hetzner-k3s 0.5.0 → 0.5.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 21205ebaea746e26fa42437afe5feca2c9fb856861e6eebedd0608b023d0addf
-  data.tar.gz: e67f315b4b96e98fab4fc514e1a01ab88e79b701c83177e0c53863150e508d10
+  metadata.gz: fb01431c858c8a03b54a66d306f7d8d1422ab83eda6b0a9d144a28be93e5d292
+  data.tar.gz: 3f94c6d0cb6f2e9ad88239842bab4e180910762d78b46e12e19a31cad03ab087
 SHA512:
-  metadata.gz: b2bf2e628f2326e63c10ebe076882979913f260a80c8b01b54944ef226341bf5cbe091283b168af566e6eda13ad84ad9742832284b28973ceb96ea87d75c911b
-  data.tar.gz: d5c21906a5eb59772d7613a821bb76a451e95e6f3b4f5b39321c1c431c27de5451c6fc890e37e8622077aab8c54669132227fbfd4622c85cc9838c5bd616c2b1
+  metadata.gz: 50466a99a13a9388c978b26db83256556106b894ab2c7eb4ce6e119152efbbe16d5e89fc03b1353834ee12ffff8a3c465367eb368352a3cf5c4dcdbccc3f2ff9
+  data.tar.gz: a823f8d1c02f0c54a9343d6cc04ae67e2771eeeab890c537f13999be2937a1a5f3345d757ab8c75abfe85fdd168f86bbf76910d3cefa40ff1d35e90661f52a89

data/.rubocop.yml

@@ -0,0 +1,121 @@
+Gemspec/DateAssignment: # new in 1.10
+  Enabled: true
+Gemspec/RequireMFA: # new in 1.23
+  Enabled: true
+Layout/LineEndStringConcatenationIndentation: # new in 1.18
+  Enabled: true
+Layout/SpaceBeforeBrackets: # new in 1.7
+  Enabled: true
+Lint/AmbiguousAssignment: # new in 1.7
+  Enabled: true
+Lint/AmbiguousOperatorPrecedence: # new in 1.21
+  Enabled: true
+Lint/AmbiguousRange: # new in 1.19
+  Enabled: true
+Lint/DeprecatedConstants: # new in 1.8
+  Enabled: true
+Lint/DuplicateBranch: # new in 1.3
+  Enabled: true
+Lint/DuplicateRegexpCharacterClassElement: # new in 1.1
+  Enabled: true
+Lint/EmptyBlock: # new in 1.1
+  Enabled: true
+Lint/EmptyClass: # new in 1.3
+  Enabled: true
+Lint/EmptyInPattern: # new in 1.16
+  Enabled: true
+Lint/IncompatibleIoSelectWithFiberScheduler: # new in 1.21
+  Enabled: true
+Lint/LambdaWithoutLiteralBlock: # new in 1.8
+  Enabled: true
+Lint/NoReturnInBeginEndBlocks: # new in 1.2
+  Enabled: true
+Lint/NumberedParameterAssignment: # new in 1.9
+  Enabled: true
+Lint/OrAssignmentToConstant: # new in 1.9
+  Enabled: true
+Lint/RedundantDirGlobSort: # new in 1.8
+  Enabled: true
+Lint/RequireRelativeSelfPath: # new in 1.22
+  Enabled: true
+Lint/SymbolConversion: # new in 1.9
+  Enabled: true
+Lint/ToEnumArguments: # new in 1.1
+  Enabled: true
+Lint/TripleQuotes: # new in 1.9
+  Enabled: true
+Lint/UnexpectedBlockArity: # new in 1.5
+  Enabled: true
+Lint/UnmodifiedReduceAccumulator: # new in 1.1
+  Enabled: true
+Lint/UselessRuby2Keywords: # new in 1.23
+  Enabled: true
+Naming/BlockForwarding: # new in 1.24
+  Enabled: true
+Security/IoMethods: # new in 1.22
+  Enabled: true
+Style/ArgumentsForwarding: # new in 1.1
+  Enabled: true
+Style/CollectionCompact: # new in 1.2
+  Enabled: true
+Style/DocumentDynamicEvalDefinition: # new in 1.1
+  Enabled: true
+Style/EndlessMethod: # new in 1.8
+  Enabled: true
+Style/FileRead: # new in 1.24
+  Enabled: true
+Style/FileWrite: # new in 1.24
+  Enabled: true
+Style/HashConversion: # new in 1.10
+  Enabled: true
+Style/HashExcept: # new in 1.7
+  Enabled: true
+Style/IfWithBooleanLiteralBranches: # new in 1.9
+  Enabled: true
+Style/InPatternThen: # new in 1.16
+  Enabled: true
+Style/MapToHash: # new in 1.24
+  Enabled: true
+Style/MultilineInPatternThen: # new in 1.16
+  Enabled: true
+Style/NegatedIfElseCondition: # new in 1.2
+  Enabled: true
+Style/NilLambda: # new in 1.3
+  Enabled: true
+Style/NumberedParameters: # new in 1.22
+  Enabled: true
+Style/NumberedParametersLimit: # new in 1.22
+  Enabled: true
+Style/OpenStructUse: # new in 1.23
+  Enabled: true
+Style/QuotedSymbols: # new in 1.16
+  Enabled: true
+Style/RedundantArgument: # new in 1.4
+  Enabled: true
+Style/RedundantSelfAssignmentBranch: # new in 1.19
+  Enabled: true
+Style/SelectByRegexp: # new in 1.22
+  Enabled: true
+Style/StringChars: # new in 1.12
+  Enabled: true
+Style/SwapValues: # new in 1.1
+  Enabled: true
+Style/Documentation:
+  Enabled: false
+Metrics/MethodLength:
+  Enabled: false
+Metrics/AbcSize:
+  Enabled: false
+Metrics/CyclomaticComplexity:
+  Enabled: false
+Metrics/ClassLength:
+  Enabled: false
+Layout/LineLength:
+  Enabled: false
+Metrics/PerceivedComplexity:
+  Enabled: false
+Metrics/ParameterLists:
+  Max: 10
+Style/FrozenStringLiteralComment:
+  Exclude:
+    - exe/hetzner-k3s

data/Dockerfile

@@ -1,7 +1,10 @@
 FROM ruby:3.1.0-alpine
 
 RUN apk update --no-cache \
-  && apk add build-base git openssh-client
+  && apk add build-base git openssh-client curl bash
+
+RUN curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
+  && install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
 
 COPY . .
 

data/Gemfile

@@ -1,7 +1,9 @@
-source "https://rubygems.org"
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
 
 # Specify your gem's dependencies in k3s.gemspec
 gemspec
 
-gem "rake", "~> 12.0"
-gem "rspec", "~> 3.0"
+gem 'rake', '~> 12.0'
+gem 'rspec', '~> 3.0'

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    hetzner-k3s (0.4.8)
+    hetzner-k3s (0.5.4)
       bcrypt_pbkdf
       ed25519
       http
@@ -15,12 +15,13 @@ GEM
   specs:
     addressable (2.8.0)
       public_suffix (>= 2.0.2, < 5.0)
+    ast (2.4.2)
     bcrypt_pbkdf (1.1.0)
     diff-lcs (1.4.4)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    ed25519 (1.2.4)
-    ffi (1.15.4)
+    ed25519 (1.3.0)
+    ffi (1.15.5)
     ffi-compiler (1.0.1)
       ffi (>= 1.0.0)
       rake
@@ -35,8 +36,14 @@ GEM
     http-parser (1.2.3)
       ffi-compiler (>= 1.0, < 2.0)
     net-ssh (6.1.0)
+    parallel (1.21.0)
+    parser (3.1.0.0)
+      ast (~> 2.4.1)
     public_suffix (4.0.6)
+    rainbow (3.1.1)
     rake (12.3.3)
+    regexp_parser (2.2.0)
+    rexml (3.2.5)
     rspec (3.10.0)
       rspec-core (~> 3.10.0)
       rspec-expectations (~> 3.10.0)
@@ -50,12 +57,25 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.10.0)
     rspec-support (3.10.2)
+    rubocop (1.25.1)
+      parallel (~> 1.10)
+      parser (>= 3.1.0.0)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml
+      rubocop-ast (>= 1.15.1, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.15.1)
+      parser (>= 3.0.1.1)
+    ruby-progressbar (1.11.0)
     sshkey (2.0.0)
     subprocess (1.5.5)
     thor (1.2.1)
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.8)
+    unicode-display_width (2.1.0)
 
 PLATFORMS
   ruby
@@ -64,6 +84,7 @@ DEPENDENCIES
   hetzner-k3s!
   rake (~> 12.0)
   rspec (~> 3.0)
+  rubocop
 
 BUNDLED WITH
    2.3.4

data/README.md

@@ -14,6 +14,7 @@ Using this tool, creating a highly available k3s cluster with 3 masters for the
 - installing the [Hetzner CSI Driver](https://github.com/hetznercloud/csi-driver) to provision persistent volumes using Hetzner's block storage
 - installing the [Rancher System Upgrade Controller](https://github.com/rancher/system-upgrade-controller) to make upgrades to a newer version of k3s easy and quick
 
+See roadmap [here](https://github.com/vitobotta/hetzner-k3s/projects/1) for the features planned or in progress.
 
 ## Requirements
 
@@ -25,7 +26,7 @@ All that is needed to use this tool is
 
 ## Installation
 
-Once you have the Ruby runtime up and running (2.7.2 or newer in the 2.7 series is recommended at this stage), you just need to install the gem:
+Once you have the Ruby runtime up and running (3.1.0 or newer), you just need to install the gem:
 
 ```bash
 gem install hetzner-k3s
@@ -38,7 +39,7 @@ This will install the `hetzner-k3s` executable in your PATH.
 Alternatively, if you don't want to set up a Ruby runtime but have Docker installed, you can use a container. Run the following from inside the directory where you have the config file for the cluster (described in the next section):
 
 ```bash
-docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.0 create-cluster --config-file /cluster/test.yaml
+docker run --rm -it -v ${PWD}:/cluster -v ${HOME}/.ssh:/tmp/.ssh vitobotta/hetzner-k3s:v0.5.4 create-cluster --config-file /cluster/test.yaml
 ```
 
 Replace `test.yaml` with the name of your config file.
@@ -72,12 +73,31 @@ worker_node_pools:
   instance_count: 2
 additional_packages:
 - somepackage
-enable_ipsec_encryption: true
+enable_encryption: true
+# kube_api_server_args:
+# - arg1
+# - ...
+# kube_scheduler_args:
+# - arg1
+# - ...
+# kube_controller_manager_args:
+# - arg1
+# - ...
+# kube_cloud_controller_manager_args:
+# - arg1
+# - ...
+# kubelet_args:
+# - arg1
+# - ...
+# kube_proxy_args:
+# - arg1
+# - ...
+
 ```
 
 It should hopefully be self explanatory; you can run `hetzner-k3s releases` to see a list of the available releases from the most recent to the oldest available.
 
-If you are using Docker, then set `kubeconfig_path` to `/cluster/kubeconfig` so that the kubeconfig is created in the same directory where your config file is.
+If you are using Docker, then set `kubeconfig_path` to `/cluster/kubeconfig` so that the kubeconfig is created in the same directory where your config file is. Also set the config file path to `/cluster/<filename>`.
 
 If you don't want to specify the Hetzner token in the config file (for example if you want to use the tool with CI), then you can use the `HCLOUD_TOKEN` environment variable instead, which has predecence.
 
@@ -255,92 +275,6 @@ Once the cluster is ready you can create persistent volumes out of the box with
 I recommend that you create a separate Hetzner project for each cluster, because otherwise multiple clusters will attempt to create overlapping routes. I will make the pod cidr configurable in the future to avoid this, but I still recommend keeping clusters separated from each other. This way, if you want to delete a cluster with all the resources created for it, you can just delete the project.
 
 
-## changelog
-
-- 0.5.0
-  - Allow installing additional packages when creating the servers
-  - Allow enabling ipsec encryption
-
-- 0.4.9
-  - Ensure the program always exits with exit code 1 if the config file fails validation
-  - Upgrade System Upgrade Controller to 0.8.1
-  - Remove dependency on unmaintained gem k8s-ruby
-  - Make the gem compatible with Ruby 3.1.0
-
-- 0.4.8
-  - Increase timeout with API requests to 30 seconds
-  - Limit number of retries for API requests to 3
-  - Ensure all version tags are listed for k3s (thanks @janosmiko)
-
-- 0.4.7
-  - Made it possible to specify a custom image/snapshot for the servers
-
-- 0.4.6
-  - Added a check to abort gracefully when for some reason one or more servers are not created, for example due to temporary problems with the Hetzner API.
-
-- 0.4.5
-  - Fix network creation (bug introduced in the previous version)
-
-- 0.4.4
-  - Add support for the new Ashburn, Virginia (USA) location
-  - Automatically use a placement group so that the instances are all created on different physical hosts for high availability
-
-- 0.4.3
-  - Fix an issue with SSH key creation
-
-- 0.4.2
-  - Update Hetzner CSI driver to v1.6.0
-  - Update System Upgrade Controller to v0.8.0
-
-- 0.4.1
-  - Allow to optionally specify the path of the private SSH key
-  - Set correct permissions for the kubeconfig file
-  - Retry fetching manifests a few times to allow for temporary network issues
-  - Allow to optionally schedule workloads on masters
-  - Allow clusters with no worker node pools if scheduling is enabled for the masters
-
-- 0.4.0
-  - Ensure the masters are removed from the API load balancer before deleting the load balancer
-  - Ensure the servers are removed from the firewall before deleting it
-  - Allow using an environment variable to specify the Hetzner token
-  - Allow restricting SSH access to the nodes to specific networks
-  - Do not open the port 6443 on the nodes if a load balancer is created for an HA cluster
-
-- 0.3.9
-  - Add command "version" to print the version of the tool in use
-
-- 0.3.8
-  - Fix: added a check on a label to ensure that only servers that belong to the cluster are deleted from the project
-
-- 0.3.7
-  - Ensure that the cluster name only contains lowercase letters, digits and dashes for compatibility with the cloud controller manager
-
-- 0.3.6
-  - Retry SSH commands when IO errors occur
-
-- 0.3.5
-  - Add descriptions for firewall rules
-
-- 0.3.4
-  - Added Docker support
-
-- 0.3.3
-  - Add some gems required on Linux
-
-- 0.3.2
-  - Configure DNS to use Cloudflare's resolver instead of Hetzner's, since Hetzner's resolvers are not always reliable
-
-- 0.3.1
-  - Allow enabling/disabling the host key verification
-
-- 0.3.0
-  - Handle case when an SSH key with the given fingerprint already exists in the Hetzner project
-  - Handle a timeout of 5 seconds for requests to the Hetzner API
-  - Retry waiting for server to be up when timeouts/host-unreachable errors occur
-  - Ignore known_hosts entry to prevent errors when recreating servers with IPs that have been used previously
-
-- 0.2.0
-  - Allow mixing servers of different series Intel/AMD
 ## Contributing and support
 
 Please create a PR if you want to propose any changes, or open an issue if you are having trouble with the tool - I will do my best to help if I can.

data/Rakefile

@@ -1,6 +1,8 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/bin/build.sh

@@ -6,9 +6,9 @@ set -e
 
 IMAGE="vitobotta/hetzner-k3s"
 
-docker build -t ${IMAGE}:v0.5.0 \
+docker build -t ${IMAGE}:v0.5.4 \
   --platform=linux/amd64 \
-  --cache-from ${IMAGE}:v0.4.9 \
+  --cache-from ${IMAGE}:v0.5.3 \
   --build-arg BUILDKIT_INLINE_CACHE=1 .
 
-docker push vitobotta/hetzner-k3s:v0.5.0
+docker push vitobotta/hetzner-k3s:v0.5.4

data/bin/{console → console.sh}

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
 
-require "bundler/setup"
-require "k3s"
+require 'bundler/setup'
+require 'k3s'
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -10,5 +10,5 @@ require "k3s"
 # require "pry"
 # Pry.start
 
-require "irb"
+require 'irb'
 IRB.start(__FILE__)

data/hetzner-k3s.gemspec

@@ -1,37 +1,41 @@
+# frozen_string_literal: true
+
 require_relative 'lib/hetzner/k3s/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "hetzner-k3s"
+  spec.name          = 'hetzner-k3s'
   spec.version       = Hetzner::K3s::VERSION
-  spec.authors       = ["Vito Botta"]
-  spec.email         = ["vito@botta.me"]
+  spec.authors       = ['Vito Botta']
+  spec.email         = ['vito@botta.me']
 
-  spec.summary       = %q{A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using k3s.}
-  spec.description   = %q{A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using k3s.}
-  spec.homepage      = "https://github.com/vitobotta/hetzner-k3s"
-  spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.3.0")
+  spec.summary       = 'A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using k3s.'
+  spec.description   = 'A CLI to create a Kubernetes cluster in Hetzner Cloud very quickly using k3s.'
+  spec.homepage      = 'https://github.com/vitobotta/hetzner-k3s'
+  spec.license       = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 3.1.0')
 
   # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://github.com/vitobotta/hetzner-k3s"
-  spec.metadata["changelog_uri"] = "https://github.com/vitobotta/hetzner-k3s"
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/vitobotta/hetzner-k3s'
+  spec.metadata['changelog_uri'] = 'https://github.com/vitobotta/hetzner-k3s'
 
-  spec.add_dependency "thor"
-  spec.add_dependency "http"
-  spec.add_dependency "net-ssh"
-  spec.add_dependency "sshkey"
-  spec.add_dependency "ed25519"
-  spec.add_dependency "bcrypt_pbkdf"
-  spec.add_dependency "subprocess"
+  spec.add_dependency 'bcrypt_pbkdf'
+  spec.add_dependency 'ed25519'
+  spec.add_dependency 'http'
+  spec.add_dependency 'net-ssh'
+  spec.add_dependency 'sshkey'
+  spec.add_dependency 'subprocess'
+  spec.add_dependency 'thor'
+  spec.add_development_dependency 'rubocop'
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "exe"
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
+  spec.metadata['rubygems_mfa_required'] = 'true'
 end

data/lib/hetzner/infra/client.rb

@@ -1,6 +1,8 @@
+# frozen_string_literal: true
+
 module Hetzner
   class Client
-    BASE_URI = "https://api.hetzner.cloud/v1"
+    BASE_URI = 'https://api.hetzner.cloud/v1'
 
     attr_reader :token
 
@@ -22,27 +24,27 @@ module Hetzner
 
     def delete(path, id)
       make_request do
-        HTTP.headers(headers).delete(BASE_URI + path + "/" + id.to_s)
+        HTTP.headers(headers).delete("#{BASE_URI}#{path}/#{id}")
       end
     end
 
     private
 
-      def headers
-        {
-          "Authorization": "Bearer #{@token}",
-          "Content-Type": "application/json"
-        }
-      end
+    def headers
+      {
+        Authorization: "Bearer #{@token}",
+        'Content-Type': 'application/json'
+      }
+    end
 
-      def make_request &block
-        retries ||= 0
+    def make_request(&block)
+      retries ||= 0
 
-        Timeout::timeout(30) do
-          block.call
-        end
-      rescue Timeout::Error
-        retry if (retries += 1) < 3
+      Timeout.timeout(30) do
+        block.call
       end
+    rescue Timeout::Error
+      retry if (retries += 1) < 3
+    end
   end
 end