actions/ssh-action
0
0
Fork 0
mirror of https://github.com/appleboy/ssh-action.git synced 2025-07-07 22:22:52 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Compare commits

base: actions:v1.0.0
Branches Tags
actions:master actions:346 actions:testing
actions:v1 actions:v1.2.2 actions:v1.8.0 actions:v1.2.1 actions:v1.2.0 actions:v1.1.0 actions:v1.0.3 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0 actions:v0.1.10 actions:v0.1.9 actions:v0.1.8 actions:v0.1.7 actions:v0.1.6 actions:v0.1.5 actions:v0.1.4 actions:v0.1.3 actions:v0.1.2 actions:v0.1.1 actions:v0.1.0 actions:v0.0.9 actions:v0.0.8 actions:v0.0.7 actions:v0.0.6 actions:v0.0.5 actions:v0.0.4 actions:v0.0.3 actions:v0.0.2 actions:v0.0.1
..
compare: actions:testing
Branches Tags
actions:master actions:346 actions:testing
actions:v1 actions:v1.2.2 actions:v1.8.0 actions:v1.2.1 actions:v1.2.0 actions:v1.1.0 actions:v1.0.3 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0 actions:v0.1.10 actions:v0.1.9 actions:v0.1.8 actions:v0.1.7 actions:v0.1.6 actions:v0.1.5 actions:v0.1.4 actions:v0.1.3 actions:v0.1.2 actions:v0.1.1 actions:v0.1.0 actions:v0.0.9 actions:v0.0.8 actions:v0.0.7 actions:v0.0.6 actions:v0.0.5 actions:v0.0.4 actions:v0.0.3 actions:v0.0.2 actions:v0.0.1

17 Commits
v1.0.0 ... testing

Author SHA1 Message Date
appleboy
0d16b0bcd8 chore: update 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-19 20:59:11 +08:00
appleboy
2988f59e6a chore: update 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-19 20:58:18 +08:00
appleboy
da1f1537f1 chore: update 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-19 20:56:07 +08:00
Bo-Yi Wu
dd0f09ca07 docs: improve README clarity and completeness 
- Update the README table formatting to include an additional column separator
- Add documentation for the SSH protocol version option in the README table

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 16:04:59 +08:00
appleboy
1991c553ec chore(file): update target file 
Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2024-03-16 15:59:42 +08:00
Bo-Yi Wu
fe44be0b96 docs: improve documentation and CI robustness 
- Add backticks around `GITHUB_` and `INPUT_` in the README for clarity

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 15:47:10 +08:00
Bo-Yi Wu
c78141851a ci: enhance GitHub Actions for IPv6 and flexibility (#303) 
* ci: enhance GitHub Actions for IPv6 and flexibility

- Add a new CI job for testing IPv6 in GitHub Actions workflow
- Update the Docker image version from `1.7.3` to `1.7.4`
- Add a new `protocol` input parameter to the GitHub action with a default value of `tcp`
- Change the GitHub action to use a composite run steps action instead of a Docker container
- Update the `entrypoint.sh` script to use `bash` instead of `sh`, set stricter error handling, and add a function to detect client platform and architecture
- Modify the `entrypoint.sh` script to download a specific version of `drone-ssh` based on the detected client info and execute it

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* ci: refactor CI workflow and Docker setup

- Remove IPv6 ping command from CI workflow
- Uncomment Docker run configuration in action.yml

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-03-16 15:45:28 +08:00
Kushal Dhakal
8a779a5b1a docs: describe true usage of allenvs parameter (#301) 2024-03-16 09:43:37 +08:00
Bo-Yi Wu
9b978f09f2 chore: update SSH action version in README files 
- Update the version of the `appleboy/ssh-action` from `v1.0.2` to `v1.0.3` in the README.md file
- Update the version of the `appleboy/ssh-action` from `v1.0.2` to `v1.0.3` in the README.zh-tw.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:48:12 +08:00
Bo-Yi Wu
029f5b4aee docs: update README.md and improve code documentation 
- Add a new entry for `request_pty` in the README.md file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:40:43 +08:00
Bo-Yi Wu
d134a26a1f fix(sudo): support request_pty to execute sudo command (#288) 
- Add a new job called `testing05` to the CI workflow
- Update the base image in the Dockerfile from `1.7.2` to `1.7.3`
- Update the action name, description, and author in the action.yml file
- Update the descriptions for various inputs in the action.yml file
- Add a new input `request_pty` with a description in the action.yml file
- Update the `using` and `image` fields in the action.yml file
- Update the `using` and `image` fields in the runs section of the action.yml file
- Update the `icon` and `color` fields in the branding section of the action.yml file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-07 19:39:23 +08:00
Bo-Yi Wu
2451745138 chore: update SSH action version in README files 
- Update the version of the `appleboy/ssh-action` to `v1.0.2` in the `README.md` and `README.zh-tw.md` files.

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-01 14:23:27 +08:00
Bo-Yi Wu
1f3c338936 chore: update base image to 1.7.2 in Dockerfile 
- Update the base image from `1.7.1` to `1.7.2` in the Dockerfile

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2024-01-01 14:22:41 +08:00
Bo-Yi Wu
8f94919856 chore: update appleboy/ssh-action to v1.0.1 in documentation 
- Update appleboy/ssh-action from v1.0.0 to v1.0.1 in README.md
- Update appleboy/ssh-action from v0.1.10 to v1.0.1 in README.zh-tw.md

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:13:15 +08:00
Bo-Yi Wu
2344d97573 chore(security): update drone-ssh to v1.7.1 (#286) 
- Update the base image in Dockerfile from `1.7.0` to `1.7.1`
- Change the location of `entrypoint.sh` from root to `/bin/` directory in Dockerfile
- Remove the explicit `chmod +x` command for `entrypoint.sh` in Dockerfile

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:11:53 +08:00
Bo-Yi Wu
b9f6bf6223 style: refine CI Workflow and Test Configurations 
- Remove empty lines from the GitHub Actions CI workflow file

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
 2023-12-26 15:07:39 +08:00
appleboy
4330a1ea48 docs: update appleboy/ssh-action version in README 
- Update the version of `appleboy/ssh-action` from `v0.2.0` to `v1.0.0` in multiple places in the README.

Signed-off-by: appleboy <appleboy.tw@gmail.com>
 2023-07-23 10:05:56 +08:00
7 changed files with 487 additions and 305 deletions
Expand all files Collapse all files

457
.github/workflows/ci.yml vendored
View File

@ -6,129 +6,128 @@ env:
BAR: "FOO" BAR: "FOO"
jobs: jobs:
testing01: testing01:
name: default flag testing name: default flag testing
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v1 uses: actions/checkout@v1
- name: correct password but wrong key - name: correct password but wrong key
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
key: "1234" key: "1234"
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: wrong password but correct key - name: wrong password but correct key
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: "abcdef" password: "abcdef"
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: whoami script: whoami
- name: multiple command - name: multiple command
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: | script: |
whoami whoami
ls -al ls -al
- name: stop script if command error - name: stop script if command error
uses: ./ uses: ./
continue-on-error: true continue-on-error: true
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
sync: true sync: true
debug: true debug: true
script: | script: |
mkdir abc/def mkdir abc/def
ls -al ls -al
- name: ssh key passphrase - name: ssh key passphrase
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.SSH2 }} key: ${{ secrets.SSH2 }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
passphrase: ${{ secrets.PASSPHRASE }} passphrase: ${{ secrets.PASSPHRASE }}
script: | script: |
whoami whoami
ls -al ls -al
- name: use insecure cipher - name: use insecure cipher
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script: | script: |
ls \ ls \
-lah -lah
use_insecure_cipher: true use_insecure_cipher: true
# https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271 # https://github.com/appleboy/ssh-action/issues/75#issuecomment-668314271
- name: Multiline SSH commands interpreted as single lines - name: Multiline SSH commands interpreted as single lines
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
script: | script: |
ls \ ls \
-lah -lah
use_insecure_cipher: true use_insecure_cipher: true
# https://github.com/appleboy/ssh-action/issues/85 # https://github.com/appleboy/ssh-action/issues/85
- name: Deployment to multiple hosts with different ports - name: Deployment to multiple hosts with different ports
uses: ./ uses: ./
with: with:
host: "${{ secrets.HOST }}:${{ secrets.PORT }}" host: "${{ secrets.HOST }}:${{ secrets.PORT }}"
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
password: ${{ secrets.PASSWORD }} password: ${{ secrets.PASSWORD }}
port: 1024 port: 1024
script_stop: true script_stop: true
script: | script: |
ls \ ls \
-lah -lah
use_insecure_cipher: true use_insecure_cipher: true
# - name: SSH ED25519 Private Key # - name: SSH ED25519 Private Key
# uses: ./ # uses: ./
@ -143,123 +142,171 @@ jobs:
name: testing with envs name: testing with envs
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v1 uses: actions/checkout@v1
- name: pass environment - name: pass environment
uses: ./ uses: ./
env: env:
FOO: "BAR" FOO: "BAR"
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
envs: FOO envs: FOO
script: | script: |
echo "I am $FOO, thanks" echo "I am $FOO, thanks"
echo "I am $BAR, thanks" echo "I am $BAR, thanks"
- name: pass multiple environment - name: pass multiple environment
uses: ./ uses: ./
env: env:
FOO: "BAR" FOO: "BAR"
BAR: "FOO" BAR: "FOO"
SHA: ${{ github.sha }} SHA: ${{ github.sha }}
PORT: ${{ secrets.PORT }} PORT: ${{ secrets.PORT }}
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
envs: FOO,BAR,SHA,PORT envs: FOO,BAR,SHA,PORT
script: | script: |
echo "I am $FOO, thanks" echo "I am $FOO, thanks"
echo "I am $BAR, thanks" echo "I am $BAR, thanks"
echo "sha: $SHA" echo "sha: $SHA"
echo "port: $PORT" echo "port: $PORT"
sh test.sh sh test.sh
- name: custom envs format - name: custom envs format
uses: ./ uses: ./
env: env:
FOO: "BAR" FOO: "BAR"
AAA: "BBB" AAA: "BBB"
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
envs: FOO,BAR,AAA envs: FOO,BAR,AAA
envs_format: export TEST_{NAME}={VALUE} envs_format: export TEST_{NAME}={VALUE}
script: | script: |
echo "I am $TEST_FOO, thanks" echo "I am $TEST_FOO, thanks"
echo "I am $TEST_BAR, thanks" echo "I am $TEST_BAR, thanks"
echo "I am $BAR, thanks" echo "I am $BAR, thanks"
echo "I am $TEST_AAA, thanks" echo "I am $TEST_AAA, thanks"
- name: pass all ENV variables to script - name: pass all ENV variables to script
uses: ./ uses: ./
env: env:
INPUT_FOO: "BAR" INPUT_FOO: "BAR"
INPUT_AAA: "BBB" INPUT_AAA: "BBB"
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
allenvs: true allenvs: true
script: | script: |
echo "I am $INPUT_FOO, thanks" echo "I am $INPUT_FOO, thanks"
echo "I am $INPUT_AAA, thanks" echo "I am $INPUT_AAA, thanks"
echo "$GITHUB_BASE_REF" echo "$GITHUB_BASE_REF"
echo "$GITHUB_REF" echo "$GITHUB_REF"
testing03: testing03:
name: git clone and pull name: git clone and pull
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v1 uses: actions/checkout@v1
- name: clone private repository - name: clone private repository
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
script: | script: |
git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository git clone https://appleboy:${{ secrets.TEST_TOKEN }}@github.com/go-training/self-runner.git test_repository
rm -rf test_repository rm -rf test_repository
testing04: testing04:
name: docker login and pull name: docker login and pull
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v1 uses: actions/checkout@v1
- name: login GitHub Container Registry - name: login GitHub Container Registry
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
script: | script: |
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u github.actor --password-stdin
- name: login DockerHub Container Registry - name: login DockerHub Container Registry
uses: ./ uses: ./
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }} key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }} port: ${{ secrets.PORT }}
script_stop: true script_stop: true
script: | script: |
echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
testing05:
name: switch user
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: switch to root user
uses: ./
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }}
key: ${{ secrets.KEY }}
port: ${{ secrets.PORT }}
script_stop: true
request_pty: true
command_timeout: 30s
script: |
whoami && echo 'hello world' && touch todo.txt
sudo whoami
testing06:
name: testing ipv6
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: Set up WARP
uses: fscarmen/warp-on-actions@v1.1
with:
stack: dual
- name: testing ipv6 for command
run: |
curl -m 9 --ipv6 --verbose https://google.com
- name: testing ipv6
uses: ./
with:
host: 2402:1f00:8000:800::2628
username: ubuntu
password: ${{ secrets.OVH_PASSWORD }}
protocol: tcp6
port: 22
command_timeout: 30s
script: |
whoami

26
.github/workflows/testing.yml vendored Normal file
View File

@ -0,0 +1,26 @@
name: testing master
on: [push]
env:
FOO: "BAR"
BAR: "FOO"
jobs:
testing01:
name: testing new bash flow
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v1
- name: try bash script
uses: appleboy/ssh-action@master
with:
host: 2402:1f00:8000:800::2628
username: ubuntu
password: ${{ secrets.OVH_PASSWORD }}
protocol: tcp6
port: 22
command_timeout: 30s
script: |
whoami

8
Dockerfile
View File

@ -1,5 +1,5 @@
FROM ghcr.io/appleboy/drone-ssh:1.7.0 FROM ghcr.io/appleboy/drone-ssh:1.7.4
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /bin/entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/bin/entrypoint.sh"]

90
README.md
View File

@ -16,38 +16,40 @@ This thing is built using [Golang](https://go.dev) and [drone-ssh](https://githu
See [action.yml](./action.yml) for more detailed information. See [action.yml](./action.yml) for more detailed information.
| Input Parameter | Description | Default Value | | Input Parameter | Description | Default Value |
|-------------------------|-----------------------------------------------------------------|---------------| |---------------------------|------------------------------------------------------------------------------------------|---------------|
| host | SSH host address | | | host | SSH host address | |
| port | SSH port number | 22 | | port | SSH port number | 22 |
| passphrase | SSH key passphrase | | | passphrase | SSH key passphrase | |
| username | SSH username | | | username | SSH username | |
| password | SSH password | | | password | SSH password | |
| sync | Enable synchronous execution if multiple hosts | false | | protocol | SSH protocol version (tcp, tcp4, tcp6) | tcp |
| use_insecure_cipher | Include more ciphers with use_insecure_cipher | false | | sync | Enable synchronous execution if multiple hosts | false |
| cipher | Allowed cipher algorithms. If unspecified, a sensible default | | | use_insecure_cipher | Include more ciphers with use_insecure_cipher | false |
| timeout | Timeout duration for SSH to host | 30s | | cipher | Allowed cipher algorithms. If unspecified, a sensible default | |
| command_timeout | Timeout duration for SSH command | 10m | | timeout | Timeout duration for SSH to host | 30s |
| key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | | | command_timeout | Timeout duration for SSH command | 10m |
| key_path | Path of SSH private key | | | key | Content of SSH private key. e.g., raw content of ~/.ssh/id_rsa | |
| fingerprint | SHA256 fingerprint of the host public key | | | key_path | Path of SSH private key | |
| proxy_host | SSH proxy host | | | fingerprint | SHA256 fingerprint of the host public key | |
| proxy_port | SSH proxy port | 22 | | proxy_host | SSH proxy host | |
| proxy_username | SSH proxy username | | | proxy_port | SSH proxy port | 22 |
| proxy_password | SSH proxy password | | | proxy_username | SSH proxy username | |
| proxy_passphrase | SSH proxy key passphrase | | | proxy_password | SSH proxy password | |
| proxy_timeout | Timeout for SSH to proxy host | 30s | | proxy_passphrase | SSH proxy key passphrase | |
| proxy_key | Content of SSH proxy private key | | | proxy_timeout | Timeout for SSH to proxy host | 30s |
| proxy_key_path | Path of SSH proxy private key | | | proxy_key | Content of SSH proxy private key | |
| proxy_fingerprint | SHA256 fingerprint of the proxy host public key | | | proxy_key_path | Path of SSH proxy private key | |
| proxy_cipher | Allowed cipher algorithms for the proxy | | | proxy_fingerprint | SHA256 fingerprint of the proxy host public key | |
| proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false | | proxy_cipher | Allowed cipher algorithms for the proxy | |
| script | Execute commands | | | proxy_use_insecure_cipher | Include more ciphers with use_insecure_cipher for the proxy | false |
| script_stop | Stop script after first failure | false | | script | Execute commands | |
| envs | Pass environment variables to shell script | | | script_stop | Stop script after first failure | false |
| envs_format | Flexible configuration of environment value transfer | | | envs | Pass environment variables to shell script | |
| debug | Enable debug mode | false | | envs_format | Flexible configuration of environment value transfer | |
| allenvs | Pass all environment variables to shell script | false | | debug | Enable debug mode | false |
| allenvs | pass the environment variables with prefix value of `GITHUB_` and `INPUT_` to the script | false |
| request_pty | Request a pseudo-terminal from the server | false |
## Usage ## Usage
@ -63,7 +65,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -164,7 +166,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -177,7 +179,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -190,7 +192,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -207,7 +209,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com,bar.com" + host: "foo.com,bar.com"
@ -223,7 +225,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com:1234,bar.com:5678" + host: "foo.com:1234,bar.com:5678"
@ -238,7 +240,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: "foo.com,bar.com" host: "foo.com,bar.com"
+ sync: true + sync: true
@ -254,7 +256,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
+ env: + env:
+ FOO: "BAR" + FOO: "BAR"
+ BAR: "FOO" + BAR: "FOO"
@ -279,7 +281,7 @@ _Inside `env` object, you need to pass every environment variable as a string, p
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -332,7 +334,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -355,7 +357,7 @@ It is not uncommon for files to leak from backups or decommissioned hardware, an
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -381,7 +383,7 @@ Now you can adjust you config:
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.2.0 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

24
README.zh-tw.md
View File

@ -58,7 +58,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -157,7 +157,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using password - name: executing remote ssh commands using password
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -170,7 +170,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: executing remote ssh commands using ssh key - name: executing remote ssh commands using ssh key
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -183,7 +183,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```yaml ```yaml
- name: multiple command - name: multiple command
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -200,7 +200,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com,bar.com" + host: "foo.com,bar.com"
@ -216,7 +216,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
- host: "foo.com" - host: "foo.com"
+ host: "foo.com:1234,bar.com:5678" + host: "foo.com:1234,bar.com:5678"
@ -231,7 +231,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: multiple host - name: multiple host
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: "foo.com,bar.com" host: "foo.com,bar.com"
+ sync: true + sync: true
@ -247,7 +247,7 @@ ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
```diff ```diff
- name: pass environment - name: pass environment
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
+ env: + env:
+ FOO: "BAR" + FOO: "BAR"
+ BAR: "FOO" + BAR: "FOO"
@ -272,7 +272,7 @@ _在 `env` 對象中,您需要將每個環境變量作為字符串傳遞,傳
```diff ```diff
- name: stop script if command error - name: stop script if command error
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -325,7 +325,7 @@ Host FooServer
```diff ```diff
- name: ssh proxy command - name: ssh proxy command
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -346,7 +346,7 @@ Host FooServer
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -372,7 +372,7 @@ ssh example.com ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub | cut -d ' '
```diff ```diff
- name: ssh key passphrase - name: ssh key passphrase
uses: appleboy/ssh-action@v0.1.10 uses: appleboy/ssh-action@v1.0.3
with: with:
host: ${{ secrets.HOST }} host: ${{ secrets.HOST }}
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}

122
action.yml
View File

@ -1,76 +1,124 @@
name: 'SSH Remote Commands' name: "SSH Remote Commands"
description: 'Executing remote ssh commands' description: "Executing remote ssh commands"
author: 'Bo-Yi Wu' author: "Bo-Yi Wu"
inputs: inputs:
host: host:
description: 'SSH host address.' description: "SSH host address."
port: port:
description: 'SSH port number.' description: "SSH port number."
default: "22" default: "22"
passphrase: passphrase:
description: 'Passphrase for the SSH key.' description: "Passphrase for the SSH key."
username: username:
description: 'SSH username.' description: "SSH username."
password: password:
description: 'SSH password.' description: "SSH password."
protocol:
description: 'The IP protocol to use. Valid values are "tcp". "tcp4" or "tcp6". Default to tcp.'
default: "tcp"
sync: sync:
description: 'Enable synchronous execution if multiple hosts are involved.' description: "Enable synchronous execution if multiple hosts are involved."
use_insecure_cipher: use_insecure_cipher:
description: 'Include more ciphers by using insecure ciphers.' description: "Include more ciphers by using insecure ciphers."
cipher: cipher:
description: 'Allowed cipher algorithms. If unspecified, a sensible default is used.' description: "Allowed cipher algorithms. If unspecified, a sensible default is used."
timeout: timeout:
description: 'Timeout duration for establishing SSH connection to the host.' description: "Timeout duration for establishing SSH connection to the host."
default: "30s" default: "30s"
command_timeout: command_timeout:
description: 'Timeout duration for SSH commands execution.' description: "Timeout duration for SSH commands execution."
default: "10m" default: "10m"
key: key:
description: 'Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa.' description: "Content of the SSH private key. For example, the raw content of ~/.ssh/id_rsa."
key_path: key_path:
description: 'Path to the SSH private key file.' description: "Path to the SSH private key file."
fingerprint: fingerprint:
description: 'SHA256 fingerprint of the host public key.' description: "SHA256 fingerprint of the host public key."
proxy_host: proxy_host:
description: 'SSH proxy host address.' description: "SSH proxy host address."
proxy_port: proxy_port:
description: 'SSH proxy port number.' description: "SSH proxy port number."
default: "22" default: "22"
proxy_username: proxy_username:
description: 'SSH proxy username.' description: "SSH proxy username."
proxy_password: proxy_password:
description: 'SSH proxy password.' description: "SSH proxy password."
proxy_passphrase: proxy_passphrase:
description: 'SSH proxy key passphrase.' description: "SSH proxy key passphrase."
proxy_timeout: proxy_timeout:
description: 'Timeout duration for establishing SSH connection to the proxy host.' description: "Timeout duration for establishing SSH connection to the proxy host."
default: "30s" default: "30s"
proxy_key: proxy_key:
description: 'Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa.' description: "Content of the SSH proxy private key. For example, the raw content of ~/.ssh/id_rsa."
proxy_key_path: proxy_key_path:
description: 'Path to the SSH proxy private key file.' description: "Path to the SSH proxy private key file."
proxy_fingerprint: proxy_fingerprint:
description: 'SHA256 fingerprint of the proxy host public key.' description: "SHA256 fingerprint of the proxy host public key."
proxy_cipher: proxy_cipher:
description: 'Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used.' description: "Allowed cipher algorithms for the proxy. If unspecified, a sensible default is used."
proxy_use_insecure_cipher: proxy_use_insecure_cipher:
description: 'Include more ciphers for the proxy by using insecure ciphers.' description: "Include more ciphers for the proxy by using insecure ciphers."
script: script:
description: 'Commands to be executed.' description: "Commands to be executed."
script_stop: script_stop:
description: 'Stop the script after the first failure.' description: "Stop the script after the first failure."
envs: envs:
description: 'Environment variables to be passed to the shell script.' description: "Environment variables to be passed to the shell script."
envs_format: envs_format:
description: 'Flexible configuration for environment value transfer.' description: "Flexible configuration for environment value transfer."
debug: debug:
description: 'Enable debug mode.' description: "Enable debug mode."
allenvs: allenvs:
description: 'pass all environment variable to shell script.' description: "pass all environment variable to shell script."
request_pty:
description: "Request a pseudo-terminal from the server."
runs: runs:
using: 'docker' using: "composite"
image: 'Dockerfile' steps:
- name: Set GitHub Path
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
- name: Run entrypoint.sh
run: entrypoint.sh
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
INPUT_HOST: ${{ inputs.host }}
INPUT_PORT: ${{ inputs.port }}
INPUT_PROTOCOL: ${{ inputs.protocol }}
INPUT_USERNAME: ${{ inputs.username }}
INPUT_PASSWORD: ${{ inputs.password }}
INPUT_PASSPHRASE: ${{ inputs.passphrase }}
INPUT_KEY: ${{ inputs.key }}
INPUT_KEY_PATH: ${{ inputs.key_path }}
INPUT_FINGERPRINT: ${{ inputs.fingerprint }}
INPUT_PROXY_HOST: ${{ inputs.proxy_host }}
INPUT_PROXY_PORT: ${{ inputs.proxy_port }}
INPUT_PROXY_USERNAME: ${{ inputs.proxy_username }}
INPUT_PROXY_PASSWORD: ${{ inputs.proxy_password }}
INPUT_PROXY_PASSPHRASE: ${{ inputs.proxy_passphrase }}
INPUT_PROXY_KEY: ${{ inputs.proxy_key }}
INPUT_PROXY_KEY_PATH: ${{ inputs.proxy_key_path }}
INPUT_PROXY_FINGERPRINT: ${{ inputs.proxy_fingerprint }}
INPUT_TIMEOUT: ${{ inputs.timeout }}
INPUT_PROXY_TIMEOUT: ${{ inputs.proxy_timeout }}
INPUT_COMMAND_TIMEOUT: ${{ inputs.command_timeout }}
INPUT_SCRIPT: ${{ inputs.script }}
INPUT_SCRIPT_STOP: ${{ inputs.script_stop }}
INPUT_ENVS: ${{ inputs.envs }}
INPUT_ENVS_FORMAT: ${{ inputs.envs_format }}
INPUT_DEBUG: ${{ inputs.debug }}
INPUT_ALL_ENVS: ${{ inputs.allenvs }}
INPUT_REQUEST_PTY: ${{ inputs.request_pty }}
INPUT_USE_INSECURE_CIPHER: ${{ inputs.use_insecure_cipher }}
INPUT_CIPHER: ${{ inputs.cipher }}
INPUT_PROXY_USE_INSECURE_CIPHER: ${{ inputs.proxy_use_insecure_cipher }}
INPUT_PROXY_CIPHER: ${{ inputs.proxy_cipher }}
INPUT_SYNC: ${{ inputs.sync }}
branding: branding:
icon: 'terminal' icon: "terminal"
color: 'gray-dark' color: "gray-dark"

65
entrypoint.sh
View File

@ -1,7 +1,66 @@
#!/bin/sh #!/usr/bin/env bash
set -eu set -o errexit
set -o nounset
set -o pipefail
export GITHUB="true" export GITHUB="true"
sh -c "/bin/drone-ssh $*" GITHUB_ACTION_PATH="${GITHUB_ACTION_PATH%/}"
DRONE_SSH_RELEASE_URL="${DRONE_SSH_RELEASE_URL:-https://github.com/appleboy/drone-ssh/releases/download}"
DRONE_SSH_VERSION="${DRONE_SSH_VERSION:-1.7.4}"
function detect_client_info() {
if [ -n "${SSH_CLIENT_OS-}" ]; then
CLIENT_PLATFORM="${SSH_CLIENT_OS}"
else
local kernel
kernel="$(uname -s)"
case "${kernel}" in
Darwin)
CLIENT_PLATFORM="darwin"
;;
Linux)
CLIENT_PLATFORM="linux"
;;
Windows)
CLIENT_PLATFORM="windows"
;;
*)
echo "Unknown, unsupported platform: ${kernel}." >&2
echo "Supported platforms: Linux, Darwin and Windows." >&2
echo "Bailing out." >&2
exit 2
esac
fi
if [ -n "${SSH_CLIENT_ARCH-}" ]; then
CLIENT_ARCH="${SSH_CLIENT_ARCH}"
else
local machine
machine="$(uname -m)"
case "${machine}" in
x86_64*|i?86_64*|amd64*)
CLIENT_ARCH="amd64"
;;
aarch64*|arm64*)
CLIENT_ARCH="arm64"
;;
*)
echo "Unknown, unsupported architecture (${machine})." >&2
echo "Supported architectures x86_64, i686, arm64." >&2
echo "Bailing out." >&2
exit 3
;;
esac
fi
}
detect_client_info
DOWNLOAD_URL_PREFIX="${DRONE_SSH_RELEASE_URL}/v${DRONE_SSH_VERSION}"
CLIENT_BINARY="drone-ssh-${DRONE_SSH_VERSION}-${CLIENT_PLATFORM}-${CLIENT_ARCH}"
TARGET="${GITHUB_ACTION_PATH}/${CLIENT_BINARY}"
echo "Will download ${CLIENT_BINARY} from ${DOWNLOAD_URL_PREFIX}"
curl -fL --retry 3 --keepalive-time 2 "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o ${TARGET}
chmod +x ${TARGET}
sh -c "${TARGET} $*"