cefbcff0526f666a6236b9"; # k3s git commit at the above version - k3sRepoSha256 = "0fmw491dn5mpi058mr7sij51i5m4qg2grx30cnl3h2v4s0sdkx2i"; - k3sVendorSha256 = "sha256-iHg5ySMaiSWXs98YGmxPwdZr4zdBIFma12dNEuf30Hs="; + k3sVersion = "1.23.16+k3s1"; # k3s git tag + k3sCommit = "64b0feeb36c2a26976a364a110f23ebcf971f976"; # k3s git commit at the above version + k3sRepoSha256 = "sha256-H6aaYa5OYAaD5hjSi8+RNXiP1zhRZCgKXQA6eU7AWBk="; + k3sVendorSha256 = "sha256-+xygljXp27NahsHSgoigMANBQCRwGFYwGHQEwlI9YsQ="; - # taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9 - # The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know. - traefikChartVersion = "10.19.3"; - traefikChartSha256 = "04zg5li957svgscdmkzmzjkwljaljyav68rzxmhakkwgav6q9058"; + # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/download#L29-L32 + # see also https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/manifests/traefik.yaml#L8-L16 + # At the time of writing, there are two traefik charts, and that's it + charts = import ./chart-versions.nix; - # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47 - k3sRootVersion = "0.11.0"; - k3sRootSha256 = "016n56vi09xkvjph7wgzb2m86mhd5x65fs4d11pmh20hl249r620"; + # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/version.sh#L54 + k3sRootVersion = "0.12.1"; + k3sRootSha256 = "sha256-xCXbarWztnvW2xn3cGa84hie3OevVZeGEDWh+Uf3RBw="; - # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45 - k3sCNIVersion = "1.0.1-k3s1"; - k3sCNISha256 = "11ihlzzdnqf9p21y0a4ckpbxac016nm7746dcykhj26ym9zxyv92"; + # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/version.sh#L47 + k3sCNIVersion = "1.1.1-k3s1"; + k3sCNISha256 = "sha256-1Br7s+iMtfiPjM0EcNPuFdSlp9dVPjSG1UGuiPUfq5I="; # taken from go.mod, the 'github.com/containerd/containerd' line # run `grep github.com/containerd/containerd go.mod | head -n1 | awk '{print $4}'` - containerdVersion = "1.5.11-k3s2"; - containerdSha256 = "16132snvrg8r0vwm6c0lz0q6fx686s2ix53nm3aka9a83xs75vf2"; + # https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/go.mod#L9 + containerdVersion = "1.5.16-k3s2-1-22"; + containerdSha256 = "sha256-PRrp05Jgx368Ox4hTC66lbCInWuex0OtAuCY4l8geqA="; # run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag + # https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/go.mod#L19 criCtlVersion = "1.22.0-k3s1"; baseMeta = k3s.meta; @@ -94,10 +96,9 @@ let ]; # bundled into the k3s binary - traefikChart = fetchurl { - url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz"; - sha256 = traefikChartSha256; - }; + traefikChart = fetchurl charts.traefik; + traefik-crdChart = fetchurl charts.traefik-crd; + # so, k3s is a complicated thing to package # This derivation attempts to avoid including any random binaries from the # internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which @@ -181,12 +182,13 @@ let postInstall = '' mv $out/bin/server $out/bin/k3s pushd $out - # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113 + # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.16%2Bk3s1/scripts/build#L123-L131 ln -s k3s ./bin/k3s-agent ln -s k3s ./bin/k3s-server ln -s k3s ./bin/k3s-etcd-snapshot ln -s k3s ./bin/k3s-secrets-encrypt ln -s k3s ./bin/k3s-certificate + ln -s k3s ./bin/k3s-completion ln -s k3s ./bin/kubectl ln -s k3s ./bin/crictl ln -s k3s ./bin/ctr @@ -219,10 +221,6 @@ buildGoModule rec { src = k3sRepo; vendorSha256 = k3sVendorSha256; - patches = [ - ./0001-script-download-strip-downloading-just-package-CRD.patch - ]; - postPatch = '' # Nix prefers dynamically linked binaries over static binary. @@ -290,11 +288,9 @@ buildGoModule rec { ln -vsf ${k3sContainerd}/bin/* ./bin/ rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/ mkdir -p ./build/static/charts - # Note, upstream's chart has a 00 suffix. This seems to not matter though, so we're ignoring that naming detail. - export TRAEFIK_CHART_FILE=${traefikChart} - # place the traefik chart using their code since it's complicated - # We trim the actual download, see patches - ./scripts/download + + cp ${traefikChart} ./build/static/charts + cp ${traefik-crdChart} ./build/static/charts export ARCH=$GOARCH export DRONE_TAG="v${k3sVersion}" diff --git a/pkgs/applications/networking/cluster/k3s/1_26/default.nix b/pkgs/applications/networking/cluster/k3s/1_26/default.nix index 74f54d28d594..144e1116bb15 100644 --- a/pkgs/applications/networking/cluster/k3s/1_26/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_26/default.nix @@ -75,7 +75,7 @@ let description = "A lightweight Kubernetes distribution"; license = licenses.asl20; homepage = "https://k3s.io"; - maintainers = with maintainers; [ euank mic92 superherointj ]; + maintainers = with maintainers; [ euank mic92 superherointj yajo ]; platforms = platforms.linux; };