k3s_1_27: 1.27.1+k3s1 -> 1.27.2+k3s1

{

    traefik-crd  = {

        url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-20.3.1+up20.3.0.tgz";

        sha256 = "1775vjldvqvhzdbzanxhbaqbmkih09yb91im651q8bc7z5sb9ckn";

        url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-21.2.1+up21.2.0.tgz";

        sha256 = "05j3vyikb7g2z2i07rij9h4ki5lb2hb2rynpiqfd4l1y5qm0qhw9";

    };

    traefik = {

        url = "https://k3s.io/k3s-charts/assets/traefik/traefik-20.3.1+up20.3.0.tgz";

        sha256 = "1rj0f0n0vgjcbzfwzhqmsd501i2f6vw145w9plbp8gwdyzmg2nc6";

        url = "https://k3s.io/k3s-charts/assets/traefik/traefik-21.2.1+up21.2.0.tgz";

        sha256 = "0gvz0yzph2893scd0q10b938yc7f36b3zqs57pkjgqqpl1d0nwhg";

    };

}

{

  k3sVersion = "1.27.1+k3s1";

  k3sCommit = "bc5b42c27908ab430101eff0db0a0b22f870bd7a";

  k3sRepoSha256 = "1xj3blfayrsfbcsljjdaswy49hhz8yiwf1d85arnsgbn8fidswpm";

  k3sVendorSha256 = "sha256-+sM2fjS88kxMQzra2t+jU1IaKCoJpW7p3w7lCOv5mMU=";

  k3sVersion = "1.27.2+k3s1";

  k3sCommit = "213d7ad499e166290872f51c63d8eaa2f1fe78b3";

  k3sRepoSha256 = "0qjkrhmjf4fyclnpyhb059dzxghpzshrs5a5z1vc83mrz1zg6vbq";

  k3sVendorSha256 = "sha256-ZSfQIBS8KsNkYPUH2er6iL3A02SIJwXZ5YLd3NYFl8E=";

  chartVersions = import ./chart-versions.nix;

  k3sRootVersion = "0.12.1";

  k3sRootSha256 = "0724yx3zk89m2239fmdgwzf9w672pik71xqrvgb7pdmknmmdn9f4";

  k3sCNIVersion = "1.1.1-k3s1";

  k3sCNISha256 = "14mb3zsqibj1sn338gjmsyksbm0mxv9p016dij7zidccx2rzn6nl";

  containerdVersion = "1.6.19-k3s1";

  containerdSha256 = "12dwqh77wplg30kdi73d90qni23agw2cwxjd2p5lchq86mpmmwwr";

  k3sRootVersion = "0.12.2";

  k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k";

  k3sCNIVersion = "1.2.0-k3s1";

  k3sCNISha256 = "0hzcap4vbl94zsiqc66dlwjgql50gw5g6f0adag0p8yqwcy6vaw2";

  containerdVersion = "1.7.1-k3s1";

  containerdSha256 = "00k7nkclfxwbzcgnn8s7rkrxyn0zpk57nyy18icf23wsj352gfrn";

  criCtlVersion = "1.26.0-rc.0-k3s1";

}

  # run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag

  criCtlVersion,

  updateScript ? null,

  # multicallContainerd is a temporary variable for migrating k3s versions

  # forward, and can be removed once all callers set it.

  # It is here so we can update 1.26 and 1.27 independently, but they'll both migrate to this.

  # This variable controls whether we build with containerd as a separate

  # binary, or as a k3s multicall. Upstream k3s changed this in 1.27.2 and

  # 1.26.5. See https://github.com/k3s-io/k3s/issues/7419 for more context

  multicallContainerd ? false,

}:

# builder.nix contains a "builder" expression that, given k3s version and hash

    subPackages = [ "cmd/server" ];

    ldflags = versionldflags;

    tags = [ "libsqlite3" "linux" ];

    tags = [ "libsqlite3" "linux" ] ++ lib.optional multicallContainerd "ctrd";

    # create the multicall symlinks for k3s

    postInstall = ''

      mv $out/bin/server $out/bin/k3s

      pushd $out

      # taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113

      ln -s k3s ./bin/crictl

      ln -s k3s ./bin/ctr

      ln -s k3s ./bin/k3s-agent

      ln -s k3s ./bin/k3s-server

      ln -s k3s ./bin/k3s-certificate

      ln -s k3s ./bin/k3s-completion

      ln -s k3s ./bin/k3s-etcd-snapshot

      ln -s k3s ./bin/k3s-secrets-encrypt

      ln -s k3s ./bin/k3s-certificate

      ln -s k3s ./bin/k3s-server

      ln -s k3s ./bin/k3s-token

      ln -s k3s ./bin/kubectl

      ln -s k3s ./bin/crictl

      ln -s k3s ./bin/ctr

    '' + lib.optionalString multicallContainerd ''

      # for the multicall binary, also do containerd per

      # https://github.com/k3s-io/k3s/blob/v1.27.2%2Bk3s1/scripts/build#L136-L146

      ln -s k3s ./bin/containerd

    '' + ''

      popd

    '';

      description = "The various binaries that get packaged into the final k3s binary";

    };

  };

  # For the multicall binary, only used for the shim

  # https://github.com/k3s-io/k3s/blob/v1.27.2%2Bk3s1/scripts/build#L153

  k3sContainerd = buildGoModule {

    pname = "k3s-containerd";

    version = containerdVersion;

    };

    vendorSha256 = null;

    buildInputs = [ btrfs-progs ];

    subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ];

    subPackages = [ "cmd/containerd-shim-runc-v2" ] ++ lib.optional (!multicallContainerd) "cmd/containerd";

    ldflags = versionldflags;

  };

in

  pname = "k3s";

  version = k3sVersion;

  tags = [ "libsqlite3" "linux" ] ++ lib.optional multicallContainerd "ctrd";

  src = k3sRepo;

  vendorSha256 = k3sVendorSha256;

    ethtool

    util-linux # kubelet wants 'nsenter' from util-linux: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-705994388

    conntrack-tools

    runc

  ];

  buildInputs = k3sRuntimeDeps;

    k3sCNIPlugins

    k3sContainerd

    k3sServer

    runc

  ];

  # We override most of buildPhase due to peculiarities in k3s's build.

    # copy needed 'go generate' inputs into place

    mkdir -p ./bin/aux

    rsync -a --no-perms ${k3sServer}/bin/ ./bin/

    ln -vsf ${runc}/bin/runc ./bin/runc

    ln -vsf ${k3sCNIPlugins}/bin/cni ./bin/cni

    ln -vsf ${k3sContainerd}/bin/* ./bin/

    ln -vsf ${k3sContainerd}/bin/containerd-shim-runc-v2 ./bin

    ${lib.optionalString (!multicallContainerd) "ln -vsf ${k3sContainerd}/bin/containerd ./bin/"}

    rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/

    mkdir -p ./build/static/charts

  # 1_27 can be built with the same builder as 1_26

  k3s_1_27 = common ((import ./1_27/versions.nix) // {

    multicallContainerd = true;

    updateScript = [ ./update-script.sh "27" ];

  }) { };

}