Initial implementation of hypervisor #10

.rubocop.yml

@@ -1,4 +1,7 @@
 ---
+require:
+  - rubocop-rake
+  - rubocop-rspec
 AllCops:
   TargetRubyVersion: 2.7
   NewCops: enable
@@ -11,3 +14,9 @@ Style/TrailingCommaInArrayLiteral:
 
 Layout/LineLength:
   Max: 150
+
+Metrics/AbcSize:
+  Enabled: false
+
+Metrics/MethodLength:
+  Enabled: false

Gemfile

@@ -4,6 +4,12 @@ source ENV['GEM_SOURCE'] || 'https://rubygems.org'
 
 gemspec
 
+gem 'rake'
+gem 'rspec'
+gem 'rubocop', '~> 1.25'
+gem 'rubocop-rake', '~> 0.6'
+gem 'rubocop-rspec', '~> 2.9'
+
 group :coverage, optional: ENV['COVERAGE'] != 'yes' do
   gem 'codecov', require: false
   gem 'simplecov-console', require: false

README.md

@@ -7,3 +7,46 @@
 [![RubyGem Downloads](https://img.shields.io/gem/dt/beaker-hcloud.svg)](https://rubygems.org/gems/beaker-hcloud)
 
 A [beaker](https://github.com/voxpupuli/beaker) extension for provision Hetzner Cloud instances.
+
+## Installation
+
+Include this gem alongside Beaker in your Gemfile or project.gemspec. E.g.
+
+```ruby
+# Gemfile
+gem 'beaker', '~>4.0'
+gem 'beaker-hcloud'
+# project.gemspec
+s.add_runtime_dependency 'beaker', '~>4.0'
+s.add_runtime_dependency 'beaker-hcloud'
+```
+
+## Authentication
+
+You need to create an API token using Hetzner's cloud console. Make
+sure to create the token in the correct project.
+
+`beaker-hcloud` expects the token to be in the `BEAKER_HCLOUD_TOKEN`
+environment variable.
+
+## Configuration
+
+Some options can be set to influence how and where server instances
+are being created:
+
+
+| configuration option | required | default | description |
+| -------------------- | -------- | ------- | ----------- |
+| `image`              | true     |         | The name of one of Hetzner's provided images, e.g. `ubuntu-20.04`, or a custom one, i.e. a snapshot in your account. |
+| `server_type`       | false    | `cx11`  | Hetzner cloud server type |
+| `location`           | false    | `nbg1`  | One of Hetzner's datacenter locations |
+
+# Cleanup
+
+In cases where the beaker process is killed before finishing, it may leave resources in Hetzner cloud. These will need to be manually deleted.
+
+Look for servers in your project named exactly as the ones in your beaker host configuration and SSH keys with names beginning with `Beaker-`.
+
+# Contributing
+
+Please refer to voxpupuli/beaker's [contributing](https://github.com/voxpupuli/beaker/blob/master/CONTRIBUTING.md) guide.

beaker-hcloud.gemspec

@@ -16,11 +16,9 @@ Gem::Specification.new do |s|
 
   s.required_ruby_version = '>= 2.7'
 
-  s.add_development_dependency 'rake'
-  s.add_development_dependency 'rspec'
-  s.add_development_dependency 'rubocop', '~> 1.25'
-  s.add_development_dependency 'rubocop-rake', '~> 0.6'
-  s.add_development_dependency 'rubocop-rspec', '~> 2.9'
+  s.add_runtime_dependency 'bcrypt_pbkdf', '~> 1.0'
   s.add_runtime_dependency 'beaker', '~> 4.38'
+  s.add_runtime_dependency 'ed25519', '~> 1.2'
   s.add_runtime_dependency 'hcloud', '>= 1.0.3', '< 2.0.0'
+  s.add_runtime_dependency 'ssh_data', '~> 1.3'
 end

lib/beaker-hcloud/ssh_data_patches.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'ed25519'
+require 'ssh_data'
+
+# Patches for the 'ssh_data' gem to allow serialization of
+# ed25519 private keys in OpenSSH format.
+module BeakerHcloud
+  module SSHDataPatches
+    # Add encoding methods for OpenSSH's PEM-like format to
+    # store private keys.
+    module EncodingPatch
+      def encode_pem(data, type)
+        encoded_data = Base64.strict_encode64(data)
+                             .scan(/.{1,70}/m)
+                             .join("\n")
+                             .chomp
+        <<~PEM
+          -----BEGIN #{type}-----
+          #{encoded_data}
+          -----END #{type}-----
+        PEM
+      end
+
+      def encode_openssh_private_key(private_key, comment = '')
+        public_key = private_key.public_key
+        private_key_data = [
+          (SecureRandom.random_bytes(4) * 2),
+          public_key.rfc4253,
+          encode_string(private_key.ed25519_key.seed + public_key.ed25519_key.to_str),
+          encode_string(comment),
+        ].join
+        unpadded = private_key_data.bytesize % 8
+        private_key_data << Array(1..(8 - unpadded)).pack('c*') unless unpadded.zero?
+        [
+          ::SSHData::Encoding::OPENSSH_PRIVATE_KEY_MAGIC,
+          encode_string('none'),
+          encode_string('none'),
+          encode_string(''),
+          encode_uint32(1),
+          encode_string(public_key.rfc4253),
+          encode_string(private_key_data),
+        ].join
+      end
+    end
+
+    # Add method to emit OpenSSH-encoded string
+    module Ed25519PrivateKeyPatch
+      def openssh(comment: '')
+        encoded_key = ::SSHData::Encoding.encode_openssh_private_key(
+          self,
+          comment
+        )
+        ::SSHData::Encoding.encode_pem(
+          encoded_key,
+          'OPENSSH PRIVATE KEY'
+        )
+      end
+    end
+  end
+end
+
+if defined?(SSHData)
+  SSHData::Encoding.extend BeakerHcloud::SSHDataPatches::EncodingPatch
+  SSHData::PrivateKey::ED25519.prepend BeakerHcloud::SSHDataPatches::Ed25519PrivateKeyPatch
+end

lib/beaker/hypervisor/hcloud.rb

@@ -1,33 +1,95 @@
 # frozen_string_literal: true
 
+require 'hcloud'
+require 'ed25519'
+require 'bcrypt_pbkdf'
+
+require_relative '../../beaker-hcloud/ssh_data_patches'
+
 module Beaker
-  # beaker extenstion to manage cloud instances from https://www.hetzner.com/cloud
+  # beaker extension to manage cloud instances from https://www.hetzner.com/cloud
   class Hcloud < Beaker::Hypervisor
     # @param [Host, Array<Host>, String, Symbol] hosts One or more hosts to act upon, or a role (String or Symbol) that identifies one or more hosts.
     # @param [Hash{Symbol=>String}] options Options to pass on to the hypervisor
     def initialize(hosts, options) # rubocop:disable Lint/MissingSuper
-      require 'hcloud'
       @options = options
       @logger = options[:logger] || Beaker::Logger.new
       @hosts = hosts
 
-      raise 'You need to pass a token as HCLOUD_TOKEN environment variable' unless ENV['HCLOUD_TOKEN']
+      raise 'You need to pass a token as BEAKER_HCLOUD_TOKEN environment variable' unless ENV['BEAKER_HCLOUD_TOKEN']
 
-      @client = Hcloud::Client.new(token: ENV.fetch('HCLOUD_TOKEN'))
+      @client = ::Hcloud::Client.new(token: ENV.fetch('BEAKER_HCLOUD_TOKEN'))
     end
 
     def provision
-      @logger.notify 'Provisioning docker'
+      @logger.notify 'Provisioning hcloud'
+      create_ssh_key
       @hosts.each do |host|
-        @logger.notify "provisioning #{host.name}"
+        create_server(host)
       end
+      @logger.notify 'Done provisioning hcloud'
     end
 
     def cleanup
-      @logger.notify 'Cleaning up docker'
+      @logger.notify 'Cleaning up hcloud'
       @hosts.each do |host|
-        # @logger.debug("stop VM #{container.id}")
+        @logger.debug("Deleting hcloud server #{host.name}")
+        @client.servers.find(host[:hcloud_id]).destroy
+      end
+      @logger.notify 'Deleting hcloud SSH key'
+      @client.ssh_keys.find(@options[:ssh][:hcloud_id]).destroy
+      File.unlink(@key_file.path)
+      @logger.notify 'Done cleaning up hcloud'
+    end
+
+    private
+
+    def ssh_key_name
+      safe_hostname = Socket.gethostname.gsub('.', '-')
+      [
+        'Beaker',
+        ENV.fetch('USER', nil),
+        safe_hostname,
+        @options[:aws_keyname_modifier],
+        @options[:timestamp].strftime('%F_%H_%M_%S_%N'),
+      ].join('-')
+    end
+
+    def create_ssh_key
+      @logger.notify 'Generating SSH keypair'
+      ssh_key = SSHData::PrivateKey::ED25519.generate
+      @key_file = Tempfile.create(ssh_key_name)
+      File.write(@key_file.path, ssh_key.openssh(comment: ssh_key_name))
+      @logger.notify 'Creating hcloud SSH key'
+      hcloud_ssh_key = @client.ssh_keys.create(
+        name: ssh_key_name,
+        public_key: ssh_key.public_key.openssh(comment: ssh_key_name)
+      )
+      @options[:ssh][:hcloud_id] = hcloud_ssh_key.id
+      hcloud_ssh_key
+    end
+
+    def create_server(host)
+      @logger.notify "provisioning #{host.name}"
+      location = host[:location] || 'nbg1'
+      server_type = host[:server_type] || 'cx11'
+      action, server = @client.servers.create(
+        name: host.hostname,
+        location: location,
+        server_type: server_type,
+        image: host[:image],
+        ssh_keys: [ssh_key_name]
+      )
+      while action.status == 'running'
+        sleep 5
+        action = @client.actions.find(action.id)
+        server = @client.servers.find(server.id)
       end
+      host[:ip] = server.public_net['ipv4']['ip']
+      host[:vmhostname] = server.public_net['ipv4']['dns_ptr']
+      host[:hcloud_id] = server.id
+      host.options[:ssh][:keys] = [@key_file.path]
+      server
     end
   end
 end