diff options
author | Euan Kemp <euank@euank.com> | 2023-06-21 23:39:05 +0900 |
---|---|---|
committer | Euan Kemp <euank@euank.com> | 2023-07-05 21:22:30 +0900 |
commit | dce6feaf7711d623053633ec6e95d3deebae6cff (patch) | |
tree | 9b89baafbb4ab8d9874d883ca6063d17d9577af7 /pkgs/applications/networking/cluster/k3s/update-script.sh | |
parent | 5ef2d709661a985b9d211dd52f9e8d13a6502c9a (diff) |
k3s: update update-script to support multiple minor versions
This should let the update bot help us keep old versions up to date. 1.26 update incoming...
Diffstat (limited to 'pkgs/applications/networking/cluster/k3s/update-script.sh')
-rwxr-xr-x | pkgs/applications/networking/cluster/k3s/update-script.sh | 137 |
1 files changed, 137 insertions, 0 deletions
diff --git a/pkgs/applications/networking/cluster/k3s/update-script.sh b/pkgs/applications/networking/cluster/k3s/update-script.sh new file mode 100755 index 0000000000000..3d10acb83c10d --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/update-script.sh @@ -0,0 +1,137 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p curl gnugrep gnused jq yq-go nix-prefetch + +set -x -eu -o pipefail + +MINOR_VERSION="${1:?Must provide a minor version number, like '26', as the only argument}" + +WORKDIR=$(mktemp -d) +trap "rm -rf ${WORKDIR}" EXIT + +NIXPKGS_ROOT="$(git rev-parse --show-toplevel)"/ +NIXPKGS_K3S_PATH=$(cd $(dirname ${BASH_SOURCE[0]}); pwd -P)/ +cd ${NIXPKGS_K3S_PATH} + +cd 1_${MINOR_VERSION} + + +LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json +curl --silent -f ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} \ + https://api.github.com/repos/k3s-io/k3s/releases > ${LATEST_TAG_RAWFILE} + +LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | \ + grep -v -e rc -e engine | tail -n +2 | head -n -1 | sed 's|[", ]||g' | sort -rV | grep -E "^v1\.${MINOR_VERSION}\." | head -n1) + +K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//') + +K3S_COMMIT=$(curl --silent -f ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} \ + https://api.github.com/repos/k3s-io/k3s/tags \ + | jq -r "map(select(.name == \"${LATEST_TAG_NAME}\")) | .[0] | .commit.sha") + +K3S_REPO_SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/k3s-io/k3s/archive/refs/tags/${LATEST_TAG_NAME}.tar.gz) + +FILE_SCRIPTS_DOWNLOAD=${WORKDIR}/scripts-download +curl --silent -f https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/download > $FILE_SCRIPTS_DOWNLOAD + +FILE_SCRIPTS_VERSION=${WORKDIR}/scripts-version.sh +curl --silent -f https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/scripts/version.sh > $FILE_SCRIPTS_VERSION + +FILE_TRAEFIK_MANIFEST=${WORKDIR}/traefik.yml +curl --silent -f -o "$FILE_TRAEFIK_MANIFEST" https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/manifests/traefik.yaml + +CHART_FILES=( $(yq eval --no-doc .spec.chart "$FILE_TRAEFIK_MANIFEST" | xargs -n1 basename) ) +# These files are: +# 1. traefik-crd-20.3.1+up20.3.0.tgz +# 2. traefik-20.3.1+up20.3.0.tgz +# at the time of writing + +if [[ "${#CHART_FILES[@]}" != "2" ]]; then + echo "New manifest charts added, the packaging scripts will need to be updated: ${CHART_FILES}" + exit 1 +fi + +CHARTS_URL=https://k3s.io/k3s-charts/assets +# Get metadata for both files +rm -f chart-versions.nix.update +cat > chart-versions.nix.update <<EOF +{ + traefik-crd = { + url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}"; + sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")"; + }; + traefik = { + url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}"; + sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")"; + }; +} +EOF +mv chart-versions.nix.update chart-versions.nix + +FILE_GO_MOD=${WORKDIR}/go.mod +curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/go.mod > $FILE_GO_MOD + + +K3S_ROOT_VERSION=$(grep 'VERSION_ROOT=' ${FILE_SCRIPTS_VERSION} \ + | cut -d'=' -f2 | sed -e 's/"//g' -e 's/^v//') +K3S_ROOT_SHA256=$(nix-prefetch-url --quiet --unpack \ + "https://github.com/k3s-io/k3s-root/releases/download/v${K3S_ROOT_VERSION}/k3s-root-amd64.tar") + +CNIPLUGINS_VERSION=$(grep 'VERSION_CNIPLUGINS=' ${FILE_SCRIPTS_VERSION} \ + | cut -d'=' -f2 | sed -e 's/"//g' -e 's/^v//') +CNIPLUGINS_SHA256=$(nix-prefetch-url --quiet --unpack \ + "https://github.com/rancher/plugins/archive/refs/tags/v${CNIPLUGINS_VERSION}.tar.gz") + +# mimics https://github.com/k3s-io/k3s/blob/v1.26.5%2Bk3s1/scripts/version.sh#L25 +CONTAINERD_VERSION=$(grep github.com/containerd/containerd ${FILE_GO_MOD} \ + | head -n1 | awk '{print $4}' | sed -e 's/^v//') +CONTAINERD_SHA256=$(nix-prefetch-url --quiet --unpack \ + "https://github.com/k3s-io/containerd/archive/refs/tags/v${CONTAINERD_VERSION}.tar.gz") + +CRI_CTL_VERSION=$(grep github.com/kubernetes-sigs/cri-tools ${FILE_GO_MOD} \ + | head -n1 | awk '{print $4}' | sed -e 's/"//g' -e 's/^v//') + +setKV () { + sed -i "s|$1 = \".*\"|$1 = \"${2:-}\"|" ${NIXPKGS_K3S_PATH}default.nix +} + +FAKE_HASH="sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; + +cat >versions.nix <<EOF +{ + k3sVersion = "${K3S_VERSION}"; + k3sCommit = "${K3S_COMMIT}"; + k3sRepoSha256 = "${K3S_REPO_SHA256}"; + k3sVendorSha256 = "${FAKE_HASH}"; + chartVersions = import ./chart-versions.nix; + k3sRootVersion = "${K3S_ROOT_VERSION}"; + k3sRootSha256 = "${K3S_ROOT_SHA256}"; + k3sCNIVersion = "${CNIPLUGINS_VERSION}"; + k3sCNISha256 = "${CNIPLUGINS_SHA256}"; + containerdVersion = "${CONTAINERD_VERSION}"; + containerdSha256 = "${CONTAINERD_SHA256}"; + criCtlVersion = "${CRI_CTL_VERSION}"; +} +EOF + +set +e +K3S_VENDOR_SHA256=$(nix-prefetch -I nixpkgs=${NIXPKGS_ROOT} "{ sha256 }: (import ${NIXPKGS_ROOT}. {}).k3s_1_${MINOR_VERSION}.go-modules.overrideAttrs (_: { vendorSha256 = sha256; })") +set -e + +if [ -n "${K3S_VENDOR_SHA256:-}" ]; then + sed -i "s|${FAKE_HASH}|${K3S_VENDOR_SHA256}|g" ./versions.nix +else + echo "Update failed. K3S_VENDOR_SHA256 is empty." + exit 1 +fi + +# Implement commit +# See https://nixos.org/manual/nixpkgs/stable/#var-passthru-updateScript-commit +OLD_VERSION="$(nix-instantiate --eval -E "with import $NIXPKGS_ROOT. {}; k3s.version or (builtins.parseDrvName k3s.name).version" | tr -d '"')" +cat <<EOF +[{ + "attrPath": "k3s_1_${MINOR_VERSION}", + "oldVersion": "$OLD_VERSION", + "newVersion": "$K3S_VERSION", + "files": ["$PWD/versions.nix","$PWD/chart-versions.nix"] +}] +EOF |