inaugurate decent devshell

devshell.toml

@@ -0,0 +1,36 @@
+[devshell]
+name = "kubenix"
+packages = [
+  "fd",
+  "nixpkgs-fmt",
+  "dive",
+  "kube3d",
+  "kubie",
+  "k9s",
+]
+
+[[commands]]
+name = "fmt"
+help = "Check Nix formatting"
+category = "checks"
+command = "nixpkgs-fmt ${@} ."
+
+[[commands]]
+name = "evalnix"
+help = "Check Nix parsing"
+category = "checks"
+command = "fd --extension nix --exec nix-instantiate --parse --quiet {} >/dev/null"
+
+# K8s related tools
+[[commands]]
+package = "dive"
+category = "k8s"
+
+[[commands]]
+package = "kubie"
+category = "k8s"
+
+[[commands]]
+package = "k9s"
+category = "k8s"
+

flake.nix

@@ -21,10 +21,7 @@
           };
         in
         rec {
-          devShell = with pkgs; mkShell {
+          devShell = import ./shell.nix { inherit system pkgs; };
-            buildInputs = [
-            ];
-          };
 
           packages = flake-utils.lib.flattenTree {
             inherit (pkgs)
@@ -43,6 +40,9 @@
         kubenix = prev.callPackage ./default.nix {
           nixosPath = "${nixpkgs}/nixos";
         };
+        # up to date versions of their nixpkgs equivalents
+        kubernetes = prev.callPackage ./pkgs/applications/networking/cluster/kubernetes { };
+        kubectl = prev.callPackage ./pkgs/applications/networking/cluster/kubectl { };
       };
     };
 }

pkgs/applications/networking/cluster/kubectl/default.nix

@@ -0,0 +1,30 @@
+{ stdenv, kubernetes, installShellFiles }:
+
+stdenv.mkDerivation {
+  name = "kubectl-${kubernetes.version}";
+
+  # kubectl is currently part of the main distribution but will eventially be
+  # split out (see homepage)
+  dontUnpack = true;
+
+  nativeBuildInputs = [ installShellFiles ];
+
+  outputs = [ "out" "man" ];
+
+  installPhase = ''
+    install -D ${kubernetes}/bin/kubectl -t $out/bin
+
+    installManPage "${kubernetes.man}/share/man/man1"/kubectl*
+
+    for shell in bash zsh; do
+      $out/bin/kubectl completion $shell > kubectl.$shell
+      installShellCompletion kubectl.$shell
+    done
+  '';
+
+  meta = kubernetes.meta // {
+    description = "Kubernetes CLI";
+    homepage = "https://github.com/kubernetes/kubectl";
+  };
+}
+

pkgs/applications/networking/cluster/kubernetes/default.nix

@@ -0,0 +1,90 @@
+{ stdenv
+, lib
+, fetchFromGitHub
+, removeReferencesTo
+, which
+, go
+, makeWrapper
+, rsync
+, installShellFiles
+
+, components ? [
+    "cmd/kubelet"
+    "cmd/kube-apiserver"
+    "cmd/kube-controller-manager"
+    "cmd/kube-proxy"
+    "cmd/kube-scheduler"
+    "test/e2e/e2e.test"
+  ]
+}:
+
+stdenv.mkDerivation rec {
+  pname = "kubernetes";
+  version = "1.20.4";
+
+  src = fetchFromGitHub {
+    owner = "kubernetes";
+    repo = "kubernetes";
+    rev = "v${version}";
+    hash = "sha256-r9Clwr+87Ns4VXUW9F6cgks+LknY39ngbQgZ5UMZ0Vo=";
+  };
+
+  nativeBuildInputs = [ removeReferencesTo makeWrapper which go rsync installShellFiles ];
+
+  outputs = [ "out" "man" "pause" ];
+
+  patches = [ ./fixup-addonmanager-lib-path.patch ];
+
+  postPatch = ''
+    # go env breaks the sandbox
+    substituteInPlace "hack/lib/golang.sh" \
+      --replace 'echo "$(go env GOHOSTOS)/$(go env GOHOSTARCH)"' 'echo "${go.GOOS}/${go.GOARCH}"'
+
+    substituteInPlace "hack/update-generated-docs.sh" --replace "make" "make SHELL=${stdenv.shell}"
+    # hack/update-munge-docs.sh only performs some tests on the documentation.
+    # They broke building k8s; disabled for now.
+    echo "true" > "hack/update-munge-docs.sh"
+
+    patchShebangs ./hack
+  '';
+
+  WHAT = lib.concatStringsSep " " ([
+    "cmd/kubeadm"
+    "cmd/kubectl"
+  ] ++ components);
+
+  postBuild = ''
+    ./hack/update-generated-docs.sh
+    (cd build/pause/linux && cc pause.c -o pause)
+  '';
+
+  installPhase = ''
+    for p in $WHAT; do
+      install -D _output/local/go/bin/''${p##*/} -t $out/bin
+    done
+
+    install -D build/pause/linux/pause -t $pause/bin
+    installManPage docs/man/man1/*.[1-9]
+
+    cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh
+
+    for tool in kubeadm kubectl; do
+      for shell in bash zsh; do
+        $out/bin/$tool completion $shell > $tool.$shell
+        installShellCompletion $tool.$shell
+      done
+    done
+  '';
+
+  preFixup = ''
+    find $out/bin $pause/bin -type f -exec remove-references-to -t ${go} '{}' +
+  '';
+
+  meta = with lib; {
+    description = "Production-Grade Container Scheduling and Management";
+    license = licenses.asl20;
+    homepage = "https://kubernetes.io";
+    maintainers = with maintainers; [ johanot offline saschagrunert ];
+    platforms = platforms.unix;
+  };
+}

pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch

@@ -0,0 +1,23 @@
+diff --git a/cluster/addons/addon-manager/kube-addons-main.sh b/cluster/addons/addon-manager/kube-addons-main.sh
+index 849973470d1..e4fef30eaea 100755
+--- a/cluster/addons/addon-manager/kube-addons-main.sh
++++ b/cluster/addons/addon-manager/kube-addons-main.sh
+@@ -17,17 +17,7 @@
+ # Import required functions. The addon manager is installed to /opt in
+ # production use (see the Dockerfile)
+ # Disabling shellcheck following files as the full path would be required.
+-if [ -f "kube-addons.sh" ]; then
+-  # shellcheck disable=SC1091
+-  source "kube-addons.sh"
+-elif [ -f "/opt/kube-addons.sh" ]; then
+-  # shellcheck disable=SC1091
+-  source "/opt/kube-addons.sh"
+-else
+-  # If the required source is missing, we have to fail.
+-  log ERR "== Could not find kube-addons.sh (not in working directory or /opt) at $(date -Is) =="
+-  exit 1
+-fi
++source "@out@/bin/kube-addons-lib.sh"
+ 
+ # The business logic for whether a given object should be created
+ # was already enforced by salt, and /etc/kubernetes/addons is the

pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh

@@ -0,0 +1,113 @@
+#!/usr/bin/env bash
+
+# Copyright 2014 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Generate Docker daemon options based on flannel env file.
+
+# exit on any error
+set -e
+
+usage() {
+    echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY]
+
+Generate Docker daemon options based on flannel env file
+OPTIONS:
+    -f  Path to flannel env file. Defaults to /run/flannel/subnet.env
+    -d  Path to Docker env file to write to. Defaults to /run/docker_opts.env
+    -i  Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500
+    -c  Output combined Docker options into DOCKER_OPTS var
+    -k  Set the combined options key to this value (default DOCKER_OPTS=)
+    -m  Do not output --ip-masq (useful for older Docker version)
+" >/dev/stderr
+    exit 1
+}
+
+flannel_env="/run/flannel/subnet.env"
+docker_env="/run/docker_opts.env"
+combined_opts_key="DOCKER_OPTS"
+indiv_opts=false
+combined_opts=false
+ipmasq=true
+val=""
+
+while getopts "f:d:icmk:" opt; do
+    case $opt in
+        f)
+            flannel_env=$OPTARG
+            ;;
+        d)
+            docker_env=$OPTARG
+            ;;
+        i)
+            indiv_opts=true
+            ;;
+        c)
+            combined_opts=true
+            ;;
+        m)
+            ipmasq=false
+            ;;
+        k)
+            combined_opts_key=$OPTARG
+            ;;
+        \?)
+            usage
+            ;;
+    esac
+done
+
+if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then
+    indiv_opts=true
+    combined_opts=true
+fi
+
+if [[ -f "${flannel_env}" ]]; then
+    source "${flannel_env}"
+fi
+
+if [[ -n "$FLANNEL_SUBNET" ]]; then
+    # shellcheck disable=SC2034  # Variable name referenced in OPT_LOOP below
+    DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET"
+fi
+
+if [[ -n "$FLANNEL_MTU" ]]; then
+    # shellcheck disable=SC2034  # Variable name referenced in OPT_LOOP below
+    DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU"
+fi
+
+if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then
+    # shellcheck disable=SC2034  # Variable name referenced in OPT_LOOP below
+    DOCKER_OPT_IPMASQ="--ip-masq=false"
+fi
+
+eval docker_opts="\$${combined_opts_key}"
+docker_opts+=" "
+
+echo -n "" >"${docker_env}"
+
+# OPT_LOOP
+for opt in $(compgen -v DOCKER_OPT_); do
+    eval val=\$"${opt}"
+
+    if [[ "$indiv_opts" = true ]]; then
+        echo "$opt=\"$val\"" >>"${docker_env}"
+    fi
+
+    docker_opts+="$val "
+done
+
+if [[ "$combined_opts" = true ]]; then
+    echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}"
+fi

shell.nix

@@ -0,0 +1,17 @@
+{
+  system ? builtins.currentSystem,
+  pkgs,
+}:
+let
+  devshellGitRev = "709fe4d04a9101c9d224ad83f73416dce71baf21";
+
+  devshellSrc = fetchTarball {
+    url = "https://github.com/numtide/devshell/archive/${devshellGitRev}.tar.gz";
+    sha256 = "1px9cqfshfqs1b7ypyxch3s3ymr4xgycy1krrcg7b97rmmszvsqr";
+  };
+
+  devshell = import devshellSrc { inherit system pkgs; };
+
+in
+devshell.fromTOML ./devshell.toml
+