Skip to content
Commits on Source (7)
Hide whitespace changes
Inline Side-by-side
roles/container-engine/cri-o/vars/v1.29.yml
View file @ 7f785a5e
---
crio_conmon: "{{ bin_dir }}/crio-conmon"
# cri-o binary files
crio_bin_files:
- conmon
- conmonrs
- crio-conmon
- crio-conmonrs
- crio-crun
- crio-runc
- crio
- pinns
......
roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/svc-ingress-nginx.yml.j2
View file @ 7f785a5e
......@@ -20,5 +20,5 @@ spec:
protocol: TCP
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/port-of: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
{% endif %}
roles/kubernetes/preinstall/gen-gitinfos.sh deleted 100755 → 0
View file @ 66eaba37
#!/bin/sh
set -e
# Text color variables
txtbld=$(tput bold) # Bold
bldred=${txtbld}$(tput setaf 1) # red
bldgre=${txtbld}$(tput setaf 2) # green
bldylw=${txtbld}$(tput setaf 3) # yellow
txtrst=$(tput sgr0) # Reset
err=${bldred}ERROR${txtrst}
info=${bldgre}INFO${txtrst}
warn=${bldylw}WARNING${txtrst}
usage()
{
cat << EOF
Generates a file which contains useful git informations
Usage : $(basename $0) [global|diff]
ex :
Generate git information
$(basename $0) global
Generate diff from latest tag
$(basename $0) diff
EOF
}
if [ $# != 1 ]; then
printf "\n$err : Needs 1 argument\n"
usage
exit 2
fi;
current_commit=$(git rev-parse HEAD)
latest_tag=$(git describe --abbrev=0 --tags)
latest_tag_commit=$(git show-ref -s ${latest_tag})
tags_list=$(git tag --points-at "${latest_tag}")
case ${1} in
"global")
cat<<EOF
deployment date="$(date '+%d-%m-%Y %Hh%M')"
deployment_timestamp=$(date '+%s')
user="$USER"
current commit (HEAD)="${current_commit}"
current_commit_timestamp=$(git log -1 --pretty=format:%ct)
latest tag(s) (current branch)="${tags_list}"
latest tag commit="${latest_tag_commit}"
current branch="$(git rev-parse --abbrev-ref HEAD)"
branches list="$(git describe --contains --all HEAD)"
git root directory="$(git rev-parse --show-toplevel)"
EOF
if ! git diff-index --quiet HEAD --; then
printf "unstaged changes=\"/etc/.git-ansible.diff\""
fi
if [ "${current_commit}" = "${latest_tag_commit}" ]; then
printf "\ncurrent_commit_tag=\"${latest_tag}\""
else
printf "\nlast tag was "$(git describe --tags | awk -F- '{print $2}')" commits ago =\""
printf "$(git log --pretty=format:" %h - %s" ${latest_tag}..HEAD)\""
fi
;;
"diff")
git diff
;;
*)
usage
printf "$err: Unknown argument ${1}"
exit 1;
;;
esac
roles/kubespray-defaults/defaults/main/checksums.yml
View file @ 7f785a5e
......@@ -41,7 +41,7 @@ crio_archive_checksums:
v1.27.0: c6615360311bff7fdfe1933e8d5030a2e9926b7196c4e7a07fcb10e51a676272
amd64:
v1.29.2: f71a85039b71fe08f1c063a93d61a1c952dc8f9a8c6be9b13fbdac8f0d9ff960
v1.29.1: 6ff5af9962bfc079275ecec2b6caf5dbd25bf037fff53e87d67f27c2617432c5
v1.29.1: 127ca9f57c2a3ad44dde2e64e0ec94169886245dffb74c12e68eedc80756c260
v1.29.0: 79c161d8db8ee7f0f4807d6232283d481ef0c20c514b61289238258f66734ac6
v1.28.2: c8002a622e268b73f8d45b0adbdff9422b832106a23be137fabdc8a233b3f787
v1.28.1: 63cee2e67e283e29d790caa52531bcca7bc59473fb73bde75f4fd8daa169d4bf
......@@ -1170,6 +1170,9 @@ gvisor_containerd_shim_binary_checksums:
20230904: 0
nerdctl_archive_checksums:
arm:
1.7.4: 91d3a8bcc2247dd80f8f5769419e6f344dea412937de4c318f65d8e9bf01355b
1.7.3: 44369f34a98e5955eb02e41779b1a470332194e4c2bef136fe471943eaf8057a
1.7.2: d952c1cbe3d25478bbed5f4ee7af4bb52fa4ed47e43802dc5eb2888a4c8da704
1.7.1: 799d35de7a182da35d850308c7f1787cd7321404348ff2d5ba64ad43b06b395a
1.7.0: 8b9e7cccbcc0a472685d1bc285f591f41005f8699e7265ea5438a3e06aefdcfd
1.6.2: 69363f4dbf2616d5238647bfbff60525b7b59417a26de8eb255b6d6a09171175
......@@ -1184,6 +1187,9 @@ nerdctl_archive_checksums:
1.1.0: cc3bc31b4df015806717149f13b3b329f8fb62e3631aa2abdbae71664ce5c40d
1.0.0: 8fd283a2f2272b15f3df43cd79642c25f19f62c3c56ad58bb68afb7ed92904c2
arm64:
1.7.4: d8df47708ca57b9cd7f498055126ba7dcfc811d9ba43aae1830c93a09e70e22d
1.7.3: e4f16b78d884768f6997558130146ba9bd7846828b19fa2ca8e8eda988953fd7
1.7.2: de68d5380d65604cd26c164988547cf46b698f7819a5d51d98e3a0f031f5594d
1.7.1: 46affa0564bb74f595a817e7d5060140099d9cfd9e00e1272b4dbe8b0b85c655
1.7.0: 1255eea5bc2dbac9339d0a9acfb0651dda117504d52cd52b38cf3c2251db4f39
1.6.2: ece848045290dd61f542942248587e91125563af46c0ea972a7c908d0d39c96c
......@@ -1198,6 +1204,9 @@ nerdctl_archive_checksums:
1.1.0: a0b57b39341b9d67a3f0ae74e19985c72e930bad14291cbbd8479ed6a6a64e83
1.0.0: 27622c9d95efe6d807d5f3770d24ddd71719c6ae18f76b5fc89663a51bcd6208
amd64:
1.7.4: 71aee9d987b7fad0ff2ade50b038ad7e2356324edc02c54045960a3521b3e6a7
1.7.3: ee93ffe6f90e50bde153a9a0dd779594e0bc13a26949053965958b91b6dffdd0
1.7.2: aed7d33d645bfb97c8df978d952a1e1f7e02b0b3ed2c0089ee4285af7f8f971b
1.7.1: 5fc0a6e8c3a71cbba95fbdb6833fb8a7cd8e78f53de10988362d4029c14b905a
1.7.0: 844c47b175a3d6bc8eaad0c51f23624a5ef10c09e55607803ec2bc846fb04df9
1.6.2: 67991fc144b03596f15be6c20ca112d10bd92ad467414e95b0f1d60d332ae34e
......@@ -1212,6 +1221,9 @@ nerdctl_archive_checksums:
1.1.0: fcfd36b0b9441541aab0793c0f586599e6d774781c74f16468a3300026120c0e
1.0.0: 3e993d714e6b88d1803a58d9ff5a00d121f0544c35efed3a3789e19d6ab36964
ppc64le:
1.7.4: 97c99ab6030ffac1fb780fe012de06a36512b17b13de5c99445468b5a5fe5a62
1.7.3: e63ae0a8f5ccd12877ff944b609d0a4c55c97ba79808ab16c7dc7e99fd8f3dd6
1.7.2: e5c01702d3cec0763d28bd3cf6ea9c3efc58662a93cb4e15669a839782af10d7
1.7.1: 09fd0cbef25c98e08c5cc2d1e39da279cbf66c430fdf6c8738e56ce8f949dad9
1.7.0: e421ae655ff68461bad04b4a1a0ffe40c6f0fcfb0847d5730d66cd95a7fd10cd
1.6.2: 3b0d6e4c42b99e2dd8059ded81cde69f42b065d9f486142f3c9b0861ba7effef
......
roles/kubespray-defaults/defaults/main/download.yml
View file @ 7f785a5e
......@@ -125,7 +125,7 @@ kube_ovn_dpdk_version: "19.11-{{ kube_ovn_version }}"
kube_router_version: "v2.0.0"
multus_version: "v3.8"
helm_version: "v3.14.2"
nerdctl_version: "1.7.1"
nerdctl_version: "1.7.4"
krew_version: "v0.4.4"
skopeo_version: "v1.13.2"
......
scripts/download_hash.sh
View file @ 7f785a5e
#!/bin/bash
#!/usr/bin/env bash
set -o errexit
set -o pipefail
......@@ -8,23 +8,62 @@ fi
checksums_file="$(git rev-parse --show-toplevel)/roles/kubespray-defaults/defaults/main/checksums.yml"
downloads_folder=/tmp/kubespray_binaries
default_file="$(git rev-parse --show-toplevel)/roles/kubespray-defaults/defaults/main/main.yml"
kube_min_version="$(grep kube_version_min_required ${default_file} | sed -E 's|kube_version_min_required: v(.*)|\1|g')"
function get_versions {
function filter_version() {
while read version; do
if [[ "${version}" =~ ^v?[0-9]*\.[0-9]*\.[0-9]*$ ]]; then
echo "${version}"
fi
done < /dev/stdin
}
function min_version() {
local min_version="$1"
local func_filter="${2:-filter_version}"
while read version; do
if _vercmp "${version#v}" '>=' "${min_version}"; then
echo "${version}"
fi
done | "${func_filter}"
}
function limit_version() {
local number_versions="${1:-7}"
local func_filter="${2:-filter_version}"
"${func_filter}" | head -n "${number_versions}"
}
function gvisor_version_filter() {
while read version; do
echo "${version}" | sed -E 's|^release-(.*)\..*$|\1|'
done | head -n 8
}
function get_versions() {
local type="$1"
local name="$2"
# NOTE: Limit in the number of versions to be register in the checksums file
local limit="${3:-7}"
local python_app="${4:-"import sys,re;tags=[tag.rstrip() for tag in sys.stdin if re.match(\'^v?(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)$\',tag)];print(\' \'.join(tags[:$limit]))"}"
local version_func="${3:-limit_version}"
if [ "$#" -ge 3 ]; then
shift 3
else
shift 2
fi
local version=""
local attempt_counter=0
readonly max_attempts=5
until [ "$version" ]; do
version=$("_get_$type" "$name" "$python_app")
if [ "$version" ]; then
version=$("_get_$type" "$name" "${version_func}" "$@")
if _vercmp "${version#v}" '<' "${min_version}"; then
continue
elif [ "$version" ] ; then
break
elif [ ${attempt_counter} -eq ${max_attempts} ]; then
echo "Max attempts reached"
echo "Max attempts reached" >&2
exit 1
fi
attempt_counter=$((attempt_counter + 1))
......@@ -34,18 +73,19 @@ function get_versions {
echo "${version}"
}
function _get_github_tags {
function _get_github_tags() {
local repo="$1"
local python_app="$2"
local version_func="$2"
shift 2
# The number of results per page (max 100).
tags="$(curl -s "https://api.github.com/repos/$repo/tags?per_page=100")"
# The number of results per page (max 50).
tags="$(curl -s "https://api.github.com/repos/$repo/tags?per_page=50")"
if [ "$tags" ]; then
echo "$tags" | grep -Po '"name":.*?[^\\]",' | awk -F '"' '{print $4}' | python -c "$python_app"
echo "$tags" | grep -Po '"name":.*?[^\\]",' | awk -F '"' '{print $4}' | "$version_func" "$@"
fi
}
function _vercmp {
function _vercmp() {
local v1=$1
local op=$2
local v2=$3
......@@ -83,13 +123,13 @@ function _vercmp {
esac
}
function get_checksums {
function get_checksums() {
local binary="$1"
local version_exceptions="cri_dockerd_archive nerdctl_archive containerd_archive youki"
declare -A skip_archs=(
["crio_archive"]="arm ppc64le"
["crio_archive"]="arm"
["calicoctl_binary"]="arm"
["ciliumcli_binary"]="ppc64le"
["ciliumcli_binary"]="arm ppc64le"
["etcd_binary"]="arm"
["cri_dockerd_archive"]="arm ppc64le"
["runc"]="arm"
......@@ -113,7 +153,7 @@ function get_checksums {
done
}
function get_krew_archive_checksums {
function get_krew_archive_checksums() {
declare -A archs=(
["linux"]="arm arm64 amd64"
["darwin"]="arm64 amd64"
......@@ -134,14 +174,14 @@ function get_krew_archive_checksums {
done
}
function get_calico_crds_archive_checksums {
function get_calico_crds_archive_checksums() {
echo "calico_crds_archive_checksums:" | tee --append "$checksums_file"
for version in "$@"; do
echo " $version: $(_get_checksum "calico_crds_archive" "$version")" | tee --append "$checksums_file"
done
}
function get_containerd_archive_checksums {
function get_containerd_archive_checksums() {
declare -A support_version_history=(
["arm"]="2"
["arm64"]="1.6.0"
......@@ -159,7 +199,7 @@ function get_containerd_archive_checksums {
done
}
function get_k8s_checksums {
function get_k8s_checksums() {
local binary=$1
echo "${binary}_checksums:" | tee --append "$checksums_file"
......@@ -176,7 +216,36 @@ function get_k8s_checksums {
done
}
function _get_checksum {
function get_crictl_checksums() {
local binary=$1
echo "${binary}_checksums:" | tee --append "$checksums_file"
echo " arm:" | tee --append "$checksums_file"
for version in "${@:2}"; do
_vercmp "${version#v}" '<' "1.29" && checksum=$(_get_checksum "$binary" "$version" "arm") || checksum=0
echo " ${version}: $checksum" | tee --append "$checksums_file"
done
for arch in arm64 amd64 ppc64le; do
echo " $arch:" | tee --append "$checksums_file"
for version in "${@:2}"; do
echo " ${version}: $(_get_checksum "$binary" "$version" "$arch")" | tee --append "$checksums_file"
done
done
}
# Note: kata changed their arch starting at version 3.2.0
function get_arch_kata() {
local version="${1}"
local arch="${2}"
if _vercmp "${version}" '<' '3.2.0'; then
echo "${arch//amd64/x86_64}"
else
echo "${arch}"
fi
}
function _get_checksum() {
local binary="$1"
local version="$2"
local arch="${3:-amd64}"
......@@ -187,73 +256,90 @@ function _get_checksum {
readonly github_archive_url="$github_url/%s/archive/%s"
readonly google_url="https://storage.googleapis.com"
readonly release_url="https://dl.k8s.io"
readonly k8s_url="$release_url/release/$version/bin/$os/$arch/%s"
readonly k8s_url="$release_url/release/$version/bin/$os/$arch/%s.sha256"
# Download URLs
declare -A urls=(
["crictl"]="$(printf "$github_releases_url" "kubernetes-sigs/cri-tools" "crictl-$version-$os-$arch.tar.gz")"
["crio_archive"]="$google_url/cri-o/artifacts/cri-o.$arch.$version.tar.gz"
["crictl"]="$(printf "$github_releases_url" "kubernetes-sigs/cri-tools" "crictl-$version-$os-$arch.tar.gz.sha256")"
["crio_archive"]="$google_url/cri-o/artifacts/cri-o.$arch.$version.tar.gz.sha256sum"
["kubelet"]="$(printf "$k8s_url" "kubelet")"
["kubectl"]="$(printf "$k8s_url" "kubectl")"
["kubeadm"]="$(printf "$k8s_url" "kubeadm")"
["etcd_binary"]="$(printf "$github_releases_url" "etcd-io/etcd" "etcd-$version-$os-$arch.tar.gz")"
["cni_binary"]="$(printf "$github_releases_url" "containernetworking/plugins" "cni-plugins-$os-$arch-$version.tgz")"
["cni_binary"]="$(printf "$github_releases_url" "containernetworking/plugins" "cni-plugins-$os-$arch-$version.tgz.sha256")"
["calicoctl_binary"]="$(printf "$github_releases_url" "projectcalico/calico" "calicoctl-$os-$arch")"
["ciliumcli_binary"]="$(printf "$github_releases_url" "cilium/cilium-cli" "cilium-$os-$arch.tar.gz")"
["ciliumcli_binary"]="$(printf "$github_releases_url" "cilium/cilium-cli" "cilium-$os-$arch.tar.gz.sha256sum")"
["calico_crds_archive"]="$(printf "$github_archive_url" "projectcalico/calico" "$version.tar.gz")"
["krew_archive"]="$(printf "$github_releases_url" "kubernetes-sigs/krew" "krew-${os}_$arch.tar.gz")"
["helm_archive"]="https://get.helm.sh/helm-$version-$os-$arch.tar.gz"
["cri_dockerd_archive"]="$(printf "$github_releases_url" "Mirantis/cri-dockerd" "cri-dockerd-${version#v}.$arch.tgz")"
["runc"]="$(printf "$github_releases_url" "opencontainers/runc" "runc.$arch")"
["runc"]="$(printf "$github_releases_url" "opencontainers/runc" "runc.sha256sum")"
["crun"]="$(printf "$github_releases_url" "containers/crun" "crun-$version-$os-$arch")"
["youki"]="$(printf "$github_releases_url" "containers/youki" "youki_$([ $version == "v0.0.1" ] && echo "v0_0_1" || echo "${version#v}" | sed 's|\.|_|g')_$os.tar.gz")"
["kata_containers_binary"]="$(printf "$github_releases_url" "kata-containers/kata-containers" "kata-static-$version-${arch//amd64/x86_64}.tar.xz")"
["kata_containers_binary"]="$(printf "$github_releases_url" "kata-containers/kata-containers" "kata-static-$version-$(get_arch_kata "${version}" "${arch}").tar.xz")"
["gvisor_runsc_binary"]="$(printf "$google_url/gvisor/releases/release/$version/%s/runsc" "$(echo "$arch" | sed -e 's/amd64/x86_64/' -e 's/arm64/aarch64/')")"
["gvisor_containerd_shim_binary"]="$(printf "$google_url/gvisor/releases/release/$version/%s/containerd-shim-runsc-v1" "$(echo "$arch" | sed -e 's/amd64/x86_64/' -e 's/arm64/aarch64/')")"
["nerdctl_archive"]="$(printf "$github_releases_url" "containerd/nerdctl" "nerdctl-${version#v}-$os-$([ "$arch" == "arm" ] && echo "arm-v7" || echo "$arch" ).tar.gz")"
["containerd_archive"]="$(printf "$github_releases_url" "containerd/containerd" "containerd-${version#v}-$os-$arch.tar.gz")"
["skopeo_binary"]="$(printf "$github_releases_url" "lework/skopeo-binary" "skopeo-$os-$arch")"
["containerd_archive"]="$(printf "$github_releases_url" "containerd/containerd" "containerd-${version#v}-$os-$arch.tar.gz.sha256sum")"
["skopeo_binary"]="$(printf "$github_releases_url" "lework/skopeo-binary" "skopeo-$os-$arch.sha256")"
["yq"]="$(printf "$github_releases_url" "mikefarah/yq" "yq_${os}_$arch")"
)
mkdir -p "$(dirname $target)"
[ -f "$target" ] || curl -LfSs -o "${target}" "${urls[$binary]}"
sha256sum ${target} | awk '{print $1}'
}
function main {
mkdir -p "$(dirname "$checksums_file")"
echo "---" | tee "$checksums_file"
get_checksums crictl $(get_versions github_tags kubernetes-sigs/cri-tools 4)
get_checksums crio_archive $(get_versions github_tags cri-o/cri-o)
kubernetes_versions=$(get_versions github_tags kubernetes/kubernetes 25)
echo "# Checksum" | tee --append "$checksums_file"
echo "# Kubernetes versions above Kubespray's current target version are untested and should be used with caution." | tee --append "$checksums_file"
get_k8s_checksums kubelet $kubernetes_versions
get_checksums kubectl $kubernetes_versions
get_k8s_checksums kubeadm $kubernetes_versions
get_checksums etcd_binary $(get_versions github_tags etcd-io/etcd)
get_checksums cni_binary $(get_versions github_tags containernetworking/plugins)
calico_versions=$(get_versions github_tags projectcalico/calico 20)
get_checksums calicoctl_binary $calico_versions
get_checksums ciliumcli_binary $(get_versions github_tags cilium/cilium-cli 10)
get_calico_crds_archive_checksums $calico_versions
get_krew_archive_checksums $(get_versions github_tags kubernetes-sigs/krew 2)
get_checksums helm_archive $(get_versions github_tags helm/helm)
get_checksums cri_dockerd_archive $(get_versions github_tags Mirantis/cri-dockerd)
get_checksums runc $(get_versions github_tags opencontainers/runc 5)
get_checksums crun $(get_versions github_tags containers/crun)
get_checksums youki $(get_versions github_tags containers/youki)
get_checksums kata_containers_binary $(get_versions github_tags kata-containers/kata-containers 10)
gvisor_versions=$(get_versions github_tags google/gvisor 0 "import sys,re;tags=[tag[8:16] for tag in sys.stdin if re.match('^release-?(0|[1-9]\d*)\.(0|[1-9]\d*)$',tag)];print(' '.join(tags[:9]))")
get_checksums gvisor_runsc_binary $gvisor_versions
get_checksums gvisor_containerd_shim_binary $gvisor_versions
get_checksums nerdctl_archive $(get_versions github_tags containerd/nerdctl)
get_containerd_archive_checksums $(get_versions github_tags containerd/containerd 30)
get_checksums skopeo_binary $(get_versions github_tags lework/skopeo-binary)
get_checksums yq $(get_versions github_tags mikefarah/yq)
if [ ! -f "$target" ]; then
echo "$target can't be downloaded" >&2
echo 0
return
fi
if echo "${urls[$binary]}" | grep -qi sha256sum; then
local hashes="$(cat "${target}")"
if [ "$(echo "${hashes}" | wc -l)" -gt 1 ]; then
hashes="$(echo "${hashes}" | grep -- "${arch}")"
fi
if [ "$(echo "${hashes}" | wc -l)" -gt 1 ]; then
hashes="$(echo "${hashes}" | grep -- "${os}")"
fi
if [ "$(echo "${hashes}" | wc -l)" -gt 1 ]; then
echo "more than 1 hash" >&2
echo "${hashes}" >&2
exit 1
fi
echo "${hashes}" | awk '{print $1}'
elif echo "${urls[$binary]}" | grep -qi sha256; then
cat "${target}" | awk '{print $1}'
else
sha256sum ${target} | awk '{print $1}'
fi
}
if [[ ${__name__:-"__main__"} == "__main__" ]]; then
main
fi
mkdir -p "$(dirname "$checksums_file")"
echo "---" | tee "$checksums_file"
get_crictl_checksums crictl $(get_versions github_tags kubernetes-sigs/cri-tools min_version "${kube_min_version}")
get_checksums crio_archive $(get_versions github_tags cri-o/cri-o min_version "${kube_min_version}")
kubernetes_versions=$(get_versions github_tags kubernetes/kubernetes min_version "${kube_min_version}")
echo "# Checksum" | tee --append "$checksums_file"
echo "# Kubernetes versions above Kubespray's current target version are untested and should be used with caution." | tee --append "$checksums_file"
get_k8s_checksums kubelet $kubernetes_versions
get_checksums kubectl $kubernetes_versions
get_k8s_checksums kubeadm $kubernetes_versions
get_checksums etcd_binary $(get_versions github_tags etcd-io/etcd)
get_checksums cni_binary $(get_versions github_tags containernetworking/plugins)
calico_versions=$(get_versions github_tags projectcalico/calico limit_version 20)
get_checksums calicoctl_binary $calico_versions
get_checksums ciliumcli_binary $(get_versions github_tags cilium/cilium-cli limit_version 10)
get_calico_crds_archive_checksums $calico_versions
get_krew_archive_checksums $(get_versions github_tags kubernetes-sigs/krew limit_version 2)
get_checksums helm_archive $(get_versions github_tags helm/helm)
get_checksums cri_dockerd_archive $(get_versions github_tags Mirantis/cri-dockerd)
get_checksums runc $(get_versions github_tags opencontainers/runc limit_version 5)
get_checksums crun $(get_versions github_tags containers/crun)
get_checksums youki $(get_versions github_tags containers/youki)
get_checksums kata_containers_binary $(get_versions github_tags kata-containers/kata-containers)
gvisor_versions=$(get_versions github_tags google/gvisor gvisor_version_filter)
get_checksums gvisor_runsc_binary $gvisor_versions
get_checksums gvisor_containerd_shim_binary $gvisor_versions
get_checksums nerdctl_archive $(get_versions github_tags containerd/nerdctl)
get_containerd_archive_checksums $(get_versions github_tags containerd/containerd limit_version 30)
get_checksums skopeo_binary $(get_versions github_tags lework/skopeo-binary)
get_checksums yq $(get_versions github_tags mikefarah/yq)