actions/ssh-action
0
0
Fork 0
mirror of https://github.com/appleboy/ssh-action.git synced 2025-07-07 22:02:53 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Compare commits

base: actions:v0.1.9
Branches Tags
actions:master actions:346 actions:testing
actions:v1 actions:v1.2.2 actions:v1.8.0 actions:v1.2.1 actions:v1.2.0 actions:v1.1.0 actions:v1.0.3 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0 actions:v0.1.10 actions:v0.1.9 actions:v0.1.8 actions:v0.1.7 actions:v0.1.6 actions:v0.1.5 actions:v0.1.4 actions:v0.1.3 actions:v0.1.2 actions:v0.1.1 actions:v0.1.0 actions:v0.0.9 actions:v0.0.8 actions:v0.0.7 actions:v0.0.6 actions:v0.0.5 actions:v0.0.4 actions:v0.0.3 actions:v0.0.2 actions:v0.0.1
...
compare: actions:testing
Branches Tags
actions:master actions:346 actions:testing
actions:v1 actions:v1.2.2 actions:v1.8.0 actions:v1.2.1 actions:v1.2.0 actions:v1.1.0 actions:v1.0.3 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0 actions:v0.1.10 actions:v0.1.9 actions:v0.1.8 actions:v0.1.7 actions:v0.1.6 actions:v0.1.5 actions:v0.1.4 actions:v0.1.3 actions:v0.1.2 actions:v0.1.1 actions:v0.1.0 actions:v0.0.9 actions:v0.0.8 actions:v0.0.7 actions:v0.0.6 actions:v0.0.5 actions:v0.0.4 actions:v0.0.3 actions:v0.0.2 actions:v0.0.1

28 Commits
v0.1.9 ... testing

Author SHA1 Message Date
appleboy
0d16b0bcd8 chore: update 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-19 20:59:11 +08:00
appleboy
2988f59e6a chore: update 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-19 20:58:18 +08:00
appleboy
da1f1537f1 chore: update 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-19 20:56:07 +08:00
Bo-Yi Wu
dd0f09ca07 docs: improve README clarity and completeness 
- Update the README table formatting to include an additional column separator
- Add documentation for the SSH protocol version option in the README table

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 16:04:59 +08:00
appleboy
1991c553ec chore(file): update target file 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-16 15:59:42 +08:00
Bo-Yi Wu
fe44be0b96 docs: improve documentation and CI robustness 
- Add backticks around `GITHUB_` and `INPUT_` in the README for clarity

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 15:47:10 +08:00
Bo-Yi Wu
c78141851a ci: enhance GitHub Actions for IPv6 and flexibility (#303) 
* ci: enhance GitHub Actions for IPv6 and flexibility

- Add a new CI job for testing IPv6 in GitHub Actions workflow
- Update the Docker image version from `1.7.3` to `1.7.4`
- Add a new `protocol` input parameter to the GitHub action with a default value of `tcp`
- Change the GitHub action to use a composite run steps action instead of a Docker container
- Update the `entrypoint.sh` script to use `bash` instead of `sh`, set stricter error handling, and add a function to detect client platform and architecture
- Modify the `entrypoint.sh` script to download a specific version of `drone-ssh` based on the detected client info and execute it

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: refactor CI workflow and Docker setup

- Remove IPv6 ping command from CI workflow
- Uncomment Docker run configuration in action.yml

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 15:45:28 +08:00
Kushal Dhakal
8a779a5b1a docs: describe true usage of allenvs parameter (#301) 2024-03-16 09:43:37 +08:00
Bo-Yi Wu
9b978f09f2 chore: update SSH action version in README files 
- Update the version of the `appleboy/ssh-action` from `v1.0.2` to `v1.0.3` in the README.md file
- Update the version of the `appleboy/ssh-action` from `v1.0.2` to `v1.0.3` in the README.zh-tw.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:48:12 +08:00
Bo-Yi Wu
029f5b4aee docs: update README.md and improve code documentation 
- Add a new entry for `request_pty` in the README.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:40:43 +08:00
Bo-Yi Wu
d134a26a1f fix(sudo): support request_pty to execute sudo command (#288) 
- Add a new job called `testing05` to the CI workflow
- Update the base image in the Dockerfile from `1.7.2` to `1.7.3`
- Update the action name, description, and author in the action.yml file
- Update the descriptions for various inputs in the action.yml file
- Add a new input `request_pty` with a description in the action.yml file
- Update the `using` and `image` fields in the action.yml file
- Update the `using` and `image` fields in the runs section of the action.yml file
- Update the `icon` and `color` fields in the branding section of the action.yml file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:39:23 +08:00
Bo-Yi Wu
2451745138 chore: update SSH action version in README files 
- Update the version of the `appleboy/ssh-action` to `v1.0.2` in the `README.md` and `README.zh-tw.md` files.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-01 14:23:27 +08:00
Bo-Yi Wu
1f3c338936 chore: update base image to 1.7.2 in Dockerfile 
- Update the base image from `1.7.1` to `1.7.2` in the Dockerfile

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-01 14:22:41 +08:00
Bo-Yi Wu
8f94919856 chore: update appleboy/ssh-action to v1.0.1 in documentation 
- Update appleboy/ssh-action from v1.0.0 to v1.0.1 in README.md
- Update appleboy/ssh-action from v0.1.10 to v1.0.1 in README.zh-tw.md

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:13:15 +08:00
Bo-Yi Wu
2344d97573 chore(security): update drone-ssh to v1.7.1 (#286) 
- Update the base image in Dockerfile from `1.7.0` to `1.7.1`
- Change the location of `entrypoint.sh` from root to `/bin/` directory in Dockerfile
- Remove the explicit `chmod +x` command for `entrypoint.sh` in Dockerfile

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:11:53 +08:00
Bo-Yi Wu
b9f6bf6223 style: refine CI Workflow and Test Configurations 
- Remove empty lines from the GitHub Actions CI workflow file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:07:39 +08:00
appleboy
4330a1ea48 docs: update appleboy/ssh-action version in README 
- Update the version of `appleboy/ssh-action` from `v0.2.0` to `v1.0.0` in multiple places in the README.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2023-07-23 10:05:56 +08:00
appleboy
55dabf81b4 docs: update appleboy/ssh-action version in README 
- Update the version of `appleboy/ssh-action` from `v0.1.10` to `v0.2.0` in multiple places in the README file.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2023-07-23 10:01:08 +08:00
appleboy
8d9094f3b1 docs: "Introduce allenvs option for shell script execution" 
- Add a new option `allenvs` in the README to pass all environment variables to the shell script.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2023-07-23 09:57:59 +08:00
Bo-Yi Wu
5ac43dd762 chore(ssh): pass all ENV variables to script (#259) 2023-07-23 09:53:20 +08:00
Bo-Yi Wu
a01d3ea1df chore: improve performance and test coverage across OSs 
- Update the Dockerfile to use drone-ssh version 1.6.14

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-06-04 16:30:25 +08:00
Bo-Yi Wu
c7d850f6cd docs: improve readability and functionality across project 
- Reformat input parameters in README.md as a table for better readability

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-06-04 11:08:59 +08:00
Bo-Yi Wu
f579d71942 chore: improve action.yml clarity and update default values 
- Update descriptions for input fields in action.yml for better clarity
- Change default values for SSH port and SSH proxy port to string format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-06-04 11:06:25 +08:00
Bo-Yi Wu
d87d276960 ci: add Docker login and pull job to CI pipeline (#244) 
- Add a new job named "testing04" for docker login and pull in ci.yml file.

ref: https://github.com/appleboy/ssh-action/issues/230
 2023-04-18 09:31:39 +08:00
Bo-Yi Wu
3130c7a2bc ci: improve CI workflow for private repository cloning (#241) 
- Add a new job for git clone and pull in CI
- Clone a private repository in CI with secrets
- Remove a directory in the cloned repository

ref: https://github.com/appleboy/ssh-action/issues/65
 2023-04-13 14:38:24 +08:00
Bo-Yi Wu
2b7de38eed chore: update appleboy/ssh-action to latest version 
- Update the version of `appleboy/ssh-action` from `v0.1.9` to `v0.1.10` in multiple files.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-04-13 12:18:50 +08:00
Bo-Yi Wu
334f9259f2 chore: update action configuration for greater flexibility (#240) 
- Update base image version from `1.6.12` to `1.6.13` in Dockerfile
- Add `envs_format` input with flexible configuration in action.yml
- Add a line to README.md pointing to action.yml for more information

fix https://github.com/appleboy/ssh-action/issues/213
 2023-04-13 11:15:42 +08:00
Bo-Yi.Wu
6268c80dd6 docs: add external resources to README file 
- Add a line linking to Golang and drone-ssh in the README file

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>
 2023-04-04 17:56:49 +08:00
7 changed files with 518 additions and 243 deletions
Expand all files Collapse all files

416
.github/workflows/ci.yml vendored
View File

@ -6,163 +6,128 @@ env:
BAR: "FOO" BAR: "FOO"
jobs: jobs:
testing01:
build: name: default flag testing
name: Build
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v1 uses: actions/checkout@v1
- name: correct password but wrong key - name: correct password but wrong key
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
key: "1234" key: "1234"
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: wrong password but correct key - name: wrong password but correct key
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: "abcdef" password: "abcdef"
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: multiple command - name: multiple command
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: | script: |
whoami whoami
ls -al ls -al
- name: stop script if command error - name: stop script if command error
uses: ./ uses: ./
continue-on-error: true continue-on-error: true
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
sync: true sync: true
debug: true debug: true
script: | script: |
mkdir abc/def mkdir abc/def
ls -al ls -al
- name: pass environment - name: ssh key passphrase
uses: ./ uses: ./
env: with:
FOO: "BAR" host: ${{ secrets.HOST }}
with: username: ${{ secrets.USERNAME }}
host: ${{ secrets.HOST }} key: ${{ secrets.SSH2 }}
username: ${{ secrets.USERNAME }} port: ${{ secrets.PORT }}
key: ${{ secrets.KEY }} passphrase: ${{ secrets.PASSPHRASE }}
port: ${{ secrets.PORT }} script: |
envs: FOO whoami
script: | ls -al
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment - name: use insecure cipher
uses: ./ uses: ./
env: with:
FOO: "BAR" host: ${{ secrets.HOST }}
BAR: "FOO" username: ${{ secrets.USERNAME }}
SHA: ${{ github.sha }} password: ${{ secrets.PASSWORD }}
PORT: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
with: script: |
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
sh test.sh
- name: ssh key passphrase
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH2 }}
port: ${{ secrets.PORT }}
passphrase: ${{ secrets.PASSPHRASE }}
script: |
whoami
ls -al
- name: use insecure cipher
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }}
script: |
ls \ ls \
-lah -lah
use_insecure_cipher: true use_insecure_cipher: true
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271 # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines - name: Multiline SSH commands interpreted as single lines
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
script: | script: |
ls \ ls \
-lah -lah
use_insecure_cipher: true use_insecure_cipher: true
# https://github.com/appleboy/ssh-action/issues/85 # https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports - name: Deployment to multiple hosts with different ports
uses: ./ uses: ./
with: with:
host: "${{ secrets.HOST }}:${{ secrets.PORT }}" host: "${{ secrets.HOST }}:${{ secrets.PORT }}"
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: 1024 port: 1024
script_stop: true script_stop: true
script: | script: |
ls \ ls \
-lah -lah
use_insecure_cipher: true use_insecure_cipher: true
# - name: SSH ED25519 Private Key # - name: SSH ED25519 Private Key
# uses: ./ # uses: ./
@ -172,3 +137,176 @@ jobs:
# key: ${{ secrets.ID_ED25519 }} # key: ${{ secrets.ID_ED25519 }}
# port: ${{ secrets.TUNNEL_PORT }} # port: ${{ secrets.TUNNEL_PORT }}
# script: whoami # script: whoami
testing02:
name: testing with envs
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: pass environment
uses: ./
env:
FOO: "BAR"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
- name: pass multiple environment
uses: ./
env:
FOO: "BAR"
BAR: "FOO"
SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }}
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,SHA,PORT
script: |
echo "I am $FOO, thanks"
echo "I am $BAR, thanks"
echo "sha: $SHA"
echo "port: $PORT"
sh test.sh
- name: custom envs format
uses: ./
env:
FOO: "BAR"
AAA: "BBB"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
envs: FOO,BAR,AAA
envs_format: export TEST_{NAME}={VALUE}
script: |
echo "I am $TEST_FOO, thanks"
echo "I am $TEST_BAR, thanks"
echo "I am $BAR, thanks"
echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script
uses: ./
env:
INPUT_FOO: "BAR"
INPUT_AAA: "BBB"
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
allenvs: true
script: |
echo "I am $INPUT_FOO, thanks"
echo "I am $INPUT_AAA, thanks"
echo "$GITHUB_BASE_REF"
echo "$GITHUB_REF"
testing03:
name: git clone and pull
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: clone private repository
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository
rm -rf test_repository
testing04:
name: docker login and pull
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: login GitHub Container Registry
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin
- name: login DockerHub Container Registry
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
script: |
echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
testing05:
name: switch user
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: switch to root user
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
request_pty: true
command_timeout: 30s
script: |
whoami && echo 'hello world' && touch todo.txt
sudo whoami
testing06:
name: testing ipv6
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: Set up WARP
uses: fscarmen/warp-on-actions@v1.1
with:
stack: dual
- name: testing ipv6 for command
run: |
curl -m 9 --ipv6 --verbose https://google.com
- name: testing ipv6
uses: ./
with:
host: 2402:1f00:8000:800::2628
username: ubuntu
password: ${{ secrets.OVH_PASSWORD }}
protocol: tcp6
port: 22
command_timeout: 30s
script: |
whoami

26
.github/workflows/testing.yml vendored Normal file
View File

@ -0,0 +1,26 @@
name: testing master
on: [push]
env:
FOO: "BAR"
BAR: "FOO"
jobs:
testing01:
name: testing new bash flow
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: try bash script
uses: appleboy/ssh-action@master
with:
host: 2402:1f00:8000:800::2628
username: ubuntu
password: ${{ secrets.OVH_PASSWORD }}
protocol: tcp6
port: 22
command_timeout: 30s
script: |
whoami

8
Dockerfile
View File

@ -1,5 +1,5 @@
FROM ghcr.io/appleboy/drone-ssh:1.6.12 FROM ghcr.io/appleboy/drone-ssh:1.7.4
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /bin/entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/bin/entrypoint.sh"]

91
README.md
View File

@ -10,41 +10,46 @@
**Important**: Only support **Linux** [docker](https://www.docker.com/) container. **Important**: Only support **Linux** [docker](https://www.docker.com/) container.
This thing is built using [Golang](https://go.dev) and [drone-ssh](https://github.com/appleboy/drone-ssh). 🚀
## Input variables ## Input variables
See [action.yml](./action.yml) for more detailed information. See [action.yml](./action.yml) for more detailed information.
* `host` - ssh host | Input Parameter | Description | Default Value |
* `port` - ssh port, default is `22` |---------------------------|------------------------------------------------------------------------------------------|---------------|
* `username` - ssh username | host | SSH host address | |
* `password` - ssh password | port | SSH port number | 22 |
* `passphrase` - the passphrase is usually to encrypt the private key | passphrase | SSH key passphrase | |
* `sync` - synchronous execution if multiple hosts, default is false | username | SSH username | |
* `timeout` - timeout for ssh to remote host, default is `30s` | password | SSH password | |
* `command_timeout` - timeout for ssh command, default is `10m` | protocol | SSH protocol version (tcp, tcp4, tcp6) | tcp |
* `key` - content of ssh private key. ex raw content of ~/.ssh/id_rsa, remember include the BEGIN and END lines | sync | Enable synchronous execution if multiple hosts | false |
* `key_path` - path of ssh private key | use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
* `fingerprint` - fingerprint SHA256 of the host public key, default is to skip verification | cipher | Allowed cipher algorithms. If unspecified, a sensible default | |
* `script` - execute commands | timeout | Timeout duration for SSH to host | 30s |
* `script_stop` - stop script after first failure | command_timeout | Timeout duration for SSH command | 10m |
* `envs` - pass environment variable to shell script | key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | |
* `debug` - enable debug mode | key_path | Path of SSH private key | |
* `use_insecure_cipher` - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56)) | fingerprint | SHA256 fingerprint of the host public key | |
* `cipher` - the allowed cipher algorithms. If unspecified then a sensible | proxy_host | SSH proxy host | |
| proxy_port | SSH proxy port | 22 |
SSH Proxy Setting: | proxy_username | SSH proxy username | |
| proxy_password | SSH proxy password | |
* `proxy_host` - proxy host | proxy_passphrase | SSH proxy key passphrase | |
* `proxy_port` - proxy port, default is `22` | proxy_timeout | Timeout for SSH to proxy host | 30s |
* `proxy_username` - proxy username | proxy_key | Content of SSH proxy private key | |
* `proxy_password` - proxy password | proxy_key_path | Path of SSH proxy private key | |
* `proxy_passphrase` - the passphrase is usually to encrypt the private key | proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
* `proxy_timeout` - timeout for ssh to proxy host, default is `30s` | proxy_cipher | Allowed cipher algorithms for the proxy | |
* `proxy_key` - content of ssh proxy private key. | proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
* `proxy_key_path` - path of ssh proxy private key | script | Execute commands | |
* `proxy_fingerprint` - fingerprint SHA256 of the proxy host public key, default is to skip verification | script_stop | Stop script after first failure | false |
* `proxy_use_insecure_cipher` - include more ciphers with use_insecure_cipher (see [#56](https://github.com/appleboy/ssh-action/issues/56)) | envs | Pass environment variables to shell script | |
* `proxy_cipher` - the allowed cipher algorithms. If unspecified then a sensible | envs_format | Flexible configuration of environment value transfer | |
| debug | Enable debug mode | false |
| allenvs | pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
| request_pty | Request a pseudo-terminal from the server | false |
## Usage ## Usage
@ -60,7 +65,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -161,7 +166,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -174,7 +179,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -187,7 +192,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -204,7 +209,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com,bar.com" + host: "foo.com,bar.com"
@ -220,7 +225,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com:1234,bar.com:5678" + host: "foo.com:1234,bar.com:5678"
@ -235,7 +240,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: "foo.com,bar.com" host: "foo.com,bar.com"
+ sync: true + sync: true
@ -251,7 +256,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
+ env: + env:
+ FOO: "BAR" + FOO: "BAR"
+ BAR: "FOO" + BAR: "FOO"
@ -276,7 +281,7 @@ _Inside `env` object, you need to pass every environment variable as a string, p
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -329,7 +334,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -352,7 +357,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -378,7 +383,7 @@ Now you can adjust you config:
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

24
README.zh-tw.md
View File

@ -58,7 +58,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -157,7 +157,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -170,7 +170,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -183,7 +183,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -200,7 +200,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com,bar.com" + host: "foo.com,bar.com"
@ -216,7 +216,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com:1234,bar.com:5678" + host: "foo.com:1234,bar.com:5678"
@ -231,7 +231,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: "foo.com,bar.com" host: "foo.com,bar.com"
+ sync: true + sync: true
@ -247,7 +247,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
+ env: + env:
+ FOO: "BAR" + FOO: "BAR"
+ BAR: "FOO" + BAR: "FOO"
@ -272,7 +272,7 @@ _在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -325,7 +325,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -346,7 +346,7 @@ Host FooServer
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -372,7 +372,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.9 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

131
action.yml
View File

@ -1,77 +1,124 @@
name: 'SSH Remote Commands' name: "SSH Remote Commands"
description: 'Executing remote ssh commands' description: "Executing remote ssh commands"
author: 'Bo-Yi Wu' author: "Bo-Yi Wu"
inputs: inputs:
host: host:
description: 'ssh host' description: "SSH host address."
port: port:
description: 'ssh port' description: "SSH port number."
default: 22 default: "22"
passphrase: passphrase:
description: 'ssh key passphrase' description: "Passphrase for the SSH key."
username: username:
description: 'ssh username' description: "SSH username."
password: password:
description: 'ssh password' description: "SSH password."
protocol:
description: 'The IP protocol to use. Valid values are "tcp". "tcp4" or "tcp6". Default to tcp.'
default: "tcp"
sync: sync:
description: 'synchronous execution if multiple hosts' description: "Enable synchronous execution if multiple hosts are involved."
default: false
use_insecure_cipher: use_insecure_cipher:
description: 'include more ciphers with use_insecure_cipher' description: "Include more ciphers by using insecure ciphers."
default: false
cipher: cipher:
description: 'the allowed cipher algorithms. If unspecified then a sensible' description: "Allowed cipher algorithms. If unspecified, a sensible default is used."
timeout: timeout:
description: 'timeout for ssh to host' description: "Timeout duration for establishing SSH connection to the host."
default: "30s" default: "30s"
command_timeout: command_timeout:
description: 'timeout for ssh command' description: "Timeout duration for SSH commands execution."
default: "10m" default: "10m"
key: key:
description: 'content of ssh private key. ex raw content of ~/.ssh/id_rsa' description: "Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa."
key_path: key_path:
description: 'path of ssh private key' description: "Path to the SSH private key file."
fingerprint: fingerprint:
description: 'sha256 fingerprint of the host public key' description: "SHA256 fingerprint of the host public key."
proxy_host: proxy_host:
description: 'ssh proxy host' description: "SSH proxy host address."
proxy_port: proxy_port:
description: 'ssh proxy port' description: "SSH proxy port number."
default: 22 default: "22"
proxy_username: proxy_username:
description: 'ssh proxy username' description: "SSH proxy username."
proxy_password: proxy_password:
description: 'ssh proxy password' description: "SSH proxy password."
proxy_passphrase: proxy_passphrase:
description: 'ssh proxy key passphrase' description: "SSH proxy key passphrase."
proxy_timeout: proxy_timeout:
description: 'timeout for ssh to proxy host' description: "Timeout duration for establishing SSH connection to the proxy host."
default: "30s" default: "30s"
proxy_key: proxy_key:
description: 'content of ssh proxy private key. ex raw content of ~/.ssh/id_rsa' description: "Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa."
proxy_key_path: proxy_key_path:
description: 'path of ssh proxy private key' description: "Path to the SSH proxy private key file."
proxy_fingerprint: proxy_fingerprint:
description: 'sha256 fingerprint of the proxy host public key' description: "SHA256 fingerprint of the proxy host public key."
proxy_cipher: proxy_cipher:
description: 'the allowed cipher algorithms. If unspecified then a sensible' description: "Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used."
proxy_use_insecure_cipher: proxy_use_insecure_cipher:
description: 'include more ciphers with use_insecure_cipher' description: "Include more ciphers for the proxy by using insecure ciphers."
default: false
script: script:
description: 'execute commands' description: "Commands to be executed."
script_stop: script_stop:
description: 'stop script after first failure' description: "Stop the script after the first failure."
default: false
envs: envs:
description: 'pass environment variable to shell script' description: "Environment variables to be passed to the shell script."
envs_format:
description: "Flexible configuration for environment value transfer."
debug: debug:
description: 'enable debug mode' description: "Enable debug mode."
default: false allenvs:
description: "pass all environment variable to shell script."
request_pty:
description: "Request a pseudo-terminal from the server."
runs: runs:
using: 'docker' using: "composite"
image: 'Dockerfile' steps:
- name: Set GitHub Path
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
- name: Run entrypoint.sh
run: entrypoint.sh
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
INPUT_HOST: ${{ inputs.host }}
INPUT_PORT: ${{ inputs.port }}
INPUT_PROTOCOL: ${{ inputs.protocol }}
INPUT_USERNAME: ${{ inputs.username }}
INPUT_PASSWORD: ${{ inputs.password }}
INPUT_PASSPHRASE: ${{ inputs.passphrase }}
INPUT_KEY: ${{ inputs.key }}
INPUT_KEY_PATH: ${{ inputs.key_path }}
INPUT_FINGERPRINT: ${{ inputs.fingerprint }}
INPUT_PROXY_HOST: ${{ inputs.proxy_host }}
INPUT_PROXY_PORT: ${{ inputs.proxy_port }}
INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }}
INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }}
INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
INPUT_PROXY_KEY: ${{ inputs.proxy_key }}
INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
INPUT_TIMEOUT: ${{ inputs.timeout }}
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
INPUT_SCRIPT: ${{ inputs.script }}
INPUT_SCRIPT_STOP: ${{ inputs.script_stop }}
INPUT_ENVS: ${{ inputs.envs }}
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
INPUT_DEBUG: ${{ inputs.debug }}
INPUT_ALL_ENVS: ${{ inputs.allenvs }}
INPUT_REQUEST_PTY: ${{ inputs.request_pty }}
INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
INPUT_CIPHER: ${{ inputs.cipher }}
INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
INPUT_SYNC: ${{ inputs.sync }}
branding: branding:
icon: 'terminal' icon: "terminal"
color: 'gray-dark' color: "gray-dark"

65
entrypoint.sh
View File

@ -1,7 +1,66 @@
#!/bin/sh #!/usr/bin/env bash
set -eu set -o errexit
set -o nounset
set -o pipefail
export GITHUB="true" export GITHUB="true"
sh -c "/bin/drone-ssh $*" GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.7.4}"
function detect_client_info() {
if [ -n "${SSH_CLIENT_OS-}" ]; then
CLIENT_PLATFORM="${SSH_CLIENT_OS}"
else
local kernel
kernel="$(uname -s)"
case "${kernel}" in
Darwin)
CLIENT_PLATFORM="darwin"
;;
Linux)
CLIENT_PLATFORM="linux"
;;
Windows)
CLIENT_PLATFORM="windows"
;;
*)
echo "Unknown, unsupported platform: ${kernel}." >&2
echo "Supported platforms: Linux, Darwin and Windows." >&2
echo "Bailing out." >&2
exit 2
esac
fi
if [ -n "${SSH_CLIENT_ARCH-}" ]; then
CLIENT_ARCH="${SSH_CLIENT_ARCH}"
else
local machine
machine="$(uname -m)"
case "${machine}" in
x86_64*|i?86_64*|amd64*)
CLIENT_ARCH="amd64"
;;
aarch64*|arm64*)
CLIENT_ARCH="arm64"
;;
*)
echo "Unknown, unsupported architecture (${machine})." >&2
echo "Supported architectures x86_64, i686, arm64." >&2
echo "Bailing out." >&2
exit 3
;;
esac
fi
}
detect_client_info
DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
echo "Will download ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
curl -fL --retry 3 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o ${TARGET}
chmod +x ${TARGET}
sh -c "${TARGET} $*"