summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorIvan Shapovalov2023-12-23 02:40:25 +0100
committerIvan Shapovalov2023-12-23 08:40:27 +0300
commit3b329bfdb5ae70b90e29109b7ff43c8440cb9431 (patch)
tree032d1666f46c3a1b7cc55a0fa39bc2afcf98be5f
parent9d4f3cc1f9f82eb71aa1e5e5bf19758aee250ef3 (diff)
downloadaur-3b329bfdb5ae70b90e29109b7ff43c8440cb9431.tar.gz
Rewrite and patch build system, update to 1.29.0+k3s1
-rw-r--r--.SRCINFO28
-rw-r--r--0000-Fix-issue-8293.-Remove-useless-log-init-code.patch38
-rw-r--r--0001-Dockerfile.dapper-set-HOME-properly.patch40
-rw-r--r--0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch25
-rw-r--r--0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch22
-rw-r--r--0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch33
-rw-r--r--0005-Dockerfile.dapper-sanitize-cache-configuration.patch67
-rw-r--r--0006-.service-update-systemd-service-files.patch175
-rw-r--r--0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch52
-rw-r--r--PKGBUILD93
-rw-r--r--config.yaml7
-rw-r--r--k3s-agent.service.env11
-rw-r--r--k3s.service.env10
13 files changed, 572 insertions, 29 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 53e9d8a92dd4..7f10074409bc 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
pkgbase = k3s-git
pkgdesc = Lightweight Kubernetes
- pkgver = 1.28.4+k3s2+r8+g231cb6ed20
- pkgrel = 2
+ pkgver = 1.29.0+k3s1+r0+g3190a5faa2
+ pkgrel = 1
url = https://k3s.io
arch = x86_64
license = Apache
@@ -11,9 +11,31 @@ pkgbase = k3s-git
provides = k3s
conflicts = k3s
backup = etc/systemd/system/k3s.service.env
+ backup = etc/systemd/system/k3s-agent.service.env
+ backup = etc/rancher/k3s/config.yaml
source = git+https://github.com/k3s-io/k3s
source = k3s.service.env
+ source = k3s-agent.service.env
+ source = config.yaml
+ source = 0000-Fix-issue-8293.-Remove-useless-log-init-code.patch
+ source = 0001-Dockerfile.dapper-set-HOME-properly.patch
+ source = 0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch
+ source = 0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch
+ source = 0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch
+ source = 0005-Dockerfile.dapper-sanitize-cache-configuration.patch
+ source = 0006-.service-update-systemd-service-files.patch
+ source = 0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch
sha256sums = SKIP
- sha256sums = 667199fa6b811dde3aef3e626e2695a566ad64c9a03d19d0c94a1f104a7612d0
+ sha256sums = 94b0dd21fa4f075d4db7f6efe7a775de476b278de72f99773ee3de0bb54e7f68
+ sha256sums = 2f6964aed46deb38095801e124a6603f3a29e6886815d52c59c02883f7a37925
+ sha256sums = 6f0500a656ed78c0bb689c12264dbcd79f579edc3b9e17d512be742c1b2c43a4
+ sha256sums = fe667d538cf94bf8f9a62d9812a03bf423204f452aa11f0f2addf0dbe1b95866
+ sha256sums = 9307c9dbec1bdd73a1a3186668e0f5d5c9900474f53a842a133feba62c92b0ac
+ sha256sums = 350438be7abe98eeee60f23e9aa566eba38df5422597ab4e7184cc7a12309ebb
+ sha256sums = 659ee5e6a7c7df532418032e7b115ab7804fd60593e497814cc553504545af3c
+ sha256sums = 6e00974e4ec3ee5999da87c7d1e43fed5b64e84ce6eec3a43ed971f24c5cb820
+ sha256sums = 616063a668d510f163aa684e78fcf89d1b8cc8e1524acdc170608bfbf0e80e47
+ sha256sums = bb721e8850eb736ad9aad4f0a8ef20dac0e06d7731731c3541264f138be28b74
+ sha256sums = f448303dbbefef2645b8c2146d595643c0143c7300eab12a459b85a3b18b3d91
pkgname = k3s-git
diff --git a/0000-Fix-issue-8293.-Remove-useless-log-init-code.patch b/0000-Fix-issue-8293.-Remove-useless-log-init-code.patch
new file mode 100644
index 000000000000..fa275bf5d134
--- /dev/null
+++ b/0000-Fix-issue-8293.-Remove-useless-log-init-code.patch
@@ -0,0 +1,38 @@
+From f349e309ed9e06c028e6f3938abbbce246235c60 Mon Sep 17 00:00:00 2001
+From: Linshen Lee <1061696872@qq.com>
+Date: Fri, 15 Dec 2023 22:17:32 +0900
+Subject: [PATCH] Fix: issue #8293. Remove useless log init code Signed-off-by:
+ Linshen Lee 1061696872@qq.com
+
+---
+ pkg/cli/cmds/log.go | 6 ------
+ 1 file changed, 6 deletions(-)
+
+diff --git a/pkg/cli/cmds/log.go b/pkg/cli/cmds/log.go
+index ea778ac668..7e34b10136 100644
+--- a/pkg/cli/cmds/log.go
++++ b/pkg/cli/cmds/log.go
+@@ -1,9 +1,7 @@
+ package cmds
+
+ import (
+- "flag"
+ "fmt"
+- "strconv"
+ "sync"
+ "time"
+
+@@ -73,10 +71,6 @@ func checkUnixTimestamp() error {
+ }
+
+ func setupLogging() {
+- flag.Set("v", strconv.Itoa(LogConfig.VLevel))
+- flag.Set("vmodule", LogConfig.VModule)
+- flag.Set("alsologtostderr", strconv.FormatBool(Debug))
+- flag.Set("logtostderr", strconv.FormatBool(!Debug))
+ if Debug {
+ logrus.SetLevel(logrus.DebugLevel)
+ }
+--
+2.43.0
+
diff --git a/0001-Dockerfile.dapper-set-HOME-properly.patch b/0001-Dockerfile.dapper-set-HOME-properly.patch
new file mode 100644
index 000000000000..9b6db78c3130
--- /dev/null
+++ b/0001-Dockerfile.dapper-set-HOME-properly.patch
@@ -0,0 +1,40 @@
+From 18b1172fb9d59b50ab8473235c8954097b2a2850 Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Fri, 22 Dec 2023 22:43:56 +0100
+Subject: [PATCH 1/7] Dockerfile.dapper: set $HOME properly
+
+`$HOME` refers to `$DAPPER_SOURCE`, which is set in the same expression
+and is thus not visible at the time of substitution.
+
+This problem is not immediately visible with Docker, Inc.'s docker
+merely because it resets an unset `$HOME` to `/root` (but still breaking
+the Go cache). Under podman, this problem is immediately visible because
+an unset `$HOME` remains unset and subsequently breaks the `go generate`
+invocation.
+
+Fixes #9089.
+
+Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
+---
+ Dockerfile.dapper | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/Dockerfile.dapper b/Dockerfile.dapper
+index af99d3d35e..2f0cd5e64d 100644
+--- a/Dockerfile.dapper
++++ b/Dockerfile.dapper
+@@ -56,9 +56,10 @@ ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.ca
+ DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \
+ DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \
+ DAPPER_DOCKER_SOCKET=true \
+- HOME=${DAPPER_SOURCE} \
+ CROSS=true \
+ STATIC_BUILD=true
++# Set $HOME separately because it refers to $DAPPER_SOURCE, set above
++ENV HOME=${DAPPER_SOURCE}
+
+ WORKDIR ${DAPPER_SOURCE}
+
+--
+2.43.0
+
diff --git a/0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch b/0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch
new file mode 100644
index 000000000000..8675b37965e8
--- /dev/null
+++ b/0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch
@@ -0,0 +1,25 @@
+From 447968ac1d6fc95ad71b93b400ce519ac740d8e3 Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Sat, 23 Dec 2023 01:10:59 +0100
+Subject: [PATCH 2/7] main: apply go-fmt to pkg/data/zz_generated_bindata.go
+
+No reason other than for consistency.
+---
+ main.go | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/main.go b/main.go
+index 8857094b87..c004a927bc 100644
+--- a/main.go
++++ b/main.go
+@@ -1,6 +1,7 @@
+ //go:generate go run pkg/codegen/cleanup/main.go
+ //go:generate rm -rf pkg/generated
+ //go:generate go run pkg/codegen/main.go
++//go:generate go fmt pkg/data/zz_generated_bindata.go
+ //go:generate go fmt pkg/deploy/zz_generated_bindata.go
+ //go:generate go fmt pkg/static/zz_generated_bindata.go
+
+--
+2.43.0
+
diff --git a/0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch b/0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch
new file mode 100644
index 000000000000..60084553a8f3
--- /dev/null
+++ b/0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch
@@ -0,0 +1,22 @@
+From 53f939037c313880efcf39c7e6fcbf4cb9a713e2 Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Sat, 23 Dec 2023 01:07:38 +0100
+Subject: [PATCH 3/7] .dockerignore: do not ignore parts of $GITDIR
+
+---
+ .dockerignore | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/.dockerignore b/.dockerignore
+index e1651fd70d..36131d3744 100644
+--- a/.dockerignore
++++ b/.dockerignore
+@@ -5,4 +5,3 @@
+ ./.cache
+ ./.dapper
+ ./.trash-cache
+-./.git/objects/pack
+\ No newline at end of file
+--
+2.43.0
+
diff --git a/0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch b/0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch
new file mode 100644
index 000000000000..a86b1df96486
--- /dev/null
+++ b/0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch
@@ -0,0 +1,33 @@
+From fe83fb9745c429ac6ba4bb4aa97f538762be0e11 Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Sat, 23 Dec 2023 01:11:52 +0100
+Subject: [PATCH 4/7] Dockerfile.dapper: sanitize $DAPPER_OUTPUT
+
+Existing $DAPPER_OUTPUT is not enough to be able to run build steps
+sequentially (i. e. `make download; make generate; make build;
+make package`) because it misses several directories with intermediate
+artifacts. The only working way to build k3s is a single `make`
+invocation (which calls scripts/ci, which in turn calls all build steps
+in sequence in a single Docker invocation, thus obviating the need to
+extract any intermediate artifacts at all). Thus, don't bother
+extracting anything other than the final artifacts.
+---
+ Dockerfile.dapper | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Dockerfile.dapper b/Dockerfile.dapper
+index 2f0cd5e64d..5ae64df57b 100644
+--- a/Dockerfile.dapper
++++ b/Dockerfile.dapper
+@@ -54,7 +54,7 @@ ENV SELINUX=${SELINUX}
+ ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \
+ DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG" \
+ DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \
+- DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \
++ DAPPER_OUTPUT="./dist" \
+ DAPPER_DOCKER_SOCKET=true \
+ CROSS=true \
+ STATIC_BUILD=true
+--
+2.43.0
+
diff --git a/0005-Dockerfile.dapper-sanitize-cache-configuration.patch b/0005-Dockerfile.dapper-sanitize-cache-configuration.patch
new file mode 100644
index 000000000000..3c3af08dd7e4
--- /dev/null
+++ b/0005-Dockerfile.dapper-sanitize-cache-configuration.patch
@@ -0,0 +1,67 @@
+From 1f17fa5bf080101dddc6ff4100ad38296faa8a4a Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Sat, 23 Dec 2023 01:08:37 +0100
+Subject: [PATCH 5/7] Dockerfile.dapper: sanitize cache configuration
+
+- set $HOME to /root because there is no good reason to keep it in $PWD
+- mount volumes to /go/pkg to cache downloaded Go sources (we'd set it
+ to /go, but that would mask the k3s source tree at /go/src) and
+ /root/.cache to cache Go object files ($GOCACHE, ~/.cache/go-build)
+---
+ .dockerignore | 1 +
+ Dockerfile.dapper | 9 +++++++--
+ Makefile | 1 +
+ 3 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/.dockerignore b/.dockerignore
+index 36131d3744..c7418f3674 100644
+--- a/.dockerignore
++++ b/.dockerignore
+@@ -5,3 +5,4 @@
+ ./.cache
+ ./.dapper
+ ./.trash-cache
++./.dapper-cache
+diff --git a/Dockerfile.dapper b/Dockerfile.dapper
+index 5ae64df57b..5c49581a76 100644
+--- a/Dockerfile.dapper
++++ b/Dockerfile.dapper
+@@ -50,8 +50,13 @@ RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
+ ARG SELINUX=true
+ ENV SELINUX=${SELINUX}
+
++# Set to someone's $HOME to persist Go pkg cache ($GOPATH/pkg) Hand Go object cache ($GOCACHE)
++ARG DAPPER_CACHE_HOME=./.dapper-cache
++ARG DAPPER_CACHE_GOPATH=${DAPPER_CACHE_HOME}/go
++ARG DAPPER_CACHE_DOTCACHE=${DAPPER_CACHE_HOME}/cache
++
+ # Set Dapper configuration variables
+-ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \
++ENV DAPPER_RUN_ARGS="--privileged -v ${DAPPER_CACHE_GOPATH}/pkg:/go/pkg -v ${DAPPER_CACHE_DOTCACHE}:/root/.cache" \
+ DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG" \
+ DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \
+ DAPPER_OUTPUT="./dist" \
+@@ -59,7 +64,7 @@ ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.ca
+ CROSS=true \
+ STATIC_BUILD=true
+ # Set $HOME separately because it refers to $DAPPER_SOURCE, set above
+-ENV HOME=${DAPPER_SOURCE}
++ENV HOME=/root
+
+ WORKDIR ${DAPPER_SOURCE}
+
+diff --git a/Makefile b/Makefile
+index 620f899894..50af6aa110 100644
+--- a/Makefile
++++ b/Makefile
+@@ -10,6 +10,7 @@ GO_FILES ?= $$(find . -name '*.go' | grep -v generated)
+ @mv .dapper.tmp .dapper
+
+ $(TARGETS): .dapper
++ @mkdir -p .dapper-cache/{go/pkg,cache}
+ ./.dapper $@
+
+ .PHONY: deps
+--
+2.43.0
+
diff --git a/0006-.service-update-systemd-service-files.patch b/0006-.service-update-systemd-service-files.patch
new file mode 100644
index 000000000000..c8cf9707dd48
--- /dev/null
+++ b/0006-.service-update-systemd-service-files.patch
@@ -0,0 +1,175 @@
+From 3399f01e871f3a87d01f94841a522b9b8aba352e Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Sat, 23 Dec 2023 02:10:11 +0100
+Subject: [PATCH 6/7] *.service: update systemd service files
+
+---
+ k3s-agent-rootless.service | 47 ++++++++++++++++++++++++++++++++++++++
+ k3s-agent.service | 27 ++++++++++++++++++++++
+ k3s-rootless.service | 26 +++++++++++----------
+ k3s.service | 12 +++++-----
+ 4 files changed, 94 insertions(+), 18 deletions(-)
+ create mode 100644 k3s-agent-rootless.service
+ create mode 100644 k3s-agent.service
+
+diff --git a/k3s-agent-rootless.service b/k3s-agent-rootless.service
+new file mode 100644
+index 0000000000..68e049b2d1
+--- /dev/null
++++ b/k3s-agent-rootless.service
+@@ -0,0 +1,47 @@
++# systemd unit file for k3s (rootless)
++#
++# Usage:
++# - [Optional] Enable cgroup v2 delegation, see https://rootlesscontaine.rs/getting-started/common/cgroup2/ .
++# This step is optional, but highly recommended for enabling CPU and memory resource limtitation.
++#
++# - Copy this file as `~/.config/systemd/user/k3s-rootless.service`.
++# Installing this file as a system-wide service (`/etc/systemd/...`) is not supported.
++# Depending on the path of `k3s` binary, you might need to modify the `ExecStart=/usr/local/bin/k3s ...` line of this file.
++#
++# - Run `systemctl --user daemon-reload`
++#
++# - Run `systemctl --user enable --now k3s-rootless`
++#
++# - Run `KUBECONFIG=~/.kube/k3s.yaml kubectl get pods -A`, and make sure the pods are running.
++#
++# Troubleshooting:
++# - See `systemctl --user status k3s-rootless` to check the daemon status
++# - See `journalctl --user -f -u k3s-rootless` to see the daemon log
++# - See also https://rootlesscontaine.rs/
++
++[Unit]
++Description=Lightweight Kubernetes (agent, rootless)
++Documentation=https://k3s.io
++Documentation=https://rootlesscontaine.rs/
++After=network.target network-online.target
++Wants=network.target network-online.target
++
++[Service]
++Type=notify
++EnvironmentFile=-%E/systemd/system/%n.env
++# NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation.
++# If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope.
++ExecStart=/usr/bin/k3s agent --rootless --snapshotter=fuse-overlayfs $K3S_EXEC
++ExecReload=/bin/kill -s HUP $MAINPID
++KillMode=mixed
++Delegate=yes
++LimitNOFILE=1048576
++LimitNPROC=infinity
++LimitCORE=infinity
++TasksMax=infinity
++TimeoutStartSec=0
++Restart=always
++RestartSec=5s
++
++[Install]
++WantedBy=default.target
+diff --git a/k3s-agent.service b/k3s-agent.service
+new file mode 100644
+index 0000000000..9e8974c972
+--- /dev/null
++++ b/k3s-agent.service
+@@ -0,0 +1,27 @@
++[Unit]
++Description=Lightweight Kubernetes (agent)
++Documentation=https://k3s.io
++After=network.target network-online.target
++Wants=network.target network-online.target
++
++[Service]
++Type=notify
++EnvironmentFile=-/etc/default/%N
++EnvironmentFile=-/etc/sysconfig/%N
++EnvironmentFile=-/etc/systemd/system/%n.env
++ExecStart=/usr/bin/k3s agent $K3S_EXEC
++ExecReload=/bin/kill -s HUP $MAINPID
++KillMode=process
++Delegate=yes
++# Having non-zero Limit*s causes performance problems due to accounting overhead
++# in the kernel. We recommend using cgroups to do container-local accounting.
++LimitNOFILE=1048576
++LimitNPROC=infinity
++LimitCORE=infinity
++TasksMax=infinity
++TimeoutStartSec=0
++Restart=always
++RestartSec=5s
++
++[Install]
++WantedBy=multi-user.target
+diff --git a/k3s-rootless.service b/k3s-rootless.service
+index 5879e2f8f2..916af05c6d 100644
+--- a/k3s-rootless.service
++++ b/k3s-rootless.service
+@@ -20,26 +20,28 @@
+ # - See also https://rootlesscontaine.rs/
+
+ [Unit]
+-Description=k3s (Rootless)
++Description=Lightweight Kubernetes (server, rootless)
++Documentation=https://k3s.io
++Documentation=https://rootlesscontaine.rs/
++After=network.target network-online.target
++Wants=network.target network-online.target
+
+ [Service]
+-Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
++Type=notify
++EnvironmentFile=-%E/systemd/system/%n.env
+ # NOTE: Don't try to run `k3s server --rootless` on a terminal, as it doesn't enable cgroup v2 delegation.
+ # If you really need to try it on a terminal, prepend `systemd-run --user -p Delegate=yes --tty` to create a systemd scope.
+-ExecStart=/usr/local/bin/k3s server --rootless --snapshotter=fuse-overlayfs
++ExecStart=/usr/bin/k3s server --rootless --snapshotter=fuse-overlayfs $K3S_EXEC
+ ExecReload=/bin/kill -s HUP $MAINPID
+-TimeoutSec=0
+-RestartSec=2
+-Restart=always
+-StartLimitBurst=3
+-StartLimitInterval=60s
+-LimitNOFILE=infinity
++KillMode=mixed
++Delegate=yes
++LimitNOFILE=1048576
+ LimitNPROC=infinity
+ LimitCORE=infinity
+ TasksMax=infinity
+-Delegate=yes
+-Type=simple
+-KillMode=mixed
++TimeoutStartSec=0
++Restart=always
++RestartSec=5s
+
+ [Install]
+ WantedBy=default.target
+diff --git a/k3s.service b/k3s.service
+index 7f8c9ec89c..c786114ce0 100644
+--- a/k3s.service
++++ b/k3s.service
+@@ -1,16 +1,16 @@
+ [Unit]
+-Description=Lightweight Kubernetes
++Description=Lightweight Kubernetes (server)
+ Documentation=https://k3s.io
+-After=network-online.target
+-Wants=network-online.target
++After=network.target network-online.target
++Wants=network.target network-online.target
+
+ [Service]
+ Type=notify
+ EnvironmentFile=-/etc/default/%N
+ EnvironmentFile=-/etc/sysconfig/%N
+-EnvironmentFile=-/etc/systemd/system/k3s.service.env
+-ExecStartPre=/bin/sh -xc '! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service'
+-ExecStart=/usr/local/bin/k3s server
++EnvironmentFile=-/etc/systemd/system/%n.env
++ExecStart=/usr/bin/k3s server $K3S_EXEC
++ExecReload=/bin/kill -s HUP $MAINPID
+ KillMode=process
+ Delegate=yes
+ # Having non-zero Limit*s causes performance problems due to accounting overhead
+--
+2.43.0
+
diff --git a/0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch b/0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch
new file mode 100644
index 000000000000..969e1c978170
--- /dev/null
+++ b/0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch
@@ -0,0 +1,52 @@
+From b5f0aa8933a97aef7f255b8b71bb6bc12c9d06a6 Mon Sep 17 00:00:00 2001
+From: Ivan Shapovalov <intelfx@intelfx.name>
+Date: Sat, 23 Dec 2023 02:12:21 +0100
+Subject: [PATCH 7/7] scripts: moar compression, drop pigz and raw tar
+
+---
+ scripts/package-airgap | 10 +++++-----
+ scripts/package-cli | 7 ++++---
+ 2 files changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/scripts/package-airgap b/scripts/package-airgap
+index 911357181a..4953a9639b 100755
+--- a/scripts/package-airgap
++++ b/scripts/package-airgap
+@@ -6,11 +6,11 @@ cd $(dirname $0)/..
+ . ./scripts/version.sh
+
+ airgap_image_file='scripts/airgap/image-list.txt'
+-images=$(cat "${airgap_image_file}")
+-xargs -n1 docker pull <<< "${images}"
+-docker save ${images} -o dist/artifacts/k3s-airgap-images-${ARCH}.tar
+-zstd --no-progress -T0 -16 -f --long=25 dist/artifacts/k3s-airgap-images-${ARCH}.tar -o dist/artifacts/k3s-airgap-images-${ARCH}.tar.zst
+-pigz -v -c dist/artifacts/k3s-airgap-images-${ARCH}.tar > dist/artifacts/k3s-airgap-images-${ARCH}.tar.gz
++airgap_tar_file="dist/artifacts/k3s-airgap-images-${ARCH}.tar"
++readarray -t images <"${airgap_image_file}"
++printf '%s\0' "${images[@]}" | xargs -0 -n1 -o docker pull
++docker save "${images[@]}" -o "${airgap_tar_file}"
++zstd -T0 --ultra -22 --long=25 --verbose --force --rm "${airgap_tar_file}"
+ if [ ${ARCH} = amd64 ]; then
+ cp "${airgap_image_file}" dist/artifacts/k3s-images.txt
+ fi
+diff --git a/scripts/package-cli b/scripts/package-cli
+index c790f04aab..0452d4b4fd 100755
+--- a/scripts/package-cli
++++ b/scripts/package-cli
+@@ -54,9 +54,10 @@ mkdir -p ./etc
+ set -x
+ )
+
+-tar cvf ./build/out/data.tar ./bin ./etc
+-zstd --no-progress -T0 -16 -f --long=25 --rm ./build/out/data.tar -o ./build/out/data.tar.zst
+-HASH=$(sha256sum ./build/out/data.tar.zst | awk '{print $1}')
++data_tar_file="./build/out/data.tar"
++tar cvf "${data_tar_file}" ./bin ./etc
++zstd -T0 --ultra -22 --long=25 --verbose --force --rm "${data_tar_file}"
++HASH=$(sha256sum "${data_tar_file}.zst" | awk '{print $1}')
+
+ cp ./build/out/data.tar.zst ./build/data/${HASH}.tar.zst
+
+--
+2.43.0
+
diff --git a/PKGBUILD b/PKGBUILD
index 6d446b84d0ef..bfb1dcbc9ddf 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,26 +1,51 @@
# Maintainer: Ivan Shapovalov <intelfx@intelfx.name>
pkgname=k3s-git
-pkgver=1.28.4+k3s2+r8+g231cb6ed20
-pkgrel=2
+pkgver=1.29.0+k3s1+r0+g3190a5faa2
+pkgrel=1
pkgdesc='Lightweight Kubernetes'
arch=(x86_64)
url='https://k3s.io'
license=(Apache)
-makedepends=(git go podman)
+makedepends=(
+ git go podman
+ # these are (some of) the tools that are installed into the "builder"
+ # docker container during the officially blessed build path
+ # curl jq yq zstd pigz
+)
provides=(k3s)
conflicts=(k3s)
backup=(
etc/systemd/system/k3s.service.env
+ etc/systemd/system/k3s-agent.service.env
+ etc/rancher/k3s/config.yaml
)
source=(
"git+https://github.com/k3s-io/k3s"
'k3s.service.env'
+ 'k3s-agent.service.env'
+ 'config.yaml'
+ '0000-Fix-issue-8293.-Remove-useless-log-init-code.patch'
+ '0001-Dockerfile.dapper-set-HOME-properly.patch'
+ '0002-main-apply-go-fmt-to-pkg-data-zz_generated_bindata.g.patch'
+ '0003-.dockerignore-do-not-ignore-parts-of-GITDIR.patch'
+ '0004-Dockerfile.dapper-sanitize-DAPPER_OUTPUT.patch'
+ '0005-Dockerfile.dapper-sanitize-cache-configuration.patch'
+ '0006-.service-update-systemd-service-files.patch'
+ '0007-scripts-moar-compression-drop-pigz-and-raw-tar.patch'
)
-sha256sums=(
- 'SKIP'
- '667199fa6b811dde3aef3e626e2695a566ad64c9a03d19d0c94a1f104a7612d0'
-)
+sha256sums=('SKIP'
+ '94b0dd21fa4f075d4db7f6efe7a775de476b278de72f99773ee3de0bb54e7f68'
+ '2f6964aed46deb38095801e124a6603f3a29e6886815d52c59c02883f7a37925'
+ '6f0500a656ed78c0bb689c12264dbcd79f579edc3b9e17d512be742c1b2c43a4'
+ 'fe667d538cf94bf8f9a62d9812a03bf423204f452aa11f0f2addf0dbe1b95866'
+ '9307c9dbec1bdd73a1a3186668e0f5d5c9900474f53a842a133feba62c92b0ac'
+ '350438be7abe98eeee60f23e9aa566eba38df5422597ab4e7184cc7a12309ebb'
+ '659ee5e6a7c7df532418032e7b115ab7804fd60593e497814cc553504545af3c'
+ '6e00974e4ec3ee5999da87c7d1e43fed5b64e84ce6eec3a43ed971f24c5cb820'
+ '616063a668d510f163aa684e78fcf89d1b8cc8e1524acdc170608bfbf0e80e47'
+ 'bb721e8850eb736ad9aad4f0a8ef20dac0e06d7731731c3541264f138be28b74'
+ 'f448303dbbefef2645b8c2146d595643c0143c7300eab12a459b85a3b18b3d91')
pkgver() {
cd k3s
@@ -30,17 +55,12 @@ pkgver() {
prepare() {
cd k3s
- # fix #8293
- git fetch origin refs/pull/9064/head
- git cherry-pick --no-edit FETCH_HEAD
-
- # moar compression
- sed -i -r 's|(zstd .*)-[0-9]+|\1 --ultra -22|' \
- scripts/package-cli \
- scripts/package-airgap \
-
- sed -i -r 's|/usr/local/bin/k3s|/usr/bin/k3s|' \
- *.service
+ # fix #8293, #9089, sanitize buildsystem, moar compression
+ for p in "${source[@]}"; do
+ if [[ $p == *.patch ]]; then
+ git apply -3 "$srcdir/$p"
+ fi
+ done
}
build() {
@@ -76,17 +96,31 @@ EOF
# 4. Run podman-system-service to create a dockerd-compatible control socket
# and point every broken tool in existence towards it.
- export DOCKER_HOST="unix:///tmp/docker.sock"
- podman --log-level=info system service --time 0 "$DOCKER_HOST" &
+ export DOCKER_HOST="unix://$PWD/docker.sock"
+ podman system service --time 0 "$DOCKER_HOST" >&2 &
podman_pid="$!"
- # 5. Hopefully run the build inside of this Rube-Goldbergian contraption.
+ # 5. Set $DAPPER_CACHE_HOME to hopefully persist (some) caches
+ # FIXME: point this to $HOME after we make sure this works
+ export DAPPER_CACHE_HOME="$BUILDDIR/dapper-cache"
+ # dapper/podman won't create those subdirs for us
+ mkdir -pv "$DAPPER_CACHE_HOME"/{cache,go/pkg}
+
+ # 6. create a build script with only the steps we want
+ cat <<"EOF" | install -m755 /dev/stdin k3s/scripts/archpkg
+#!/bin/bash -ex
+
+scripts/download
+scripts/build
+scripts/package-cli
+#REPO=... IMAGE_NAME=... scripts/package-image
+scripts/package-airgap
+EOF
+
+ # 7. Hopefully run the build inside of this Rube-Goldbergian contraption.
cd k3s
- mkdir -p build/data
- make download
- make generate
- make build
- make package
+ #scripts/archpkg
+ make archpkg
kill "$podman_pid"
wait "$podman_pid"
@@ -101,16 +135,23 @@ package() {
install -Dm644 \
k3s.service \
+ k3s-agent.service \
-t "$pkgdir/usr/lib/systemd/system"
install -Dm644 \
k3s-rootless.service \
+ k3s-agent-rootless.service \
-t "$pkgdir/usr/lib/systemd/user"
install -Dm600 \
"$srcdir/k3s.service.env" \
+ "$srcdir/k3s-agent.service.env" \
-t "$pkgdir/etc/systemd/system"
+ install -Dm600 \
+ "$srcdir/config.yaml" \
+ -t "$pkgdir/etc/rancher/k3s"
+
# air-gapped images
install -Dm644 \
dist/artifacts/k3s-airgap-images-amd64.tar.zst \
diff --git a/config.yaml b/config.yaml
new file mode 100644
index 000000000000..1514b43db97a
--- /dev/null
+++ b/config.yaml
@@ -0,0 +1,7 @@
+#write-kubeconfig-mode: "0644"
+#tls-san:
+# - "foo.local"
+#node-label:
+# - "foo=bar"
+# - "something=amazing"
+#cluster-init: true
diff --git a/k3s-agent.service.env b/k3s-agent.service.env
new file mode 100644
index 000000000000..969a44453f78
--- /dev/null
+++ b/k3s-agent.service.env
@@ -0,0 +1,11 @@
+# K3S_EXEC=
+# K3S_URL=
+# K3S_TOKEN=
+# K3S_AGENT_TOKEN=
+# K3S_CONFIG_FILE=/etc/rancher/k3s/config.yaml
+# K3S_TOKEN_FILE=/var/lib/rancher/k3s/server/token
+# K3S_AGENT_TOKEN_FILE=/var/lib/rancher/k3s/server/agent-token
+
+# HTTP_PROXY=http://your-proxy.example.com:8888
+# HTTPS_PROXY=http://your-proxy.example.com:8888
+# NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
diff --git a/k3s.service.env b/k3s.service.env
new file mode 100644
index 000000000000..03c45fbaa2d5
--- /dev/null
+++ b/k3s.service.env
@@ -0,0 +1,10 @@
+# K3S_EXEC=
+# K3S_TOKEN=
+# K3S_AGENT_TOKEN=
+# K3S_CONFIG_FILE=/etc/rancher/k3s/config.yaml
+# K3S_TOKEN_FILE=/var/lib/rancher/k3s/server/token
+# K3S_AGENT_TOKEN_FILE=/var/lib/rancher/k3s/server/agent-token
+
+# HTTP_PROXY=http://your-proxy.example.com:8888
+# HTTPS_PROXY=http://your-proxy.example.com:8888
+# NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16