NixOS · wolfgangwalther · Apr 7, 2025 · Mar 27, 2025
diff --git a/pkgs/applications/networking/cluster/rke2/builder.nix b/pkgs/applications/networking/cluster/rke2/builder.nix
@@ -44,126 +44,123 @@ lib:
   nixosTests,
   testers,
 }:
-let
-  rke2 = buildGoModule rec {
-    pname = "rke2";
-    version = rke2Version;
-
-    src = fetchzip {
-      url = "https://github.com/rancher/rke2/archive/refs/tags/v${rke2Version}.tar.gz";
-      hash = "${rke2TarballHash}";
-    };
-
-    vendorHash = rke2VendorHash;
-
-    nativeBuildInputs = [ makeWrapper ];
-
-    # Important utilities used by the kubelet.
-    # See: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
-    # Notice the list in that issue is stale, but as a redundancy reservation.
-    buildInputs = [
-      procps # pidof pkill
-      coreutils # uname touch env nice du
-      util-linux # lsblk fsck mkfs nsenter mount umount
-      ethtool # ethtool
-      socat # socat
-      iptables # iptables iptables-restore iptables-save
-      bridge-utils # brctl
-      iproute2 # ip tc
-      kmod # modprobe
-      lvm2 # dmsetup
-    ];
+buildGoModule (finalAttrs: {
+  pname = "rke2";
+  version = rke2Version;
 
-    # Passing boringcrypto to GOEXPERIMENT variable to build with goboring library
-    GOEXPERIMENT = "boringcrypto";
-
-    # See: https://github.com/rancher/rke2/blob/e7f87c6dd56fdd76a7dab58900aeea8946b2c008/scripts/build-binary#L27-L38
-    ldflags = [
-      "-w"
-      "-X github.com/k3s-io/k3s/pkg/version.GitCommit=${lib.substring 0 6 rke2Commit}"
-      "-X github.com/k3s-io/k3s/pkg/version.Program=${pname}"
-      "-X github.com/k3s-io/k3s/pkg/version.Version=v${version}"
-      "-X github.com/k3s-io/k3s/pkg/version.UpstreamGolang=go${go.version}"
-      "-X github.com/rancher/rke2/pkg/images.DefaultRegistry=docker.io"
-      "-X github.com/rancher/rke2/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${etcdVersion}"
-      "-X github.com/rancher/rke2/pkg/images.DefaultKubernetesImage=rancher/hardened-kubernetes:${k8sImageTag}"
-      "-X github.com/rancher/rke2/pkg/images.DefaultPauseImage=rancher/mirrored-pause:${pauseVersion}"
-      "-X github.com/rancher/rke2/pkg/images.DefaultRuntimeImage=rancher/rke2-runtime:${dockerizedVersion}"
-      "-X github.com/rancher/rke2/pkg/images.DefaultCloudControllerManagerImage=rancher/rke2-cloud-provider:${ccmVersion}"
-    ];
+  src = fetchzip {
+    url = "https://github.com/rancher/rke2/archive/refs/tags/v${rke2Version}.tar.gz";
+    hash = "${rke2TarballHash}";
+  };
 
-    tags = [
-      "no_cri_dockerd"
-      "no_embedded_executor"
-      "no_stage"
-      "sqlite_omit_load_extension"
-      "selinux"
-      "netgo"
-      "osusergo"
+  vendorHash = rke2VendorHash;
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  # Important utilities used by the kubelet.
+  # See: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
+  # Notice the list in that issue is stale, but as a redundancy reservation.
+  buildInputs = [
+    procps # pidof pkill
+    coreutils # uname touch env nice du
+    util-linux # lsblk fsck mkfs nsenter mount umount
+    ethtool # ethtool
+    socat # socat
+    iptables # iptables iptables-restore iptables-save
+    bridge-utils # brctl
+    iproute2 # ip tc
+    kmod # modprobe
+    lvm2 # dmsetup
+  ];
+
+  # Passing boringcrypto to GOEXPERIMENT variable to build with goboring library
+  GOEXPERIMENT = "boringcrypto";
+
+  # See: https://github.com/rancher/rke2/blob/e7f87c6dd56fdd76a7dab58900aeea8946b2c008/scripts/build-binary#L27-L38
+  ldflags = [
+    "-w"
+    "-X github.com/k3s-io/k3s/pkg/version.GitCommit=${lib.substring 0 6 rke2Commit}"
+    "-X github.com/k3s-io/k3s/pkg/version.Program=${finalAttrs.pname}"
+    "-X github.com/k3s-io/k3s/pkg/version.Version=v${finalAttrs.version}"
+    "-X github.com/k3s-io/k3s/pkg/version.UpstreamGolang=go${go.version}"
+    "-X github.com/rancher/rke2/pkg/images.DefaultRegistry=docker.io"
+    "-X github.com/rancher/rke2/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${etcdVersion}"
+    "-X github.com/rancher/rke2/pkg/images.DefaultKubernetesImage=rancher/hardened-kubernetes:${k8sImageTag}"
+    "-X github.com/rancher/rke2/pkg/images.DefaultPauseImage=rancher/mirrored-pause:${pauseVersion}"
+    "-X github.com/rancher/rke2/pkg/images.DefaultRuntimeImage=rancher/rke2-runtime:${dockerizedVersion}"
+    "-X github.com/rancher/rke2/pkg/images.DefaultCloudControllerManagerImage=rancher/rke2-cloud-provider:${ccmVersion}"
+  ];
+
+  tags = [
+    "no_cri_dockerd"
+    "no_embedded_executor"
+    "no_stage"
+    "sqlite_omit_load_extension"
+    "selinux"
+    "netgo"
+    "osusergo"
+  ];
+
+  subPackages = [ "." ];
+
+  installPhase = ''
+    install -D $GOPATH/bin/rke2 $out/bin/rke2
+    wrapProgram $out/bin/rke2 \
+      --prefix PATH : ${lib.makeBinPath finalAttrs.buildInputs}
+
+    install -D ./bundle/bin/rke2-killall.sh $out/bin/rke2-killall.sh
+    wrapProgram $out/bin/rke2-killall.sh \
+      --prefix PATH : ${
+        lib.makeBinPath [
+          systemd
+          gnugrep
+          gnused
+        ]
+      } \
+      --prefix PATH : ${lib.makeBinPath finalAttrs.buildInputs}
+  '';
+
+  doCheck = false;
+
+  doInstallCheck = true;
+  installCheckPhase = ''
+    runHook preInstallCheck
+    # Verify that the binary uses BoringCrypto
+    go tool nm $out/bin/.rke2-wrapped | grep '_Cfunc__goboringcrypto_' > /dev/null
+    runHook postInstallCheck
+  '';
+
+  passthru = {
+    inherit updateScript;
+    tests =
+      let
+        moduleTests =
+          let
+            package_version =
+              "rke2_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor rke2Version);
+          in
+          lib.mapAttrs (name: value: nixosTests.rke2.${name}.${package_version}) nixosTests.rke2;
+      in
+      {
+        version = testers.testVersion {
+          package = finalAttrs.finalPackage;
+          version = "v${finalAttrs.version}";
+        };
+      }
+      // moduleTests;
+  } // (lib.mapAttrs (_: value: fetchurl value) imagesVersions);
+
+  meta = with lib; {
+    homepage = "https://github.com/rancher/rke2";
+    description = "RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution";
+    changelog = "https://github.com/rancher/rke2/releases/tag/v${version}";
+    license = licenses.asl20;
+    maintainers = with maintainers; [
+      rorosen
+      zimbatm
+      zygot
     ];
-
-    subPackages = [ "." ];
-
-    installPhase = ''
-      install -D $GOPATH/bin/rke2 $out/bin/rke2
-      wrapProgram $out/bin/rke2 \
-        --prefix PATH : ${lib.makeBinPath buildInputs}
-
-      install -D ./bundle/bin/rke2-killall.sh $out/bin/rke2-killall.sh
-      wrapProgram $out/bin/rke2-killall.sh \
-        --prefix PATH : ${
-          lib.makeBinPath [
-            systemd
-            gnugrep
-            gnused
-          ]
-        } \
-        --prefix PATH : ${lib.makeBinPath buildInputs}
-    '';
-
-    doCheck = false;
-
-    doInstallCheck = true;
-    installCheckPhase = ''
-      runHook preInstallCheck
-      # Verify that the binary uses BoringCrypto
-      go tool nm $out/bin/.rke2-wrapped | grep '_Cfunc__goboringcrypto_' > /dev/null
-      runHook postInstallCheck
-    '';
-
-    passthru = {
-      inherit updateScript;
-      tests =
-        let
-          moduleTests =
-            let
-              package_version =
-                "rke2_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor rke2Version);
-            in
-            lib.mapAttrs (name: value: nixosTests.rke2.${name}.${package_version}) nixosTests.rke2;
-        in
-        {
-          version = testers.testVersion {
-            package = rke2;
-            version = "v${version}";
-          };
-        }
-        // moduleTests;
-    } // (lib.mapAttrs (_: value: fetchurl value) imagesVersions);
-
-    meta = with lib; {
-      homepage = "https://github.com/rancher/rke2";
-      description = "RKE2, also known as RKE Government, is Rancher's next-generation Kubernetes distribution";
-      changelog = "https://github.com/rancher/rke2/releases/tag/v${version}";
-      license = licenses.asl20;
-      maintainers = with maintainers; [
-        rorosen
-        zimbatm
-        zygot
-      ];
-      mainProgram = "rke2";
-      platforms = platforms.linux;
-    };
+    mainProgram = "rke2";
+    platforms = platforms.linux;
   };
-in
-rke2
+})