From c6bad5b2ecfcb086329537ce4bfffe243e2c95f1 Mon Sep 17 00:00:00 2001
From: "Jeffrey C. Ollie" <jeff@ocjtech.us>
Date: Thu, 20 Apr 2023 19:27:21 -0500
Subject: [PATCH] work
---
.gitignore | 1 +
containerd-config.nix | 22 ---
flake.nix | 403 +++++++++++++++++++++++++++++++++++++-----
gethashes.py | 51 ++++++
hashes.json | 314 ++++++++++++++++++++++++++++++++
5 files changed, 720 insertions(+), 71 deletions(-)
create mode 100644 .gitignore
delete mode 100644 containerd-config.nix
create mode 100644 gethashes.py
create mode 100644 hashes.json
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..d6944e3
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/result*
diff --git a/containerd-config.nix b/containerd-config.nix
deleted file mode 100644
index f999dad..0000000
--- a/containerd-config.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ ... }: {
- plugins = {
- "io.containerd.runtime.v1.linux" = {
- runtime = "runc";
- };
- "io.containerd.grpc.v1.cri" = {
- cni = {
- bin_dir = "/opt/cni/bin";
- conf_dir = "/etc/cni/net.d";
- };
- containerd = {
- runtimes = {
- runc = {
- options = {
- SystemdCgroup = true;
- };
- };
- };
- };
- };
- };
-}
diff --git a/flake.nix b/flake.nix
index f59fa77..8f314ac 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,5 +1,5 @@
{
- description = "openlens";
+ description = "kubernetes";
inputs = {
nixpkgs = {
@@ -20,40 +20,77 @@
"x86_64-linux" = "amd64";
"aarch64-linux" = "arm64";
}.${system};
- hashes = {
- kubectl = {
- "amd64" = {
- "1.24.8" = "sha256-+TwYdR7HFbTUQ35+zhj+kZSMcb4fJKsCot3hUPVEmFU=";
- "1.23.5" = "sha256-cV2gXFaqT43wnLH52WoqosM6EjL2/RleP/zm6YpQqHk=";
- "1.23.14" = "";
- };
- };
- kubeadm = {
- "amd64" = {
- "1.24.8" = "sha256-n+pCtPtestpjjSBxDrt5Hd4iHmR3eT095wE0rAWMTMc=";
- "1.23.5" = "sha256-juve0YfuhMlwAwdOqjR+NBMf7zrN8+WJqbAgD5Rodmc=";
- "1.23.14" = "";
- };
- };
- kubelet = {
- "amd64" = {
- "1.24.8" = "sha256-LaC5OFfPNSv/XR60LjTTmKWXG2OlPYaHtFF5p4VA1tY=";
- "1.23.5" = "sha256-JTudsimbCbkeTAl4HOHS22utIJnPFrohAkUVn0jQ1eQ=";
- "1.23.14" = "";
- };
- };
+ hashes = builtins.fromJSON (builtins.readFile ./hashes.json) // {
crictl = {
"amd64" = {
+ "1.27.0" = "sha256-0zXW4Wwwn7w/8aKafkm7JTtcm0sDCZC/fGtIaH+YXO4=";
"1.24.1" = "sha256-QAbTrxELFEhlvg0wgUXh+Q97QN+gsgjYLT0dJfO3v5c=";
"1.23.0" = "sha256-t1T4PICs3HX5OroZH/Jp2mvkXQ/C0/QHlwTn0UJPHKg=";
};
};
cni = {
"amd64" = {
+ "1.2.0" = "sha256-86hBMkhFymvw1AkbT8f5fhimIxchWLcvw/3NudQtLTc=";
"0.8.7" = "sha256-l3gkky1WZ8ejeqajy7pAEApoc+e9l+g+i+g34+ev0Kg=";
};
};
};
+ # hashes = {
+ # kubectl = {
+ # "amd64" = {
+ # "1.27.1" = "";
+ # "1.26.3" = "";
+ # "1.25.9" = "sha256-qqXqOzYwcw0rio7zzMsUtHdUYCxyB8ewcXFYroPHyxA=";
+ # "1.25.8" = "sha256-gOcESEVfPRnDy0m9b/b8kTZ39PJA02j6K58NQAyM0W4=";
+ # "1.24.13" = "sha256-UkVf5IX6EcZQqwf+ouSFa16lo+bvihs7YSHmNhQ3//k=";
+ # "1.24.12" = "sha256-JYdVUdQkIzm8yM7wwY8KD2MepiH2+rEZClqqtGZjTnw=";
+ # "1.24.8" = "sha256-+TwYdR7HFbTUQ35+zhj+kZSMcb4fJKsCot3hUPVEmFU=";
+ # "1.23.17" = "sha256-8J9zOLWmd/F6lEN5bGSNK4D+rsnWoJSread8igH96UE=";
+ # "1.23.14" = "sha256-E85LGLpuFdXSWSScUwY33X+5ci0SHfAiCZ8+1fK9dM0=";
+ # "1.23.5" = "sha256-cV2gXFaqT43wnLH52WoqosM6EjL2/RleP/zm6YpQqHk=";
+ # };
+ # };
+ # kubeadm = {
+ # "amd64" = {
+ # "1.27.1" = "";
+ # "1.26.3" = "";
+ # "1.25.9" = "sha256-FXviTZmBEaUdUtsBb5AQzWQYUGoCj4e1pxL1GLOSo/M=";
+ # "1.25.8" = "sha256-KuhEd2rEgnPYaPkqftnVS0pumw5NBYdNd7fA9L+mA3k=";
+ # "1.24.13" = "sha256-kaZbdBWhp+Pb2yNoPv+eKs5aclobzVKxBpXdSa22eH4=";
+ # "1.24.12" = "sha256-ptqtOVl6nT1MSaRM4rd7tFKQhVCFy/4uGyCv2E9A0UM=";
+ # "1.24.8" = "sha256-n+pCtPtestpjjSBxDrt5Hd4iHmR3eT095wE0rAWMTMc=";
+ # "1.23.17" = "sha256-bT9zL+HqvZHJj/DuZsbItPy97p6Zwshgbw+l/1e06mU=";
+ # "1.23.14" = "sha256-RshH4mmYObnM9mc/C5RsR3ijoujkY9FYVLow0/DL2Ho=";
+ # "1.23.5" = "sha256-juve0YfuhMlwAwdOqjR+NBMf7zrN8+WJqbAgD5Rodmc=";
+ # };
+ # };
+ # kubelet = {
+ # "amd64" = {
+ # "1.27.1" = "";
+ # "1.26.3" = "";
+ # "1.25.8" = "";
+ # "1.24.13" = "sha256-eM3JtGDJl7q8XI1PRfyTx8A335S3AE7KyqhWUA7WFqY=";
+ # "1.24.12" = "";
+ # "1.24.8" = "sha256-LaC5OFfPNSv/XR60LjTTmKWXG2OlPYaHtFF5p4VA1tY=";
+ # "1.23.17" = "sha256-WI3eBuJRVgE4B4fLX8sHrj00AxMOGlVWsBO3t/tKsjA=";
+ # "1.23.14" = "sha256-8r7wBQh5D2MtA1ps/dMVORFWEb/JPFoyZs65W7Lye3Y=";
+ # "1.23.5" = "sha256-JTudsimbCbkeTAl4HOHS22utIJnPFrohAkUVn0jQ1eQ=";
+ # };
+ # };
+ # crictl = {
+ # "amd64" = {
+ # "1.27.0" = "sha256-0zXW4Wwwn7w/8aKafkm7JTtcm0sDCZC/fGtIaH+YXO4=";
+ # "1.24.1" = "sha256-QAbTrxELFEhlvg0wgUXh+Q97QN+gsgjYLT0dJfO3v5c=";
+ # "1.23.0" = "sha256-t1T4PICs3HX5OroZH/Jp2mvkXQ/C0/QHlwTn0UJPHKg=";
+ # };
+ # };
+ # cni = {
+ # "amd64" = {
+ # "1.2.0" = "sha256-86hBMkhFymvw1AkbT8f5fhimIxchWLcvw/3NudQtLTc=";
+ # "0.8.7" = "sha256-l3gkky1WZ8ejeqajy7pAEApoc+e9l+g+i+g34+ev0Kg=";
+ # };
+ # };
+ # };
kubePackage = pname: version: pkgs.stdenvNoCC.mkDerivation {
pname = pname;
version = version;
@@ -84,11 +121,24 @@
};
in
{
+ apps = {
+ hashes =
+ let
+ py = pkgs.python3.withPackages (p: with p; [
+ requests
+ ]);
+ program = pkgs.writeScript "program" ''
+ ${py}/bin/python3 gethashes.py
+ '';
+ in
+ {
+ type = "app";
+ program = "${program}";
+ };
+ };
packages = {
- kubeadm_1_23_5 = kubePackage "kubeadm" "1.23.5";
kubeadm = (version: kubePackage "kubeadm" version);
kubectl = (version: kubePackage "kubectl" version);
- kubectl_1_23_5 = kubePackage "kubectl" "1.23.5";
kubelet = (version: kubePackage "kubelet" version);
fstab-cifs =
let
@@ -110,7 +160,7 @@
owner = "fstab";
repo = "cifs";
rev = "3b640936ef51614d3c1ad68cba50c4db5da3d61b";
- sha256 = "sha256-C5ze3CWyDxdWJ9cYWUmjKVPCrrdUYXP2JvlnRcW/lgg=";
+ hash = "sha256-C5ze3CWyDxdWJ9cYWUmjKVPCrrdUYXP2JvlnRcW/lgg=";
};
nativeBuildInputs = [
pkgs.makeWrapper
@@ -156,13 +206,13 @@
crictl =
let
pname = "crictl";
- version = "1.23.0";
+ version = "1.27.0";
in
pkgs.stdenvNoCC.mkDerivation {
inherit pname version;
src = pkgs.fetchurl {
url = "https://github.com/kubernetes-sigs/cri-tools/releases/download/v${version}/${pname}-v${version}-linux-${arch}.tar.gz";
- sha256 = hashes.${pname}.${arch}.${version};
+ hash = hashes.${pname}.${arch}.${version};
};
nativeBuildInputs = [
pkgs.autoPatchelfHook
@@ -180,14 +230,14 @@
cni =
let
pname = "cni";
- version = "0.8.7";
+ version = "1.2.0";
in
pkgs.stdenv.mkDerivation {
pname = pname;
version = version;
src = pkgs.fetchurl {
url = "https://github.com/containernetworking/plugins/releases/download/v${version}/cni-plugins-linux-${arch}-v${version}.tgz";
- sha256 = hashes.${pname}.${arch}.${version};
+ hash = hashes.${pname}.${arch}.${version};
};
nativeBuildInputs = [
pkgs.autoPatchelfHook
@@ -299,11 +349,200 @@
};
config = with lib; mkIf cfg.enable (
let
- kubeadm = (self.packages."x86_64-linux".kubeadm cfg.package_versions.kubeadm);
- kubectl = (self.packages."x86_64-linux".kubectl cfg.package_versions.kubectl);
- kubelet = (self.packages."x86_64-linux".kubelet cfg.package_versions.kubelet);
+ kubeadm = (self.packages.${pkgs.system}.kubeadm cfg.package_versions.kubeadm);
+ kubectl = (self.packages.${pkgs.system}.kubectl cfg.package_versions.kubectl);
+ kubelet = (self.packages.${pkgs.system}.kubelet cfg.package_versions.kubelet);
in
{
+
+ deployment.keys."etcd-ca.pem" = lib.mkIf (cfg.hosts.${name}.role == "etcd" || cfg.hosts.${name}.role == "master") {
+ keyFile = ./etcd-ca.pem;
+ destDir = (if cfg.hosts.${name}.role == "etcd" then "/var/lib/etcd" else "/etc/kubernetes/pki");
+ user = (if cfg.hosts.${name}.role == "etcd" then "etcd" else "root");
+ group = (if cfg.hosts.${name}.role == "etcd" then "etcd" else "root");
+ permissions = "0644";
+ uploadAt = "pre-activation";
+ };
+
+ deployment.keys."etcd-ca-key.pem" = lib.mkIf (cfg.hosts.${name}.role == "etcd" || cfg.hosts.${name}.role == "master") {
+ keyFile = ./etcd-ca-key.pem;
+ destDir = (if cfg.hosts.${name}.role == "etcd" then "/var/lib/etcd" else "/etc/kubernetes/pki");
+ user = (if cfg.hosts.${name}.role == "etcd" then "etcd" else "root");
+ group = (if cfg.hosts.${name}.role == "etcd" then "etcd" else "root");
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
+ deployment.keys."ca-config.json" =
+ let
+ config = builtins.toJSON {
+ signing = {
+ default = {
+ expiry = "87600h";
+ };
+ profiles = {
+ server = {
+ expiry = "87600h";
+ usages = [
+ "signing"
+ "key encipherment"
+ "server auth"
+ "client auth"
+ ];
+ };
+ client = {
+ expiry = "87600h";
+ usages = [
+ "signing"
+ "key encipherment"
+ "client auth"
+ ];
+ };
+ peer = {
+ expiry = "87600h";
+ usages = [
+ "signing"
+ "key encipherment"
+ "server auth"
+ "client auth"
+ ];
+ };
+ };
+ };
+ };
+ in
+ lib.mkIf (cfg.hosts.${name}.role == "etcd" || cfg.hosts.${name}.role == "master") {
+ text = config;
+ destDir = (if cfg.hosts.${name}.role == "etcd" then "/var/lib/etcd" else "/etc/kubernetes/pki");
+ user = (if cfg.hosts.${name}.role == "etcd" then "etcd" else "root");
+ group = (if cfg.hosts.${name}.role == "etcd" then "etcd" else "root");
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
+ deployment.keys."etcd-ca-csr.json" =
+ let
+ config = builtins.toJSON {
+ CN = "etcd-ca";
+ key = {
+ algo = "rsa";
+ size = 2048;
+ };
+ };
+ in
+ lib.mkIf (cfg.hosts.${name}.role == "etcd") {
+ text = config;
+ destDir = "/var/lib/etcd";
+ user = "etcd";
+ group = "etcd";
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
+ deployment.keys."peer-csr.json" =
+ let
+ config = builtins.toJSON {
+ CN = "${name}.dmacc.net";
+ hosts = [
+ "localhost"
+ "${name}.dmacc.net"
+ "127.0.0.1"
+ "0:0:0:0:0:0:0:1"
+ "${cfg.hosts.${name}.endpoint.address}"
+ "${cfg.hosts.${name}.wireguard_subnet.address}"
+ ];
+ key = {
+ algo = "rsa";
+ size = 2048;
+ };
+ };
+ in
+ lib.mkIf (cfg.hosts.${name}.role == "etcd") {
+ text = config;
+ destDir = "/var/lib/etcd";
+ user = "etcd";
+ group = "etcd";
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
+ deployment.keys."server-csr.json" =
+ let
+ config = builtins.toJSON {
+ CN = "${name}.dmacc.net";
+ hosts = [
+ "localhost"
+ "${name}.dmacc.net"
+ "127.0.0.1"
+ "0:0:0:0:0:0:0:1"
+ "${cfg.hosts.${name}.endpoint.address}"
+ "${cfg.hosts.${name}.wireguard_subnet.address}"
+ ];
+ key = {
+ algo = "rsa";
+ size = 2048;
+ };
+ };
+ in
+ lib.mkIf (cfg.hosts.${name}.role == "etcd") {
+ text = config;
+ destDir = "/var/lib/etcd";
+ user = "etcd";
+ group = "etcd";
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
+
+ deployment.keys."healthcheck-client-csr.json" =
+ let
+ config = builtins.toJSON {
+ CN = "kube-etcd-healthcheck-client";
+ names = [
+ {
+ O = "system:masters";
+ }
+ ];
+ key = {
+ algo = "rsa";
+ size = 2048;
+ };
+ };
+ in
+ lib.mkIf (cfg.hosts.${name}.role == "etcd") {
+ text = config;
+ destDir = "/var/lib/etcd";
+ name = "healthcheck-client-csr.json";
+ user = "etcd";
+ group = "etcd";
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
+ deployment.keys."apiserver-etcd-client-csr.json" =
+ let
+ config = builtins.toJSON {
+ CN = "kube-apiserver-etcd-client";
+ names = [
+ {
+ O = "system:masters";
+ }
+ ];
+ key = {
+ algo = "rsa";
+ size = 2048;
+ };
+ };
+ in
+ lib.mkIf (cfg.hosts.${name}.role == "master") {
+ text = config;
+ destDir = "/etc/kubernetes/pki";
+ user = "root";
+ group = "root";
+ permissions = "0400";
+ uploadAt = "pre-activation";
+ };
+
deployment.keys."private_key" = {
text = cfg.hosts.${name}.private_key;
destDir = "/etc/wireguard";
@@ -315,9 +554,19 @@
systemd.tmpfiles.rules = [
# this is needed so that the cephfs csi module can mount cephfs volumes
- "L+ /lib/modules - - - - ${pkgs.linux_latest}/lib/modules"
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") "L+ /lib/modules - - - - ${pkgs.linux_latest}/lib/modules")
# link cni plugins to where kubelet expects them
- "L+ /opt/cni/bin - - - - ${self.packages."x86_64-linux".cni}/bin"
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") "L+ /opt/cni/bin - - - - ${self.packages.${pkgs.system}.cni}/bin")
+ #
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") "d /etc/kubernetes/manifests 0755 root root -")
+ # install fstab-cifs plugin
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") "L+ /usr/libexec/kubernetes/kubelet-plugins/volume/exec/fstab~cifs/cifs - - - - ${self.packages.${pkgs.system}.fstab-cifs}/bin/cifs")
+
+ "d /etc/kubenetes 0755 root root -"
+ "d /etc/kubenetes/pki 0755 root root -"
+
+ "d /root/.kube 0750 root root -"
+ "L+ /root/.kube/config - - - - /etc/kubernetes/admin.conf"
];
boot.kernelModules = [
@@ -333,6 +582,7 @@
"net.bridge.bridge-nf-call-ip6tables" = 1;
"net.bridge.bridge-nf-call-iptables" = 1;
"net.ipv4.ip_forward" = 1;
+ "net.ipv6.ip_forward" = 1;
"user.max_inotify_instances" = 1024;
"user.max_inotify_watches" = 4064932;
};
@@ -356,20 +606,24 @@
export ETCDCTL_KEY=/etc/kubernetes/pki/etcd/healthcheck-client.key
export ETCDCTL_CACERT=/etc/kubernetes/pki/etcd/ca.crt
export ETCDCTL_ENDPOINTS=${concatStringsSep "," endpoints}
- exec ${pkgs.etcd}/bin/etcdctl "$@"
+ exec ${pkgs.etcd_3_5}/bin/etcdctl "$@"
'';
in
[
- self.packages."x86_64-linux".cni
- self.packages."x86_64-linux".crictl
- kubeadm
- kubectl
- kubelet
- etcdctl
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") self.packages.${pkgs.system}.cni)
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") self.packages.${pkgs.system}.crictl)
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") kubeadm)
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") kubectl)
+ (lib.mkIf (cfg.hosts.${name}.role != "etcd") kubelet)
+ (lib.mkIf (builtins.elem cfg.hosts.${name}.role [ "etcd" "master+etcd" ]) etcdctl)
+ pkgs.cfssl
+ pkgs.cifs-utils
pkgs.conntrack-tools
pkgs.ethtool
pkgs.file
pkgs.iptables
+ pkgs.keyutils
+ pkgs.nfs-utils
pkgs.socat
pkgs.wireguard-tools
pkgs.wireshark-cli
@@ -384,7 +638,7 @@
};
"io.containerd.grpc.v1.cri" = {
cni = {
- bin_dir = "${self.packages."x86_64-linux".cni}/bin";
+ bin_dir = "${self.packages.${pkgs.system}.cni}/bin";
conf_dir = "/etc/cni/net.d";
};
containerd = {
@@ -403,7 +657,7 @@
};
environment.etc = {
- "crictl.yaml" = {
+ "crictl.yaml" = lib.mkIf (cfg.hosts.${name}.role != "etcd") {
text = ''
runtime-endpoint: "unix:///run/containerd/containerd.sock"
image-endpoint: ""
@@ -414,7 +668,7 @@
'';
};
- "cni/net.d/10-cni0.conf" = {
+ "cni/net.d/10-cni0.conf" = lib.mkIf (cfg.hosts.${name}.role != "etcd") {
text = ''
{
"cniVersion": "0.4.0",
@@ -434,14 +688,14 @@
};
};
- systemd.network.netdevs."05-cni0" = {
+ systemd.network.netdevs."05-cni0" = lib.mkIf (cfg.hosts.${name}.role != "etcd") {
netdevConfig = {
Name = "cni0";
Kind = "bridge";
};
};
- systemd.network.networks."05-cni0" = {
+ systemd.network.networks."05-cni0" = lib.mkIf (cfg.hosts.${name}.role != "etcd") {
name = "cni0";
linkConfig = {
RequiredForOnline = "no";
@@ -470,7 +724,7 @@
Kind = "wireguard";
};
wireguardConfig = {
- ListenPort = 24200;
+ ListenPort = cfg.hosts.${name}.endpoint.port;
PrivateKeyFile = "/etc/wireguard/private_key";
};
wireguardPeers = map
@@ -529,7 +783,46 @@
);
};
- systemd.services."kubelet" = {
+ services.etcd = lib.mkIf (cfg.hosts.${name}.role == "etcd") {
+ enable = true;
+ name = "${name}.ocjtech.us";
+ advertiseClientUrls = [
+ "https://${cfg.hosts.${name}.wireguard_subnet.address}:2379"
+ ];
+ initialAdvertisePeerUrls = [
+ "https://${cfg.hosts.${name}.wireguard_subnet.address}:2380"
+ ];
+ initialCluster = map
+ (
+ n: "${n}.ocjtech.us=https://${cfg.hosts.${n}.wireguard_subnet.address}:2380"
+ )
+ (
+ filter (n: cfg.hosts.${n}.role == "etcd") (attrNames cfg.hosts)
+ );
+ initialClusterState = "existing";
+ listenClientUrls = [
+ "https://${cfg.hosts.${name}.wireguard_subnet.address}:2379"
+ ];
+ listenPeerUrls = [
+ "https://${cfg.hosts.${name}.wireguard_subnet.address}:2380"
+ ];
+ peerClientCertAuth = true;
+ clientCertAuth = true;
+ certFile = "/var/lib/etcd/server.pem";
+ keyFile = "/var/lib/etcd/server-key.pem";
+ trustedCaFile = "/var/lib/etcd/etcd-ca.pem";
+ peerCertFile = "/var/lib/etcd/peer.pem";
+ peerKeyFile = "/var/lib/etcd/peer-key.pem";
+ peerTrustedCaFile = "/var/lib/etcd/etcd-ca.pem";
+ extraConf = {
+ SNAPSHOT_COUNT = "10000";
+ EXPERIMENTAL_INITIAL_CORRUPT_CHECK = "true";
+ LISTEN_METRICS_URLS = "http://${cfg.hosts.${name}.wireguard_subnet.address}:2381";
+ };
+ };
+
+
+ systemd.services."kubelet" = lib.mkIf (cfg.hosts.${name}.role != "etcd") {
enable = true;
description = "kubelet";
path = [
@@ -544,7 +837,19 @@
];
unitConfig = {
StartLimitIntervalSec = 0;
+ After = [ "network-online.target" ];
+ Wants = [ "network-online.target" ];
};
+ preStart = lib.mkIf (cfg.hosts.${name}.role == "master") ''
+ mkdir -p /etc/kubernetes/pki
+ cd /etc/kubernetes/pki
+ if [ ! -f apiserver-etcd-client.pem ]
+ then
+ cat apiserver-etcd-client-csr.json | ${pkgs.cfssl}/bin/cfssl gencert -ca=etcd-ca.pem -ca-key=etcd-ca-key.pem -config=ca-config.json -profile=client - | ${pkgs.cfssl}/bin/cfssljson -bare apiserver-etcd-client
+ cp apiserver-etcd-client.pem apiserver-etcd-client.crt
+ cp apiserver-etcd-client-key.pem apiserver-etcd-client.key
+ fi
+ '';
serviceConfig = {
Slice = "kubernetes.slice";
CPUAccounting = true;
diff --git a/gethashes.py b/gethashes.py
new file mode 100644
index 0000000..f257bc5
--- /dev/null
+++ b/gethashes.py
@@ -0,0 +1,51 @@
+import requests
+import hashlib
+import base64
+import json
+import pathlib
+
+url = "https://storage.googleapis.com/kubernetes-release/release/v{version}/bin/linux/{arch}/{pname}"
+
+hashes = {}
+
+f = pathlib.Path("hashes.json")
+
+if f.exists():
+ hashes = json.loads(f.read_bytes())
+
+for pname in ["kubeadm", "kubectl", "kubelet"]:
+ if pname not in hashes:
+ hashes[pname] = {}
+ for arch in ["amd64", "arm64"]:
+ if arch not in hashes[pname]:
+ hashes[pname][arch] = {}
+ for major in [1]:
+ for minor in [23, 24, 25, 26, 27]:
+ match minor:
+ case 23:
+ patch_max = 17
+ case 24:
+ patch_max = 13
+ case 25:
+ patch_max = 9
+ case 26:
+ patch_max = 4
+ case 27:
+ patch_max = 1
+ case _:
+ raise ValueError
+ for patch in range(0, patch_max + 1):
+ version = f"{major}.{minor}.{patch}"
+ if version in hashes[pname][arch]:
+ continue
+ url = f"https://storage.googleapis.com/kubernetes-release/release/v{version}/bin/linux/{arch}/{pname}"
+ r = requests.get(url)
+ hash = "sha256-" + base64.b64encode(
+ hashlib.sha256(r.content).digest()
+ ).decode("ascii")
+ hashes[pname][arch][version] = hash
+ print(pname, arch, version, hash)
+
+f.write_text(json.dumps(hashes, indent=2, sort_keys=True), encoding="utf-8")
+
+# open("hashes.json", "w").write(json.dumps(hashes))
diff --git a/hashes.json b/hashes.json
new file mode 100644
index 0000000..555ff94
--- /dev/null
+++ b/hashes.json
@@ -0,0 +1,314 @@
+{
+ "kubeadm": {
+ "amd64": {
+ "1.23.0": "sha256-4hJpoFjUrUIc9YGNTHglmRuLpRzQYoaTKjOyEpOwcbA=",
+ "1.23.1": "sha256-TVdmy5AFDuhOFd9eCRSActooKUkv2zJFIcT6bXTTqjQ=",
+ "1.23.10": "sha256-Q9GGw8WOP4hYxqIrxxtUQSgqwMy/9vHQwqZu4EWYa2Q=",
+ "1.23.11": "sha256-LxC9KYppTTEz6hkZK3lqEGwoJEHkFIwRTDk3YEIJdpI=",
+ "1.23.12": "sha256-v0XQAGJojSH/R5vxJuElnQzj3uHFwvzYA/V0l81enoM=",
+ "1.23.13": "sha256-/4avK1+peSNN0/nnsE7H0wFyOaWEFzlxU3JtgHfErIk=",
+ "1.23.14": "sha256-RshH4mmYObnM9mc/C5RsR3ijoujkY9FYVLow0/DL2Ho=",
+ "1.23.15": "sha256-YzKeIb6DZ2KPcZeM/BQMdM6csDNqvZxIAsp9INXew8M=",
+ "1.23.16": "sha256-URuNkVuOerPA5q75BceseQHDnSxn+8CZ3aKLSYqYcdg=",
+ "1.23.17": "sha256-bT9zL+HqvZHJj/DuZsbItPy97p6Zwshgbw+l/1e06mU=",
+ "1.23.2": "sha256-WEhzkew3SJuzL+Uy42eZXp7K6v22XCET/zZ156hAchk=",
+ "1.23.3": "sha256-V+x/KSFWjc9M2gaZuHfMgw1J3dJwngNcM5pa/DuDWG8=",
+ "1.23.4": "sha256-yRkSyf00pQSS+Ingj/lMRH/c7/FQtYgBb+zJBRoeVrg=",
+ "1.23.5": "sha256-juve0YfuhMlwAwdOqjR+NBMf7zrN8+WJqbAgD5Rodmc=",
+ "1.23.6": "sha256-khPH1zjobJpWKHQCHfgyc1I2/P1Vmf1EdLqzKD00v9c=",
+ "1.23.7": "sha256-19hjIT7rR5HNvXxf05jPDMLvFUezp03oKFeGBA9179I=",
+ "1.23.8": "sha256-7b1g/Wp+EccfhIs6bl0bWiu469cD5UkMqo2yZzYae4k=",
+ "1.23.9": "sha256-lHVxxQq4QHlv3U/7EpFUwAXfyw/oPG7/OS1Gzxh/0pY=",
+ "1.24.0": "sha256-Xliinqr2nqgOkNl4DSotXxif10+U7Dvsnjgj1HIncxg=",
+ "1.24.1": "sha256-FeMZPuy8aTMK2j80DFpHmZlZvCJ8c1+pXkqnlHDAhdA=",
+ "1.24.10": "sha256-XimRfcJ3qLxLkL+dvtjT3KkD/Xy/fxLC4lb+Iunyofk=",
+ "1.24.11": "sha256-kSPN2jEYdyeUGY94Tk8580IS66qRm93a9hEZDXxKvzg=",
+ "1.24.12": "sha256-ptqtOVl6nT1MSaRM4rd7tFKQhVCFy/4uGyCv2E9A0UM=",
+ "1.24.13": "sha256-kaZbdBWhp+Pb2yNoPv+eKs5aclobzVKxBpXdSa22eH4=",
+ "1.24.2": "sha256-Ao9zuOfCrjiYF9NODLgpqBTOL6wKU1o6oHCPMTPj5xI=",
+ "1.24.3": "sha256-QG1agHEsRdIc28xRqrKY8KQxcN+UdyWUQ9SOrBFpmP8=",
+ "1.24.4": "sha256-nsCOCQXAoppoZ2up9t195zvvE8+iuEakXhwhiVctxXw=",
+ "1.24.5": "sha256-O5wYROwPw8lAFdY0cLBzp7IZCCtqZCTGsNqc+X4jSus=",
+ "1.24.6": "sha256-f0RD/ULg4D9v0MchjKfiY0ySVdX518WB/jYuGQmK7Ew=",
+ "1.24.7": "sha256-i2cxnSi/N+jnwiSVTcd4y+lG8rsO2Gl12MqoPVHJVe4=",
+ "1.24.8": "sha256-n+pCtPtestpjjSBxDrt5Hd4iHmR3eT095wE0rAWMTMc=",
+ "1.24.9": "sha256-IEBpca5xiG9/jue5ozyIU5GuZNpWH7Z51YGfLMwZrJ8=",
+ "1.25.0": "sha256-ELMLh68s3IZZg9dCiR66Rn0Dj5Tzkmv10BdPGr9mKPg=",
+ "1.25.1": "sha256-raoeZcHPkmegHoidTBOIT4g88nlI8Aq7gj8QSG8ahCA=",
+ "1.25.2": "sha256-Y+494MOGxvPBVYdLRrB3B8xyzlueI/M2vv0Lgpwb0q0=",
+ "1.25.3": "sha256-AbWc5CkmPGK4XS2xjwzN7wdrhmli7WOXH/K9KGTe6ns=",
+ "1.25.4": "sha256-uKYRnSo6fGrdQ9z4+SBDa/f+cad6CG6W5Aqp1vcL6CY=",
+ "1.25.5": "sha256-rwslx6mVwtII7wudJLcP5vOQ67HjmH9OD1SIVLqaO4c=",
+ "1.25.6": "sha256-2L8W0agI3OENTrmzkd3W7oqB6UxmlEHyCxInCD28RBc=",
+ "1.25.7": "sha256-VONpBD1cesMgzL1RdXAZJ02/7842yavudG44esggNwQ=",
+ "1.25.8": "sha256-KuhEd2rEgnPYaPkqftnVS0pumw5NBYdNd7fA9L+mA3k=",
+ "1.25.9": "sha256-FXviTZmBEaUdUtsBb5AQzWQYUGoCj4e1pxL1GLOSo/M=",
+ "1.26.0": "sha256-cmMUSfJrcgNwGhuZ9pFPMYWVg6DiR8OsD2qvWcqArxk=",
+ "1.26.1": "sha256-FTGr/pbi6divkhkZLGXQTfhQekagga4eEBR46V0rY9o=",
+ "1.26.2": "sha256-J32IDcbXmZT9Mz5J1ClDt8kYOxxP/b+dpZ+Aas7H/YI=",
+ "1.26.3": "sha256-h6G/ZgPiUqj6Rr5EOC6iGMuOTwZodNFJ3FidDzpAX+0=",
+ "1.26.4": "sha256-qhoTeqLDQn8Zn/ZSyWsR1rEkNYKWmW63uMveIgYHsv4=",
+ "1.27.0": "sha256-eNDgRwWnvbdqUU1g9gwHOxYzSxX1fuh/BkNUyoojPoA=",
+ "1.27.1": "sha256-x9MtaY6ZuQ+HcCUQTLSp8/jHB+meaBeUDyYBNbbRrQo="
+ },
+ "arm64": {
+ "1.23.0": "sha256-mJ0RcSjcqpI7LHqRegP0g2wbAj/h7nI1QeDjmwaLk6Y=",
+ "1.23.1": "sha256-64ZdoZf0WV3sIeb7H6F1HvJaxmtk+nf9RBG77jM1KkA=",
+ "1.23.10": "sha256-QulX7r73j2RiZE2d68CWYWBU69KDLpWhdsB8KOvtZFw=",
+ "1.23.11": "sha256-Mp2aqUYbr0p7ciXmZOwezWFRK5N+HxYPmjA7wPDUS7s=",
+ "1.23.12": "sha256-0F9nZaZfdUHQeq2YnugM1zDDlfBCr74FJvZn6hoLKUc=",
+ "1.23.13": "sha256-Rilx1YIskVmHVN+qnEyNRqjHSu/vD027yL4xxPDRiFU=",
+ "1.23.14": "sha256-fCHB+mqFKxDd6nvReXzotEmNaJgBTRfSB0gwflEKCCY=",
+ "1.23.15": "sha256-i7F8aa1xuxIw2+HlmMauBzkLV+O6MpKPKOg3QhBUJNA=",
+ "1.23.16": "sha256-Cdlst5jPJGjaedGqvcw7CLNRbbzSBtNp50hBEyQbXz4=",
+ "1.23.17": "sha256-zxvKa0ZPMOoHipz02QIDP7gFJ7A8LzlAnhn7iziGx14=",
+ "1.23.2": "sha256-op/N5/kuGr/pkumfQV067g+jgUeLSjmH4zNDi1OA3f8=",
+ "1.23.3": "sha256-Xs7vo8pzf/FTL5G9ue9xYoggKaKgMAtDSKCYAklpg5g=",
+ "1.23.4": "sha256-kP1RAeMhBTzbZtFlh5qc3hjxm6m7jq4VL9T0/L5Je+E=",
+ "1.23.5": "sha256-IqhGirxdRbNBXWlK1SzICZEUJIw9H89Cl+wrM29cwnQ=",
+ "1.23.6": "sha256-pNt0WOIkw6KntGj8JwSzH+xDdhSRSyap49nvtu7PYe4=",
+ "1.23.7": "sha256-Zf1xqhOBZgObf082lTCAZKvn9B0vFXF15lJ+YPtGHq4=",
+ "1.23.8": "sha256-mz2IY+pKsEOIgcz74oVWhSlGK8d+9FErUVOXoALYGyI=",
+ "1.23.9": "sha256-oKAHAj23jl9409TPMmi4PwkyAYR8HBB/+z3GlfmIwRM=",
+ "1.24.0": "sha256-Pg+iG4684EypGf3+p8x1bl9kUWa5XW5LXZkS13IfkAQ=",
+ "1.24.1": "sha256-BPGP4Jc1HNFtyRzTvel5IBkWaGxvThuHuuaatEef2gQ=",
+ "1.24.10": "sha256-36dopoTumFTaSu4KORZMDOLgcVag8NKE2RU8XrFFhLI=",
+ "1.24.11": "sha256-OYb2pIr49tLBzboeYONHB35tGILfmE9CK30dd+uCAF4=",
+ "1.24.12": "sha256-4/eGSzuYyM8aMoSRGyA5P0sfxfmkUkrnIzJYp/n7sek=",
+ "1.24.13": "sha256-w7jXW9a+1NNHhrqV0xGYqWcFkWaxySkiKnvvI4sI2Ck=",
+ "1.24.2": "sha256-vYI7k00URaAg+N9f5URyIXUCSvYq2/brJ9xyUNXbBUg=",
+ "1.24.3": "sha256-6g+0UbadeOOVSGmLMvuGI/rWGhqVSD/grdY+P/tuMbU=",
+ "1.24.4": "sha256-GN4ij2CHouUkO//NLMiMQBgKT6g+TeMQrQcbRiC92LY=",
+ "1.24.5": "sha256-poxt0k70eCW7NKKtQw125rTTy+khhzY2dpk9BTgBOsI=",
+ "1.24.6": "sha256-IRuNGIFGi7ZzsmA228+ksSh3WHsKYmD/1V/YfCrubkE=",
+ "1.24.7": "sha256-7pRtghc7Y/ab6QdeIYJQ1Ksd7sOdF9YAsWtnQ+Xcook=",
+ "1.24.8": "sha256-bzVWIAHoWfKnaonA2mHwlDPMZijMvDmS6CqXfg40iHA=",
+ "1.24.9": "sha256-V8YVYqneTMePJ29mXX8EZmYHsX460PpsFL5krYXICVE=",
+ "1.25.0": "sha256-B9nG/9NnZQKs0yPAypL0Qyih8OiafUKmZAmf0wFs8Ws=",
+ "1.25.1": "sha256-9NV9icU7f7P+NHyScu1A7FXqsSD08JzWtoTpfLnL8fA=",
+ "1.25.2": "sha256-Q33JewyiWz+o10s55AWadzl7VcGm0Wvd/VqInZFJDOA=",
+ "1.25.3": "sha256-Ybth7O/3i0S+YqErznxi+yMs4TOJKOQgfe6xRPgvHQY=",
+ "1.25.4": "sha256-P1snPohS0T+jmJKjDPZJKEZcMtDrdBEYuolxS1HwPNU=",
+ "1.25.5": "sha256-Qm3drRxgt2F/QJVQfO9STXbsJooCAcHfFUwQgoeguY4=",
+ "1.25.6": "sha256-VCVoIYMNI7RYop9dRpUzHWAOV2RGBO9o0ONeXSpP+0s=",
+ "1.25.7": "sha256-ZL1TK+0YFKKNAh4ifRjYHPW5OsBXY6Wl+mo4trtVyu4=",
+ "1.25.8": "sha256-5/DHOOSNkF6uFFYxSXqe9Z55IwDlJHviofuqCokHswg=",
+ "1.25.9": "sha256-zRXUQGhfVKLHps8dlgk/p6VbnfroxIRIs+qSqSLAfHI=",
+ "1.26.0": "sha256-ZShEyVGHhic+CUglt0oZiMhxVS3GzPcTZlWOZ0CYWdE=",
+ "1.26.1": "sha256-2xAcS7jjO9aSQd4iftMX/u5tRNvWdIkeG54Rxuizabs=",
+ "1.26.2": "sha256-8hDYYXrPfGARlilPfKl+QzC3Xa0A32uN0SOTcwxQFHM=",
+ "1.26.3": "sha256-6afbynf5V2qYrx24dH6dwT6TDkApXqolndmf1uF6Fz8=",
+ "1.26.4": "sha256-qXBS05PmACfDVOl8iEk6oUp2yM+3QYu9+EJbNxHYbjo=",
+ "1.27.0": "sha256-rNgFxng7Z47gBoud2BZbv9h5w0X9nCXWqXjbyWX0hUQ=",
+ "1.27.1": "sha256-AkpZzW/HZ4S1l8DBzzAFJuhW6Mn++l+nlIFYkptzlVE="
+ }
+ },
+ "kubectl": {
+ "amd64": {
+ "1.23.0": "sha256-LQ9bpvqnh4eLZCwVHMssM5DOTB5sjitZVos4abpAfE8=",
+ "1.23.1": "sha256-FW/V5+u+3zxIL9J0CJrXWkSLBM9CvFPzcOTk6mKPcF4=",
+ "1.23.10": "sha256-P/pljn8VlfYiV3sWC9zcelqQ0J0jR1f/vlPdUMDLiPc=",
+ "1.23.11": "sha256-zwStL6HPEYqVHWkK8K+76PX8TwLHIchICA1GbmFZER4=",
+ "1.23.12": "sha256-sVDHxIMMw75L7diZi/Nqkpdclc0ZZ7TvLR7doID/5dk=",
+ "1.23.13": "sha256-+uaVfmpwR61JzdIJds0s6RiLUCyDH79h82YY6hGIujg=",
+ "1.23.14": "sha256-E85LGLpuFdXSWSScUwY33X+5ci0SHfAiCZ8+1fK9dM0=",
+ "1.23.15": "sha256-raspz2fgTkj1Zs4YXjkEtd6zia4eTVdUj8+JR6SaJvU=",
+ "1.23.16": "sha256-X5FO3J2/vhuLjcD127rChyCo3/65QOMznDceNhLDfkg=",
+ "1.23.17": "sha256-8J9zOLWmd/F6lEN5bGSNK4D+rsnWoJSread8igH96UE=",
+ "1.23.2": "sha256-W1W1ggWsuvp/Tj/GnZzlqSV75jRV2zGOJNtKtdZRy94=",
+ "1.23.3": "sha256-19pznkl3ZXo7PISWLfSUk+NrCcxmOBpeNgKSBt0eAdA=",
+ "1.23.4": "sha256-PwOY1Mil/2M+CavQdk7TuQkfr74wRJcBCHlLAnMcctY=",
+ "1.23.5": "sha256-cV2gXFaqT43wnLH52WoqosM6EjL2/RleP/zm6YpQqHk=",
+ "1.23.6": "sha256-cDoGNUurn0XIAQKr/4nxpiy8LG2AZ4/TlzoBSsx8UAo=",
+ "1.23.7": "sha256-tMJ61SgS6/MWTbknrxoB5QO+P7ncX/oFjJKB1nx29m4=",
+ "1.23.8": "sha256-KZgDo0fi5Q3vd0DEd/De3Gn8nhiyay8Q6f+EpBHtuJQ=",
+ "1.23.9": "sha256-BTVh98aMWgN6acUiNOPPH5F5iFRSdpKs1nCR1ZS2Fs4=",
+ "1.24.0": "sha256-lNaGu2dy9vtZ46Mr7/kIq0BreazfskJ6vcSsPOG7mNc=",
+ "1.24.1": "sha256-DsPC26/G3Sf8itJfon/FJ7XXNW0YMMDvu4rc+XXZ6Eo=",
+ "1.24.10": "sha256-2OnNm7Bz/wni8qdM9I6UqbnU8vouLdkbaLAfZOcGGjs=",
+ "1.24.11": "sha256-yL3xsS1ayR0WPAfmG5Un73GL7GoA9P1M8HFZEhj1m+U=",
+ "1.24.12": "sha256-JYdVUdQkIzm8yM7wwY8KD2MepiH2+rEZClqqtGZjTnw=",
+ "1.24.13": "sha256-UkVf5IX6EcZQqwf+ouSFa16lo+bvihs7YSHmNhQ3//k=",
+ "1.24.2": "sha256-8V+0MK/Xn3nvfPlKTkAs0hLwLY7Fpeanupw9Wi+VRUI=",
+ "1.24.3": "sha256-ikU0i9r4HUbK8XBsi/lbP0MRUFVPR9RE/96J6M3XEsE=",
+ "1.24.4": "sha256-SnbHAhdYG6Mn8K0KCll8GgLGIiK7gPv+pPL1y2Pz4tg=",
+ "1.24.5": "sha256-MDfy7GKVbnFG/Ibe+wUtjTso4tqhmdfj/wbR4Gpihu0=",
+ "1.24.6": "sha256-O6fmGuyxnq36XeHGSK8bxm9ZgFJmRdnf5oLXf8MTt0w=",
+ "1.24.7": "sha256-LYjlbWaLHXV1tHg/ItUS6U2kMvQkZ8OurIowC2NF8S0=",
+ "1.24.8": "sha256-+TwYdR7HFbTUQ35+zhj+kZSMcb4fJKsCot3hUPVEmFU=",
+ "1.24.9": "sha256-fhPzO3N5tsJcOuBV5Dies+7xaOVj83tcXxvmcuRraG4=",
+ "1.25.0": "sha256-4jzHCSIYyVwi2O42+5SZGUo2rFtTScpHaIa37cAgOIU=",
+ "1.25.1": "sha256-nMLWzll0C2rPbV1KBNSn2DmwqBNzJI7wzmyNcHFDQ1s=",
+ "1.25.2": "sha256-hjnyucM9OJENcGFxzj0lvpsZ/BOdDj1GJ/OM6E+QQOs=",
+ "1.25.3": "sha256-9X5WhJXDd0B0hdPq3CfNolMQaU70/8SA7uqB3qK2BiQ=",
+ "1.25.4": "sha256-5OVpJJeYoJ834xuLM1cZcPz73s3ZmxuBEIrck8p0tSI=",
+ "1.25.5": "sha256-amYM1E2z1L/hVj9micvi/7KO5LrzUy4E//LXuQkIHCk=",
+ "1.25.6": "sha256-uodq7w6dfi6P7awDbsGU3l7JttKVPjD/gqJ1jGujIXQ=",
+ "1.25.7": "sha256-bNuvP90QMvyOVgzMCnW1vW+ltstFSR6Wd4cvURExrT0=",
+ "1.25.8": "sha256-gOcESEVfPRnDy0m9b/b8kTZ39PJA02j6K58NQAyM0W4=",
+ "1.25.9": "sha256-qqXqOzYwcw0rio7zzMsUtHdUYCxyB8ewcXFYroPHyxA=",
+ "1.26.0": "sha256-tnadisag7Q8TswfSidwJKthhgLCPW1BErxUoCMBJUK4=",
+ "1.26.1": "sha256-1XviLPol90J8+1OM/IhT12OHj4s2x2zpODD28tZ8bl0=",
+ "1.26.2": "sha256-/PhtIfsaSbASvOeEXPAAgdLdeln0JLKGIXmd7OtSJ7M=",
+ "1.26.3": "sha256-AmyEEtNzBkqwNZ7Q0aJcl16c6AOgk9dsizDFmWrXPnU=",
+ "1.26.4": "sha256-Y2rA6qRn287aSyxOM2Yq3JcJ9c5ANByfwaaH/CdqwC0=",
+ "1.27.0": "sha256-caeCWdcNqcVUDEz0z/Eh9EPoYzdvaPiadZ2QzvP1Hoc=",
+ "1.27.1": "sha256-f+OnYtkm+waLrjLDmYgOlG6Mrz2QMHi+qbFp3NXBf20="
+ },
+ "arm64": {
+ "1.23.0": "sha256-HXfWAn/I3+13Jgmtm9aPYRt+TOc6+pSfJwhK06krFf4=",
+ "1.23.1": "sha256-wMJMf2qXQ5DhUUildchIeOkl8yMo/5auFz7HYmeORSQ=",
+ "1.23.10": "sha256-2It3d7MifdSfRNvRx7kY+d3F0BbsxHVHpxelAfzcMWs=",
+ "1.23.11": "sha256-lBbMerrwPrg/hUpFpBmGv04SMtEp18qvwxAaAcoRsOM=",
+ "1.23.12": "sha256-iOu8QSUrOdSc5XSlorsllDu4LlWiUsJ/5PwJbOLbtDc=",
+ "1.23.13": "sha256-lQYmrjX8psJglvl8rIOdduLylhYEitMM7Gjx/wA4QPI=",
+ "1.23.14": "sha256-hXcWqlzSRQA0nl3oI4BghFrzS5GsRoO9J5mIrT4dPvo=",
+ "1.23.15": "sha256-9hn4tIEdYO3vaS8diIYJzCeafYIj5Q4cDclZx7klDnk=",
+ "1.23.16": "sha256-owTLTVgV4FpF8ArJ/M+uMnYaWj4myuQMJ5GyiwuA2y0=",
+ "1.23.17": "sha256-xKSP3GA4vqy8XePkz2wjY5tkPnZlaqvit3mNOJjsfwU=",
+ "1.23.2": "sha256-bnu43cX8j6iaTDGroClCcYsJKlEHWFvQmoPJUDnHUQs=",
+ "1.23.3": "sha256-ZwjXpwGz2as7NZxr4nowErHEhvoegfeeW9xx/8osOPk=",
+ "1.23.4": "sha256-qkXbpIeR7reKmUonI8Ri0VWvTjn9z7yznOnJb2BKlno=",
+ "1.23.5": "sha256-Fc1WDATe97vl7j9vdeLP05EzccfnY1T0stXW9Ta3Djk=",
+ "1.23.6": "sha256-S+dxyOaggrph8DZwd/SAI3+YWO9e/hSx27/AXNQvw2A=",
+ "1.23.7": "sha256-XVlEel+s2GI6ecKilqaKVzeJ0rECuQKq+zpzD8S7DTs=",
+ "1.23.8": "sha256-spP84LPew30/W4h1uP3cZOAvD1T1Tdd0I2iXPFJTCJA=",
+ "1.23.9": "sha256-ZmWfYU0G0P6Axer9unBzlAkG3pjqXuKggdhPo32MWiE=",
+ "1.24.0": "sha256-RJJ4eJ3ig2SOQHat5GgW2iSXFPlucVZ+A16dF+H/8G0=",
+ "1.24.1": "sha256-uBe1QYPgiUlPi5JQlum2WvOjVth/lLc5Kb9aYCigYnE=",
+ "1.24.10": "sha256-Og+kGSZLPfB3vIIg1yHWy+9syUQBTZM3rf1ENKwjvr8=",
+ "1.24.11": "sha256-szPxEKBAhEi4uhiqQcpAVxBWx45JZ2LugITnQbaF4gY=",
+ "1.24.12": "sha256-qUUJXOq8K2+UPIx8hISSWxsgVzgjH+fTQ2ij533+MZs=",
+ "1.24.13": "sha256-dQou5VuDWZTNpfJiv6GN69zbDXpFCHXcpPg8fP/9o1M=",
+ "1.24.2": "sha256-Wkw2UvCLTQlbaG4TI6wkbtvYtuXt1aJib7ca+82JvHk=",
+ "1.24.3": "sha256-va1NMGPdt7+l7PF/uLAp1dgdfU6hZQ5Daar6E+2XFJo=",
+ "1.24.4": "sha256-CqSgj/ge/j/BqO+IDKL4Yi47H5O/YiWD17m/4xJK/mE=",
+ "1.24.5": "sha256-peNIdYwPKyKt6xtmO0tmeBve2JXY6ipxTrHegfsAkHo=",
+ "1.24.6": "sha256-L2LlWWCwK7Y8vJFUFBUgrHzwwtVbRd1KcoZ5ceJKchk=",
+ "1.24.7": "sha256-SxOKEbEyEM4XMeBpGPj/9nCcAExvtr7ChURxOFTen+g=",
+ "1.24.8": "sha256-uKwqv8sfoEaV0YCYVY/0g+wsJIiHe1q8QDWlQ1RM3LE=",
+ "1.24.9": "sha256-9ZxSLPX524JsZPKDZJRqy2vLaVdmkpH6Kbkmt4ErW74=",
+ "1.25.0": "sha256-JNtUe7rilMXETytKd35F8OLz1ilerODQxL4rLfpFMw0=",
+ "1.25.1": "sha256-c2Auq/ILh3+IZC+vy+HtpDkWLCwdvMntCf3U16yZGeo=",
+ "1.25.2": "sha256-smqmVhlFRWmUcSeK2JmpCx6pQI019sZeOkaDG5wGP9U=",
+ "1.25.3": "sha256-z9UJLONHpp/knJNoGhZNmoN21p7vWH2olCB8Yux9al0=",
+ "1.25.4": "sha256-qOnNPGyoC2cJH8Qbx/6OnyRoNZJcg1gjoIog7ZvOobo=",
+ "1.25.5": "sha256-e8ZQ8opbRDbfKrz65ZBeRhcoukFhRr6sF6JjT6gqbwo=",
+ "1.25.6": "sha256-Gk4oUOlNRAOcc+rnpuAFs+FDXACmK9WN92Q73rhHXP0=",
+ "1.25.7": "sha256-LGC++g/v07tgHpqg/IGub7IEtRSEn+f6ML6gKFRJqEs=",
+ "1.25.8": "sha256-KM9fZmywwRqKKz5a5L+T5Wt0q2BRcgxyuyMYh7/Bp8Y=",
+ "1.25.9": "sha256-dB5ltoGiIHSq+UWbV9vO9qnpk0crMBmof1fBkbxoV18=",
+ "1.26.0": "sha256-ebFOTdranoHSmJ82qJ+qnlb4q+bgJG573DBck8NzHqQ=",
+ "1.26.1": "sha256-QCfLCihAvBTsPxgVGzNg3S0fbOcw7VrCi9hGwX59c/U=",
+ "1.26.2": "sha256-KR6Fvvd+hEAgXIc2humTjX+HwFNOmkkd5k48wFhClbY=",
+ "1.26.3": "sha256-D2LLtvr6EJ8jWgg0jXRJmle7KUwqLm7jS+H6g0Mv7B0=",
+ "1.26.4": "sha256-7qQFSCWkwgzAm8FavLE1RyWtiGM45okhQaBxyquR1LY=",
+ "1.27.0": "sha256-+OCWMCEfK3xqjMOINefeqUcI1AH1yEsjo3xwxgRgLdw=",
+ "1.27.1": "sha256-/Ty48W5u2K7plVt24wJ6xCO20cxzVoZzENEoCC4tuRY="
+ }
+ },
+ "kubelet": {
+ "amd64": {
+ "1.23.0": "sha256-R1b/NF3YBwS3Sdh++46ylKFDofSiUexYYZfSatIOpRg=",
+ "1.23.1": "sha256-f/R6v2IJakEAXRjG1ILPc/JrYThUFzMn+p8rmHIIBNQ=",
+ "1.23.10": "sha256-wrp1s2AAEDr2+iw5VcW4pjOzN0DiNJMUQQguIaM0uAs=",
+ "1.23.11": "sha256-sObUE/m0zxAH/Lnw6mRg7VJzpQyUWuR1wiQDawq4F/c=",
+ "1.23.12": "sha256-mP+opzbT5D3rsaphrnHeo2cZic3l6eRMbuUaPUfGNhQ=",
+ "1.23.13": "sha256-TY95a4Lb4ribbVh7/u32ZyRSayEcdaU0VtSsQBTj3Mo=",
+ "1.23.14": "sha256-8r7wBQh5D2MtA1ps/dMVORFWEb/JPFoyZs65W7Lye3Y=",
+ "1.23.15": "sha256-XPOC2RHBPJzI93AlGzov2TmccKxQM3h09nC5B4+IIx0=",
+ "1.23.16": "sha256-q0xkpUw8beVxCLe4O9zwNBMoXwatzPorvFU10gpoRoI=",
+ "1.23.17": "sha256-WI3eBuJRVgE4B4fLX8sHrj00AxMOGlVWsBO3t/tKsjA=",
+ "1.23.2": "sha256-w8S+F5EJNdI0t3YohGG696nGp0FNHxrC7406GvTkGrY=",
+ "1.23.3": "sha256-j50t2ZKvgoVfusLYLgMEKbCLp3deT+578EPrhX37Axc=",
+ "1.23.4": "sha256-7D21ftzOIZwk7zf0pqLu9aFUPkqb0V5+zJk7n3SVDZE=",
+ "1.23.5": "sha256-JTudsimbCbkeTAl4HOHS22utIJnPFrohAkUVn0jQ1eQ=",
+ "1.23.6": "sha256-+7g+Nfa598rhnFBpQkApGAXKnEAoZ2r4aDBlU7PpJmw=",
+ "1.23.7": "sha256-UY9nIA6FMlPtZCRIjWFIR2FEtreW7HxhYM/xV2mz4So=",
+ "1.23.8": "sha256-G6Fa1NnZnPw8vvkitRAUkq106BJimDesLlcFpoy3rx4=",
+ "1.23.9": "sha256-pZdZIL4d4HaOd+8QHk5CsXlAat0kLAiDp9xZjyAG04c=",
+ "1.24.0": "sha256-PZisi0+43Jn5lSIm8lZZUcw2bEQmVqiJ+sxbGy7CulI=",
+ "1.24.1": "sha256-/DUtXJg7DM9HrNiBbrgm14H0CNJyY92Pdh37Y+aav94=",
+ "1.24.10": "sha256-NLFzHfN9F2JmK9kfHLpXqdLuhiloE8SMTlKp15VaG54=",
+ "1.24.11": "sha256-HUhJ+jruSEe4zOzH4UsWyusNUHog0CUM9X5xFVJI908=",
+ "1.24.12": "sha256-MQXEFlzU7+oVQEbKwnygh7EAmMF5MUj+J5e2MeKJei4=",
+ "1.24.13": "sha256-eM3JtGDJl7q8XI1PRfyTx8A335S3AE7KyqhWUA7WFqY=",
+ "1.24.2": "sha256-E9pX0yvh3rrT2JI+SB8wqqRrynAwt+dIsJnUA7MOU0M=",
+ "1.24.3": "sha256-2ldc63xE/dvn0lFMFnmPOfjBDlS12+87zuWsVHY32xE=",
+ "1.24.4": "sha256-DzTRKqobkRrb913WPfA9BnTd6SH6BXGlGs0rW1droKQ=",
+ "1.24.5": "sha256-JEjevibpA0GwONfM/NVZQsdu89nbSOQs6uXo3j+61jE=",
+ "1.24.6": "sha256-+LYG9UIycSjkBNLmanKkDcLdtBdfuOk8Ve/+rOpgkhs=",
+ "1.24.7": "sha256-TSTJfJJMQJcUEsxJcUWtgj5Le4fM2pfrztN19+iG6eI=",
+ "1.24.8": "sha256-LaC5OFfPNSv/XR60LjTTmKWXG2OlPYaHtFF5p4VA1tY=",
+ "1.24.9": "sha256-h1O5rgw+IvCdr9tBeEklgsKIdPcIRN443EPrP61cqLs=",
+ "1.25.0": "sha256-f5GD/OEmBoGGEs6AtsCXV0UsT7UK7+pfxYQ5UcUCDiQ=",
+ "1.25.1": "sha256-Y+OLy8RDfOECJ2lfhyI3HsDReAZ/EDHQn+H1m2/PIUo=",
+ "1.25.2": "sha256-Yx4xs+xkj5ICkv3BveRgU8yl1ccdYiZ42GkH1VbvrqM=",
+ "1.25.3": "sha256-1cicXl2uavpfBqPg5lOsO5P6mpPHdacVUxJp7JGlSr4=",
+ "1.25.4": "sha256-f3Q342H4KZZ+4C4wAm1+hSGWk0MqxekwzJjdnH3bL6w=",
+ "1.25.5": "sha256-FrI+ElSDCAW4ks/M8mh+s+206lT/utuMwu7m07H6uOY=",
+ "1.25.6": "sha256-hIWsSmBFW3eptRjBOzrrDTIzirfpiUoLXSF/6lhc0r4=",
+ "1.25.7": "sha256-LjIWrCkceNgvuJiMFdn9TPFOLd2bF/+R46vy5fPhT9k=",
+ "1.25.8": "sha256-OqghFl2m8buf24KpGylLf0q/xP37IalPoeCal4WHZRY=",
+ "1.25.9": "sha256-DrlRI3N57wI6pS3u2w316uVPpxyutSvbMKRmCAa+0j4=",
+ "1.26.0": "sha256-tklJ/mlsd1Ze2+QQCjFba/jw4jJdrrdi9+hl8WpuVLU=",
+ "1.26.1": "sha256-i5ndc/MJyhrEAF22OOgvlJ/8+4d6BgCJ7A5ylQPbgZg=",
+ "1.26.2": "sha256-5t0u5DKgk0kpNv+FBfCEte1BZi9QIx8cEa4I7oWCo/U=",
+ "1.26.3": "sha256-mS1imL1JS2X1TIOEGXc8SXaspy37NiccYTU37656t9I=",
+ "1.26.4": "sha256-Hin+eglwZs+8HB0qs3+LiDyPP+xBS6/o8se5YLD7YP4=",
+ "1.27.0": "sha256-C07U/NddM/Xf87oXd25giYR/yDBk0/ejrVmjTpTmCik=",
+ "1.27.1": "sha256-yyhF//DOQcQASJOT2nOSXSj77lTP63g0zU0R5iLL06c="
+ },
+ "arm64": {
+ "1.23.0": "sha256-pUb7fMzmnEFj5KCxmjHzDqA5tORWDCP9bjAW4rLf0Nk=",
+ "1.23.1": "sha256-wk5KshFQejkUHSJ1lWEDg/fFaGyuN5W3117rvOhgbz0=",
+ "1.23.10": "sha256-jOHHnufF00ZxnjY35ypR3Zb8fy4fRDqjmwXB2dneMsg=",
+ "1.23.11": "sha256-zk9WjDGT6OCJUGL3g5gNqJrba1SjmceXZWo84XLdsvw=",
+ "1.23.12": "sha256-uALxLHmpeX+Do2bGFxRNAZ0plPxyTHX2QqnQMc5qNIg=",
+ "1.23.13": "sha256-TiKXyYk9Qlv82AdBuV+xpbWbT9T0vPeCzKuUdg5lPN8=",
+ "1.23.14": "sha256-gM3/FTmMghW7czfv3uJbQMhivvvfeSX2qKynG8mnnq4=",
+ "1.23.15": "sha256-tVQNK2fzJa15r2uGqIvD0aiiJUU5Eefrtzh3iM41Woc=",
+ "1.23.16": "sha256-jr8iUDIpsU4pE23mi9K2mU9wQz3SLgvp7pvLeF+XegA=",
+ "1.23.17": "sha256-leJe5NLzT2KLpCaFxq4bpu/fhvLna1zOsLSN5NZlIqc=",
+ "1.23.2": "sha256-ZTcq0HemYN+4qGNDLIoizQtlASLKmM4uEfUaU2RJM58=",
+ "1.23.3": "sha256-lcNtDR5l9hZ/j6gN8Es6gWvIA+a7VVTwTWr4Sccpp30=",
+ "1.23.4": "sha256-xPCckDGjRUn7qkgjGxFf7m4XDOaDLc4m1LULBAqtIxE=",
+ "1.23.5": "sha256-Yffjrg6wBjPTtRY8BGz8rn5ztfJtT/zzQ/OkWQQyNYM=",
+ "1.23.6": "sha256-EaAxDo569aEVOawm1sFM8bd9NbzkynTku9BT7Rr8hlA=",
+ "1.23.7": "sha256-6Wt0anewDATxkmA1iZpYPOKPAuml3KJsG/uCUcpqQ7s=",
+ "1.23.8": "sha256-G07HB+KegTbjUWpDfLVBp5xSxpsTMaet0rR+esfQMuY=",
+ "1.23.9": "sha256-wRsUqz+o5WfFTok8WpN/U2GLJsm2JBbMiqd2CDX2g1A=",
+ "1.24.0": "sha256-jwZsmgSN0XBL8izPbplOL6LqEXXJdop4b2y2YIdlAl4=",
+ "1.24.1": "sha256-whicaVav2g9gAoOfnxSptIyJ3MAihwHoSFa+NqOqxr8=",
+ "1.24.10": "sha256-5PX22GTfy+XldzA59MRLAmofqGJvRZyCwA6KTYW7wIk=",
+ "1.24.11": "sha256-Q6U1lYt7nY2lYAIIBk6z95nZBpztbYNqedJN2HUl9m8=",
+ "1.24.12": "sha256-tBFvuSaU11r9KsO+dC/jwCBHDlNUbPrMc+uKTjPPyrE=",
+ "1.24.13": "sha256-REkTX7SGwnXr+SitCHPDkSl6HXi9hxFj83kgvEHR0XE=",
+ "1.24.2": "sha256-QKhGDhBPv5er7pdj9uHyFD3rxGzGyaGhjiHB/5lg2MA=",
+ "1.24.3": "sha256-bASuJe6bQ09A4NJGbrTvVgTcQ/MG3fHl8WX8nTxSHhI=",
+ "1.24.4": "sha256-LZgXwenh7dlICqBYYupullWpUS2CCxkzF19dfIJTymE=",
+ "1.24.5": "sha256-3V3OqAgol5mBZU7AcysZe+JSoyWaUny8KZ2Vdbwt4+g=",
+ "1.24.6": "sha256-KnuOEx1oI0YuOLwVFLXepdyoYlSzoS7UoPplPC4G3Q4=",
+ "1.24.7": "sha256-2L045ZXKBhxT07fR2uvls8wa1ExzFma9XoQtM2B320s=",
+ "1.24.8": "sha256-ThQnZR5P85J/ls5Lk8RxzMdsaD/BYZ7g1nfXc0W1Tts=",
+ "1.24.9": "sha256-NAIcbPWT/8Q2Hp4q3D1uT1aDOD7riU9A1jzPomjoT0w=",
+ "1.25.0": "sha256-aVcqez0XnUpHmqLg+Q4vCR2NhO8zo1Qi/ImXXcE3pZA=",
+ "1.25.1": "sha256-trqpm5nswfNYZgIIqaJ7ZMZfMxT/lahMcwkbUayYSEs=",
+ "1.25.2": "sha256-yTSMC64dcjo5I1/AQQU9lFO+a1FwgvBms6CJw+290q4=",
+ "1.25.3": "sha256-kp0l/D+QF0mwWBQanGJP83l1mGngnfSbdWV8C+MUEJE=",
+ "1.25.4": "sha256-j/gKEjgfrS6Wyc7GcSWRAYyDDN0yf8e9glI3qlGmraM=",
+ "1.25.5": "sha256-GKpT/1l0ChFQQhiQW1GynMePuLXdgYphkUGvqdr7j1o=",
+ "1.25.6": "sha256-ba3lm2/kuU8D7hc2kvVxPgI7DNGrqo9evkJjtJpj3zg=",
+ "1.25.7": "sha256-y5F2Vjx6db4ejqI9jjZs7Ze+yr1GJv3gFiDscdLrH8I=",
+ "1.25.8": "sha256-bJlbBbVMwM5Otr8wl1ZRZwabLORbqWWXJDDGMcRn0jk=",
+ "1.25.9": "sha256-WvEaKUjIcHZUC7eO6ZVjs3MwHJ2LtpQ5Xizn+xSnY0Q=",
+ "1.26.0": "sha256-+wM8HQecrIursEolq+y8bMGir7U/Vu8dc/jcOxWzwJ4=",
+ "1.26.1": "sha256-9LUUFitS0ZkJzw3fC4FtjXdRxfHeYO2pDNhNzMxWw5k=",
+ "1.26.2": "sha256-M+d/k9FB07niB65Q/wUBht6ghKwm+eyIKA+Furna0xA=",
+ "1.26.3": "sha256-02D5GcJ5oFRBsnF4Aww9FxNMHyV8lfSyK9sowikJk+c=",
+ "1.26.4": "sha256-qSWl0g0pw2LwxNYMsAXyHURXaDdRDgvGXIF5YZabTn4=",
+ "1.27.0": "sha256-N6ou3HwMSz5IhRjGpLRMiq3nWlUBBTTuK+KRIgxz0Vc=",
+ "1.27.1": "sha256-27CdKX2SRXVlTbOO0vxifjWRPC1AAMNGE6xt5JlUV9A="
+ }
+ }
+}
\ No newline at end of file