diff options
Diffstat (limited to 'pkgs/applications/networking/cluster/k3s')
10 files changed, 229 insertions, 65 deletions
diff --git a/pkgs/applications/networking/cluster/k3s/1_28/images-versions.json b/pkgs/applications/networking/cluster/k3s/1_28/images-versions.json new file mode 100644 index 0000000000000..76bcc7ee7e0a3 --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/1_28/images-versions.json @@ -0,0 +1,18 @@ +{ + "airgap-images-amd64": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-airgap-images-amd64.tar.zst", + "sha256": "199nxfxwr52cddk2ljchhxaigyi0al3lzyc0jy2am4aljlm0jivy" + }, + "airgap-images-arm": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-airgap-images-arm.tar.zst", + "sha256": "02riiiwwr0h3zhlxxmjn5p8ws354rr2gk44x3kz9d7sxqn17sz4w" + }, + "airgap-images-arm64": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-airgap-images-arm64.tar.zst", + "sha256": "0bs9wj33appb9xpsb2v1xz4xck4qq6g74flnc0mxf9warwr4988r" + }, + "images-list": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-images.txt", + "sha256": "0245zra2h8756kq2v8nwl6gji749xlvy1y1bkab8vz5b0vpqhfxy" + } +} diff --git a/pkgs/applications/networking/cluster/k3s/1_28/versions.nix b/pkgs/applications/networking/cluster/k3s/1_28/versions.nix index 1778aa32efa90..2312cc22cbe9c 100644 --- a/pkgs/applications/networking/cluster/k3s/1_28/versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_28/versions.nix @@ -1,14 +1,15 @@ { - k3sVersion = "1.28.10+k3s1"; - k3sCommit = "a4c5612ea3dd202135e7c691c534c671a7d43690"; - k3sRepoSha256 = "00r06kc98nvbmaai8m2pbqsl0v6y3kbc3rz3l7lb9wy4qhiyxrww"; - k3sVendorHash = "sha256-8PbpjPVX+Yimhwbydu9YOTIMRTf/iLG21Ee/QMowp5Y="; + k3sVersion = "1.28.11+k3s2"; + k3sCommit = "d076d9a78cb835279a04f12c816ff4404884862e"; + k3sRepoSha256 = "1k1k3qmxc7n2h2i0g52ad4gnpq0qrvxnl7p2y0g9dss1ancgqwsd"; + k3sVendorHash = "sha256-tzcMcsTmY8lG+9EyYkzYJm1YU/8tGpxpH7oZ4Jl/yNU="; chartVersions = import ./chart-versions.nix; + imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json); k3sRootVersion = "0.12.2"; k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k"; k3sCNIVersion = "1.4.0-k3s2"; k3sCNISha256 = "17dg6jgjx18nrlyfmkv14dhzxsljz4774zgwz5dchxcf38bvarqa"; - containerdVersion = "1.7.15-k3s1"; - containerdSha256 = "18hlj4ixjk7wvamfd66xyc0cax2hs9s7yjvlx52afxdc73194y0f"; + containerdVersion = "1.7.17-k3s1.28"; + containerdSha256 = "0nhhx932j551ran3kkvyp4nmsg5c71mq0g6jrcbs2j4nn7yqdkhm"; criCtlVersion = "1.26.0-rc.0-k3s1"; } diff --git a/pkgs/applications/networking/cluster/k3s/1_29/images-versions.json b/pkgs/applications/networking/cluster/k3s/1_29/images-versions.json new file mode 100644 index 0000000000000..fdf9d967d5162 --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/1_29/images-versions.json @@ -0,0 +1,18 @@ +{ + "airgap-images-amd64": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-airgap-images-amd64.tar.zst", + "sha256": "1d1adpjxxgkflm4xqzynsib67pga85r1qmhkhh540nl0rppbq7gr" + }, + "airgap-images-arm": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-airgap-images-arm.tar.zst", + "sha256": "07c085y5qy8h5ja2ms3np61d7wkp6gic82snx70qlsm5fm3ak3z7" + }, + "airgap-images-arm64": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-airgap-images-arm64.tar.zst", + "sha256": "0ljajvz0n0mmwkdl1rwpwqmhgxqivakdpfyaqsascdzfk0qpv5gp" + }, + "images-list": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-images.txt", + "sha256": "0245zra2h8756kq2v8nwl6gji749xlvy1y1bkab8vz5b0vpqhfxy" + } +} diff --git a/pkgs/applications/networking/cluster/k3s/1_29/versions.nix b/pkgs/applications/networking/cluster/k3s/1_29/versions.nix index e06f394df94a0..4b05d0a07f729 100644 --- a/pkgs/applications/networking/cluster/k3s/1_29/versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_29/versions.nix @@ -1,14 +1,15 @@ { - k3sVersion = "1.29.5+k3s1"; - k3sCommit = "4e53a32306759581f4ed938bcd18b6fa20b83230"; - k3sRepoSha256 = "169hzl23chs4qblicmqj3j10jg1xdq8s9717bd3pzx7wzz9s9mqw"; - k3sVendorHash = "sha256-QreiB4JMtfBjHlkAyflQAW2rnfgay62UD6emx8TgUpM="; + k3sVersion = "1.29.6+k3s2"; + k3sCommit = "b4b156d9d14eeb475e789718b3a6b78aba00019e"; + k3sRepoSha256 = "0wagfh4vbvyi62np6zx7b4p6myn0xavw691y78rnbl32jckiy14f"; + k3sVendorHash = "sha256-o36gf3q7Vv+RoY681cL44rU2QFrdFW3EbRpw3dLcVTI="; chartVersions = import ./chart-versions.nix; + imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json); k3sRootVersion = "0.13.0"; k3sRootSha256 = "1jq5f0lm08abx5ikarf92z56fvx4kjpy2nmzaazblb34lajw87vj"; k3sCNIVersion = "1.4.0-k3s2"; k3sCNISha256 = "17dg6jgjx18nrlyfmkv14dhzxsljz4774zgwz5dchxcf38bvarqa"; - containerdVersion = "1.7.15-k3s1"; - containerdSha256 = "18hlj4ixjk7wvamfd66xyc0cax2hs9s7yjvlx52afxdc73194y0f"; + containerdVersion = "1.7.17-k3s1"; + containerdSha256 = "1j61mbgx346ydvnjd8b07wf7nmvvplx28wi5jjdzi1k688r2hxpf"; criCtlVersion = "1.29.0-k3s1"; } diff --git a/pkgs/applications/networking/cluster/k3s/1_30/images-versions.json b/pkgs/applications/networking/cluster/k3s/1_30/images-versions.json new file mode 100644 index 0000000000000..1d4819006cb25 --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/1_30/images-versions.json @@ -0,0 +1,18 @@ +{ + "airgap-images-amd64": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-airgap-images-amd64.tar.zst", + "sha256": "1d1adpjxxgkflm4xqzynsib67pga85r1qmhkhh540nl0rppbq7gr" + }, + "airgap-images-arm": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-airgap-images-arm.tar.zst", + "sha256": "1hjhlj4b5ddaqhpmqbbvhvgzryi5j84i8bmpl3yij87yjkz3kld7" + }, + "airgap-images-arm64": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-airgap-images-arm64.tar.zst", + "sha256": "1r9rd70qp8x57j3hdpgwgkzchykphw0x4yd8c1jwjfaqm5df1w0d" + }, + "images-list": { + "url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-images.txt", + "sha256": "0245zra2h8756kq2v8nwl6gji749xlvy1y1bkab8vz5b0vpqhfxy" + } +} diff --git a/pkgs/applications/networking/cluster/k3s/1_30/versions.nix b/pkgs/applications/networking/cluster/k3s/1_30/versions.nix index 23a3021875752..2646c3454136e 100644 --- a/pkgs/applications/networking/cluster/k3s/1_30/versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_30/versions.nix @@ -1,14 +1,15 @@ { - k3sVersion = "1.30.1+k3s1"; - k3sCommit = "80978b5b9a97908c5520c5ee51984e544e168859"; - k3sRepoSha256 = "085dmq49iwvlxpj9c528nfrvd67snkgpm5drj8ahfjv1nkjp0yy1"; - k3sVendorHash = "sha256-XtTahFaWnuHzKDI/U4d/j4C4gRxH163MCGEEM4hu/WM="; + k3sVersion = "1.30.2+k3s2"; + k3sCommit = "faeaf1b01b2a708a46cae2a67c1b4d381ee1ba6b"; + k3sRepoSha256 = "0hy0f44hj5n5nscr0p52dbklvj2ki2vs7k0cgh1r8xlg4p6fn1b0"; + k3sVendorHash = "sha256-Mj9Q3TgqZoJluG4/nyuw2WHnB3OJ+/mlV7duzWt1B1A="; chartVersions = import ./chart-versions.nix; + imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json); k3sRootVersion = "0.13.0"; k3sRootSha256 = "1jq5f0lm08abx5ikarf92z56fvx4kjpy2nmzaazblb34lajw87vj"; k3sCNIVersion = "1.4.0-k3s2"; k3sCNISha256 = "17dg6jgjx18nrlyfmkv14dhzxsljz4774zgwz5dchxcf38bvarqa"; - containerdVersion = "1.7.15-k3s1"; - containerdSha256 = "18hlj4ixjk7wvamfd66xyc0cax2hs9s7yjvlx52afxdc73194y0f"; + containerdVersion = "1.7.17-k3s1"; + containerdSha256 = "1j61mbgx346ydvnjd8b07wf7nmvvplx28wi5jjdzi1k688r2hxpf"; criCtlVersion = "1.29.0-k3s1"; } diff --git a/pkgs/applications/networking/cluster/k3s/builder.nix b/pkgs/applications/networking/cluster/k3s/builder.nix index 52754219efbfd..e0288c21fc997 100644 --- a/pkgs/applications/networking/cluster/k3s/builder.nix +++ b/pkgs/applications/networking/cluster/k3s/builder.nix @@ -12,6 +12,8 @@ lib: # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/scripts/download#L29-L32 # see also https://github.com/k3s-io/k3s/blob/d71ab6317e22dd34673faa307a412a37a16767f6/manifests/traefik.yaml#L8 chartVersions, + # Air gap container images that are released as assets with every k3s release + imagesVersions, # taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45 k3sCNIVersion, k3sCNISha256 ? lib.fakeHash, @@ -30,41 +32,42 @@ lib: # It is likely we will have to split out additional builders for additional # versions in the future, or customize this one further. { - lib, - makeWrapper, - socat, - iptables, - iproute2, - ipset, + bash, bridge-utils, btrfs-progs, - conntrack-tools, buildGoModule, - runc, - rsync, - kmod, - libseccomp, - pkg-config, + conntrack-tools, + coreutils, ethtool, - util-linux, fetchFromGitHub, + fetchgit, fetchurl, fetchzip, - fetchgit, - zstd, - yq-go, - sqlite, + findutils, + gnugrep, + gnused, + go, + iproute2, + ipset, + iptables, + kmod, + lib, + libseccomp, + makeWrapper, nixosTests, + pkg-config, pkgsBuildBuild, - go, - runCommand, - bash, procps, - coreutils, - gnugrep, - findutils, - gnused, + rsync, + runc, + runCommand, + socat, + sqlite, + stdenv, systemd, + util-linux, + yq-go, + zstd, }: # k3s is a kinda weird derivation. One of the main points of k3s is the @@ -88,18 +91,12 @@ lib: # make sure they're in the path if desired. let - baseMeta = with lib; { + baseMeta = { description = "Lightweight Kubernetes distribution"; - license = licenses.asl20; + license = lib.licenses.asl20; homepage = "https://k3s.io"; - maintainers = with maintainers; [ - euank - mic92 - superherointj - wrmilling - yajo - ]; - platforms = platforms.linux; + maintainers = lib.teams.k3s.members; + platforms = lib.platforms.linux; # resolves collisions with other installations of kubectl, crictl, ctr # prefer non-k3s versions @@ -128,6 +125,39 @@ let traefikChart = fetchurl chartVersions.traefik; traefik-crdChart = fetchurl chartVersions.traefik-crd; + mutFirstChar = + f: s: + let + firstChar = f (lib.substring 0 1 s); + rest = lib.substring 1 (-1) s; + in + firstChar + rest; + + kebabToCamel = + s: + mutFirstChar lib.toLower (lib.concatMapStrings (mutFirstChar lib.toUpper) (lib.splitString "-" s)); + + # finds the images archive for the desired architecture, aborts in case no suitable archive is found + findImagesArchive = + arch: + let + imagesVersionsNames = builtins.attrNames imagesVersions; + in + lib.findFirst ( + n: lib.hasInfix arch n + ) (abort "k3s: no airgap images for ${arch} available") imagesVersionsNames; + + # a shortcut that provides the images archive for the host platform. Currently only supports + # aarch64 (arm64) and x86_64 (amd64), aborts on other architectures. + airgapImages = fetchurl ( + if stdenv.isAarch64 then + imagesVersions.${findImagesArchive "arm64"} + else if stdenv.isx86_64 then + imagesVersions.${findImagesArchive "amd64"} + else + abort "k3s: airgap images cannot be found automatically for architecture ${stdenv.hostPlatform.linuxArch}, consider using an image archive with an explicit architecture." + ); + # so, k3s is a complicated thing to package # This derivation attempts to avoid including any random binaries from the # internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which @@ -373,6 +403,7 @@ buildGoModule rec { # https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694 # So, why do we use buildGoModule at all? For the `vendorHash` / `go mod download` stuff primarily. buildPhase = '' + runHook preBuild patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload # copy needed 'go generate' inputs into place @@ -393,12 +424,14 @@ buildGoModule rec { ./scripts/package-cli mkdir -p $out/bin + runHook postBuild ''; # Otherwise it depends on 'getGoDirs', which is normally set in buildPhase doCheck = false; installPhase = '' + runHook preInstall # wildcard to match the arm64 build too install -m 0755 dist/artifacts/k3s* -D $out/bin/k3s wrapProgram $out/bin/k3s \ @@ -410,26 +443,36 @@ buildGoModule rec { install -m 0755 ${k3sKillallSh} -D $out/bin/k3s-killall.sh wrapProgram $out/bin/k3s-killall.sh \ --prefix PATH : ${lib.makeBinPath (k3sRuntimeDeps ++ k3sKillallDeps)} + runHook postInstall ''; doInstallCheck = true; installCheckPhase = '' + runHook preInstallCheck $out/bin/k3s --version | grep -F "v${k3sVersion}" >/dev/null + runHook postInstallCheck ''; - passthru.updateScript = updateScript; - - passthru.mkTests = - version: - let - k3s_version = "k3s_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor version); - in + passthru = { - etcd = nixosTests.k3s.etcd.${k3s_version}; - single-node = nixosTests.k3s.single-node.${k3s_version}; - multi-node = nixosTests.k3s.multi-node.${k3s_version}; - }; - passthru.tests = passthru.mkTests k3sVersion; + inherit airgapImages; + k3sCNIPlugins = k3sCNIPlugins; + k3sContainerd = k3sContainerd; + k3sRepo = k3sRepo; + k3sRoot = k3sRoot; + k3sServer = k3sServer; + mkTests = + version: + let + k3s_version = "k3s_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor version); + in + lib.mapAttrs (name: value: nixosTests.k3s.${name}.${k3s_version}) nixosTests.k3s; + tests = passthru.mkTests k3sVersion; + updateScript = updateScript; + } + // (lib.mapAttrs' ( + name: _: lib.nameValuePair (kebabToCamel name) (fetchurl imagesVersions.${name}) + ) imagesVersions); meta = baseMeta; } diff --git a/pkgs/applications/networking/cluster/k3s/docs/ONBOARDING_MAINTAINER.md b/pkgs/applications/networking/cluster/k3s/docs/ONBOARDING_MAINTAINER.md new file mode 100644 index 0000000000000..9c2365d6f2dd0 --- /dev/null +++ b/pkgs/applications/networking/cluster/k3s/docs/ONBOARDING_MAINTAINER.md @@ -0,0 +1,45 @@ +# Onboarding Maintainer + +Anyone willing can become a maintainer, no pre-requisite knowledge is required. Willingness to learn is enough. + +A K3s maintainer, maintains K3s's: + +- [documentation](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/cluster/k3s/README.md) +- [issues](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+k3s) +- [pull requests](https://github.com/NixOS/nixpkgs/pulls?q=is%3Aopen+is%3Apr+label%3A%226.topic%3A+k3s%22) +- [NixOS tests](https://github.com/NixOS/nixpkgs/tree/master/nixos/tests/k3s) +- [NixOS service module](https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/cluster/k3s/default.nix) +- [update script](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/cluster/k3s/update-script.sh) (the process of updating) +- updates (the act of updating) and [r-ryantm bot logs](https://r.ryantm.com/log/k3s/) +- deprecations +- CVEs +- NixOS releases +- dependencies (runc, containerd, ipset) + +Anything that is due, basically. + +As a maintainer, feel free to improve anything and everything at your discretion. Meaning, at your pace and according to your capabilities and interests. + +Only consensus is required to move forward any proposal. Consensus meaning the approval of others. + +If you cause a regression (we've all been there), you are responsible for fixing it, but in case you can't fix it (it happens), feel free to ask for help. That's fine, just let us know. + +To merge code, you need to be a committer, or use the merge-bot, but currently the merge-bot only works for packages located at `pkgs/by-name/`, which means, K3s still need to be migrated there before you can use merge-bot for merging. As a non-committer, once you have approved a PR you need to forward the request to a committer. For deciding which committer, give preference initially to K3s committers, but any committer can commit. A committer usually has a green approval in PRs. + +K3s's committers currently are: superherointj, marcusramberg, Mic92. + +@euank is often silent but still active and has always handled anything dreadful, internal parts of K3s/Kubernetes or architecture things, he initially packaged K3s for nixpkgs, think of him as a last resort, when we fail to accomplish a fix, he comes to rescue us from ourselves. + +@mic92 stepped up when @superherointj stepped down a time ago, as Mic92 has a broad responsibility in nixpkgs (he is responsible for far too many things already, nixpkgs-reviews, sops-nix, release manager, bot-whatever), we avoid giving him chore work for `nixos-unstable`, only pick him as committer last. As Mic92 runs K3s in a `nixos-stable` setting, he might help in testing stable backports. + +On how to handle requests, it's the usual basics, such as, when reviewing PRs, issues, be welcoming, helpful, provide hints whenever possible, try to move things forward, assume good will, ignore [as don't react to] any negativity [since it spirals badly], delay and sort any (severe) disagreement in private. Even on disagrements, be thankful to people for their dedicated time, no matter what happens. In essence, on any unfortunate event, **always put people over code**. + +Dumbshit happens, we make mistakes, the CI, reviews, fellow maintainers are there to nudge us on a better direction, no need to over think interactions, if a problem happens, we'll handle it. + +We should optimize for maintainers satisfaction, because it is maintainers that make the service great. The best kind of win we have is when someone new steps up for being a maintainer. This multiplies our capabilities of doing meaningful work and increases our knowledge pool. + +Know that your participation matters most for us. And we thank you for stepping up. It's good to have you here! + +We welcome you and wish you the best in this new journey! + +K3s Maintainers diff --git a/pkgs/applications/networking/cluster/k3s/docs/VERSIONING.md b/pkgs/applications/networking/cluster/k3s/docs/VERSIONING.md index c1347b1f861e3..191af0058453a 100644 --- a/pkgs/applications/networking/cluster/k3s/docs/VERSIONING.md +++ b/pkgs/applications/networking/cluster/k3s/docs/VERSIONING.md @@ -11,7 +11,7 @@ afoul of the upstream version skew policy. ## Patch Release Support Lifecycle -K3s is built on top of K8s and typically provides a similar release cadence and support window (simply by cherry-picking over k8s patches). As such, we assume k3s's support lifecycle is identical to upstream K8s. The upstream K8s release and support lifecycle, including maintenance and end-of-life dates for current releases, is documented [on their suppport site](https://kubernetes.io/releases/patch-releases/#support-period). A more tabular view of the current support timeline can also be found on [endoflife.date](https://endoflife.date/kubernetes). +K3s is built on top of K8s and typically provides a similar release cadence and support window (simply by cherry-picking over k8s patches). As such, we assume k3s's support lifecycle is identical to upstream K8s. The upstream K8s release and support lifecycle, including maintenance and end-of-life dates for current releases, is documented [on their support site](https://kubernetes.io/releases/patch-releases/#support-period). A more tabular view of the current support timeline can also be found on [endoflife.date](https://endoflife.date/kubernetes). In short, a new Kubernetes version is released roughly every 4 months and each release is supported for a little over 1 year. diff --git a/pkgs/applications/networking/cluster/k3s/update-script.sh b/pkgs/applications/networking/cluster/k3s/update-script.sh index ca7d21bff4781..9eab8ce08f81f 100755 --- a/pkgs/applications/networking/cluster/k3s/update-script.sh +++ b/pkgs/applications/networking/cluster/k3s/update-script.sh @@ -69,6 +69,24 @@ cat > chart-versions.nix.update <<EOF EOF mv chart-versions.nix.update chart-versions.nix +# Get all airgap images files associated with this release +IMAGES_ARCHIVES=$(curl "https://api.github.com/repos/k3s-io/k3s/releases/tags/v${K3S_VERSION}" | \ + # Filter the assets so that only zstd archives and text files that have "images" in their name remain + # Modify the name and write the modified name and download URL to a string + jq -r '.assets[] | select(.name | contains("images")) | + select(.content_type == "application/zstd" or .content_type == "text/plain; charset=utf-8") | + .name = (.name | sub("k3s-"; "") | sub(".tar.zst"; "") | sub(".txt"; "-list")) | + "\(.name) \(.browser_download_url)"') + +# Create a JSON object for each airgap images file and prefetch all download URLs in the process +# Combine all JSON objects and write the result to images-versions.json +while read -r name url; do + jq --null-input --arg name "$name" \ + --arg url "$url" \ + --arg sha256 "$(nix-prefetch-url --quiet "${url}")" \ + '{$name: {"url": $url, "sha256": $sha256}}' +done <<<"${IMAGES_ARCHIVES}" | jq --slurp 'reduce .[] as $item ({}; . * $item)' > images-versions.json + FILE_GO_MOD=${WORKDIR}/go.mod curl --silent https://raw.githubusercontent.com/k3s-io/k3s/${K3S_COMMIT}/go.mod > $FILE_GO_MOD @@ -105,6 +123,7 @@ cat >versions.nix <<EOF k3sRepoSha256 = "${K3S_REPO_SHA256}"; k3sVendorHash = "${FAKE_HASH}"; chartVersions = import ./chart-versions.nix; + imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json); k3sRootVersion = "${K3S_ROOT_VERSION}"; k3sRootSha256 = "${K3S_ROOT_SHA256}"; k3sCNIVersion = "${CNIPLUGINS_VERSION}"; |