commit bc7840e5e10c72086cb059dd83582a41145e4385 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #138817 from superherointj/package-k3s-updateScript

authored by Sandro and committed by GitHub 4 years ago bc7840e5 e824324f

+74 -4

2 changed files

expand all

unified split

pkgs

applications

networking

cluster

k3s

default.nix

update.sh

+12 -4

pkgs/applications/networking/cluster/k3s/default.nix

··· 45 45 let 46 46 k3sVersion = "1.21.4+k3s1"; # k3s git tag 47 47 k3sCommit = "3e250fdbab72d88f7e6aae57446023a0567ffc97"; # k3s git commit at the above version 48 + k3sRepoSha256 = "1w7drvk0bmlmqrxh1y6dxjy7dk6bdrl72pkd25lc1ir6wbzb05h9"; 48 49 49 50 traefikChartVersion = "9.18.2"; # taken from ./scripts/download at TRAEFIK_VERSION 51 + traefikChartSha256 = "sha256-9d7p0ngyMN27u4OPgz7yI14Zj9y36t9o/HMX5wyDpUI="; 52 + 50 53 k3sRootVersion = "0.9.1"; # taken from ./scripts/download at ROOT_VERSION 54 + k3sRootSha256 = "sha256-qI84KYJKY/T6pqWZW9lOTq5NzZiu//v1zrMzUCiRTGQ="; 55 + 51 56 k3sCNIVersion = "0.8.6-k3s1"; # taken from ./scripts/version.sh at VERSION_CNIPLUGINS 57 + k3sCNISha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4="; 52 58 53 59 baseMeta = { 54 60 description = "A lightweight Kubernetes distribution"; ··· 61 67 # bundled into the k3s binary 62 68 traefikChart = fetchurl { 63 69 url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz"; 64 - sha256 = "sha256-9d7p0ngyMN27u4OPgz7yI14Zj9y36t9o/HMX5wyDpUI="; 70 + sha256 = traefikChartSha256; 65 71 }; 66 72 # so, k3s is a complicated thing to package 67 73 # This derivation attempts to avoid including any random binaries from the ··· 75 81 k3sRoot = fetchzip { 76 82 # Note: marked as apache 2.0 license 77 83 url = "https://github.com/k3s-io/k3s-root/releases/download/v${k3sRootVersion}/k3s-root-amd64.tar"; 78 - sha256 = "sha256-qI84KYJKY/T6pqWZW9lOTq5NzZiu//v1zrMzUCiRTGQ="; 84 + sha256 = k3sRootSha256; 79 85 stripRoot = false; 80 86 }; 81 87 k3sPlugins = buildGoPackage rec { ··· 89 95 owner = "rancher"; 90 96 repo = "plugins"; 91 97 rev = "v${version}"; 92 - sha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4="; 98 + sha256 = k3sCNISha256; 93 99 }; 94 100 95 101 meta = baseMeta // { ··· 101 107 k3sRepo = fetchgit { 102 108 url = "https://github.com/k3s-io/k3s"; 103 109 rev = "v${k3sVersion}"; 104 - sha256 = "1w7drvk0bmlmqrxh1y6dxjy7dk6bdrl72pkd25lc1ir6wbzb05h9"; 110 + sha256 = k3sRepoSha256; 105 111 }; 106 112 # Stage 1 of the k3s build: 107 113 # Let's talk about how k3s is structured. ··· 279 285 installCheckPhase = '' 280 286 $out/bin/k3s --version | grep v${k3sVersion} > /dev/null 281 287 ''; 288 + 289 + passthru.updateScript = ./update.sh; 282 290 283 291 meta = baseMeta; 284 292 }

+62

pkgs/applications/networking/cluster/k3s/update.sh

··· 1 + #!/usr/bin/env nix-shell 2 + #!nix-shell -i bash -p curl gnugrep gnused jq 3 + 4 + set -eu -o pipefail 5 + 6 + WORKDIR=$(mktemp -d) 7 + trap "rm -rf ${WORKDIR}" EXIT 8 + 9 + cd $(dirname "${BASH_SOURCE[0]}") 10 + 11 + LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json 12 + curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \ 13 + https://api.github.com/repos/k3s-io/k3s/releases/latest > ${LATEST_TAG_RAWFILE} 14 + 15 + LATEST_TAG_NAME=$(jq -r '.tag_name' ${LATEST_TAG_RAWFILE}) 16 + 17 + K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//') 18 + 19 + LATEST_TAG_TARBALL_URL=$(jq -r '.tarball_url' ${LATEST_TAG_RAWFILE}) 20 + 21 + K3S_COMMIT=$(curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \ 22 + https://api.github.com/repos/k3s-io/k3s/tags \ 23 + | jq -r "map(select(.name == \"${LATEST_TAG_NAME}\")) | .[0] | .commit.sha") 24 + 25 + K3S_REPO_SHA256=$(nix-prefetch-url --quiet --unpack ${LATEST_TAG_TARBALL_URL}) 26 + 27 + FILE_SCRIPTS_DOWNLOAD=${WORKDIR}/scripts-download 28 + curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/download > $FILE_SCRIPTS_DOWNLOAD 29 + 30 + FILE_SCRIPTS_VERSION=${WORKDIR}/scripts-version.sh 31 + curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/version.sh > $FILE_SCRIPTS_VERSION 32 + 33 + TRAEFIK_CHART_VERSION=$(grep TRAEFIK_VERSION= $FILE_SCRIPTS_DOWNLOAD \ 34 + | cut -d'=' -f2 | cut -d' ' -f1) 35 + TRAEFIK_CHART_SHA256=$(nix-prefetch-url --quiet "https://helm.traefik.io/traefik/traefik-${TRAEFIK_CHART_VERSION}.tgz") 36 + 37 + K3S_ROOT_VERSION=$(grep ROOT_VERSION= $FILE_SCRIPTS_DOWNLOAD \ 38 + | cut -d'=' -f2 | cut -d' ' -f1 | sed 's/^v//') 39 + K3S_ROOT_SHA256=$(nix-prefetch-url --quiet --unpack \ 40 + "https://github.com/k3s-io/k3s-root/releases/download/v${K3S_ROOT_VERSION}/k3s-root-amd64.tar") 41 + 42 + CNIPLUGINS_VERSION=$(grep VERSION_CNIPLUGINS= $FILE_SCRIPTS_VERSION \ 43 + | cut -d'=' -f2 | cut -d' ' -f1 | sed -e 's/"//g' -e 's/^v//') 44 + CNIPLUGINS_SHA256=$(nix-prefetch-url --quiet --unpack \ 45 + "https://github.com/rancher/plugins/archive/refs/tags/v${CNIPLUGINS_VERSION}.tar.gz") 46 + 47 + setKV () { 48 + sed -i "s/$1 = \".*\"/$1 = \"$2\"/" ./default.nix 49 + } 50 + 51 + setKV k3sVersion ${K3S_VERSION} 52 + setKV k3sCommit ${K3S_COMMIT} 53 + setKV k3sRepoSha256 ${K3S_REPO_SHA256} 54 + 55 + setKV traefikChartVersion ${TRAEFIK_CHART_VERSION} 56 + setKV traefikChartSha256 ${TRAEFIK_CHART_SHA256} 57 + 58 + setKV k3sRootVersion ${K3S_ROOT_VERSION} 59 + setKV k3sRootSha256 ${K3S_ROOT_SHA256} 60 + 61 + setKV k3sCNIVersion ${CNIPLUGINS_VERSION} 62 + setKV k3sCNISha256 ${CNIPLUGINS_SHA256}