+4 -1

toolbox/go.mod

reviewed

··· 2 2 3 3 go 1.25.5 4 4 5 5 - require github.com/spf13/cobra v1.10.2 5 5 + require ( 6 6 + github.com/spf13/cobra v1.10.2 7 7 + golang.org/x/crypto v0.47.0 8 8 + )

+168

toolbox/internal/cluster/cluster.go

reviewed

··· 1 1 + package cluster 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + "encoding/json" 6 6 + "fmt" 7 7 + "os" 8 8 + "strings" 9 9 + "time" 10 10 + 11 11 + "golang.org/x/crypto/ssh" 12 12 + "golang.org/x/crypto/ssh/knownhosts" 13 13 + ) 14 14 + 15 15 + const ( 16 16 + defaultSSHPort = 22 17 17 + defaultSSHTimeout = 10 * time.Second 18 18 + ) 19 19 + 20 20 + type SSHConfig struct { 21 21 + Host string 22 22 + User string 23 23 + KeyPath string 24 24 + KnownHostsPath string 25 25 + Timeout time.Duration 26 26 + } 27 27 + 28 28 + type Connector struct { 29 29 + sshClient *ssh.Client 30 30 + } 31 31 + 32 32 + func Connect(cfg SSHConfig) (*Connector, error) { 33 33 + if cfg.Timeout == 0 { 34 34 + cfg.Timeout = defaultSSHTimeout 35 35 + } 36 36 + 37 37 + sshClient, err := dialSSH(cfg) 38 38 + if err != nil { 39 39 + return nil, fmt.Errorf("ssh connect: %w", err) 40 40 + } 41 41 + 42 42 + return &Connector{sshClient: sshClient}, nil 43 43 + } 44 44 + 45 45 + func (c *Connector) RunCommand(cmd string) ([]byte, error) { 46 46 + return c.RunCommandContext(context.Background(), cmd) 47 47 + } 48 48 + 49 49 + func (c *Connector) RunCommandContext(ctx context.Context, cmd string) ([]byte, error) { 50 50 + session, err := c.sshClient.NewSession() 51 51 + if err != nil { 52 52 + return nil, fmt.Errorf("create session: %w", err) 53 53 + } 54 54 + defer session.Close() 55 55 + 56 56 + type commandResult struct { 57 57 + output []byte 58 58 + err error 59 59 + } 60 60 + 61 61 + resultCh := make(chan commandResult, 1) 62 62 + go func() { 63 63 + output, err := session.CombinedOutput(cmd) 64 64 + resultCh <- commandResult{output: output, err: err} 65 65 + }() 66 66 + 67 67 + select { 68 68 + case <-ctx.Done(): 69 69 + _ = session.Signal(ssh.SIGTERM) 70 70 + return nil, fmt.Errorf("run command canceled: %w", ctx.Err()) 71 71 + case result := <-resultCh: 72 72 + if result.err != nil { 73 73 + return nil, fmt.Errorf("run command: %w (output: %s)", result.err, result.output) 74 74 + } 75 75 + return result.output, nil 76 76 + } 77 77 + } 78 78 + 79 79 + func (c *Connector) Close() error { 80 80 + if c.sshClient != nil { 81 81 + if err := c.sshClient.Close(); err != nil { 82 82 + return fmt.Errorf("close ssh: %w", err) 83 83 + } 84 84 + } 85 85 + return nil 86 86 + } 87 87 + 88 88 + type HostInfo struct { 89 89 + IPv6Address string `json:"ipv6_address"` 90 90 + } 91 91 + 92 92 + func LoadHost(hostsFile, hostname string) (string, error) { 93 93 + data, err := os.ReadFile(hostsFile) 94 94 + if err != nil { 95 95 + return "", fmt.Errorf("read file: %w", err) 96 96 + } 97 97 + 98 98 + var hosts map[string]HostInfo 99 99 + if err := json.Unmarshal(data, &hosts); err != nil { 100 100 + return "", fmt.Errorf("parse JSON: %w", err) 101 101 + } 102 102 + 103 103 + hostInfo, ok := hosts[hostname] 104 104 + if !ok { 105 105 + available := make([]string, 0, len(hosts)) 106 106 + for name := range hosts { 107 107 + available = append(available, name) 108 108 + } 109 109 + return "", fmt.Errorf("host %q not found (available: %s)", hostname, strings.Join(available, ", ")) 110 110 + } 111 111 + 112 112 + if hostInfo.IPv6Address == "" { 113 113 + return "", fmt.Errorf("host %q has no ipv6_address", hostname) 114 114 + } 115 115 + 116 116 + return hostInfo.IPv6Address, nil 117 117 + } 118 118 + 119 119 + func dialSSH(cfg SSHConfig) (*ssh.Client, error) { 120 120 + keyData, err := os.ReadFile(cfg.KeyPath) 121 121 + if err != nil { 122 122 + return nil, fmt.Errorf("read key %s: %w", cfg.KeyPath, err) 123 123 + } 124 124 + 125 125 + signer, err := ssh.ParsePrivateKey(keyData) 126 126 + if err != nil { 127 127 + return nil, fmt.Errorf("parse key: %w", err) 128 128 + } 129 129 + 130 130 + hostKeyCallback, err := buildHostKeyCallback(cfg.KnownHostsPath) 131 131 + if err != nil { 132 132 + return nil, fmt.Errorf("build host key callback: %w", err) 133 133 + } 134 134 + 135 135 + config := &ssh.ClientConfig{ 136 136 + User: cfg.User, 137 137 + Auth: []ssh.AuthMethod{ 138 138 + ssh.PublicKeys(signer), 139 139 + }, 140 140 + HostKeyCallback: hostKeyCallback, 141 141 + Timeout: cfg.Timeout, 142 142 + } 143 143 + 144 144 + addr := fmt.Sprintf("%s:%d", cfg.Host, defaultSSHPort) 145 145 + if strings.Contains(cfg.Host, ":") { 146 146 + addr = fmt.Sprintf("[%s]:%d", cfg.Host, defaultSSHPort) 147 147 + } 148 148 + 149 149 + client, err := ssh.Dial("tcp", addr, config) 150 150 + if err != nil { 151 151 + return nil, fmt.Errorf("dial %s: %w", addr, err) 152 152 + } 153 153 + 154 154 + return client, nil 155 155 + } 156 156 + 157 157 + func buildHostKeyCallback(path string) (ssh.HostKeyCallback, error) { 158 158 + if path == "" { 159 159 + return nil, fmt.Errorf("known_hosts path is required") 160 160 + } 161 161 + 162 162 + callback, err := knownhosts.New(path) 163 163 + if err != nil { 164 164 + return nil, fmt.Errorf("load known_hosts file %s: %w", path, err) 165 165 + } 166 166 + 167 167 + return callback, nil 168 168 + }