From eb567fafd56a2a721208fe0fa2f41e86d3872529 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joakim=20Kolsj=C3=B6?= Date: Mon, 2 Dec 2024 12:56:57 +0100 Subject: [PATCH] Move cloud init into the API Co-authored-by: Peter Wall <47324121+p-wall@users.noreply.github.com> --- app/controllers/api/cloud_inits_controller.rb | 43 +++++++++++++++++++ config/routes.rb | 1 + public/cloud-init.yaml | 28 ------------ spec/requests/api/cloud_inits_spec.rb | 21 +++++++++ 4 files changed, 65 insertions(+), 28 deletions(-) create mode 100644 app/controllers/api/cloud_inits_controller.rb delete mode 100644 public/cloud-init.yaml create mode 100644 spec/requests/api/cloud_inits_spec.rb diff --git a/app/controllers/api/cloud_inits_controller.rb b/app/controllers/api/cloud_inits_controller.rb new file mode 100644 index 00000000..99dbddbf --- /dev/null +++ b/app/controllers/api/cloud_inits_controller.rb @@ -0,0 +1,43 @@ +class Api::CloudInitsController < ApiController + # This bootstraps github actions runners. + def show + data = + { + users: [ + { + name: "username", + plain_text_passwd: "password", + lock_passwd: false, + chpasswd: { expire: false }, + sudo: "ALL=(ALL) NOPASSWD:ALL", + shell: "/bin/bash" + } + ], + disable_root: true, + ssh_pwauth: false, + ssh_deletekeys: true, + packages: [ "curl" ], + package_update: true, + package_upgrade: true, + write_files: [ + { + path: "/etc/motd", + content: "Hello there." + } + ], + runcmd: [ + "systemctl stop sshd", + "systemctl disable sshd", + "curl https://maintenance.auctionet.dev/it-ran", + "reboot" + ] + } + + yaml = "#cloud-config\n" + + data + .deep_stringify_keys + .to_yaml.sub("---", "") + + render plain: yaml, content_type: "text/cloud-config" + end +end diff --git a/config/routes.rb b/config/routes.rb index a957d0e7..016d0e4b 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,6 +6,7 @@ namespace :api do resource :build_status, only: :create resource :github_actions_webhook, only: :create + resource :cloud_init, only: :show delete "projects/:name" => "projects#destroy" resource :build, only: [] do diff --git a/public/cloud-init.yaml b/public/cloud-init.yaml deleted file mode 100644 index 75a1f01b..00000000 --- a/public/cloud-init.yaml +++ /dev/null @@ -1,28 +0,0 @@ -#cloud-config -users: - - name: username - plain_text_passwd: password - lock_passwd: false - chpasswd: { expire: false } - sudo: ALL=(ALL) NOPASSWD:ALL - shell: /bin/bash - -disable_root: true - -ssh_pwauth: false -ssh_deletekeys: true - -packages: - - curl -package_update: true -package_upgrade: true - -write_files: - - path: /etc/motd - content: | - Hello there. -runcmd: - - systemctl stop sshd - - systemctl disable sshd - - curl https://maintenance.auctionet.dev/it-ran - - reboot diff --git a/spec/requests/api/cloud_inits_spec.rb b/spec/requests/api/cloud_inits_spec.rb new file mode 100644 index 00000000..2558eedc --- /dev/null +++ b/spec/requests/api/cloud_inits_spec.rb @@ -0,0 +1,21 @@ +require "spec_helper" + +RSpec.describe "GET /api/cloud_init", type: :request do + it "gets a cloud init config if you have the right api token" do + allow(App).to receive(:api_token).and_return("secret") + + get "/api/cloud_init?token=secret" + + expect(response).to be_successful + expect(response.body).to include("#cloud-config") + end + + it "fails when the api token is wrong" do + allow(App).to receive(:api_token).and_return("secret") + + get "/api/cloud_init?token=wrong" + + expect(response).not_to be_successful + expect(response.body).not_to include("#cloud-config") + end +end