Add Hetzner driver

Closes #1791.

Signed-off-by: Luke Murphy <lukewm@riseup.net>

doc/source/configuration.rst

@@ -96,6 +96,14 @@ GCE
 .. autoclass:: molecule.driver.gce.GCE()
    :undoc-members:
 
+.. _hetzner-driver:
+
+Hetzner
+^^^^^^^
+
+.. autoclass:: molecule.driver.gce.Hetzner()
+   :undoc-members:
+
 .. _linode-driver:
 
 Linode

molecule/config.py

@@ -166,6 +166,8 @@ def driver(self):
             driver = ec2.EC2(self)
         elif driver_name == 'gce':
             driver = gce.GCE(self)
+        elif driver_name == 'hetzner':
+            driver = gce.Hetzner(self)
         elif driver_name == 'linode':
             driver = linode.Linode(self)
         elif driver_name == 'lxc':
@@ -494,6 +496,7 @@ def molecule_drivers():
         docker.Docker(None).name,
         ec2.EC2(None).name,
         gce.GCE(None).name,
+        hetzner.Hetzner(None).name,
         linode.Linode(None).name,
         lxc.LXC(None).name,
         lxd.LXD(None).name,

molecule/cookiecutter/molecule/{{cookiecutter.role_name}}/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/molecule.yml

@@ -25,6 +25,10 @@ platforms:
     zone: us-west1-a
     machine_type: f1-micro
     image: debian-8
+{%- elif cookiecutter.driver_name == 'hetzner' %}
+  - name: instance
+    server_type: cx11
+    image: debian-9
 {%- elif cookiecutter.driver_name == 'lxc' %}
   - name: instance
 {%- elif cookiecutter.driver_name == 'linode' %}

molecule/cookiecutter/scenario/driver/hetzner/cookiecutter.json

@@ -0,0 +1,5 @@
+{
+    "molecule_directory": "molecule",
+    "role_name": "OVERRIDEN",
+    "scenario_name": "OVERRIDEN"
+}

molecule/cookiecutter/scenario/driver/hetzner/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/INSTALL.rst

@@ -0,0 +1,22 @@
+*********************************
+Hetzner driver installation guide
+*********************************
+
+Requirements
+============
+
+* ``HCLOUD_TOKEN`` exposed in your environment
+
+Install
+=======
+
+Please refer to the `Virtual environment`_ documentation for installation best
+practices. If not using a virtual environment, please consider passing the
+widely recommended `'--user' flag`_ when invoking ``pip``.
+
+.. _Virtual environment: https://virtualenv.pypa.io/en/latest/
+.. _'--user' flag: https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site
+
+.. code-block:: bash
+
+    $ pip install 'molecule[hetzner]'

molecule/cookiecutter/scenario/driver/hetzner/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/create.yml

@@ -0,0 +1,79 @@
+---
+{% raw -%}
+- name: Create
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: "{{ not (lookup('env', 'MOLECULE_DEBUG') | bool or molecule_yml.provisioner.log|default(false) | bool) }}"
+  vars:
+    ssh_port: 22
+    ssh_user: "{{ lookup('env', 'USER') }}"
+    ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
+  tasks:
+    - name: Create SSH key
+      user:
+        name: "{{ lookup('env', 'USER') }}"
+        generate_ssh_key: true
+        ssh_key_file: "{{ ssh_path }}"
+      register: generated_ssh_key
+
+    - name: Create molecule instance(s)
+      hcloud_server:
+        name: "{{ item.name }}"
+        server_type: "{{ item.server_type }}"
+        ssh_keys:
+          - "{{ generated_ssh_key.ssh_public_key }}"
+        volumes: "{{ item.volumes | default(omit) }}"
+        image: "{{ item.image }}"
+        location: "{{ item.location | default(omit) }}"
+        datacenter: "{{ item.datacenter | default(omit) }}"
+        user_data: "{{ item.user_data | default(omit) }}"
+        api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}"
+        state: present
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) creation to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: hetzner_jobs
+      until: hetzner_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"
+
+    # Mandatory configuration for Molecule to function.
+
+    - name: Populate instance config dict
+      set_fact:
+        instance_conf_dict: {
+          'instance': "{{ item.name }}",
+          'ssh_pass': "{{ item.root_password }}",
+          'address': "{{ item.public_net.ipv4.ip }}",
+          'user': "{{ ssh_user }}",
+          'port': "{{ ssh_port }}",
+          'identity_file': "{{ ssh_path }}", }
+      with_items: "{{ hetzner_jobs.results }}"
+      register: instance_config_dict
+      when: server.changed | bool
+
+    - name: Convert instance config dict to a list
+      set_fact:
+        instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
+      when: server.changed | bool
+
+    - name: Dump instance config
+      copy:
+        content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
+        dest: "{{ molecule_instance_config }}"
+      when: server.changed | bool
+
+    - name: Wait for SSH
+      wait_for:
+        port: "{{ ssh_port }}"
+        host: "{{ item.address }}"
+        search_regex: SSH
+        delay: 10
+      with_items: "{{ lookup('file', molecule_instance_config) | molecule_from_yaml }}"
+{%- endraw %}

molecule/cookiecutter/scenario/driver/hetzner/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/destroy.yml

@@ -0,0 +1,49 @@
+---
+{% raw -%}
+- name: Destroy
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: "{{ not (lookup('env', 'MOLECULE_DEBUG') | bool or molecule_yml.provisioner.log|default(false) | bool) }}"
+  tasks:
+    - block:
+        - name: Populate instance config
+          set_fact:
+            instance_conf: "{{ lookup('file', molecule_instance_config) | molecule_from_yaml }}"
+            skip_instances: false
+      rescue:
+        - name: Populate instance config when file missing
+          set_fact:
+            instance_conf: {}
+            skip_instances: true
+
+    - name: Destroy molecule instance(s)
+      hcloud_server:
+        name: "{{ item.name }}"
+        state: absent
+      register: server
+      with_items: "{{ instance_conf }}"
+      when: not skip_instances
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) deletion to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: hetzner_jobs
+      until: hetzner_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"
+
+    # Mandatory configuration for Molecule to function.
+
+    - name: Populate instance config
+      set_fact:
+        instance_conf: {}
+
+    - name: Dump instance config
+      copy:
+        content: "{{ instance_conf | molecule_to_yaml | molecule_header }}"
+        dest: "{{ molecule_instance_config }}"
+      when: server.changed | bool
+{%- endraw %}

molecule/cookiecutter/scenario/driver/hetzner/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/playbook.yml

@@ -0,0 +1,5 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: {{ cookiecutter.role_name }}

molecule/cookiecutter/scenario/driver/hetzner/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/prepare.yml

@@ -0,0 +1,11 @@
+---
+{% raw -%}
+- name: Prepare
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Install python for Ansible
+      raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal python-zipstream)
+      become: true
+      changed_when: false
+{%- endraw %}

molecule/driver/hetzner.py

@@ -0,0 +1,147 @@
+#  Copyright (c) 2018-2019 Red Hat, Inc.
+#
+#  Permission is hereby granted, free of charge, to any person obtaining a copy
+#  of this software and associated documentation files (the "Software"), to
+#  deal in the Software without restriction, including without limitation the
+#  rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+#  sell copies of the Software, and to permit persons to whom the Software is
+#  furnished to do so, subject to the following conditions:
+#
+#  The above copyright notice and this permission notice shall be included in
+#  all copies or substantial portions of the Software.
+#
+#  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+#  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+#  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+#  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+#  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+#  FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+#  DEALINGS IN THE SOFTWARE.
+
+from molecule import logger, util
+from molecule.driver import base
+
+log = logger.get_logger(__name__)
+
+
+class Hetzner(base.Base):
+    """
+    The class responsible for managing `Hetzner`_ instances. `Hetzner`_ is
+    **not** the default driver used in Molecule.
+
+    Molecule leverages Ansible's `hcloud_server module`_, by mapping variables
+    from ``molecule.yml`` into ``create.yml`` and ``destroy.yml``.
+
+    .. important::
+
+        The ``hcloud_server`` module is available in the Ansible release 2.8.
+        Until that release happens, you must use the Ansible development branch
+        to get access to the module. Please see the Ansible `pip installation`_
+        documentation for further information.
+
+    .. _`hcloud_server module`: https://docs.ansible.com/ansible/devel/modules/hcloud_server_module.html#hcloud-server-module
+    .. _`pip installation`: https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#latest-releases-via-pip
+    .. _`Hetzner`: https://www.hetzner.com/
+
+    .. code-block:: yaml
+
+        driver:
+          name: hetzner
+        platforms:
+          - name: instance
+            server_type: cx11
+            image: debian-9
+
+    .. code-block:: bash
+
+        $ pip install 'molecule[hetzner]'
+        $ pip install git+https://github.com/ansible/ansible.git@devel
+
+    Change the options passed to the ssh client.
+
+    .. code-block:: yaml
+
+        driver:
+          name: hetzner
+          ssh_connection_options:
+            -o ControlPath=~/.ansible/cp/%r@%h-%p
+
+    .. important::
+
+        Molecule does not merge lists, when overriding the developer must
+        provide all options.
+
+    Provide the files Molecule will preserve upon each subcommand execution.
+
+    .. code-block:: yaml
+
+        driver:
+          name: hetzner
+          safe_files:
+            - foo
+    """  # noqa
+
+    def __init__(self, config):
+        super(Hetzner, self).__init__(config)
+        self._name = 'hetzner'
+
+    @property
+    def name(self):
+        return self._name
+
+    @name.setter
+    def name(self, value):
+        self._name = value
+
+    @property
+    def login_cmd_template(self):
+        connection_options = ' '.join(self.ssh_connection_options)
+
+        return ('ssh {{address}} '
+                '-l {{user}} '
+                '-p {{port}} '
+                '-i {{identity_file}} '
+                '{}').format(connection_options)
+
+    @property
+    def default_safe_files(self):
+        return [
+            self.instance_config,
+        ]
+
+    @property
+    def default_ssh_connection_options(self):
+        return self._get_ssh_connection_options()
+
+    def login_options(self, instance_name):
+        d = {'instance': instance_name}
+
+        return util.merge_dicts(d, self._get_instance_config(instance_name))
+
+    def ansible_connection_options(self, instance_name):
+        try:
+            d = self._get_instance_config(instance_name)
+
+            return {
+                'ansible_user': d['user'],
+                'ansible_host': d['address'],
+                'ansible_port': d['port'],
+                'ansible_ssh_pass': d['ssh_pass'],
+                'ansible_private_key_file': d['identity_file'],
+                'connection': 'ssh',
+                'ansible_ssh_common_args':
+                ' '.join(self.ssh_connection_options),
+            }
+        except StopIteration:
+            return {}
+        except IOError:
+            # Instance has yet to be provisioned , therefore the
+            # instance_config is not on disk.
+            return {}
+
+    def _get_instance_config(self, instance_name):
+        instance_config_dict = util.safe_load_file(
+            self._config.driver.instance_config)
+
+        return next(item for item in instance_config_dict
+                    if item['name'] == instance_name)