diff options
Diffstat (limited to 'pkgs/applications/networking/cluster')
33 files changed, 125 insertions, 151 deletions
diff --git a/pkgs/applications/networking/cluster/argocd-autopilot/default.nix b/pkgs/applications/networking/cluster/argocd-autopilot/default.nix index 4a0f192ea32..e42a4e0c4b4 100644 --- a/pkgs/applications/networking/cluster/argocd-autopilot/default.nix +++ b/pkgs/applications/networking/cluster/argocd-autopilot/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "argocd-autopilot"; - version = "0.4.15"; + version = "0.4.16"; src = fetchFromGitHub { owner = "argoproj-labs"; repo = "argocd-autopilot"; rev = "v${version}"; - sha256 = "sha256-E0Y2GBklUiQBSdrKerFO0B8AAPYnDuxbdRk7uU7cQBI="; + sha256 = "sha256-KxEH6FpCaOVOjdNKn7dYbFlT/W4gA8276Zt3sIs3Tg8="; }; - vendorHash = "sha256-5YGe9OnZhjswLMlXohPGzpebocuJFfBd94cc1y88irs="; + vendorHash = "sha256-3f5eEge5tGko/B7MtPcifoQOkkVr0jjFX5nF6g1kow4="; proxyVendor = true; diff --git a/pkgs/applications/networking/cluster/arkade/default.nix b/pkgs/applications/networking/cluster/arkade/default.nix index e1afef0794f..851caeed60e 100644 --- a/pkgs/applications/networking/cluster/arkade/default.nix +++ b/pkgs/applications/networking/cluster/arkade/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "arkade"; - version = "0.10.0"; + version = "0.10.7"; src = fetchFromGitHub { owner = "alexellis"; repo = "arkade"; rev = version; - hash = "sha256-XjJt2bLGBl6T3nrTdwr8lNKW0cBZH+gYFAy6lkNtwgw="; + hash = "sha256-6KgQR8QIgbrI2XhORhDjcC2PK+XbmDWNBjjjE3qOAhQ="; }; CGO_ENABLED = 0; diff --git a/pkgs/applications/networking/cluster/civo/default.nix b/pkgs/applications/networking/cluster/civo/default.nix index ac6cea0fb2b..be63630ab71 100644 --- a/pkgs/applications/networking/cluster/civo/default.nix +++ b/pkgs/applications/networking/cluster/civo/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "civo"; - version = "1.0.65"; + version = "1.0.66"; src = fetchFromGitHub { owner = "civo"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-zuWKU2bZM0zdEupvWi1CV3S7urEhm4dc+sFYoQmljCk="; + sha256 = "sha256-17dRFRG3HpYJvqE4+SFI6a6nP6umkKc61rwQu4FiG6Q="; }; - vendorHash = "sha256-Tym9Xu+oECUm78nIAyDwYYpR88wNxT4bmoy7iUwUQTU="; + vendorHash = "sha256-AvAS3S7bepaTFPelE+Bj5/UuQIXEDvSAtDuFaPRC9sk="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/applications/networking/cluster/cmctl/default.nix b/pkgs/applications/networking/cluster/cmctl/default.nix index ac527324247..358c60ea280 100644 --- a/pkgs/applications/networking/cluster/cmctl/default.nix +++ b/pkgs/applications/networking/cluster/cmctl/default.nix @@ -1,39 +1,52 @@ -{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib +, stdenv +, buildGoModule +, fetchFromGitHub +, installShellFiles +, nix-update-script +}: buildGoModule rec { pname = "cmctl"; - version = "1.11.2"; + version = "1.13.0"; src = fetchFromGitHub { owner = "cert-manager"; repo = "cert-manager"; - rev = "4767427a40e0e193c976fd6bc228f50de8950572"; - sha256 = "128s5vd4hp5mr0rnb21grzmijzx0ibpv71as36dcgw7z4v3gq7lx"; + rev = "v${version}"; + hash = "sha256-o51CIwZeBq3XrNvu6n6dVCsmXH2pU7l3igw61KjI0cw="; }; - vendorHash = "sha256-+r0QpD97r6dokUr07Qjb9kvoK+oz2rvml0cIebtYuHg="; + sourceRoot = "${src.name}/cmd/ctl"; - subPackages = [ "cmd/ctl" ]; + vendorHash = "sha256-szDFQ5zxZ4IUMaIe/eyQAouomR6kpQXn/LZ3MEBbx0Y="; ldflags = [ - "-s" "-w" + "-s" + "-w" "-X github.com/cert-manager/cert-manager/cmd/ctl/pkg/build.name=cmctl" "-X github.com/cert-manager/cert-manager/cmd/ctl/pkg/build/commands.registerCompletion=true" "-X github.com/cert-manager/cert-manager/pkg/util.AppVersion=v${version}" "-X github.com/cert-manager/cert-manager/pkg/util.AppGitCommit=${src.rev}" ]; - nativeBuildInputs = [ installShellFiles ]; + nativeBuildInputs = [ + installShellFiles + ]; + + # Trusted by this computer: no: x509: “cert-manager” certificate is not trusted + doCheck = !stdenv.isDarwin; postInstall = '' mv $out/bin/ctl $out/bin/cmctl + '' + lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' installShellCompletion --cmd cmctl \ --bash <($out/bin/cmctl completion bash) \ --fish <($out/bin/cmctl completion fish) \ --zsh <($out/bin/cmctl completion zsh) ''; - passthru.updateScript = ./update.sh; + passthru.updateScript = nix-update-script { }; meta = with lib; { description = "A CLI tool for managing cert-manager service on Kubernetes clusters"; diff --git a/pkgs/applications/networking/cluster/cmctl/update.sh b/pkgs/applications/networking/cluster/cmctl/update.sh deleted file mode 100755 index 16a20edb577..00000000000 --- a/pkgs/applications/networking/cluster/cmctl/update.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env nix-shell -#!nix-shell -i bash -p curl gnugrep gnused jq - -set -x -eu -o pipefail - -NIXPKGS_PATH="$(git rev-parse --show-toplevel)" -CMCTL_PATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" - -OLD_VERSION="$(nix-instantiate --eval -E "with import $NIXPKGS_PATH {}; cmctl.version or (builtins.parseDrvName cmctl.name).version" | tr -d '"')" -LATEST_TAG="$(curl -s ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} "https://api.github.com/repos/cert-manager/cert-manager/releases" | jq '.[].tag_name' --raw-output | sed '/-/d' | sort --version-sort -r | head -n 1)" -LATEST_VERSION="${LATEST_TAG:1}" - -if [ ! "$OLD_VERSION" = "$LATEST_VERSION" ]; then - SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/cert-manager/cert-manager/archive/refs/tags/${LATEST_TAG}.tar.gz) - TAG_SHA=$(curl -s ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} "https://api.github.com/repos/cert-manager/cert-manager/git/ref/tags/${LATEST_TAG}" | jq -r '.object.sha') - TAG_COMMIT_SHA=$(curl -s ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} "https://api.github.com/repos/cert-manager/cert-manager/git/tags/${TAG_SHA}" | jq '.object.sha' --raw-output) - - setKV () { - sed -i "s|$1 = \".*\"|$1 = \"${2:-}\"|" "${CMCTL_PATH}/default.nix" - } - - setKV version ${LATEST_VERSION} - setKV sha256 "${SHA256}" - setKV rev ${TAG_COMMIT_SHA} - setKV vendorSha256 "0000000000000000000000000000000000000000000000000000" # The same as lib.fakeSha256 - - set +e - VENDOR_SHA256=$(nix-build --no-out-link -A cmctl $NIXPKGS_PATH 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') - set -e - - if [ -n "${VENDOR_SHA256:-}" ]; then - setKV vendorSha256 ${VENDOR_SHA256} - else - echo "Update failed. VENDOR_SHA256 is empty." - exit 1 - fi - - echo "updated cmctl to $LATEST_VERSION, please commit changes." -else - echo "cmctl is already up-to-date at $OLD_VERSION" -fi diff --git a/pkgs/applications/networking/cluster/dnsname-cni/default.nix b/pkgs/applications/networking/cluster/dnsname-cni/default.nix index 3a543f40dd4..3b6edd57529 100644 --- a/pkgs/applications/networking/cluster/dnsname-cni/default.nix +++ b/pkgs/applications/networking/cluster/dnsname-cni/default.nix @@ -22,7 +22,7 @@ buildGoModule rec { wrapProgram $out/bin/dnsname --prefix PATH : ${lib.makeBinPath [ dnsmasq ]} ''; - vendorSha256 = null; + vendorHash = null; subPackages = [ "plugins/meta/dnsname" ]; doCheck = false; # NOTE: requires root privileges diff --git a/pkgs/applications/networking/cluster/fluxcd/update.sh b/pkgs/applications/networking/cluster/fluxcd/update.sh index 8c80ef9fda3..f252d587daa 100755 --- a/pkgs/applications/networking/cluster/fluxcd/update.sh +++ b/pkgs/applications/networking/cluster/fluxcd/update.sh @@ -21,16 +21,17 @@ if [ ! "$OLD_VERSION" = "$LATEST_VERSION" ]; then setKV version ${LATEST_VERSION} setKV sha256 ${SHA256} setKV manifestsSha256 ${SPEC_SHA256} - setKV vendorSha256 "0000000000000000000000000000000000000000000000000000" # The same as lib.fakeSha256 + setKV vendorHash "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=" # The same as lib.fakeHash set +e - VENDOR_SHA256=$(nix-build --no-out-link -A fluxcd $NIXPKGS_PATH 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') + VENDOR_HASH=$(nix-build --no-out-link -A fluxcd $NIXPKGS_PATH 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') + VENDOR_HASH=$(nix hash to-sri --type sha256 $VENDOR_HASH) set -e - if [ -n "${VENDOR_SHA256:-}" ]; then - setKV vendorSha256 ${VENDOR_SHA256} + if [ -n "${VENDOR_HASH:-}" ]; then + setKV vendorHash ${VENDOR_HASH} else - echo "Update failed. VENDOR_SHA256 is empty." + echo "Update failed. VENDOR_HASH is empty." exit 1 fi diff --git a/pkgs/applications/networking/cluster/helm-docs/default.nix b/pkgs/applications/networking/cluster/helm-docs/default.nix index 657d428912d..cf286c8dc6f 100644 --- a/pkgs/applications/networking/cluster/helm-docs/default.nix +++ b/pkgs/applications/networking/cluster/helm-docs/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "helm-docs"; - version = "1.11.1"; + version = "1.11.2"; src = fetchFromGitHub { owner = "norwoodj"; repo = "helm-docs"; rev = "v${version}"; - hash = "sha256-4o3hdqaW/AtegKStMKVerE3dRr3iZxQ+Lm2Aj3aOy98="; + hash = "sha256-w4QV96/02Pbs/l0lTLPYY8Ag21ZDDVPdgvuveiKUCoM="; }; vendorHash = "sha256-6byD8FdeqdRDNUZFZ7FUUdyTuFOO8s3rb6YPGKdwLB8="; diff --git a/pkgs/applications/networking/cluster/k3s/1_24/default.nix b/pkgs/applications/networking/cluster/k3s/1_24/default.nix index 6f7644dd543..25b615d6718 100644 --- a/pkgs/applications/networking/cluster/k3s/1_24/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_24/default.nix @@ -51,7 +51,7 @@ let k3sVersion = "1.24.10+k3s1"; # k3s git tag k3sCommit = "546a94e9ae1c3be6f9c0dcde32a6e6672b035bc8"; # k3s git commit at the above version k3sRepoSha256 = "sha256-HfkGb3GtR2wQkVIze26aFh6A6W0fegr8ovpSel7oujQ="; - k3sVendorSha256 = "sha256-YAerisDr/knlKPaO2fVMZA4FUpwshFmkpi3mJAmLqKM="; + k3sVendorHash = "sha256-YAerisDr/knlKPaO2fVMZA4FUpwshFmkpi3mJAmLqKM="; # Based on the traefik charts here: https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/scripts/download#L29-L32 # see also https://github.com/k3s-io/k3s/blob/v1.24.10%2Bk3s1/manifests/traefik.yaml#L8-L16 @@ -117,7 +117,7 @@ let k3sCNIPlugins = buildGoModule rec { pname = "k3s-cni-plugins"; version = k3sCNIVersion; - vendorSha256 = null; + vendorHash = null; subPackages = [ "." ]; @@ -170,7 +170,7 @@ let version = k3sVersion; src = k3sRepo; - vendorSha256 = k3sVendorSha256; + vendorHash = k3sVendorHash; nativeBuildInputs = [ pkg-config ]; buildInputs = [ libseccomp sqlite.dev ]; @@ -210,7 +210,7 @@ let rev = "v${containerdVersion}"; sha256 = containerdSha256; }; - vendorSha256 = null; + vendorHash = null; buildInputs = [ btrfs-progs ]; subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ]; ldflags = versionldflags; @@ -221,7 +221,7 @@ buildGoModule rec { version = k3sVersion; src = k3sRepo; - vendorSha256 = k3sVendorSha256; + vendorHash = k3sVendorHash; postPatch = '' # Nix prefers dynamically linked binaries over static binary. @@ -279,7 +279,7 @@ buildGoModule rec { # Specifically, it has a 'go generate' which runs part of the package. See # this comment: # https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694 - # So, why do we use buildGoModule at all? For the `vendorSha256` / `go mod download` stuff primarily. + # So, why do we use buildGoModule at all? For the `vendorHash` / `go mod download` stuff primarily. buildPhase = '' patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload diff --git a/pkgs/applications/networking/cluster/k3s/1_25/default.nix b/pkgs/applications/networking/cluster/k3s/1_25/default.nix index 47c3b5886c5..7ea3ff7867e 100644 --- a/pkgs/applications/networking/cluster/k3s/1_25/default.nix +++ b/pkgs/applications/networking/cluster/k3s/1_25/default.nix @@ -51,7 +51,7 @@ let k3sVersion = "1.25.3+k3s1"; # k3s git tag k3sCommit = "f2585c1671b31b4b34bddbb3bf4e7d69662b0821"; # k3s git commit at the above version k3sRepoSha256 = "0zwf3iwjcidx14zw36s1hr0q8wmmbfc0rfqwd7fmpjq597h8zkms"; - k3sVendorSha256 = "sha256-U67tJRGqPFk5AfRe7I50zKGC9HJ2oh+iI/C7qF/76BQ="; + k3sVendorHash = "sha256-U67tJRGqPFk5AfRe7I50zKGC9HJ2oh+iI/C7qF/76BQ="; # taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9 # The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know. @@ -116,7 +116,7 @@ let k3sCNIPlugins = buildGoModule rec { pname = "k3s-cni-plugins"; version = k3sCNIVersion; - vendorSha256 = null; + vendorHash = null; subPackages = [ "." ]; @@ -169,7 +169,7 @@ let version = k3sVersion; src = k3sRepo; - vendorSha256 = k3sVendorSha256; + vendorHash = k3sVendorHash; nativeBuildInputs = [ pkg-config ]; buildInputs = [ libseccomp sqlite.dev ]; @@ -208,7 +208,7 @@ let rev = "v${containerdVersion}"; sha256 = containerdSha256; }; - vendorSha256 = null; + vendorHash = null; buildInputs = [ btrfs-progs ]; subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ]; ldflags = versionldflags; @@ -219,7 +219,7 @@ buildGoModule rec { version = k3sVersion; src = k3sRepo; - vendorSha256 = k3sVendorSha256; + vendorHash = k3sVendorHash; patches = [ ./0001-script-download-strip-downloading-just-package-CRD.patch @@ -281,7 +281,7 @@ buildGoModule rec { # Specifically, it has a 'go generate' which runs part of the package. See # this comment: # https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694 - # So, why do we use buildGoModule at all? For the `vendorSha256` / `go mod download` stuff primarily. + # So, why do we use buildGoModule at all? For the `vendorHash` / `go mod download` stuff primarily. buildPhase = '' patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload diff --git a/pkgs/applications/networking/cluster/k3s/1_26/versions.nix b/pkgs/applications/networking/cluster/k3s/1_26/versions.nix index 799fd3f9b1d..93df5633f5a 100644 --- a/pkgs/applications/networking/cluster/k3s/1_26/versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_26/versions.nix @@ -2,7 +2,7 @@ k3sVersion = "1.26.6+k3s1"; k3sCommit = "3b1919b0d55811707bd1168f0abf11cccc656c26"; k3sRepoSha256 = "1g82bkq4w0jpfn1fanj1d24bj46rw908wk50p3cm47rqiqlys72y"; - k3sVendorSha256 = "sha256-+a9/q5a28zA9SmAdp2IItHR1MdJvlbMW5796bHTfKBw="; + k3sVendorHash = "sha256-+a9/q5a28zA9SmAdp2IItHR1MdJvlbMW5796bHTfKBw="; chartVersions = import ./chart-versions.nix; k3sRootVersion = "0.12.2"; k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k"; diff --git a/pkgs/applications/networking/cluster/k3s/1_27/versions.nix b/pkgs/applications/networking/cluster/k3s/1_27/versions.nix index 653fb2115d7..df84a0a95d6 100644 --- a/pkgs/applications/networking/cluster/k3s/1_27/versions.nix +++ b/pkgs/applications/networking/cluster/k3s/1_27/versions.nix @@ -1,14 +1,14 @@ { - k3sVersion = "1.27.5+k3s1"; - k3sCommit = "8d074ecb5a8765a09eeef6f8be7987055210bc40"; - k3sRepoSha256 = "0bv0r1l97zip9798d8r3ldymmdhlrfw3j9i0nvads1sd1d4az6m6"; - k3sVendorSha256 = "sha256-dFLBa/Sn3GrOPWsTFkP0H2HASE8XB99Orxx5K7nnNio="; + k3sVersion = "1.27.6+k3s1"; + k3sCommit = "bd04941a294793ec92e8703d5e5da14107902e88"; + k3sRepoSha256 = "04chr8gp0yprihigy1yzhvi2baby053fav384gq0sjq6bkp3fzd8"; + k3sVendorHash = "sha256-LH9OsBK0Pq/NGEHprbIgYKQsslYdR3i4LYVvo5P0K+8="; chartVersions = import ./chart-versions.nix; k3sRootVersion = "0.12.2"; k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k"; k3sCNIVersion = "1.3.0-k3s1"; k3sCNISha256 = "0zma9g4wvdnhs9igs03xlx15bk2nq56j73zns9xgqmfiixd9c9av"; - containerdVersion = "1.7.3-k3s1"; - containerdSha256 = "03352jn1igsqi23sll06mdsvdbkfhrscqa2ackwczx1a3innxv9r"; + containerdVersion = "1.7.6-k3s1.27"; + containerdSha256 = "1kzjqw56pcdpsqdkw2k5a3pnpf8n93dh4jc2yybgqz3nyj4fw0a8"; criCtlVersion = "1.26.0-rc.0-k3s1"; } diff --git a/pkgs/applications/networking/cluster/k3s/builder.nix b/pkgs/applications/networking/cluster/k3s/builder.nix index 9605ff9f947..a914cf87102 100644 --- a/pkgs/applications/networking/cluster/k3s/builder.nix +++ b/pkgs/applications/networking/cluster/k3s/builder.nix @@ -5,7 +5,7 @@ lib: # commit hash k3sCommit, k3sRepoSha256 ? lib.fakeHash, - k3sVendorSha256 ? lib.fakeHash, + k3sVendorHash ? lib.fakeHash, # taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47 k3sRootVersion, k3sRootSha256 ? lib.fakeHash, @@ -129,7 +129,7 @@ let k3sCNIPlugins = buildGoModule rec { pname = "k3s-cni-plugins"; version = k3sCNIVersion; - vendorSha256 = null; + vendorHash = null; subPackages = [ "." ]; @@ -182,7 +182,7 @@ let version = k3sVersion; src = k3sRepo; - vendorSha256 = k3sVendorSha256; + vendorHash = k3sVendorHash; nativeBuildInputs = [ pkg-config ]; buildInputs = [ libseccomp sqlite.dev ]; @@ -226,7 +226,7 @@ let rev = "v${containerdVersion}"; sha256 = containerdSha256; }; - vendorSha256 = null; + vendorHash = null; buildInputs = [ btrfs-progs ]; subPackages = [ "cmd/containerd-shim-runc-v2" ]; ldflags = versionldflags; @@ -238,7 +238,7 @@ buildGoModule rec { tags = [ "libsqlite3" "linux" "ctrd" ]; src = k3sRepo; - vendorSha256 = k3sVendorSha256; + vendorHash = k3sVendorHash; postPatch = '' # Nix prefers dynamically linked binaries over static binary. @@ -296,7 +296,7 @@ buildGoModule rec { # Specifically, it has a 'go generate' which runs part of the package. See # this comment: # https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694 - # So, why do we use buildGoModule at all? For the `vendorSha256` / `go mod download` stuff primarily. + # So, why do we use buildGoModule at all? For the `vendorHash` / `go mod download` stuff primarily. buildPhase = '' patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload diff --git a/pkgs/applications/networking/cluster/k3s/update-script.sh b/pkgs/applications/networking/cluster/k3s/update-script.sh index d1dad25b07a..dc41d7325b6 100755 --- a/pkgs/applications/networking/cluster/k3s/update-script.sh +++ b/pkgs/applications/networking/cluster/k3s/update-script.sh @@ -101,7 +101,7 @@ cat >versions.nix <<EOF k3sVersion = "${K3S_VERSION}"; k3sCommit = "${K3S_COMMIT}"; k3sRepoSha256 = "${K3S_REPO_SHA256}"; - k3sVendorSha256 = "${FAKE_HASH}"; + k3sVendorHash = "${FAKE_HASH}"; chartVersions = import ./chart-versions.nix; k3sRootVersion = "${K3S_ROOT_VERSION}"; k3sRootSha256 = "${K3S_ROOT_SHA256}"; @@ -114,13 +114,13 @@ cat >versions.nix <<EOF EOF set +e -K3S_VENDOR_SHA256=$(nix-prefetch -I nixpkgs=${NIXPKGS_ROOT} "{ sha256 }: (import ${NIXPKGS_ROOT}. {}).k3s_1_${MINOR_VERSION}.goModules.overrideAttrs (_: { vendorSha256 = sha256; })") +K3S_VENDOR_HASH=$(nix-prefetch -I nixpkgs=${NIXPKGS_ROOT} "{ sha256 }: (import ${NIXPKGS_ROOT}. {}).k3s_1_${MINOR_VERSION}.goModules.overrideAttrs (_: { vendorHash = sha256; })") set -e -if [ -n "${K3S_VENDOR_SHA256:-}" ]; then - sed -i "s|${FAKE_HASH}|${K3S_VENDOR_SHA256}|g" ./versions.nix +if [ -n "${K3S_VENDOR_HASH:-}" ]; then + sed -i "s|${FAKE_HASH}|${K3S_VENDOR_HASH}|g" ./versions.nix else - echo "Update failed. K3S_VENDOR_SHA256 is empty." + echo "Update failed. K3S_VENDOR_HASH is empty." exit 1 fi diff --git a/pkgs/applications/networking/cluster/ktunnel/default.nix b/pkgs/applications/networking/cluster/ktunnel/default.nix index 73e1fff2db3..3b05aabc00b 100644 --- a/pkgs/applications/networking/cluster/ktunnel/default.nix +++ b/pkgs/applications/networking/cluster/ktunnel/default.nix @@ -1,6 +1,6 @@ { stdenv, lib, buildGoModule, fetchFromGitHub }: let - version = "1.5.3"; + version = "1.6.1"; in buildGoModule { pname = "ktunnel"; @@ -10,7 +10,7 @@ buildGoModule { owner = "omrikiei"; repo = "ktunnel"; rev = "v${version}"; - sha256 = "sha256-7SWj9Emm78xpzdvJFKqpI5HVQi0ohbixkgXKGTy5C/A="; + sha256 = "sha256-rcUCIUIyBCSuMly7y0GUNQCdJUgsj7Oi6Hpz23uXoJw="; }; ldflags = [ diff --git a/pkgs/applications/networking/cluster/kubebuilder/default.nix b/pkgs/applications/networking/cluster/kubebuilder/default.nix index 7ac56042a3f..1724cb60e14 100644 --- a/pkgs/applications/networking/cluster/kubebuilder/default.nix +++ b/pkgs/applications/networking/cluster/kubebuilder/default.nix @@ -12,16 +12,16 @@ buildGoModule rec { pname = "kubebuilder"; - version = "3.11.1"; + version = "3.12.0"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = "kubebuilder"; rev = "v${version}"; - hash = "sha256-VT9S8Ijf684rowfoU1kvgPSTzR8ZGr3GwxWiYHWLANc="; + hash = "sha256-drg7hFUEFoicZxzorO365b3eFN9NRdhWYn9bIk+sSY8="; }; - vendorHash = "sha256-5XUYmAfFH6UlLF09PqcSLUxkgZ5iHZGj0Vurab+Jl1g="; + vendorHash = "sha256-qH7+DDGYRCrXI3B2dN/4pZMBqSXKkZUvIrtVEg0Ep+c="; subPackages = ["cmd"]; diff --git a/pkgs/applications/networking/cluster/kubectl-evict-pod/default.nix b/pkgs/applications/networking/cluster/kubectl-evict-pod/default.nix index 54f99f91c8a..f17c2b2ad1a 100644 --- a/pkgs/applications/networking/cluster/kubectl-evict-pod/default.nix +++ b/pkgs/applications/networking/cluster/kubectl-evict-pod/default.nix @@ -11,7 +11,7 @@ buildGoModule rec { sha256 = "sha256-alU1c1ppn4cQi582kcA/PIAJJt73i3uG02cQvSYij1A="; }; - vendorSha256 = null; + vendorHash = null; meta = with lib; { description = "This plugin evicts the given pod and is useful for testing pod disruption budget rules"; diff --git a/pkgs/applications/networking/cluster/kubeseal/default.nix b/pkgs/applications/networking/cluster/kubeseal/default.nix index e76b69696fe..751f767bfac 100644 --- a/pkgs/applications/networking/cluster/kubeseal/default.nix +++ b/pkgs/applications/networking/cluster/kubeseal/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "kubeseal"; - version = "0.23.1"; + version = "0.24.0"; src = fetchFromGitHub { owner = "bitnami-labs"; repo = "sealed-secrets"; rev = "v${version}"; - sha256 = "sha256-FhkeovWuDQZ7KwyIk6YY/iWfRQxTUT0fcAJcCiTZ9Cg="; + sha256 = "sha256-7v0r5xwxlTUASkhVRbUUD+/wjvyurylqaRPmspLY/IM="; }; - vendorHash = "sha256-mtWh5nJrdy7PIk4+S+66Xgqpllg6lAyc73lW/bjV5AE="; + vendorHash = "sha256-77KUQlOCIRxuyL/vkxK+F+WEyzDFAYaBNq+JuAmkQvY="; subPackages = [ "cmd/kubeseal" ]; diff --git a/pkgs/applications/networking/cluster/kubeshark/default.nix b/pkgs/applications/networking/cluster/kubeshark/default.nix index 23f43688d5c..d958e06b7ec 100644 --- a/pkgs/applications/networking/cluster/kubeshark/default.nix +++ b/pkgs/applications/networking/cluster/kubeshark/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "kubeshark"; - version = "50.2"; + version = "50.4"; src = fetchFromGitHub { owner = "kubeshark"; repo = "kubeshark"; rev = version; - sha256 = "sha256-bABPfy790cMIfunKYfZwDbEn07fhq6g0m/yqeFgJg4Y="; + sha256 = "sha256-+9AnzY/vnB1OGzkKmYL0sxWS17NV+MGnHNXGOtt+BKU="; }; - vendorHash = "sha256-rcxnvKkc9zerfULRdU5eGRRqSDQQDNMYaLJ7oEMQghk="; + vendorHash = "sha256-Vcn1Ky/J/3QiV6M5fLedDcpkLp5WsVcXRkOEgkKPYEQ="; ldflags = let t = "github.com/kubeshark/kubeshark"; in [ "-s" "-w" diff --git a/pkgs/applications/networking/cluster/linkerd/update-edge.sh b/pkgs/applications/networking/cluster/linkerd/update-edge.sh index 0e5be4f197e..f9d9569b381 100755 --- a/pkgs/applications/networking/cluster/linkerd/update-edge.sh +++ b/pkgs/applications/networking/cluster/linkerd/update-edge.sh @@ -17,17 +17,17 @@ setKV () { setKV version ${VERSION} setKV sha256 ${SHA256} -setKV vendorSha256 "0000000000000000000000000000000000000000000000000000" # Necessary to force clean build. +setKV vendorHash "sha256-BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB=" # Necessary to force clean build. cd ../../../../../ set +e -VENDOR_SHA256=$(nix-build --no-out-link -A linkerd_edge 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') +VENDOR_HASH=$(nix-build --no-out-link -A linkerd_edge 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') set -e cd - > /dev/null -if [ -n "${VENDOR_SHA256:-}" ]; then - setKV vendorSha256 ${VENDOR_SHA256} +if [ -n "${VENDOR_HASH:-}" ]; then + setKV vendorHash ${VENDOR_HASH} else - echo "Update failed. VENDOR_SHA256 is empty." + echo "Update failed. VENDOR_HASH is empty." exit 1 fi diff --git a/pkgs/applications/networking/cluster/linkerd/update-stable.sh b/pkgs/applications/networking/cluster/linkerd/update-stable.sh index 19aa4274bed..8643262ec3a 100755 --- a/pkgs/applications/networking/cluster/linkerd/update-stable.sh +++ b/pkgs/applications/networking/cluster/linkerd/update-stable.sh @@ -17,17 +17,17 @@ setKV () { setKV version ${VERSION} setKV sha256 ${SHA256} -setKV vendorSha256 "0000000000000000000000000000000000000000000000000000" # Necessary to force clean build. +setKV vendorHash "sha256-BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB=" # Necessary to force clean build. cd ../../../../../ set +e -VENDOR_SHA256=$(nix-build --no-out-link -A linkerd 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') +VENDOR_HASH=$(nix-build --no-out-link -A linkerd 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') set -e cd - > /dev/null -if [ -n "${VENDOR_SHA256:-}" ]; then - setKV vendorSha256 ${VENDOR_SHA256} +if [ -n "${VENDOR_HASH:-}" ]; then + setKV vendorHash ${VENDOR_HASH} else - echo "Update failed. VENDOR_SHA256 is empty." + echo "Update failed. VENDOR_HASH is empty." exit 1 fi diff --git a/pkgs/applications/networking/cluster/nomad/default.nix b/pkgs/applications/networking/cluster/nomad/default.nix index b9bb93249a2..c973a20ad53 100644 --- a/pkgs/applications/networking/cluster/nomad/default.nix +++ b/pkgs/applications/networking/cluster/nomad/default.nix @@ -1,6 +1,7 @@ { lib , buildGoModule , buildGo120Module +, buildGo121Module , fetchFromGitHub , nixosTests , installShellFiles @@ -73,10 +74,10 @@ rec { }; nomad_1_6 = generic { - buildGoModule = buildGo120Module; - version = "1.6.1"; - sha256 = "sha256-RsyGUaLteGiNf0PTkKLcjHTevhKb/mNx2JORpXhHJMw="; - vendorHash = "sha256-Y3O7ADzZPlLWFbXSYBcI6b5MAhMD0UnkhQxO9VJMpOY="; + buildGoModule = buildGo121Module; + version = "1.6.2"; + sha256 = "sha256-Q0RyO9FZWGxWgVmTU07/pw5P4Ebcwcednq8TDmshuAk="; + vendorHash = "sha256-XCuWhKuBtSPTK8fXwgjMKMjwLnl1KWZKSJ4Ih9XDIDc="; passthru.tests.nomad = nixosTests.nomad; preCheck = '' export PATH="$PATH:$NIX_BUILD_TOP/go/bin" diff --git a/pkgs/applications/networking/cluster/ocm/default.nix b/pkgs/applications/networking/cluster/ocm/default.nix index cd9b90f565e..e8180fa770c 100644 --- a/pkgs/applications/networking/cluster/ocm/default.nix +++ b/pkgs/applications/networking/cluster/ocm/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "ocm"; - version = "0.1.67"; + version = "0.1.68"; src = fetchFromGitHub { owner = "openshift-online"; repo = "ocm-cli"; rev = "v${version}"; - sha256 = "sha256-MNagqeT6Uw9fLl6gJ+2FYTRZ2rO2qTYi8SBDoOR9EUM="; + sha256 = "sha256-pJ/QWdKLVKFQuaGO9sNf6lhMMgqk9VZS9NLtUz+2+t8="; }; - vendorHash = "sha256-4d8IGe/gTt4HAqyg05pYtAFfHp6NCmUBtfxRA64rEmM="; + vendorHash = "sha256-3HLTuWf4mK3r92s2mPE2yl/rrPxgcsB9EmrxkiJsMaE="; # Strip the final binary. ldflags = [ "-s" "-w" ]; diff --git a/pkgs/applications/networking/cluster/pachyderm/default.nix b/pkgs/applications/networking/cluster/pachyderm/default.nix index 5483fc1e0f4..f8ff802ede8 100644 --- a/pkgs/applications/networking/cluster/pachyderm/default.nix +++ b/pkgs/applications/networking/cluster/pachyderm/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "pachyderm"; - version = "2.7.0"; + version = "2.7.2"; src = fetchFromGitHub { owner = "pachyderm"; repo = "pachyderm"; rev = "v${version}"; - hash = "sha256-OA6NY8hI/Aw6vdtDfN1cRXdsLLfxW5ECg5tobPZB66Y="; + hash = "sha256-+DqkYzRS1H6PGthljAqsmLAnGtKkX4g0drZiRh8b1v4="; }; vendorHash = "sha256-q8Cx+J5BjMvO5wuvH5Tc5Oa9rjW7vXvS4DhSVv/E3E4="; diff --git a/pkgs/applications/networking/cluster/pinniped/default.nix b/pkgs/applications/networking/cluster/pinniped/default.nix index b04c770dd98..823fdfb434d 100644 --- a/pkgs/applications/networking/cluster/pinniped/default.nix +++ b/pkgs/applications/networking/cluster/pinniped/default.nix @@ -2,18 +2,18 @@ buildGoModule rec{ pname = "pinniped"; - version = "0.25.0"; + version = "0.26.0"; src = fetchFromGitHub { owner = "vmware-tanzu"; repo = "pinniped"; rev = "v${version}"; - sha256 = "sha256-tUdPeBqAXYaBB2rtkhrhN3kRSVv8dg0UI7GEmIdO+fc="; + sha256 = "sha256-z+JwtrP3WGMK11RRYrDig5SrX6YCj7U3AwuLg/J8dgs="; }; subPackages = "cmd/pinniped"; - vendorHash = "sha256-IFVXNd1UkfZiw8YKG3v9uHCJQCE3ajOsjbHv5r3y3L4="; + vendorHash = "sha256-QywpqgQj76x0zmn4eC74fy7UECK4K81WO+nxOYKZqq0="; ldflags = [ "-s" "-w" ]; diff --git a/pkgs/applications/networking/cluster/prow/default.nix b/pkgs/applications/networking/cluster/prow/default.nix index b1ea88a11a3..9c8b311cf7c 100644 --- a/pkgs/applications/networking/cluster/prow/default.nix +++ b/pkgs/applications/networking/cluster/prow/default.nix @@ -10,10 +10,10 @@ buildGoModule rec { owner = "kubernetes"; repo = "test-infra"; - sha256 = "0mc3ynmbf3kidibdy8k3v3xjlvmxl8w7zm1z2m0skmhd0y4bpmk4"; + hash = "sha256-ZNa7iAcN1qlBFT/UfziivW4q+9hjIt9WbHEOt6r1g1U="; }; - vendorSha256 = "16fdc5r28andm8my4fxj0f1yygx6j2mvn92i6xdfhbcra0lvr4ql"; + vendorHash = "sha256-FJO8KVCZLehaN1Eku6uQpj/vgwOyO+Irqs0qJHJhzZk="; doCheck = false; diff --git a/pkgs/applications/networking/cluster/ssm-agent/default.nix b/pkgs/applications/networking/cluster/ssm-agent/default.nix index 5a0dc0d2d97..a073c9b6fd8 100644 --- a/pkgs/applications/networking/cluster/ssm-agent/default.nix +++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix @@ -27,7 +27,7 @@ let in buildGoPackage rec { pname = "amazon-ssm-agent"; - version = "3.2.1297.0"; + version = "3.2.1478.0"; goPackagePath = "github.com/aws/${pname}"; @@ -37,7 +37,7 @@ buildGoPackage rec { rev = version; owner = "aws"; repo = "amazon-ssm-agent"; - hash = "sha256-zRs7RsShZPH3hb5MsADUNrTfHbJVwCELE9mCqEWaTng="; + hash = "sha256-SS0N3Wcksk2vq52K6GYE9z4hrckXGqiuCuYPHkH4SWc="; }; patches = [ @@ -49,7 +49,7 @@ buildGoPackage rec { ./0002-version-gen-don-t-use-unnecessary-constants.patch ]; - # See the list https://github.com/aws/amazon-ssm-agent/blob/3.2.1297.0/makefile#L120-L138 + # See the list https://github.com/aws/amazon-ssm-agent/blob/3.2.1478.0/makefile#L120-L138 # The updater is not built because it cannot work on NixOS subPackages = [ "core" diff --git a/pkgs/applications/networking/cluster/starboard/default.nix b/pkgs/applications/networking/cluster/starboard/default.nix index 337d86f9fed..ddfa4443d82 100644 --- a/pkgs/applications/networking/cluster/starboard/default.nix +++ b/pkgs/applications/networking/cluster/starboard/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "starboard"; - version = "0.15.13"; + version = "0.15.15"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; rev = "v${version}"; - sha256 = "sha256-8sEhR32CaTYGHi6tdhjGl8c42QUbaaUDdFwtpEFwRHo="; + sha256 = "sha256-aKxRjPXvj9rGUheUjpjGWlzg9I6LaCxfc6FJV8Kzj3I="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -20,7 +20,7 @@ buildGoModule rec { find "$out" -name .git -print0 | xargs -0 rm -rf ''; }; - vendorHash = "sha256-JEji1wPXLfVireuIVD2Ct/1Nvf92ukwRpMDCrT/CbOE="; + vendorHash = "sha256-dUqcg9/kJfKWIygem0rmtgOiYOHpfWOdH4YV0mYhxeQ="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/applications/networking/cluster/tektoncd-cli/default.nix b/pkgs/applications/networking/cluster/tektoncd-cli/default.nix index 0cb84284bf8..3b9962b84a0 100644 --- a/pkgs/applications/networking/cluster/tektoncd-cli/default.nix +++ b/pkgs/applications/networking/cluster/tektoncd-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "tektoncd-cli"; - version = "0.31.2"; + version = "0.32.0"; src = fetchFromGitHub { owner = "tektoncd"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-QBJ8UoR61XOFT6u5glpL+DHaj5Kyqq73r0pyteINQNA="; + sha256 = "sha256-Ilue0stXko8bkMMzXEHrdgJYIV5ZcI39hwFUya8X4ac="; }; vendorHash = null; diff --git a/pkgs/applications/networking/cluster/temporal/default.nix b/pkgs/applications/networking/cluster/temporal/default.nix index b53a6800111..6c0715939fe 100644 --- a/pkgs/applications/networking/cluster/temporal/default.nix +++ b/pkgs/applications/networking/cluster/temporal/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "temporal"; - version = "1.21.5"; + version = "1.22.0"; src = fetchFromGitHub { owner = "temporalio"; repo = "temporal"; rev = "v${version}"; - hash = "sha256-G8HqoTdkAAGSadJRF+22hD8q0htwl21HWupfx1/5muc="; + hash = "sha256-7AdbGsgdDsSUtj8TkZl4CcvF2Xk1l9W9Vdos+fEsIVI="; }; - vendorHash = "sha256-AVij8Xb729UQt8BuRf+SoGhoDFzsVELAFV5xCBwnx4c="; + vendorHash = "sha256-gDiVB34fICaS6IyQCAa4ePff/vsT7/7HnJM9ZjiOh4k="; excludedPackages = [ "./build" ]; diff --git a/pkgs/applications/networking/cluster/weave-gitops/default.nix b/pkgs/applications/networking/cluster/weave-gitops/default.nix index 607955ef5c6..3d43c853809 100644 --- a/pkgs/applications/networking/cluster/weave-gitops/default.nix +++ b/pkgs/applications/networking/cluster/weave-gitops/default.nix @@ -2,18 +2,18 @@ buildGoModule rec { pname = "weave-gitops"; - version = "0.29.0"; + version = "0.31.2"; src = fetchFromGitHub { owner = "weaveworks"; repo = pname; rev = "v${version}"; - sha256 = "sha256-d/MC+QJypLvURLRRp4U3oErf+MdyJ291Pa+gNPkV4xQ="; + sha256 = "sha256-bzYvyqLMdVdgp8C71mnykzB9HEIPDXQ+SpBOScKybJ8="; }; ldflags = [ "-s" "-w" "-X github.com/weaveworks/weave-gitops/cmd/gitops/version.Version=${version}" ]; - vendorHash = "sha256-qwuV/c4lWjtmLp197EOScgZHMe4Wmnbj/Jy8x0n2VSo="; + vendorHash = "sha256-3woVoEh+bU8QOzOEk7hnxxVe0mlPozqUDuP0Rn/9J6k="; subPackages = [ "cmd/gitops" ]; diff --git a/pkgs/applications/networking/cluster/werf/default.nix b/pkgs/applications/networking/cluster/werf/default.nix index 0c02ba84402..53f4c831f02 100644 --- a/pkgs/applications/networking/cluster/werf/default.nix +++ b/pkgs/applications/networking/cluster/werf/default.nix @@ -10,16 +10,16 @@ buildGoModule rec { pname = "werf"; - version = "1.2.255"; + version = "1.2.259"; src = fetchFromGitHub { owner = "werf"; repo = "werf"; rev = "v${version}"; - hash = "sha256-XrW/owPeh+lpkGDy0iNigu68Zx0dZIyBhrUkOXaHsaM="; + hash = "sha256-A5sK+M/mjAsDMuqPvBNKML7rDzYMPKtN5VW4pX/sWCM="; }; - vendorHash = "sha256-rLUZnjrKZd1Br4upb+cGY3AMKtKVNxO/VxntmRLGu8A="; + vendorHash = "sha256-gfh55taGIuigMCJw0hZuSA0q39V19LCPAUYqZiTinB4="; proxyVendor = true; diff --git a/pkgs/applications/networking/cluster/zarf/default.nix b/pkgs/applications/networking/cluster/zarf/default.nix index 7d730763c16..eeb97e1b0f0 100644 --- a/pkgs/applications/networking/cluster/zarf/default.nix +++ b/pkgs/applications/networking/cluster/zarf/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "zarf"; - version = "0.29.1"; + version = "0.29.2"; src = fetchFromGitHub { owner = "defenseunicorns"; repo = "zarf"; rev = "v${version}"; - hash = "sha256-m/eyy3MpHHlxlWU9Y7tsQw5jGGZIKCvBkIgoRmvecBI="; + hash = "sha256-eSKoh1Ab2rzpOOHRi+FZ92ic92Q6bFpu1jYIPhmoqQc="; }; vendorHash = "sha256-p1QLNbkNlIwqHzLjGX5YGC2Xxu0nAjmMfGwKXhi9XkU="; |