Use Orb Development Kit structure

This takes the existing sources (with only minor formatting modifications)
and transforms it into the structure proposed by the [CircleCI Orb Template](https://github.com/CircleCI-Public/Orb-Template)
v1.0.3.

This enables automated linting and testing, cf. https://circleci.com/docs/testing-orbs.

FIXME: Needs a `circleci-orb-registry` context for publishing to the CircleCI Orb Registry!

.circleci/config.yml

@@ -0,0 +1,34 @@
+version: 2.1
+setup: true
+orbs:
+  orb-tools: circleci/[email protected]
+  shellcheck: circleci/[email protected]
+
+filters: &filters
+  tags:
+    only: /.*/
+
+workflows:
+  lint-pack:
+    jobs:
+      - orb-tools/lint:
+          filters: *filters
+      - orb-tools/pack:
+          filters: *filters
+      - orb-tools/review:
+          filters: *filters
+      - shellcheck/check:
+          filters: *filters
+      - orb-tools/publish:
+          orb-name: threecomma/circleci-tailscale
+          vcs-type: << pipeline.project.type >>
+          requires:
+            [orb-tools/lint, orb-tools/review, orb-tools/pack, shellcheck/check]
+          context: circleci-orb-registry
+          filters: *filters
+      # Triggers the next workflow in the Orb Development Kit.
+      - orb-tools/continue:
+          pipeline-number: << pipeline.number >>
+          vcs-type: << pipeline.project.type >>
+          requires: [orb-tools/publish]
+          filters: *filters

.circleci/test-deploy.yml

@@ -0,0 +1,41 @@
+version: 2.1
+orbs:
+  circleci-tailscale: threecomma/circleci-tailscale@dev:<<pipeline.git.revision>>
+  orb-tools: circleci/[email protected]
+
+filters: &filters
+  tags:
+    only: /.*/
+
+jobs:
+  command-tests:
+    docker:
+      - image: cimg/base:current
+    steps:
+      - circleci-tailscale/download
+      - run:
+          name: verify install
+          command: |
+            command -v tailscale
+            command -v tailscaled
+workflows:
+  test-deploy:
+    jobs:
+      # Make sure to include "filters: *filters" in every test job you want to run as part of your deployment.
+      - command-tests:
+          filters: *filters
+      - orb-tools/pack:
+          filters: *filters
+      - orb-tools/publish:
+          orb-name: threecomma/circleci-tailscale
+          vcs-type: << pipeline.project.type >>
+          pub-type: production
+          requires:
+            - orb-tools/pack
+            - command-tests
+          context: circleci-orb-registry
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              only: /^v[0-9]+\.[0-9]+\.[0-9]+$/

src/@orb.yml

@@ -0,0 +1,7 @@
+version: 2.1
+description: >
+  CircleCI Orb for connecting to [Tailscale VPN](https://tailscale.com/).
+
+display:
+  home_url: "https://github.com/threecommaio/circleci-tailscale"
+  source_url: "https://github.com/threecommaio/circleci-tailscale"

src/commands/connect.yml

@@ -0,0 +1,32 @@
+description: Connect tailscale
+parameters:
+  tailscale-auth-key:
+    type: env_var_name
+    description: Your Tailscale authentication key, from the admin panel.
+    default: TAILSCALE_AUTH_KEY
+  tailscale-proxy-address:
+    type: string
+    description: Proxy address where tailscale should listen.
+    default: localhost
+  tailscale-version:
+    type: string
+    description: Tailscale version to use.
+    default: "1.24.2"
+steps:
+  - run:
+      name: "Download tailscale if not installed"
+      environment:
+        VERSION: "<<parameters.tailscale-version>>"
+      command: <<include(scripts/download.sh)>>
+  - run:
+      name: "Run tailscale"
+      background: true
+      environment:
+        PROXY: "<<parameters.tailscale-proxy-address>>"
+      command: <<include(scripts/run.sh)>>
+  - run:
+      name: "Auth tailscale"
+      environment:
+        TAILSCALE_AUTH_KEY: "<<parameters.tailscale-auth-key>>"
+        PROXY: "<<parameters.tailscale-proxy-address>>"
+      command: <<include(scripts/auth.sh)>>

src/examples/example.yml

@@ -0,0 +1,22 @@
+description: >
+  1. Set the `TAILSCALE_AUTH_KEY` via your CircleCI project settings or
+     create a context containing it.
+  2. In the job that needs a tailscale VPN connection, run the
+     `circleci-tailscale/connect` step.
+     - Make sure that job uses the context with `TAILSCALE_AUTH_KEY`,
+       if you use contexts instead of project settings.
+usage:
+  version: 2.1
+  orbs:
+    circleci-tailscale: threecomma/[email protected]
+  jobs:
+    job-with-tailscale:
+      docker:
+        - image: cimg/base
+      steps:
+        - circleci-tailscale/connect
+  workflows:
+    workflow-with-tailscale:
+      jobs:
+        - job-with-tailscale:
+            context: <context-with-TAILSCALE_AUTH_KEY>

src/scripts/auth.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+
+until tailscale \
+	--socket=/tmp/tailscaled.sock \
+	up \
+	--authkey="${TAILSCALE_AUTH_KEY}" \
+	--hostname="circleci-$(hostname)" \
+	--accept-routes
+do
+	sleep 1
+done
+
+cat <<- EOF >> "${BASH_ENV}"
+	export ALL_PROXY=socks5h://${PROXY}:1055/
+	export HTTP_PROXY=http://${PROXY}:1054/
+	export HTTPS_PROXY=http://${PROXY}:1054/
+	export http_proxy=http://${PROXY}:1054/
+	export https_proxy=http://${PROXY}:1054/
+EOF

src/scripts/download.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+if ! command -v tailscale --version > /dev/null 2>&1
+then
+	echo "Tailscale is not installed, installing..."
+	MINOR=$(echo "${VERSION}" | awk -F '.' '{print $2}')
+
+	if [ $((MINOR % 2)) -eq 0 ]
+	then
+		URL="https://pkgs.tailscale.com/stable/tailscale_${VERSION}_amd64.tgz"
+	else
+		URL="https://pkgs.tailscale.com/unstable/tailscale_${VERSION}_amd64.tgz"
+	fi
+
+	curl "${URL}" -o tailscale.tgz
+	tar -C "${HOME}" -xzf tailscale.tgz
+	rm tailscale.tgz
+
+	TSPATH="${HOME}/tailscale_${VERSION}_amd64"
+	sudo mv "${TSPATH}/tailscale" "${TSPATH}/tailscaled" /usr/bin
+else
+	echo "Tailscale is already installed"
+fi

src/scripts/run.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+exec tailscaled \
+	--tun=userspace-networking \
+	--outbound-http-proxy-listen="${PROXY}":1054 \
+	--socks5-server="${PROXY}":1055 \
+	--socket=/tmp/tailscaled.sock \
+	2> ~/tailscaled.log

src/tests/download.bats

@@ -0,0 +1,10 @@
+#!/usr/bin/env bats
+
+@test "downloads and installs tailscale" {
+	env \
+		VERSION=1.24.2 \
+		./src/scripts/download.sh
+
+	test -x /usr/bin/tailscale
+	test -x /usr/bin/tailscaled
+}