Support multiple host with different port (#94)

https://github.com/appleboy/ssh-action/issues/85

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

.github/workflows/ci.yml

@@ -6,8 +6,11 @@ jobs:
     name: Build
     runs-on: ubuntu-latest
     steps:
+    - name: checkout
+      uses: actions/checkout@v1
+
     - name: executing remote ssh commands using password
-      uses: appleboy/ssh-action@master
+      uses: ./
       with:
         host: ${{ secrets.HOST }}
         username: ${{ secrets.USERNAME }}
@@ -16,7 +19,7 @@ jobs:
         script: whoami
 
     - name: executing remote ssh commands using ssh key
-      uses: appleboy/ssh-action@master
+      uses: ./
       with:
         host: ${{ secrets.HOST }}
         username: ${{ secrets.USERNAME }}
@@ -25,7 +28,7 @@ jobs:
         script: whoami
 
     - name: multiple command
-      uses: appleboy/ssh-action@master
+      uses: ./
       with:
         host: ${{ secrets.HOST }}
         username: ${{ secrets.USERNAME }}
@@ -36,7 +39,7 @@ jobs:
           ls -al
 
     # - name: stop script if command error
-    #   uses: appleboy/ssh-action@master
+    #   uses: ./
     #   with:
     #     host: ${{ secrets.HOST }}
     #     username: ${{ secrets.USERNAME }}
@@ -48,7 +51,7 @@ jobs:
     #       ls -al
 
     - name: pass environment
-      uses: appleboy/ssh-action@master
+      uses: ./
       env:
         FOO: "BAR"
       with:
@@ -62,22 +65,24 @@ jobs:
           echo "I am $BAR, thanks"
 
     - name: pass multiple environment
-      uses: appleboy/ssh-action@master
+      uses: ./
       env:
         FOO: "BAR"
         BAR: "FOO"
+        SHA: ${{ github.sha }}
       with:
         host: ${{ secrets.HOST }}
         username: ${{ secrets.USERNAME }}
         key: ${{ secrets.KEY }}
         port: ${{ secrets.PORT }}
-        envs: FOO,BAR
+        envs: FOO,BAR,SHA
         script: |
           echo "I am $FOO, thanks"
           echo "I am $BAR, thanks"
+          echo "sha: $SHA"
 
     - name: ssh key passphrase
-      uses: appleboy/ssh-action@master
+      uses: ./
       with:
         host: ${{ secrets.HOST }}
         username: ${{ secrets.USERNAME }}
@@ -87,3 +92,43 @@ jobs:
         script: |
           whoami
           ls -al
+
+    - name: use insecure cipher
+      uses: ./
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        port: ${{ secrets.PORT }}
+        script: |
+            ls \
+              -lah
+        use_insecure_cipher: true
+
+    # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
+    - name: Multiline SSH commands interpreted as single lines
+      uses: ./
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        port: ${{ secrets.PORT }}
+        script_stop: true
+        script: |
+            ls \
+              -lah
+        use_insecure_cipher: true
+
+    # https://github.com/appleboy/ssh-action/issues/85
+    - name: Deployment to multiple hosts with different ports
+      uses: ./
+      with:
+        host: "${{ secrets.HOST }}:${{ secrets.PORT }}"
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        port: 1024
+        script_stop: true
+        script: |
+            ls \
+              -lah
+        use_insecure_cipher: true

Dockerfile

@@ -1,4 +1,4 @@
-FROM appleboy/drone-ssh:1.5.5-linux-amd64
+FROM appleboy/drone-ssh:1.6.3-linux-amd64
 
 ADD entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh

README.md

@@ -6,6 +6,8 @@
 
 [![Actions Status](https://github.com/appleboy/ssh-action/workflows/remote%20ssh%20command/badge.svg)](https://github.com/appleboy/ssh-action/actions)
 
+**Important**: Only support **Linux** [docker](https://www.docker.com/) container.
+
 ## Usage
 
 Executing remote ssh commands.
@@ -45,19 +47,23 @@ out: ***
 
 See [action.yml](./action.yml) for more detailed information.
 
-* host - remote host
-* port - remote port, default is `22`
+* host - ssh host
+* port - ssh port, default is `22`
 * username - ssh username
 * password - ssh password
 * passphrase - the passphrase is usually to encrypt the private key
+* sync - synchronous execution if multiple hosts, default is false
 * timeout - timeout for ssh to remote host, default is `30s`
 * command_timeout - timeout for ssh command, default is `10m`
 * key - content of ssh private key. ex raw content of ~/.ssh/id_rsa
 * key_path - path of ssh private key
+* fingerprint - fingerprint SHA256 of the host public key, default is to skip verification
 * script - execute commands
 * script_stop - stop script after first failure
 * envs - pass environment variable to shell script
 * debug - enable debug mode
+* use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56))
+* cipher - the allowed cipher algorithms. If unspecified then a sensible
 
 SSH Proxy Setting:
 
@@ -69,6 +75,33 @@ SSH Proxy Setting:
 * proxy_timeout - timeout for ssh to proxy host, default is `30s`
 * proxy_key - content of ssh proxy private key.
 * proxy_key_path - path of ssh proxy private key
+* proxy_fingerprint - fingerprint SHA256 of the proxy host public key, default is to skip verification
+* proxy_use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56))
+* proxy_cipher - the allowed cipher algorithms. If unspecified then a sensible
+
+### Setting up SSH Key
+
+Make sure to follow the below steps while creating SSH Keys and using them.
+The best practice is create the SSH Keys on local machine not remote machine.
+Login with username specified in Github Secrets. Generate a RSA Key-Pair:
+
+ ```bash
+ ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
+ ```
+
+Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
+
+```bash
+cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+Copy Private Key content and paste in Github Secrets.
+
+```bash
+clip < ~/.ssh/id_rsa
+```
+
+See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html)
 
 ### Example
 
@@ -131,6 +164,37 @@ Multiple Hosts
         ls -al
 ```
 
+Multiple Hosts with differebt port
+
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@master
+    with:
+-     host: "foo.com"
++     host: "foo.com:1234,bar.com:5678"
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      script: |
+        whoami
+        ls -al
+```
+
+Synchronous execution on multiple hosts
+
+```diff
+  - name: multiple host
+    uses: appleboy/ssh-action@master
+    with:
+      host: "foo.com,bar.com"
++     sync: true
+      username: ${{ secrets.USERNAME }}
+      key: ${{ secrets.KEY }}
+      port: ${{ secrets.PORT }}
+      script: |
+        whoami
+        ls -al
+```
+
 Pass environment variable to shell script
 
 ```diff
@@ -139,6 +203,7 @@ Pass environment variable to shell script
 +   env:
 +     FOO: "BAR"
 +     BAR: "FOO"
++     SHA: ${{ github.sha }}
     with:
       host: ${{ secrets.HOST }}
       username: ${{ secrets.USERNAME }}
@@ -148,8 +213,11 @@ Pass environment variable to shell script
       script: |
         echo "I am $FOO"
         echo "I am $BAR"
+        echo "sha: $SHA"
 ```
 
+_Inside `env` object, you need to pass every environment variable as a string, passing `Integer` data type or any other may output unexpected results._
+
 Stop script after first failure. ex: missing `abc` folder
 
 ```diff

action.yml

@@ -3,9 +3,9 @@ description: 'Executing remote ssh commands'
 author: 'Bo-Yi Wu'
 inputs:
   host:
-    description: 'ssh remote host'
+    description: 'ssh host'
   port:
-    description: 'ssh remote port'
+    description: 'ssh port'
     default: 22
   passphrase:
     description: 'ssh key passphrase'
@@ -13,8 +13,16 @@ inputs:
     description: 'ssh username'
   password:
     description: 'ssh password'
+  sync:
+    description: 'synchronous execution if multiple hosts'
+    default: false
+  use_insecure_cipher:
+    description: 'include more ciphers with use_insecure_cipher'
+    default: false
+  cipher:
+    description: 'the allowed cipher algorithms. If unspecified then a sensible'
   timeout:
-    description: 'timeout for ssh to remote host'
+    description: 'timeout for ssh to host'
     default: "30s"
   command_timeout:
     description: 'timeout for ssh command'
@@ -23,10 +31,12 @@ inputs:
     description: 'content of ssh private key. ex raw content of ~/.ssh/id_rsa'
   key_path:
     description: 'path of ssh private key'
+  fingerprint:
+    description: 'sha256 fingerprint of the host public key'
   proxy_host:
-    description: 'ssh proxy remote host'
+    description: 'ssh proxy host'
   proxy_port:
-    description: 'ssh proxy remote port'
+    description: 'ssh proxy port'
     default: 22
   proxy_username:
     description: 'ssh proxy username'
@@ -41,6 +51,13 @@ inputs:
     description: 'content of ssh proxy private key. ex raw content of ~/.ssh/id_rsa'
   proxy_key_path:
     description: 'path of ssh proxy private key'
+  proxy_fingerprint:
+    description: 'sha256 fingerprint of the proxy host public key'
+  proxy_cipher:
+    description: 'the allowed cipher algorithms. If unspecified then a sensible'
+  proxy_use_insecure_cipher:
+    description: 'include more ciphers with use_insecure_cipher'
+    default: false
   script:
     description: 'execute commands'
   script_stop: